Ethereum Integration (#557)

* Clean up Ethereum * Consistent contract address for deployed contracts * Flesh out Router a bit * Add a Deployer for DoS-less deployment * Implement Router-finding * Use CREATE2 helper present in ethers * Move from CREATE2 to CREATE Bit more streamlined for our use case. * Document ethereum-serai * Tidy tests a bit * Test updateSeraiKey * Use encodePacked for updateSeraiKey * Take in the block hash to read state during * Add a Sandbox contract to the Ethereum integration * Add retrieval of transfers from Ethereum * Add inInstruction function to the Router * Augment our handling of InInstructions events with a check the transfer event also exists * Have the Deployer error upon failed deployments * Add --via-ir * Make get_transaction test-only We only used it to get transactions to confirm the resolution of Eventualities. Eventualities need to be modularized. By introducing the dedicated confirm_completion function, we remove the need for a non-test get_transaction AND begin this modularization (by no longer explicitly grabbing a transaction to check with). * Modularize Eventuality Almost fully-deprecates the Transaction trait for Completion. Replaces Transaction ID with Claim. * Modularize the Scheduler behind a trait * Add an extremely basic account Scheduler * Add nonce uses, key rotation to the account scheduler * Only report the account Scheduler empty after transferring keys Also ban payments to the branch/change/forward addresses. * Make fns reliant on state test-only * Start of an Ethereum integration for the processor * Add a session to the Router to prevent updateSeraiKey replaying This would only happen if an old key was rotated to again, which would require n-of-n collusion (already ridiculous and a valid fault attributable event). It just clarifies the formal arguments. * Add a RouterCommand + SignMachine for producing it to coins/ethereum * Ethereum which compiles * Have branch/change/forward return an option Also defines a UtxoNetwork extension trait for MAX_INPUTS. * Make external_address exclusively a test fn * Move the "account" scheduler to "smart contract" * Remove ABI artifact * Move refund/forward Plan creation into the Processor We create forward Plans in the scan path, and need to know their exact fees in the scan path. This requires adding a somewhat wonky shim_forward_plan method so we can obtain a Plan equivalent to the actual forward Plan for fee reasons, yet don't expect it to be the actual forward Plan (which may be distinct if the Plan pulls from the global state, such as with a nonce). Also properly types a Scheduler addendum such that the SC scheduler isn't cramming the nonce to use into the N::Output type. * Flesh out the Ethereum integration more * Two commits ago, into the **Scheduler, not Processor * Remove misc TODOs in SC Scheduler * Add constructor to RouterCommandMachine * RouterCommand read, pairing with the prior added write * Further add serialization methods * Have the Router's key included with the InInstruction This does not use the key at the time of the event. This uses the key at the end of the block for the event. Its much simpler than getting the full event streams for each, checking when they interlace. This does not read the state. Every block, this makes a request for every single key update and simply chooses the last one. This allows pruning state, only keeping the event tree. Ideally, we'd also introduce a cache to reduce the cost of the filter (small in events yielded, long in blocks searched). Since Serai doesn't have any forwarding TXs, nor Branches, nor change, all of our Plans should solely have payments out, and there's no expectation of a Plan being made under one key broken by it being received by another key. * Add read/write to InInstruction * Abstract the ABI for Call/OutInstruction in ethereum-serai * Fill out signable_transaction for Ethereum * Move ethereum-serai to