fix(bridge-history-api): Fix cors (#726 )

feat: upgrade libzkp to v0.5.2 (#725 )
feat(coordinator): fix login replay attack (#723 )
2026-01-11 23:18:07 -05:00 · 2023-08-05 13:55:30 +02:00 · 2023-08-05 19:29:26 +08:00 · 2023-08-05 10:58:59 +02:00 · 2023-08-05 08:27:07 +02:00
18 changed files with 93 additions and 114 deletions
--- a/bridge-history-api/internal/route/route.go
+++ b/bridge-history-api/internal/route/route.go
@@ -15,6 +15,7 @@ func Route(router *gin.Engine, conf *config.Config) {
 	router.Use(cors.New(cors.Config{
 		AllowOrigins:     []string{"*"},
 		AllowMethods:     []string{"GET", "POST", "PUT", "DELETE"},
+		AllowHeaders:     []string{"Origin", "Content-Type", "Authorization"},
 		AllowCredentials: true,
 		MaxAge:           12 * time.Hour,
 	}))
--- a/common/libzkp/impl/Cargo.lock
+++ b/common/libzkp/impl/Cargo.lock
@@ -32,7 +32,7 @@ dependencies = [
 [[package]]
 name = "aggregator"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "ark-std",
 "env_logger 0.10.0",
@@ -432,7 +432,7 @@ checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1"
 [[package]]
 name = "bus-mapping"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "eth-types",
 "ethers-core",
@@ -1045,7 +1045,7 @@ dependencies = [
 [[package]]
 name = "eth-types"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "ethers-core",
 "ethers-signers",
@@ -1223,7 +1223,7 @@ dependencies = [
 [[package]]
 name = "external-tracer"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "eth-types",
 "geth-utils",
@@ -1436,7 +1436,7 @@ dependencies = [
 [[package]]
 name = "gadgets"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "digest 0.7.6",
 "eth-types",
@@ -1476,7 +1476,7 @@ dependencies = [
 [[package]]
 name = "geth-utils"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "env_logger 0.9.3",
 "gobuild 0.1.0-alpha.2 (git+https://github.com/scroll-tech/gobuild.git)",
@@ -2074,7 +2074,7 @@ dependencies = [
 [[package]]
 name = "keccak256"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "env_logger 0.9.3",
 "eth-types",
@@ -2261,7 +2261,7 @@ dependencies = [
 [[package]]
 name = "mock"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "eth-types",
 "ethers-core",
@@ -2276,7 +2276,7 @@ dependencies = [
 [[package]]
 name = "mpt-zktrie"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "bus-mapping",
 "eth-types",
@@ -2752,7 +2752,7 @@ dependencies = [
 [[package]]
 name = "prover"
 version = "0.4.0"
-source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.5.1#15aac6e1484a42f723098fbc9d8783f374e7e90a"
+source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.5.2#cf95001417faa6dcf80a1aea4def2ecfb39846df"
 dependencies = [
 "aggregator",
 "anyhow",
@@ -3621,7 +3621,7 @@ checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9"
 [[package]]
 name = "snark-verifier"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/snark-verifier?branch=develop#f8bdcbee60348e5c996c04f19ff30522e6b276b0"
+source = "git+https://github.com/scroll-tech/snark-verifier?branch=develop#12c306ec57849921e690221b10b8a08189868d4a"
 dependencies = [
 "bytes",
 "ethereum-types 0.14.1",
@@ -3645,7 +3645,7 @@ dependencies = [
 [[package]]
 name = "snark-verifier-sdk"
 version = "0.0.1"
-source = "git+https://github.com/scroll-tech/snark-verifier?branch=develop#f8bdcbee60348e5c996c04f19ff30522e6b276b0"
+source = "git+https://github.com/scroll-tech/snark-verifier?branch=develop#12c306ec57849921e690221b10b8a08189868d4a"
 dependencies = [
 "bincode",
 "env_logger 0.10.0",
@@ -4037,7 +4037,7 @@ checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba"
 [[package]]
 name = "types"
 version = "0.4.0"
-source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.5.1#15aac6e1484a42f723098fbc9d8783f374e7e90a"
+source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.5.2#cf95001417faa6dcf80a1aea4def2ecfb39846df"
 dependencies = [
 "base64 0.13.1",
 "blake2",
@@ -4482,7 +4482,7 @@ checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9"
 [[package]]
 name = "zkevm-circuits"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?branch=develop#2855c13b5d3e6ec4056f823f56a33bf25d0080bb"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.5.2#225db80d26b6a2ed4aa5ad2462c887a58acdfd00"
 dependencies = [
 "array-init",
 "bus-mapping",
--- a/common/libzkp/impl/Cargo.toml
+++ b/common/libzkp/impl/Cargo.toml
@@ -18,8 +18,8 @@ maingate = { git = "https://github.com/scroll-tech/halo2wrong", branch = "halo2-
 halo2curves = { git = "https://github.com/scroll-tech/halo2curves.git", branch = "0.3.1-derive-serde" }

