Video: ZK Panagram App - Get Proof Function - Noir Programming And ZK Circuits

## Bridging Solidity and External Scripts with Foundry's FFI Foundry's Foreign Function Interface (FFI) is a powerful cheatcode that extends the capabilities of your Solidity tests by allowing them to execute arbitrary terminal commands. This feature is particularly useful for complex, off-chain computations, such as generating zero-knowledge proofs, which can then be fed back into your on-chain verification logic. The FFI cheatcode, documented in the official Foundry Book (accessible at `book.getfoundry.sh/reference/cheatcodes/ffi`), has the following signature: ```solidity function ffi(string[] calldata) external returns (bytes memory); ``` This function takes an array of strings, representing the command and its arguments, and returns the standard output of that command as `bytes`. It's essential to understand that FFI must be explicitly enabled to function. ## A Critical Security Warning: Understanding FFI Risks Before diving into the implementation, it is paramount to address the significant security implications of using FFI. **FFI is not enabled by default in Foundry projects, and for a very good reason.** Enabling FFI means that "anyone who can change the tests of a project will be able to execute arbitrary commands on devices that run the tests." This poses a substantial security risk. If you clone a project that has FFI enabled, or if you enable it yourself, be acutely aware that the test suite could potentially execute malicious commands on your system. Always exercise extreme caution and thoroughly vet any project code before running tests with FFI enabled. ## Enabling FFI in Your Foundry Project To utilize the FFI cheatcode in your tests, you must first enable it in your project's configuration file, `foundry.toml`. Add the following line to this file: ```toml ffi = true ``` This simple configuration change activates the FFI functionality for your Foundry environment. ## How Foundry's FFI Executes External Commands The `vm.ffi()` cheatcode works by taking an array of strings as its input. Each string within this array corresponds to a part of the command you would typically type into a terminal, including the executable and its arguments, each as a separate element. For instance, a conceptual example to echo "gm" might look like this: ```solidity string[] memory inputs = new string[](3); inputs[0] = "echo"; inputs[1] = "-n"; inputs[2] = "gm"; // Or an ABI-encoded value bytes memory res = vm.ffi(inputs); ``` In the context of this lesson, our goal is to execute a TypeScript script using `npx tsx`. The command will be structured similarly to: `npx tsx js-scripts/generateProof.ts <arg1> <arg2> ...`. ## Crafting a `_getProof` Helper Function in Solidity We will now construct an internal helper function, `_getProof`, within a Solidity test contract (e.g., `PanagramTest.sol`). This function will orchestrate the call to an external TypeScript script responsible for generating a zero-knowledge proof. **Function Signature** The `_getProof` function will accept the private inputs required by our ZK circuit (`guess` and `correctAnswer`) and will return the generated proof as `bytes`. ```solidity function _getProof(bytes32 guess, bytes32 correctAnswer) internal returns (bytes memory _proof) { // Implementation details to follow } ``` This function is marked `internal` as it's a utility within our test suite. Note that while the function itself might not appear to modify state from Solidity's perspective (it doesn't alter contract storage variables directly), `vm.ffi` is inherently a state-changing cheatcode because it interacts with the external environment. **Preparing Inputs for the FFI Call** To call our external script, we need to assemble the command and its arguments into a string array. 1. **Define the Number of Arguments**: We'll use a constant to define the size of our command array. For `npx tsx js-scripts/generateProof.ts <arg1> <arg2>`, this will be 5 elements. ```solidity uint256 NUM_ARGS = 5; ``` 2. **Initialize the `inputs` Array**: Create a new string array in memory. ```solidity string[] memory inputs = new string[](NUM_ARGS); ``` 3. **Populate the `inputs` Array**: Each part of the command is assigned to an element in the array. * `inputs[0] = "npx";` (The Node Package Execute command) * `inputs[1] = "tsx";` (The TypeScript execution tool) * `inputs[2] = "js-scripts/generateProof.ts";` (The path to our proof generation script) * `inputs[3] = vm.toString(guess);` (The first script argument, converted from `bytes32`) * `inputs[4] = vm.toString(correctAnswer);` (The second script