feat: ensure snos program hash is checked #46
Conversation
There was a problem hiding this comment.
Probably preferable to just extend program_info to include snos program hash as well?
Also the program_info field comment still says it's the StarknetOs program hash which is no longer true. This is probably an oversight from the previous PR introducing the layout bridge program tho.
There was a problem hiding this comment.
Thanks for adding this additional check @chudkowsky, let's switch to a structure and move forward with this change.
| /// Program info layout bridge program hash, config hash and StarknetOs program hash. | ||
| program_info: (felt252, felt252, felt252), |
There was a problem hiding this comment.
Let's change to a structure here and also inside the set_program_info.
Since we may have further changes in the future (integrity supporting dynamic layout) or some additional configuration item, using a a structure only change internal behavior.
| program_hash: felt252, | ||
| config_hash: felt252, | ||
| snos_program_hash: felt252 |
There was a problem hiding this comment.
Same here using the ProgramInfo structure suggested in the previous comment.
To verify that we correctly settle the SNOS output, I added a snos_program_hash field, which can be set up similarly to the fact registry or program info. In the code, we assert this value against the third element of the SNOS output. This is because the SNOS proof is actually a proof of the bootloaded SNOS program, and in our case, the third value represents the bootloaded program hash—specifically, the Starknet OS program hash.