 [dependencies]
-prover = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.5.1" }
-types = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.5.1" }
+prover = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.5.2" }
+types = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.5.2" }
 halo2_proofs = { git = "https://github.com/scroll-tech/halo2.git", branch = "develop" }

 log = "0.4"
@@ -33,8 +33,6 @@ once_cell = "1.8.0"

 [profile.test]
 opt-level = 3
-# debug-assertions = true

 [profile.release]
 opt-level = 3
-# debug-assertions = true
--- a/common/types/message/message.go
+++ b/common/types/message/message.go
@@ -60,6 +60,8 @@ type AuthMsg struct {
 type Identity struct {
 	// ProverName the prover name
 	ProverName string `json:"prover_name"`
+	// ProverVersion the prover version
+	ProverVersion string `json:"prover_version"`
 	// Challenge unique challenge generated by manager
 	Challenge string `json:"challenge"`
 }
--- a/common/types/message/message_test.go
+++ b/common/types/message/message_test.go
@@ -15,8 +15,9 @@ func TestAuthMessageSignAndVerify(t *testing.T) {

 	authMsg := &AuthMsg{
 		Identity: &Identity{
-			Challenge:  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2OTEwMzgxNzUsIm9yaWdfaWF0IjoxNjkxMDM0NTc1fQ.HybBMsEJFhyZqtIa2iVcHUP7CEFttf708jmTMAImAWA",
-			ProverName: "test",
+			Challenge:     "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2OTEwMzgxNzUsIm9yaWdfaWF0IjoxNjkxMDM0NTc1fQ.HybBMsEJFhyZqtIa2iVcHUP7CEFttf708jmTMAImAWA",
+			ProverName:    "test",
+			ProverVersion: "v1.0.0",
 		},
 	}
 	assert.NoError(t, authMsg.SignWithKey(privkey))
@@ -45,14 +46,15 @@ func TestGenerateToken(t *testing.T) {

 func TestIdentityHash(t *testing.T) {
 	identity := &Identity{
-		Challenge:  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2OTEwMzM0MTksIm9yaWdfaWF0IjoxNjkxMDI5ODE5fQ.EhkLZsj__rNPVC3ZDYBtvdh0nB8mmM_Hl82hObaIWOs",
-		ProverName: "test",
+		Challenge:     "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2OTEwMzM0MTksIm9yaWdfaWF0IjoxNjkxMDI5ODE5fQ.EhkLZsj__rNPVC3ZDYBtvdh0nB8mmM_Hl82hObaIWOs",
+		ProverName:    "test",
+		ProverVersion: "v1.0.0",
 	}

 	hash, err := identity.Hash()
 	assert.NoError(t, err)

-	expectedHash := "7373bb57ab7c01307d86fec55e088e00c526d82d9d1303fa4a189ff6ea95fbe2"
+	expectedHash := "83f5e0ad023e9c1de639ab07b9b4cb972ec9dbbd2524794c533a420a5b137721"
 	assert.Equal(t, expectedHash, hex.EncodeToString(hash))
 }

--- a/common/version/version.go
+++ b/common/version/version.go
@@ -5,7 +5,7 @@ import (
 	"runtime/debug"
 )