argument, converted from `bytes32`) The `vm.toString(bytes32)` cheatcode is crucial here. It converts `bytes32` Solidity types into their string representations, making them suitable for passing as command-line arguments to our TypeScript script. The script will then need to parse these strings back into the appropriate data types. The assembled input preparation block looks like this: ```solidity uint256 NUM_ARGS = 5; string[] memory inputs = new string[](NUM_ARGS); inputs[0] = "npx"; inputs[1] = "tsx"; inputs[2] = "js-scripts/generateProof.ts"; inputs[3] = vm.toString(guess); inputs[4] = vm.toString(correctAnswer); ``` **Executing the External Script and Retrieving the Proof** With the `inputs` array prepared, we can now call `vm.ffi()`: ```solidity bytes memory result = vm.ffi(inputs); _proof = result; // Assign the output to our return variable ``` Alternatively, you can return the result directly: `return vm.ffi(inputs);`. The `result` variable will contain the standard output (`stdout`) of the `generateProof.ts` script, which, in this case, is expected to be the raw bytes of the generated proof. ## The Complete `_getProof` Solidity Function Combining all the pieces, the `_getProof` helper function is as follows: ```solidity function _getProof(bytes32 guess, bytes32 correctAnswer) internal returns (bytes memory _proof) { uint256 NUM_ARGS = 5; string[] memory inputs = new string[](NUM_ARGS); inputs[0] = "npx"; inputs[1] = "tsx"; inputs[2] = "js-scripts/generateProof.ts"; // Ensure this path is correct for your project inputs[3] = vm.toString(guess); inputs[4] = vm.toString(correctAnswer); bytes memory result = vm.ffi(inputs); _proof = result; // For a more concise return: // return vm.ffi(inputs); } ``` This function effectively encapsulates the logic for calling an external proof generation script directly from your Solidity tests. ## Core Concepts: FFI, Solidity, and External Scripting Understanding the interplay of these technologies is key: * **Foundry**: The comprehensive toolkit providing the testing environment and cheatcodes. * **Solidity**: The language used for writing smart contracts and, in this context, test contracts that leverage Foundry's capabilities. * **FFI (Foreign Function Interface)**: The specific Foundry cheatcode (`vm.ffi`) enabling the execution of external shell commands from Solidity. * **TypeScript/JavaScript**: The chosen language for the external script (`generateProof.ts`), which handles the computationally intensive task of ZK proof generation. * **`npx`**: Node Package Execute, a tool for running CLI packages, simplifying the execution of tools like `tsx`. * **`tsx`**: A command-line tool designed for seamless execution of TypeScript and ECMAScript Modules. * **Cheatcodes**: Special functions provided by Foundry (prefixed with `vm.`) that allow tests to interact with the EVM state, filesystem, or external environment in ways standard Solidity cannot (e.g., `vm.ffi`, `vm.toString`). * **Zero-Knowledge Proofs (Implied)**: The underlying motivation for using FFI in this scenario is to offload the generation of ZK proofs to an efficient off-chain process, with the proof then being used in on-chain verification. ## Best Practices and Important Considerations for Using FFI * **Prioritize Security**: The security risks associated with FFI cannot be overstated. Enable it only when absolutely necessary, when you fully trust the project's codebase, and understand the potential for arbitrary code execution. Consider FFI as a "last resort" rather than a standard tool. * **Structure Commands Correctly**: The `inputs` array for `vm.ffi` requires each distinct part of the command (the executable, any flags, and each argument) to be a separate string element in the array. * **Handle Data Conversion**: Data passed from Solidity to external scripts often needs conversion. `vm.toString` is useful for primitive types. Your external script must be prepared to parse these string inputs back into the data types it expects. * **Manage Script Output**: The `vm.ffi` function captures the standard output (`stdout`) of the executed command. Ensure your external script prints the desired data (e.g., the proof bytes) to `stdout` and nothing else, or be prepared to parse the output accordingly. * **Foundry Documentation**: Keep an eye on the official Foundry documentation for the latest updates and best practices regarding FFI and other cheatcodes.

Get Proof Function

What you'll learn

Course Description

Who is this course for?

Meet your instructors

Thanks for checking us out

What you'll learn

Course Description

Who is this course for?

Meet your instructors