alloy Resolves #331. * Use the opaque sol macro instead of generated files * Move the processor over to the now-alloy-based ethereum-serai * Use the ecrecover provided by alloy * Have the SC use nonce for rotation, not session (an independent nonce which wasn't synchronized) * Always use the latest keys for SC scheduled plans * get_eventuality_completions for Ethereum * Finish fleshing out the processor Ethereum integration as needed for serai-processor tests This doesn't not support any actual deployments, not even the ones simulated by serai-processor-docker-tests. * Add alloy-simple-request-transport to the GH workflows * cargo update * Clarify a few comments and make one check more robust * Use a string for 27.0 in .github * Remove optional from no-longer-optional dependencies in processor * Add alloy to git deny exception * Fix no longer optional specification in processor's binaries feature * Use a version of foundry from 2024 * Correct fetching Bitcoin TXs in the processor docker tests * Update rustls to resolve RUSTSEC warnings * Use the monthly nightly foundry, not the deleted daily nightly
2025-12-13 14:39:25 +00:00 · 2024-04-21 06:02:12 -04:00
parent 43083dfd49
commit 0f0db14f05
58 changed files with 5031 additions and 1385 deletions
--- a/coins/ethereum/src/tests/abi/mod.rs
+++ b/coins/ethereum/src/tests/abi/mod.rs
@@ -0,0 +1,13 @@
+use alloy_sol_types::sol;
+
+#[rustfmt::skip]
+#[allow(warnings)]
+#[allow(needless_pass_by_value)]
+#[allow(clippy::all)]
+#[allow(clippy::ignored_unit_patterns)]
+#[allow(clippy::redundant_closure_for_method_calls)]
+mod schnorr_container {
+  use super::*;
+  sol!("src/tests/contracts/Schnorr.sol");
+}
+pub(crate) use schnorr_container::TestSchnorr as schnorr;
--- a/coins/ethereum/src/tests/contracts/ERC20.sol
+++ b/coins/ethereum/src/tests/contracts/ERC20.sol
@@ -0,0 +1,51 @@
+// SPDX-License-Identifier: AGPLv3
+pragma solidity ^0.8.0;
+
+contract TestERC20 {
+  event Transfer(address indexed from, address indexed to, uint256 value);
+  event Approval(address indexed owner, address indexed spender, uint256 value);
+
+  function name() public pure returns (string memory) {
+    return "Test ERC20";
+  }
+  function symbol() public pure returns (string memory) {
+    return "TEST";
+  }
+  function decimals() public pure returns (uint8) {
+    return 18;
+  }
+
+  function totalSupply() public pure returns (uint256) {
+    return 1_000_000 * 10e18;
+  }
+
+  mapping(address => uint256) balances;
+  mapping(address => mapping(address => uint256)) allowances;
+
+  constructor() {
+    balances[msg.sender] = totalSupply();
+  }
+
+  function balanceOf(address owner) public view returns (uint256) {
+    return balances[owner];
+  }
+  function transfer(address to, uint256 value) public returns (bool) {
+    balances[msg.sender] -= value;
+    balances[to] += value;
+    return true;
+  }
+  function transferFrom(address from, address to, uint256 value) public returns (bool) {
+    allowances[from][msg.sender] -= value;
+    balances[from] -= value;
+    balances[to] += value;
+    return true;
+  }
+
+  function approve(address spender, uint256 value) public returns (bool) {
+    allowances[msg.sender][spender] = value;
+    return true;
+  }
+  function allowance(address owner, address spender) public view returns (uint256) {
+    return allowances[owner][spender];
+  }
+}
--- a/coins/ethereum/src/tests/contracts/Schnorr.sol
+++ b/coins/ethereum/src/tests/contracts/Schnorr.sol
@@ -0,0 +1,15 @@
+// SPDX-License-Identifier: AGPLv3
+pragma solidity ^0.8.0;
+
+import "../../../contracts/Schnorr.sol";
+
+contract TestSchnorr {
+  function verify(
+    bytes32 px,
+    bytes calldata message,
+    bytes32 c,
+    bytes32 s
+  ) external pure returns (bool) {
+    return Schnorr.verify(px, message, c, s);
+  }
+}
--- a/coins/ethereum/src/tests/crypto.rs
+++ b/coins/ethereum/src/tests/crypto.rs
@@ -1,49 +1,33 @@
 use rand_core::OsRng;