-var tag = "v4.1.0"
+var tag = "v4.1.3"

 var commit = func() string {
 	if info, ok := debug.ReadBuildInfo(); ok {
--- a/coordinator/cmd/app/mock_app.go
+++ b/coordinator/cmd/app/mock_app.go
@@ -81,9 +81,11 @@ func (c *CoordinatorApp) MockConfig(store bool) error {
 	}
 	// Reset prover manager config for manager test cases.
 	cfg.ProverManager = &coordinatorConfig.ProverManager{
-		ProversPerSession: 1,
-		Verifier:          &coordinatorConfig.VerifierConfig{MockMode: true},
-		CollectionTimeSec: 60,
+		ProversPerSession:  1,
+		Verifier:           &coordinatorConfig.VerifierConfig{MockMode: true},
+		CollectionTimeSec:  60,
+		SessionAttempts:    10,
+		MaxVerifierWorkers: 4,
 	}
 	cfg.DB.DSN = base.DBImg.Endpoint()
 	cfg.L2.ChainID = 111
--- a/coordinator/conf/config.json
+++ b/coordinator/conf/config.json
@@ -1,14 +1,14 @@
 {
  "prover_manager": {
    "provers_per_session": 1,
-    "session_attempts": 2,
+    "session_attempts": 5,
    "collection_time_sec": 180,
    "verifier": {
      "mock_mode": true,
      "params_path": "",
      "assets_path": ""
    },
-    "max_verifier_workers": 10
+    "max_verifier_workers": 4
  },
  "db": {
    "driver_name": "postgres",
@@ -22,6 +22,6 @@
  "auth": {
    "secret": "prover secret key",
    "challenge_expire_duration_sec": 3600,
-    "login_expire_duration_sec": 3600
+    "login_expire_duration_sec": 10
  }
 }
--- a/coordinator/internal/config/config.go
+++ b/coordinator/internal/config/config.go
@@ -8,24 +8,19 @@ import (
 	"scroll-tech/common/database"
 )

-const (
-	defaultNumberOfVerifierWorkers      = 10
-	defaultNumberOfSessionRetryAttempts = 2
-)
-
 // ProverManager loads sequencer configuration items.
 type ProverManager struct {
 	// The amount of provers to pick per proof generation session.
 	ProversPerSession uint8 `json:"provers_per_session"`
 	// Number of attempts that a session can be retried if previous attempts failed.
 	// Currently we only consider proving timeout as failure here.
-	SessionAttempts uint8 `json:"session_attempts,omitempty"`
+	SessionAttempts uint8 `json:"session_attempts"`
 	// Zk verifier config.
-	Verifier *VerifierConfig `json:"verifier,omitempty"`
+	Verifier *VerifierConfig `json:"verifier"`
 	// Proof collection time (in seconds).
 	CollectionTimeSec int `json:"collection_time_sec"`
 	// Max number of workers in verifier worker pool
-	MaxVerifierWorkers int `json:"max_verifier_workers,omitempty"`
+	MaxVerifierWorkers int `json:"max_verifier_workers"`
 }

 // L2 loads l2geth configuration items.
@@ -38,7 +33,7 @@ type L2 struct {
 type Auth struct {
 	Secret                     string `json:"secret"`
 	ChallengeExpireDurationSec int    `json:"challenge_expire_duration_sec"`
-	LoginExpireDurationSec     int    `json:"token_expire_duration_sec"` // unit: seconds
+	LoginExpireDurationSec     int    `json:"token_expire_duration_sec"`
 }

 // Config load configuration items.
@@ -69,12 +64,5 @@ func NewConfig(file string) (*Config, error) {
 		return nil, err
 	}

-	if cfg.ProverManager.MaxVerifierWorkers == 0 {
-		cfg.ProverManager.MaxVerifierWorkers = defaultNumberOfVerifierWorkers
-	}
-	if cfg.ProverManager.SessionAttempts == 0 {
-		cfg.ProverManager.SessionAttempts = defaultNumberOfSessionRetryAttempts
-	}
-
 	return cfg, nil
 }
--- a/coordinator/internal/config/config_test.go
+++ b/coordinator/internal/config/config_test.go
@@ -14,14 +14,14 @@ func TestConfig(t *testing.T) {
 	configTemplate := `{
 		"prover_manager": {
 			"provers_per_session": 1,
-			"session_attempts": %d,
+			"session_attempts": 5,
 			"collection_time_sec": 180,
 			"verifier": {
 				"mock_mode": true,
 				"params_path": "",
 				"agg_vk_path": ""
 			},
-			"max_verifier_workers": %d
+			"max_verifier_workers": 4
 		},
 		"db": {
 			"driver_name": "postgres",
@@ -46,8 +46,7 @@ func TestConfig(t *testing.T) {
 			assert.NoError(t, tmpFile.Close())
 			assert.NoError(t, os.Remove(tmpFile.Name()))
 		}()
-		config := fmt.Sprintf(configTemplate, defaultNumberOfSessionRetryAttempts, defaultNumberOfVerifierWorkers)
-		_, err = tmpFile.WriteString(config)
+		_, err = tmpFile.WriteString(configTemplate)
 		assert.NoError(t, err)

