zkCRA PR into merge-create-loan

contracts/escrow/dapps/DappMods.sol

@@ -19,7 +19,7 @@ abstract contract DappMods {
         );
         _;
     }
-    
+
     /**
      * @notice checks if the respective loan escrow is secure
      * @param loanID uint256 of the respective loan escrow

contracts/lending/libraries/LendingLib.sol

@@ -20,4 +20,4 @@ library LendingLib {
     function tToken(address asset) internal view returns (ITToken tToken_) {
         tToken_ = s().tTokens[asset];
     }
-}
+}

contracts/lending/ttoken/ITToken.sol

@@ -102,7 +102,6 @@ abstract contract ITToken is ERC20Upgradeable, RolesFacet {
         external
         virtual
         returns (uint16 ratio_);
-
 
     /**
      * @notice Called by the Teller Diamond contract when a loan has been taken out and requires funds.

contracts/lending/ttoken/TToken_V1.sol

@@ -425,7 +425,9 @@ contract TToken_V1 is ITToken {
 
     /**
      * @notice it retrives the value in the underlying tokens
-     * 
+     * @param amount the amount of underlying
+     * @param rate the rate the underlying is exchanging at
+     * @return value_ the value of the underlying
      */
     function _valueInUnderlying(uint256 amount, uint256 rate)
         internal

contracts/market/CreateLoanFacet.sol

@@ -7,14 +7,14 @@ import {
     ReentryMods
 } from "../contexts2/access-control/reentry/ReentryMods.sol";
 import { RolesMods } from "../contexts2/access-control/roles/RolesMods.sol";
-import { AUTHORIZED } from "../shared/roles.sol";
+import { AUTHORIZED, ADMIN } from "../shared/roles.sol";
 import { ERC20 } from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
 
 // Libraries
 import { LibLoans } from "./libraries/LibLoans.sol";
 import { LibEscrow } from "../escrow/libraries/LibEscrow.sol";
 import { LibCollateral } from "./libraries/LibCollateral.sol";
-import { LibConsensus } from "./libraries/LibConsensus.sol";
+import { MarketLib } from "./libraries/MarketLib.sol";
 import { LendingLib } from "../lending/libraries/LendingLib.sol";
 import {
     PlatformSettingsLib
@@ -31,6 +31,10 @@ import {
 } from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
 import { NumbersLib } from "../shared/libraries/NumbersLib.sol";
 import { NFTLib } from "../nft/libraries/NFTLib.sol";
+import { Verifier } from "./cra/verifier.sol";
+import { ECDSA } from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
+import { MarketLib } from "./libraries/MarketLib.sol";
+import { ProcessRequestLib } from "./cra/ProcessRequestLib.sol";
 
 // Interfaces
 import { ILoansEscrow } from "../escrow/escrow/ILoansEscrow.sol";
@@ -48,7 +52,9 @@ import {
     LoanStatus,
     LoanTerms,
     Loan,
-    MarketStorageLib
+    MarketStorageLib,
+    Signature,
+    DataProviderSignature
 } from "../storage/market.sol";
 import { AppStorageLib } from "../storage/app.sol";
 
@@ -81,6 +87,26 @@ contract CreateLoanFacet is RolesMods, ReentryMods, PausableMods {
         loan.duration = request.request.duration;
     }
 
+    // used for testing our zkcra function
+    function initializeMarketAdmins() external authorized(ADMIN, msg.sender) {
+        // setting market admin
+        // MarketLib.m(bytes32(0)).admin[msg.sender] = true;
+        // // setting providers admin
+        // MarketLib.p(bytes32(0)).admin[msg.sender] = true;
+        // MarketLib.p(bytes32(uint256(1))).admin[msg.sender] = true;
+        // MarketLib.p(bytes32(uint256(2))).admin[msg.sender] = true;
+    }
+
+    function setProviderInformation(
+        bytes32 providerId,
+        uint32 maxAge,
+        address signer,
+        bool signerValue
+    ) external {
+        // MarketLib.setProviderSigner(providerId, signer, signerValue);
+        // MarketLib.setProviderMaxAge(providerId, maxAge);
+    }
+
     /**
      * @notice Creates a loan with the loan request and NFTs without any collateral
      * @param request Struct of the protocol loan request
@@ -208,10 +234,9 @@ library CreateLoanLib {
                 request.request.duration,
             "Teller: max loan duration exceeded"
         );
-
         // Get consensus values from request
         (uint16 interestRate, uint16 collateralRatio, uint256 maxLoanAmount) =
-            LibConsensus.processLoanTerms(request);
+            ProcessRequestLib.processMarketRequest(request);
 