-use sha2::Sha256;
-use sha3::{Digest, Keccak256};
-
-use group::Group;
+use group::ff::{Field, PrimeField};
 use k256::{
-  ecdsa::{hazmat::SignPrimitive, signature::DigestVerifier, SigningKey, VerifyingKey},
-  elliptic_curve::{bigint::ArrayEncoding, ops::Reduce, point::DecompressPoint},
-  U256, Scalar, AffinePoint, ProjectivePoint,
+  ecdsa::{
+    self, hazmat::SignPrimitive, signature::hazmat::PrehashVerifier, SigningKey, VerifyingKey,
+  },
+  Scalar, ProjectivePoint,
 };

 use frost::{
-  curve::Secp256k1,
+  curve::{Ciphersuite, Secp256k1},
  algorithm::{Hram, IetfSchnorr},
  tests::{algorithm_machines, sign},
 };

 use crate::{crypto::*, tests::key_gen};

-pub fn hash_to_scalar(data: &[u8]) -> Scalar {
-  Scalar::reduce(U256::from_be_slice(&keccak256(data)))
-}
-
-pub(crate) fn ecrecover(message: Scalar, v: u8, r: Scalar, s: Scalar) -> Option<[u8; 20]> {
-  if r.is_zero().into() || s.is_zero().into() || !((v == 27) || (v == 28)) {
-    return None;
-  }
-
-  #[allow(non_snake_case)]
-  let R = AffinePoint::decompress(&r.to_bytes(), (v - 27).into());
-  #[allow(non_snake_case)]
-  if let Some(R) = Option::<AffinePoint>::from(R) {
-    #[allow(non_snake_case)]
-    let R = ProjectivePoint::from(R);
-
-    let r = r.invert().unwrap();
-    let u1 = ProjectivePoint::GENERATOR * (-message * r);
-    let u2 = R * (s * r);
-    let key: ProjectivePoint = u1 + u2;
-    if !bool::from(key.is_identity()) {
-      return Some(address(&key));
-    }
-  }
-
-  None
+// The ecrecover opcode, yet with parity replacing v
+pub(crate) fn ecrecover(message: Scalar, odd_y: bool, r: Scalar, s: Scalar) -> Option<[u8; 20]> {
+  let sig = ecdsa::Signature::from_scalars(r, s).ok()?;
+  let message: [u8; 32] = message.to_repr().into();
+  alloy_core::primitives::Signature::from_signature_and_parity(
+    sig,
+    alloy_core::primitives::Parity::Parity(odd_y),
+  )
+  .ok()?
+  .recover_address_from_prehash(&alloy_core::primitives::B256::from(message))
+  .ok()
+  .map(Into::into)
 }

 #[test]
@@ -55,20 +39,23 @@ fn test_ecrecover() {
  const MESSAGE: &[u8] = b"Hello, World!";
  let (sig, recovery_id) = private
    .as_nonzero_scalar()
-    .try_sign_prehashed_rfc6979::<Sha256>(&Keccak256::digest(MESSAGE), b"")
+    .try_sign_prehashed(
+      <Secp256k1 as Ciphersuite>::F::random(&mut OsRng),
+      &keccak256(MESSAGE).into(),
+    )
    .unwrap();

  // Sanity check the signature verifies
  #[allow(clippy::unit_cmp)] // Intended to assert this wasn't changed to Result<bool>
  {
-    assert_eq!(public.verify_digest(Keccak256::new_with_prefix(MESSAGE), &sig).unwrap(), ());
+    assert_eq!(public.verify_prehash(&keccak256(MESSAGE), &sig).unwrap(), ());
  }

  // Perform the ecrecover
  assert_eq!(
    ecrecover(
      hash_to_scalar(MESSAGE),
-      u8::from(recovery_id.unwrap().is_y_odd()) + 27,
+      u8::from(recovery_id.unwrap().is_y_odd()) == 1,
      *sig.r(),
      *sig.s()
    )
@@ -93,18 +80,13 @@ fn test_signing() {
 pub fn preprocess_signature_for_ecrecover(
  R: ProjectivePoint,
  public_key: &PublicKey,
-  chain_id: U256,
  m: &[u8],
  s: Scalar,
-) -> (u8, Scalar, Scalar) {
-  let c = EthereumHram::hram(
-    &R,
-    &public_key.A,
-    &[chain_id.to_be_byte_array().as_slice(), &keccak256(m)].concat(),
-  );
+) -> (Scalar, Scalar) {
+  let c = EthereumHram::hram(&R, &public_key.A, m);
  let sa = -(s * public_key.px);
  let ca = -(c * public_key.px);
-  (public_key.parity, sa, ca)
+  (sa, ca)
 }