 		cfg, err := NewConfig(tmpFile.Name())
@@ -88,36 +87,4 @@ func TestConfig(t *testing.T) {
 		_, err = NewConfig(tmpFile.Name())
 		assert.Error(t, err)
 	})
-
-	t.Run("Default MaxVerifierWorkers", func(t *testing.T) {
-		tmpFile, err := os.CreateTemp("", "example")
-		assert.NoError(t, err)
-		defer func() {
-			assert.NoError(t, tmpFile.Close())
-			assert.NoError(t, os.Remove(tmpFile.Name()))
-		}()
-		config := fmt.Sprintf(configTemplate, defaultNumberOfSessionRetryAttempts, 0)
-		_, err = tmpFile.WriteString(config)
-		assert.NoError(t, err)
-
-		cfg, err := NewConfig(tmpFile.Name())
-		assert.NoError(t, err)
-		assert.Equal(t, defaultNumberOfVerifierWorkers, cfg.ProverManager.MaxVerifierWorkers)
-	})
-
-	t.Run("Default SessionAttempts", func(t *testing.T) {
-		tmpFile, err := os.CreateTemp("", "example")
-		assert.NoError(t, err)
-		defer func() {
-			assert.NoError(t, tmpFile.Close())
-			assert.NoError(t, os.Remove(tmpFile.Name()))
-		}()
-		config := fmt.Sprintf(configTemplate, 0, defaultNumberOfVerifierWorkers)
-		_, err = tmpFile.WriteString(config)
-		assert.NoError(t, err)
-
-		cfg, err := NewConfig(tmpFile.Name())
-		assert.NoError(t, err)
-		assert.Equal(t, uint8(defaultNumberOfSessionRetryAttempts), cfg.ProverManager.SessionAttempts)
-	})
 }
--- a/coordinator/internal/controller/api/auth.go
+++ b/coordinator/internal/controller/api/auth.go
@@ -31,8 +31,16 @@ func (a *AuthController) Login(c *gin.Context) (interface{}, error) {
 	if err := c.ShouldBind(&login); err != nil {
 		return "", fmt.Errorf("missing the public_key, err:%w", err)
 	}
+
+	// check login parameter's token is equal to bearer token, the Authorization must be existed
+	// if not exist, the jwt token will intercept it
+	brearToken := c.GetHeader("Authorization")
+	if brearToken != "Bearer "+login.Message.Challenge {
+		return "", fmt.Errorf("check challenge failure for the not equal challenge string")
+	}
+
 	// check the challenge is used, if used, return failure
-	if err := a.loginLogic.InsertChallengeString(c, login.Signature); err != nil {
+	if err := a.loginLogic.InsertChallengeString(c, login.Message.Challenge); err != nil {
 		return "", fmt.Errorf("login insert challenge string failure:%w", err)
 	}
 	return login, nil
@@ -48,8 +56,9 @@ func (a *AuthController) PayloadFunc(data interface{}) jwt.MapClaims {
 	// recover the public key
 	authMsg := message.AuthMsg{
 		Identity: &message.Identity{
-			Challenge:  v.Message.Challenge,
-			ProverName: v.Message.ProverName,
+			Challenge:     v.Message.Challenge,
+			ProverName:    v.Message.ProverName,
+			ProverVersion: v.Message.ProverVersion,
 		},
 		Signature: v.Signature,
 	}
@@ -60,8 +69,9 @@ func (a *AuthController) PayloadFunc(data interface{}) jwt.MapClaims {
 	}

 	return jwt.MapClaims{
-		types.PublicKey:  publicKey,
-		types.ProverName: v.Message.ProverName,
+		types.PublicKey:     publicKey,
+		types.ProverName:    v.Message.ProverName,
+		types.ProverVersion: v.Message.ProverVersion,
 	}
 }

