From 8c2a178c67cd49f78d261a5070be89aaa9530c9f Mon Sep 17 00:00:00 2001
From: Rigidity <me@rigidnetwork.com>
Date: Thu, 31 Oct 2024 09:00:58 -0400
Subject: [PATCH 1/3] Enable keccak ops outside guard

---
 Cargo.lock                                | 23 +++++++++++++++++++++--
 Cargo.toml                                |  3 +++
 crates/chia-sdk-test/src/announcements.rs | 14 ++++----------
 crates/chia-sdk-types/src/run_puzzle.rs   |  3 ++-
 napi/src/clvm.rs                          |  3 ++-
 5 files changed, 32 insertions(+), 14 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 5455b79a..27eea184 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -710,8 +710,7 @@ dependencies = [
 [[package]]
 name = "clvmr"
 version = "0.9.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cd48d84ed6eac4638131341402f30476c9f6c6970ed3ed6984bdf125c5a09538"
+source = "git+https://github.com/Chia-Network/clvm_rs?rev=2f413e72fcf1bcafa4a3117f2c2a0a3a0e7e1c6b#2f413e72fcf1bcafa4a3117f2c2a0a3a0e7e1c6b"
 dependencies = [
  "chia-bls 0.10.0",
  "hex-literal",
@@ -722,6 +721,7 @@ dependencies = [
  "num-traits",
  "p256",
  "sha2",
+ "sha3",
 ]
 
 [[package]]
@@ -1281,6 +1281,15 @@ dependencies = [
  "signature",
 ]
 
+[[package]]
+name = "keccak"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ecc2af9a1119c51f12a14607e783cb977bde58bc069ff0c3da1095e635d70654"
+dependencies = [
+ "cpufeatures",
+]
+
 [[package]]
 name = "lazy_static"
 version = "1.5.0"
@@ -2162,6 +2171,16 @@ dependencies = [
  "digest",
 ]
 
+[[package]]
+name = "sha3"
+version = "0.10.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "75872d278a8f37ef87fa0ddbda7802605cb18344497949862c0d4dcb291eba60"
+dependencies = [
+ "digest",
+ "keccak",
+]
+
 [[package]]
 name = "shlex"
 version = "1.3.0"
diff --git a/Cargo.toml b/Cargo.toml
index b35a41aa..00d19f24 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -139,3 +139,6 @@ paste = "1.0.15"
 [profile.release]
 lto = true
 strip = "symbols"
+
+[patch.crates-io]
+clvmr = { git = "https://github.com/Chia-Network/clvm_rs", rev = "2f413e72fcf1bcafa4a3117f2c2a0a3a0e7e1c6b" }
diff --git a/crates/chia-sdk-test/src/announcements.rs b/crates/chia-sdk-test/src/announcements.rs
index ba73fbdc..cb657d11 100644
--- a/crates/chia-sdk-test/src/announcements.rs
+++ b/crates/chia-sdk-test/src/announcements.rs
@@ -1,10 +1,10 @@
 use chia_protocol::{Bytes, Bytes32, CoinSpend};
 use chia_sdk_types::{
-    announcement_id, AssertCoinAnnouncement, AssertPuzzleAnnouncement, CreateCoinAnnouncement,
-    CreatePuzzleAnnouncement,
+    announcement_id, run_puzzle, AssertCoinAnnouncement, AssertPuzzleAnnouncement,
+    CreateCoinAnnouncement, CreatePuzzleAnnouncement,
 };
 use clvm_traits::{FromClvm, ToClvm};
-use clvmr::{reduction::Reduction, run_program, Allocator, ChiaDialect, NodePtr};
+use clvmr::{Allocator, NodePtr};
 
 #[derive(Debug, Default, Clone)]
 pub struct Announcements {
@@ -77,13 +77,7 @@ pub fn announcements_for_spend(coin_spend: &CoinSpend) -> anyhow::Result<Announc
     let puzzle = coin_spend.puzzle_reveal.to_clvm(allocator)?;
     let solution = coin_spend.solution.to_clvm(allocator)?;
 