 #[test]
@@ -112,21 +94,12 @@ fn test_ecrecover_hack() {
  let (keys, public_key) = key_gen();

  const MESSAGE: &[u8] = b"Hello, World!";
-  let hashed_message = keccak256(MESSAGE);
-  let chain_id = U256::ONE;
-  let full_message = &[chain_id.to_be_byte_array().as_slice(), &hashed_message].concat();

  let algo = IetfSchnorr::<Secp256k1, EthereumHram>::ietf();
-  let sig = sign(
-    &mut OsRng,
-    &algo,
-    keys.clone(),
-    algorithm_machines(&mut OsRng, &algo, &keys),
-    full_message,
-  );
+  let sig =
+    sign(&mut OsRng, &algo, keys.clone(), algorithm_machines(&mut OsRng, &algo, &keys), MESSAGE);

-  let (parity, sa, ca) =
-    preprocess_signature_for_ecrecover(sig.R, &public_key, chain_id, MESSAGE, sig.s);
-  let q = ecrecover(sa, parity, public_key.px, ca).unwrap();
+  let (sa, ca) = preprocess_signature_for_ecrecover(sig.R, &public_key, MESSAGE, sig.s);
+  let q = ecrecover(sa, false, public_key.px, ca).unwrap();
  assert_eq!(q, address(&sig.R));
 }
--- a/coins/ethereum/src/tests/mod.rs
+++ b/coins/ethereum/src/tests/mod.rs
@@ -1,21 +1,25 @@
-use std::{sync::Arc, time::Duration, fs::File, collections::HashMap};
+use std::{sync::Arc, collections::HashMap};

 use rand_core::OsRng;

-use group::ff::PrimeField;
 use k256::{Scalar, ProjectivePoint};
 use frost::{curve::Secp256k1, Participant, ThresholdKeys, tests::key_gen as frost_key_gen};

-use ethers_core::{
-  types::{H160, Signature as EthersSignature},
-  abi::Abi,
+use alloy_core::{
+  primitives::{Address, U256, Bytes, TxKind},
+  hex::FromHex,
 };
-use ethers_contract::ContractFactory;
-use ethers_providers::{Middleware, Provider, Http};
+use alloy_consensus::{SignableTransaction, TxLegacy};

-use crate::crypto::PublicKey;
+use alloy_rpc_types::TransactionReceipt;
+use alloy_simple_request_transport::SimpleRequest;
+use alloy_provider::{Provider, RootProvider};
+
+use crate::crypto::{address, deterministically_sign, PublicKey};

 mod crypto;
+
+mod abi;
 mod schnorr;
 mod router;

@@ -36,57 +40,88 @@ pub fn key_gen() -> (HashMap<Participant, ThresholdKeys<Secp256k1>>, PublicKey)
  (keys, public_key)
 }