         // Perform loan value checks
         require(

contracts/market/LoanDataFacet.sol

@@ -133,7 +133,7 @@ contract LoanDataFacet {
     /**
      * @notice it returns the total escrow tokens held by an escrow
      * @param loanID the identifier of the respective escrow's loan
-     * @return tokens_ the tokens held at the escrow loan 
+     * @return tokens_ the tokens held at the escrow loan
      */
     function getEscrowTokens(uint256 loanID)
         external

contracts/market/ProviderFactoryFacet.sol

@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.3;
+
+import { DataProvider } from "./cra/DataProvider.sol";
+
+contract ProviderFactoryFacet {
+    address public admin;
+    DataProvider[] public providers;
+
+    modifier onlyAdmin() {
+        require(admin == msg.sender, "Only the admin can call this!");
+        _;
+    }
+
+    // whichever address that deploys the provider factory facet is the admin of the factory
+    constructor() {
+        admin = msg.sender;
+    }
+
+    /**
+     * @notice it creates a new provider. whichever address that creates the new provider is the
+     * admin of the said provider.
+     */
+    function createProvider() public {
+        DataProvider provider = new DataProvider(msg.sender);
+        providers.push(provider);
+    }
+
+    function getProviders() public view returns (DataProvider[] memory) {
+        return providers;
+    }
+}

contracts/market/cra/DataProvider.sol

@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.3;
+
+contract DataProvider {
+    mapping(address => bool) public admins;
+    mapping(address => bool) public signers;
+
+    modifier onlyAdmin() {
+        require(admins[msg.sender], "Teller: not admin");
+        _;
+    }
+
+    constructor(address initAdmin) {
+        admins[initAdmin] = true;
+    }
+
+    /**
+     * @notice it sets the admin of a provider
+     * @param signerAddress the address of the new or existing signer
+     * @param signerValue the bool value for the admin
+     */
+    function setSigner(address signerAddress, bool signerValue)
+        public
+        onlyAdmin
+    {
+        signers[signerAddress] = signerValue;
+    }
+
+    /**
+     * @notice it sets the admin of a provider
+     * @param adminAddress the address of the new or existing admin
+     * @param adminValue the bool value for the admin
+     */
+    function setAdmin(address adminAddress, bool adminValue) public onlyAdmin {
+        admins[adminAddress] = adminValue;
+    }
+}