-    let Reduction(_cost, output) = run_program(
-        allocator,
-        &ChiaDialect::new(0),
-        puzzle,
-        solution,
-        11_000_000_000,
-    )?;
+    let output = run_puzzle(allocator, puzzle, solution)?;
 
     let conditions = Vec::<NodePtr>::from_clvm(allocator, output)?;
 
diff --git a/crates/chia-sdk-types/src/run_puzzle.rs b/crates/chia-sdk-types/src/run_puzzle.rs
index 1c779223..4d5b48e0 100644
--- a/crates/chia-sdk-types/src/run_puzzle.rs
+++ b/crates/chia-sdk-types/src/run_puzzle.rs
@@ -1,4 +1,5 @@
 use clvmr::{
+    chia_dialect::ENABLE_KECCAK_OPS_OUTSIDE_GUARD,
     reduction::{EvalErr, Reduction},
     Allocator, NodePtr,
 };
@@ -10,7 +11,7 @@ pub fn run_puzzle(
 ) -> Result<NodePtr, EvalErr> {
     let Reduction(_cost, output) = clvmr::run_program(
         allocator,
-        &clvmr::ChiaDialect::new(0),
+        &clvmr::ChiaDialect::new(ENABLE_KECCAK_OPS_OUTSIDE_GUARD),
         puzzle,
         solution,
         11_000_000_000,
diff --git a/napi/src/clvm.rs b/napi/src/clvm.rs
index 50b23737..fe3bb44c 100644
--- a/napi/src/clvm.rs
+++ b/napi/src/clvm.rs
@@ -7,6 +7,7 @@ use chia::{
 };
 use chia_wallet_sdk::{self as sdk, HashedPtr, SpendContext};
 use clvmr::{
+    chia_dialect::ENABLE_KECCAK_OPS_OUTSIDE_GUARD,
     run_program,
     serde::{node_from_bytes, node_from_bytes_backrefs},
     ChiaDialect, NodePtr, MEMPOOL_MODE,
@@ -70,7 +71,7 @@ impl ClvmAllocator {
         max_cost: BigInt,
         mempool_mode: bool,
     ) -> Result<Output> {
-        let mut flags = 0;
+        let mut flags = ENABLE_KECCAK_OPS_OUTSIDE_GUARD;
 
         if mempool_mode {
             flags |= MEMPOOL_MODE;

From 727ccd499c7f02e93f4e2e8591ff93575d589082 Mon Sep 17 00:00:00 2001
From: Rigidity <me@rigidnetwork.com>
Date: Mon, 4 Nov 2024 19:29:19 -0500
Subject: [PATCH 2/3] ENABLE_KECCAK

---
 crates/chia-sdk-types/src/run_puzzle.rs | 4 ++--
 napi/src/clvm.rs                        | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/crates/chia-sdk-types/src/run_puzzle.rs b/crates/chia-sdk-types/src/run_puzzle.rs
index 4d5b48e0..38000822 100644
--- a/crates/chia-sdk-types/src/run_puzzle.rs
+++ b/crates/chia-sdk-types/src/run_puzzle.rs
@@ -1,5 +1,5 @@
 use clvmr::{
-    chia_dialect::ENABLE_KECCAK_OPS_OUTSIDE_GUARD,
+    chia_dialect::{ENABLE_KECCAK, ENABLE_KECCAK_OPS_OUTSIDE_GUARD},
     reduction::{EvalErr, Reduction},
     Allocator, NodePtr,
 };
@@ -11,7 +11,7 @@ pub fn run_puzzle(
 ) -> Result<NodePtr, EvalErr> {
     let Reduction(_cost, output) = clvmr::run_program(
         allocator,
-        &clvmr::ChiaDialect::new(ENABLE_KECCAK_OPS_OUTSIDE_GUARD),
+        &clvmr::ChiaDialect::new(ENABLE_KECCAK | ENABLE_KECCAK_OPS_OUTSIDE_GUARD),
         puzzle,
         solution,
         11_000_000_000,
diff --git a/napi/src/clvm.rs b/napi/src/clvm.rs
index fe3bb44c..0d708fc5 100644
--- a/napi/src/clvm.rs
+++ b/napi/src/clvm.rs
@@ -7,7 +7,7 @@ use chia::{
 };
 use chia_wallet_sdk::{self as sdk, HashedPtr, SpendContext};
 use clvmr::{
-    chia_dialect::ENABLE_KECCAK_OPS_OUTSIDE_GUARD,
+    chia_dialect::{ENABLE_KECCAK, ENABLE_KECCAK_OPS_OUTSIDE_GUARD},
     run_program,
     serde::{node_from_bytes, node_from_bytes_backrefs},
     ChiaDialect, NodePtr, MEMPOOL_MODE,
@@ -71,7 +71,7 @@ impl ClvmAllocator {
         max_cost: BigInt,
         mempool_mode: bool,
     ) -> Result<Output> {
-        let mut flags = ENABLE_KECCAK_OPS_OUTSIDE_GUARD;
+        let mut flags = ENABLE_KECCAK | ENABLE_KECCAK_OPS_OUTSIDE_GUARD;
 
         if mempool_mode {
             flags |= MEMPOOL_MODE;