-// TODO: Replace with a contract deployment from an unknown account, so the environment solely has
-// to fund the deployer, not create/pass a wallet
-// TODO: Deterministic deployments across chains
+// TODO: Use a proper error here
+pub async fn send(
+  provider: &RootProvider<SimpleRequest>,
+  wallet: &k256::ecdsa::SigningKey,
+  mut tx: TxLegacy,
+) -> Option<TransactionReceipt> {
+  let verifying_key = *wallet.verifying_key().as_affine();
+  let address = Address::from(address(&verifying_key.into()));
+
+  // https://github.com/alloy-rs/alloy/issues/539
+  // let chain_id = provider.get_chain_id().await.unwrap();
+  // tx.chain_id = Some(chain_id);
+  tx.chain_id = None;
+  tx.nonce = provider.get_transaction_count(address, None).await.unwrap();
+  // 100 gwei
+  tx.gas_price = 100_000_000_000u128;
+
+  let sig = wallet.sign_prehash_recoverable(tx.signature_hash().as_ref()).unwrap();
+  assert_eq!(address, tx.clone().into_signed(sig.into()).recover_signer().unwrap());
+  assert!(
+    provider.get_balance(address, None).await.unwrap() >
+      ((U256::from(tx.gas_price) * U256::from(tx.gas_limit)) + tx.value)
+  );
+
+  let mut bytes = vec![];
+  tx.encode_with_signature_fields(&sig.into(), &mut bytes);
+  let pending_tx = provider.send_raw_transaction(&bytes).await.ok()?;
+  pending_tx.get_receipt().await.ok()
+}
+
+pub async fn fund_account(
+  provider: &RootProvider<SimpleRequest>,
+  wallet: &k256::ecdsa::SigningKey,
+  to_fund: Address,
+  value: U256,
+) -> Option<()> {
+  let funding_tx =
+    TxLegacy { to: TxKind::Call(to_fund), gas_limit: 21_000, value, ..Default::default() };
+  assert!(send(provider, wallet, funding_tx).await.unwrap().status());
+
+  Some(())
+}
+
+// TODO: Use a proper error here
 pub async fn deploy_contract(
-  chain_id: u32,
-  client: Arc<Provider<Http>>,
+  client: Arc<RootProvider<SimpleRequest>>,
  wallet: &k256::ecdsa::SigningKey,
  name: &str,
-) -> eyre::Result<H160> {
-  let abi: Abi =
-    serde_json::from_reader(File::open(format!("./artifacts/{name}.abi")).unwrap()).unwrap();
-
+) -> Option<Address> {
  let hex_bin_buf = std::fs::read_to_string(format!("./artifacts/{name}.bin")).unwrap();
  let hex_bin =
    if let Some(stripped) = hex_bin_buf.strip_prefix("0x") { stripped } else { &hex_bin_buf };
-  let bin = hex::decode(hex_bin).unwrap();
-  let factory = ContractFactory::new(abi, bin.into(), client.clone());
+  let bin = Bytes::from_hex(hex_bin).unwrap();

-  let mut deployment_tx = factory.deploy(())?.tx;
-  deployment_tx.set_chain_id(chain_id);
-  deployment_tx.set_gas(1_000_000);
-  let (max_fee_per_gas, max_priority_fee_per_gas) = client.estimate_eip1559_fees(None).await?;
-  deployment_tx.as_eip1559_mut().unwrap().max_fee_per_gas = Some(max_fee_per_gas);
-  deployment_tx.as_eip1559_mut().unwrap().max_priority_fee_per_gas = Some(max_priority_fee_per_gas);
+  let deployment_tx = TxLegacy {
+    chain_id: None,
+    nonce: 0,
+    // 100 gwei
+    gas_price: 100_000_000_000u128,
+    gas_limit: 1_000_000,
+    to: TxKind::Create,
+    value: U256::ZERO,
+    input: bin,
+  };

-  let sig_hash = deployment_tx.sighash();
-  let (sig, rid) = wallet.sign_prehash_recoverable(sig_hash.as_ref()).unwrap();
+  let deployment_tx = deterministically_sign(&deployment_tx);

-  // EIP-155 v
-  let mut v = u64::from(rid.to_byte());
-  assert!((v == 0) || (v == 1));
-  v += u64::from((chain_id * 2) + 35);
+  // Fund the deployer address
+  fund_account(
+    &client,
+    wallet,
+    deployment_tx.recover_signer().unwrap(),
+    U256::from(deployment_tx.tx().gas_limit) * U256::from(deployment_tx.tx().gas_price),
+  )
+  .await?;

-  let r = sig.r().to_repr();
-  let r_ref: &[u8] = r.as_ref();
-  let s = sig.s().to_repr();
-  let s_ref: &[u8] = s.as_ref();
-  let deployment_tx =
-    deployment_tx.rlp_signed(&EthersSignature { r: r_ref.into(), s: s_ref.into(), v });
+  let (deployment_tx, sig, _) = deployment_tx.into_parts();
+  let mut bytes = vec![];
+  deployment_tx.encode_with_signature_fields(&sig, &mut bytes);
+  let pending_tx = client.send_raw_transaction(&bytes).await.ok()?;
+  let receipt = pending_tx.get_receipt().await.ok()?;
+  assert!(receipt.status());