contracts/market/cra/ProcessRequestLib.sol

@@ -0,0 +1,155 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+import {
+    LoanRequest,
+    DataProviderSignature,
+    Signature
+} from "../../storage/market.sol";
+import { MarketHandler } from "../cra/market-handler/MarketHandler.sol";
+import { LibLoans } from "../libraries/LibLoans.sol";
+import { Verifier } from "../cra/verifier.sol";
+import { ECDSA } from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
+import { DataProvider } from "./DataProvider.sol";
+
+library ProcessRequestLib {
+    /**
+     * @notice it uses our request to verify the returned proof and witness with each other,
+     * verifies our signature data with our respective data providers, then retrieves our interest rate,
+     * collateral ratio and max loan amount
+     * @param request contains all the needed data to do the above
+     * @return interestRate the rate of the loan
+     * @return collateralRatio the collateral ratio required for the loan, if any
+     * @return maxLoanAmount the max loan amount the user is entitled to
+     */
+    function processMarketRequest(LoanRequest memory request)
+        public
+        returns (
+            uint16 interestRate,
+            uint16 collateralRatio,
+            uint256 maxLoanAmount
+        )
+    {
+        MarketHandler marketHandler =
+            MarketHandler(request.marketHandlerAddress);
+        // Overwrite the first snark witness item with the on-chain identifier
+        // for the loan (msg.sender ^ nonce). This forces the CRA to have been
+        // run with the proper identifier.
+        request.snarkWitnesses[0] =
+            uint256(uint160(msg.sender)) ^
+            LibLoans.s().borrowerLoans[msg.sender].length;
+
+        // Verify the snark proof.
+        require(
+            Verifier.verifyTx(request.snarkProof, request.snarkWitnesses),
+            "Proof not verified"
+        );
+
+        // signatures length
+        uint8 signaturesLength = marketHandler.numberOfSignaturesRequired();
+
+        // get variable amount of commitments from market handler
+        bytes32[] memory commitments = new bytes32[](signaturesLength);
+
+        // constructing our commitments to verify with our signature data
+        for (uint8 i = 0; i < commitments.length; i++) {
+            for (uint8 j = 0; j < 8; j++) {
+                commitments[i] =
+                    (commitments[i] << 32) ^
+                    bytes32(request.snarkWitnesses[2 + i * 8 + j]);
+            }
+            commitments[i] ^= bytes32(
+                request.dataProviderSignatures[i].signedAt
+            );
+        }
+
+        // equate this require statement to amount of commitments from market handler
+        require(
+            request.dataProviderSignatures.length == 3,
+            "Must have 3 providers!"
+        );
+
+        // Verify that the commitment signatures are valid and that the data
+        // is not too old for the market's liking.
+        _verifySignatures(
+            commitments,
+            request.dataProviderSignatures,
+            request.marketHandlerAddress,
+            request.providers
+        );
+
+        // The second witness item (after identifier) is the market
+        // score
+        uint256 marketScore = uint256(request.snarkWitnesses[1]);
+        require(marketScore > 5, "Teller: market score not high enough");
+
+        // Let the market handle the loan request and disperse the loan.
+
+        // create default teller market handler
+        // pass it the marketId and return max loan amount, collateral ratio, interest rate
+        // upper and lower bound for loan amount, interest rate and collateral ratio depending on
+        // market id
+        (interestRate, collateralRatio, maxLoanAmount) = marketHandler.handler(
+            marketScore,
+            request
+        );
+        return (interestRate, collateralRatio, maxLoanAmount);
+    }
+
+    function _verifySignatures(
+        bytes32[] memory commitments,
+        DataProviderSignature[] memory signatureData,
+        address marketHandlerAddress,
+        address[] memory providers
+    ) private {
+        MarketHandler marketHandler = MarketHandler(marketHandlerAddress);
+        for (uint256 i = 0; i < commitments.length; i++) {
+            address providerAddress = providers[i];
+            require(
+                signatureData[i].signedAt > block.timestamp - 5 days,
+                "Signed at less than max age"
+            );
+            require(
+                marketHandler.usedCommitments(commitments[i]) == false,
+                "Teller: commitment already used"
+            );
+            marketHandler.addCommitment(commitments[i]);
+
+            _validateSignature(
+                signatureData[i].signature,
+                commitments[i],
+                providerAddress
+            );
+        }
+    }
+
+    /**
+     * @notice It validates whether a signature is valid or not.
+     * @param signature signature to validate.
+     * @param commitment used to recover the signer.
+     * @param providerAddress the provider address to check for the recovered signer.
+     */
+    function _validateSignature(
+        Signature memory signature,
+        bytes32 commitment,
+        address providerAddress
+    ) private view {
+        address recoveredSigner =
+            ECDSA.recover(
+                keccak256(
+                    abi.encodePacked(
+                        "\x19Ethereum Signed Message:\n32",
+                        uint256(commitment)
+                    )
+                ),
+                signature.v,
+                signature.r,
+                signature.s
+            );
+        DataProvider provider = DataProvider(providerAddress);
+        require(
+            provider.signers(recoveredSigner),
+            "Teller: not valid signature"
+        );
+    }
+}

contracts/market/cra/cra.zok

@@ -0,0 +1,37 @@
+import "hashes/sha256/256bitPadded.zok" as sha256
+
+/*
+    Zero-Knowledge CRA. Each market configures up to 4 data providers used to
+    create their market score. Markets also configure the weight of each value
+    given for the user by the data provider. Each data provider gives the user
+    a score between 0 and 4,294,967,295 along with a secret. These two are
+    combined to create a commitment, which is also signed by the data provider
+    and verified on-chain.
+
+    @param private u32[4][8] data - Array of 4 uint256's. The first 32 bits of
+    each value represents the user's score given by a specific data provider.
+    The last 224 bits represent a secret value used to create a commitment hash.
+    Data providers sign the value sha256(value, secret) ^ timestamp, and that
+    signature is verified on-chain.
+
+    @param public field identifier - user address ^ user borrow nonce. This
+    param is used to prevent replaying proofs on-chain.
+
+    @param public u32[4] weights - Array of 4 uint32's. Each value represents
+    a weight given by the market for the data provider at that index. If
+    data[i][0] (value) == 10 and weights[i] == 5, then market score += 50.
+
+    @return field MARKET_SCORE - uint256 accumulated markets score.
+    @return u32[4][8] commitments - Array of the 4 commitments.
+*/
+def main(private u32[3][8] data, public field identifier) -> (u32, u32[3][8]):
+    u32[3][8] commitments = data
+    u32 MARKET_SCORE = 0
+    u32 MASK = 0x0000000a
+
+    for u32 i in 0..3 do
+        MARKET_SCORE = MARKET_SCORE + data[i][0] & MASK
+        commitments[i] = sha256(data[i])
+    endfor
+
+    return MARKET_SCORE,commitments