@@ -75,5 +85,9 @@ func (a *AuthController) IdentityHandler(c *gin.Context) interface{} {
 	if publicKey, ok := claims[types.PublicKey]; ok {
 		c.Set(types.PublicKey, publicKey)
 	}
+
+	if proverVersion, ok := claims[types.ProverVersion]; ok {
+		c.Set(types.ProverVersion, proverVersion)
+	}
 	return nil
 }
--- a/coordinator/internal/logic/auth/login.go
+++ b/coordinator/internal/logic/auth/login.go
@@ -20,6 +20,6 @@ func NewLoginLogic(db *gorm.DB) *LoginLogic {
 }

 // InsertChallengeString insert and check the challenge string is existed
-func (l *LoginLogic) InsertChallengeString(ctx *gin.Context, signature string) error {
-	return l.challengeOrm.InsertChallenge(ctx, signature)
+func (l *LoginLogic) InsertChallengeString(ctx *gin.Context, challenge string) error {
+	return l.challengeOrm.InsertChallenge(ctx, challenge)
 }
--- a/coordinator/internal/types/auth.go
+++ b/coordinator/internal/types/auth.go
@@ -7,12 +7,15 @@ const (
 	PublicKey = "public_key"
 	// ProverName the prover name key for context
 	ProverName = "prover_name"
+	// ProverVersion the prover version for context
+	ProverVersion = "prover_version"
 )

 // Message the login message struct
 type Message struct {
-	Challenge  string `form:"challenge" json:"challenge" binding:"required"`
-	ProverName string `form:"prover_name" json:"prover_name" binding:"required"`
+	Challenge     string `form:"challenge" json:"challenge" binding:"required"`
+	ProverVersion string `form:"prover_version" json:"prover_version" binding:"required"`
+	ProverName    string `form:"prover_name" json:"prover_name" binding:"required"`
 }

 // LoginParameter for /login api
--- a/coordinator/internal/types/get_task.go
+++ b/coordinator/internal/types/get_task.go
@@ -2,9 +2,8 @@ package types

 // GetTaskParameter for ProverTasks request parameter
 type GetTaskParameter struct {
-	ProverVersion string `form:"prover_version" json:"prover_version" binding:"required"`
-	ProverHeight  int    `form:"prover_height" json:"prover_height" binding:"required"`
-	TaskType      int    `form:"task_type" json:"task_type"`
+	ProverHeight int `form:"prover_height" json:"prover_height" binding:"required"`
+	TaskType     int `form:"task_type" json:"task_type"`
 }

 // GetTaskSchema the schema data return to prover for get prover task
--- a/coordinator/test/mock_prover.go
+++ b/coordinator/test/mock_prover.go
@@ -76,14 +76,15 @@ func (r *mockProver) challenge(t *testing.T) string {
 func (r *mockProver) login(t *testing.T, challengeString string) string {
 	authMsg := message.AuthMsg{
 		Identity: &message.Identity{
-			Challenge:  challengeString,
-			ProverName: "test",
+			Challenge:     challengeString,
+			ProverName:    "test",
+			ProverVersion: "v1.0.0",
 		},
 	}
 	assert.NoError(t, authMsg.SignWithKey(r.privKey))

-	body := fmt.Sprintf("{\"message\":{\"challenge\":\"%s\",\"prover_name\":\"%s\"},\"signature\":\"%s\"}",
-		authMsg.Identity.Challenge, authMsg.Identity.ProverName, authMsg.Signature)
+	body := fmt.Sprintf("{\"message\":{\"challenge\":\"%s\",\"prover_name\":\"%s\", \"prover_version\":\"%s\"},\"signature\":\"%s\"}",
+		authMsg.Identity.Challenge, authMsg.Identity.ProverName, authMsg.Identity.ProverVersion, authMsg.Signature)

 	var result types.Response
 	client := resty.New()
@@ -137,7 +138,7 @@ func (r *mockProver) getProverTask(t *testing.T, proofType message.ProofType) *t
 	resp, err := client.R().
 		SetHeader("Content-Type", "application/json").
 		SetHeader("Authorization", fmt.Sprintf("Bearer %s", token)).
-		SetBody(map[string]interface{}{"prover_version": "v1.0.0", "prover_height": 100, "task_type": int(proofType)}).
+		SetBody(map[string]interface{}{"prover_height": 100, "task_type": int(proofType)}).
 		SetResult(&result).
 		Post("http://" + r.coordinatorURL + "/coordinator/v1/get_task")
 	assert.NoError(t, err)
--- a/prover/client/client.go
+++ b/prover/client/client.go
@@ -14,6 +14,7 @@ import (