From 52eea05468f84cd9122cf074e8b5c04d0d91ccda Mon Sep 17 00:00:00 2001
From: Rigidity <me@rigidnetwork.com>
Date: Mon, 4 Nov 2024 20:05:59 -0500
Subject: [PATCH 3/3] hack validation

---
 crates/chia-sdk-test/src/simulator.rs | 70 +++++++++++++++++++++++++--
 1 file changed, 66 insertions(+), 4 deletions(-)

diff --git a/crates/chia-sdk-test/src/simulator.rs b/crates/chia-sdk-test/src/simulator.rs
index 9f1a1983..06babdcc 100644
--- a/crates/chia-sdk-test/src/simulator.rs
+++ b/crates/chia-sdk-test/src/simulator.rs
@@ -1,13 +1,24 @@
-use std::collections::HashSet;
+use std::{
+    collections::HashSet,
+    time::{Duration, Instant},
+};
 
-use chia_bls::{DerivableKey, PublicKey, SecretKey};
+use chia_bls::{aggregate_verify_gt, hash_to_g2, DerivableKey, PublicKey, SecretKey};
 use chia_consensus::{
-    consensus_constants::ConsensusConstants, gen::validation_error::ErrorCode,
-    spendbundle_validation::validate_clvm_and_signature,
+    allocator::make_allocator,
+    consensus_constants::ConsensusConstants,
+    gen::{owned_conditions::OwnedSpendBundleConditions, validation_error::ErrorCode},
+    spendbundle_conditions::run_spendbundle,
+    spendbundle_validation::ValidationPair,
 };
 use chia_protocol::{Bytes32, Coin, CoinSpend, CoinState, Program, SpendBundle};
 use chia_puzzles::standard::StandardArgs;
 use chia_sdk_types::TESTNET11_CONSTANTS;
+use clvmr::{
+    chia_dialect::{ENABLE_KECCAK, ENABLE_KECCAK_OPS_OUTSIDE_GUARD},
+    sha2::Sha256,
+    LIMIT_HEAP,
+};
 use fastrand::Rng;
 use indexmap::{IndexMap, IndexSet};
 
@@ -288,3 +299,54 @@ impl Simulator {
         self.height += 1;
     }
 }
+
+// currently in mempool_manager.py
+// called in threads from pre_validate_spend_bundle()
+// pybinding returns (error, cached_results, new_cache_entries, duration)
+fn validate_clvm_and_signature(
+    spend_bundle: &SpendBundle,
+    max_cost: u64,
+    constants: &ConsensusConstants,
+    height: u32,
+) -> Result<(OwnedSpendBundleConditions, Vec<ValidationPair>, Duration), ErrorCode> {
+    let start_time = Instant::now();
+    let mut a = make_allocator(LIMIT_HEAP);
+    let (sbc, pkm_pairs) = run_spendbundle(
+        &mut a,
+        spend_bundle,
+        max_cost,
+        height,
+        ENABLE_KECCAK | ENABLE_KECCAK_OPS_OUTSIDE_GUARD,
+        constants,
+    )
+    .map_err(|e| e.1)?;
+    let conditions = OwnedSpendBundleConditions::from(&a, sbc);
+
+    // Collect all pairs in a single vector to avoid multiple iterations
+    let mut pairs = Vec::new();
+
+    let mut aug_msg = Vec::<u8>::new();
+
+    for (pk, msg) in pkm_pairs {
+        aug_msg.clear();
+        aug_msg.extend_from_slice(&pk.to_bytes());
+        aug_msg.extend(&*msg);
+        let aug_hash = hash_to_g2(&aug_msg);
+        let pairing = aug_hash.pair(&pk);
+
+        let mut key = Sha256::new();
+        key.update(&aug_msg);
+        pairs.push((key.finalize(), pairing));
+    }
+    // Verify aggregated signature
+    let result = aggregate_verify_gt(
+        &spend_bundle.aggregated_signature,
+        pairs.iter().map(|tuple| &tuple.1),
+    );
+    if !result {
+        return Err(ErrorCode::BadAggregateSignature);
+    }
+
+    // Collect results
+    Ok((conditions, pairs, start_time.elapsed()))
+}