 	"scroll-tech/common/types"
 	"scroll-tech/common/types/message"
+	"scroll-tech/common/version"
 )

 // CoordinatorClient is a client used for interacting with the Coordinator service.
@@ -65,8 +66,9 @@ func (c *CoordinatorClient) Login(ctx context.Context) error {
 	// Prepare and sign the login request
 	authMsg := &message.AuthMsg{
 		Identity: &message.Identity{
-			ProverName: c.proverName,
-			Challenge:  challengeResult.Data.Token,
+			ProverVersion: version.Version,
+			ProverName:    c.proverName,
+			Challenge:     challengeResult.Data.Token,
 		},
 	}

@@ -78,11 +80,13 @@ func (c *CoordinatorClient) Login(ctx context.Context) error {
 	// Login to coordinator
 	loginReq := &LoginRequest{
 		Message: struct {
-			Challenge  string `json:"challenge"`
-			ProverName string `json:"prover_name"`
+			Challenge     string `json:"challenge"`
+			ProverName    string `json:"prover_name"`
+			ProverVersion string `json:"prover_version"`
 		}{
-			Challenge:  authMsg.Identity.Challenge,
-			ProverName: authMsg.Identity.ProverName,
+			Challenge:     authMsg.Identity.Challenge,
+			ProverName:    authMsg.Identity.ProverName,
+			ProverVersion: authMsg.Identity.ProverVersion,
 		},
 		Signature: authMsg.Signature,
 	}
--- a/prover/client/types.go
+++ b/prover/client/types.go
@@ -17,8 +17,9 @@ type ChallengeResponse struct {
 // LoginRequest defines the request structure for login API
 type LoginRequest struct {
 	Message struct {
-		Challenge  string `json:"challenge"`
-		ProverName string `json:"prover_name"`
+		Challenge     string `json:"challenge"`
+		ProverName    string `json:"prover_name"`
+		ProverVersion string `json:"prover_version"`
 	} `json:"message"`
 	Signature string `json:"signature"`
 }
@@ -35,9 +36,8 @@ type LoginResponse struct {

 // GetTaskRequest defines the request structure for GetTask API
 type GetTaskRequest struct {
-	ProverVersion string            `json:"prover_version"`
-	ProverHeight  uint64            `json:"prover_height"`
-	TaskType      message.ProofType `json:"task_type"`
+	ProverHeight uint64            `json:"prover_height"`
+	TaskType     message.ProofType `json:"task_type"`
 }

 // GetTaskResponse defines the response structure for GetTask API
--- a/prover/prover.go
+++ b/prover/prover.go
@@ -24,7 +24,6 @@ import (

 	"scroll-tech/common/types/message"
 	"scroll-tech/common/utils"
-	"scroll-tech/common/version"
 )

 var (
@@ -190,9 +189,8 @@ func (r *Prover) fetchTaskFromCoordinator() (*store.ProvingTask, error) {

 	// prepare the request
 	req := &client.GetTaskRequest{
-		ProverVersion: version.Version,
-		ProverHeight:  latestBlockNumber,
-		TaskType:      r.Type(),
+		ProverHeight: latestBlockNumber,
+		TaskType:     r.Type(),
 	}

 	// send the request
Author	SHA1	Message	Date
ChuhanJin	bdf2968771	fix(bridge-history-api): Fix cors (#726 )	2023-08-05 13:55:30 +02:00
Steven	4d09e13b0c	feat: upgrade libzkp to `v0.5.2` (#725 )	2023-08-05 19:29:26 +08:00
georgehao	a98a2ff4b5	feat(coordinator): fix login replay attack (#723 ) Co-authored-by: Péter Garamvölgyi <peter@scroll.io> Co-authored-by: colinlyguo <colinlyguo@scroll.io>	2023-08-05 10:58:59 +02:00
colin	2a0c7ae6b5	refactor(coordinator & prover): RESTful API (#696 ) Co-authored-by: georgehao <haohongfan@gmail.com> Co-authored-by: HAOYUatHZ <37070449+HAOYUatHZ@users.noreply.github.com>	2023-08-05 08:27:07 +02:00