-  let pending_tx = client.send_raw_transaction(deployment_tx).await?;
-
-  let mut receipt;
-  while {
-    receipt = client.get_transaction_receipt(pending_tx.tx_hash()).await?;
-    receipt.is_none()
-  } {
-    tokio::time::sleep(Duration::from_secs(6)).await;
-  }
-  let receipt = receipt.unwrap();
-  assert!(receipt.status == Some(1.into()));
-
-  Ok(receipt.contract_address.unwrap())
+  Some(receipt.contract_address.unwrap())
 }
--- a/coins/ethereum/src/tests/router.rs
+++ b/coins/ethereum/src/tests/router.rs
@@ -2,7 +2,8 @@ use std::{convert::TryFrom, sync::Arc, collections::HashMap};

 use rand_core::OsRng;

-use group::ff::PrimeField;
+use group::Group;
+use k256::ProjectivePoint;
 use frost::{
  curve::Secp256k1,
  Participant, ThresholdKeys,
@@ -10,100 +11,173 @@ use frost::{
  tests::{algorithm_machines, sign},
 };

-use ethers_core::{
-  types::{H160, U256, Bytes},
-  abi::AbiEncode,
-  utils::{Anvil, AnvilInstance},
-};
-use ethers_providers::{Middleware, Provider, Http};
+use alloy_core::primitives::{Address, U256};
+
+use alloy_simple_request_transport::SimpleRequest;
+use alloy_rpc_client::ClientBuilder;
+use alloy_provider::{Provider, RootProvider};
+
+use alloy_node_bindings::{Anvil, AnvilInstance};

 use crate::{
-  crypto::{keccak256, PublicKey, EthereumHram, Signature},
-  router::{self, *},
-  tests::{key_gen, deploy_contract},
+  crypto::*,
+  deployer::Deployer,
+  router::{Router, abi as router},
+  tests::{key_gen, send, fund_account},
 };

 async fn setup_test() -> (
-  u32,
  AnvilInstance,
-  Router<Provider<Http>>,
+  Arc<RootProvider<SimpleRequest>>,
+  u64,
+  Router,
  HashMap<Participant, ThresholdKeys<Secp256k1>>,
  PublicKey,
 ) {
  let anvil = Anvil::new().spawn();

-  let provider = Provider::<Http>::try_from(anvil.endpoint()).unwrap();
-  let chain_id = provider.get_chainid().await.unwrap().as_u32();
+  let provider = RootProvider::new(
+    ClientBuilder::default().transport(SimpleRequest::new(anvil.endpoint()), true),
+  );
+  let chain_id = provider.get_chain_id().await.unwrap();
  let wallet = anvil.keys()[0].clone().into();
  let client = Arc::new(provider);

-  let contract_address =
-    deploy_contract(chain_id, client.clone(), &wallet, "Router").await.unwrap();
-  let contract = Router::new(contract_address, client.clone());
+  // Make sure the Deployer constructor returns None, as it doesn't exist yet
+  assert!(Deployer::new(client.clone()).await.unwrap().is_none());
+
+  // Deploy the Deployer
+  let tx = Deployer::deployment_tx();
+  fund_account(
+    &client,
+    &wallet,
+    tx.recover_signer().unwrap(),
+    U256::from(tx.tx().gas_limit) * U256::from(tx.tx().gas_price),
+  )
+  .await
+  .unwrap();
+
+  let (tx, sig, _) = tx.into_parts();
+  let mut bytes = vec![];
+  tx.encode_with_signature_fields(&sig, &mut bytes);
+
+  let pending_tx = client.send_raw_transaction(&bytes).await.unwrap();
+  let receipt = pending_tx.get_receipt().await.unwrap();
+  assert!(receipt.status());
+  let deployer =
+    Deployer::new(client.clone()).await.expect("network error").expect("deployer wasn't deployed");

  let (keys, public_key) = key_gen();

-  // Set the key to the threshold keys
-  let tx = contract.init_serai_key(public_key.px.to_repr().into()).gas(100_000);
-  let pending_tx = tx.send().await.unwrap();
-  let receipt = pending_tx.await.unwrap().unwrap();
-  assert!(receipt.status == Some(1.into()));
+  // Verify the Router constructor returns None, as it doesn't exist yet
+  assert!(deployer.find_router(client.clone(), &public_key).await.unwrap().is_none());

-  (chain_id, anvil, contract, keys, public_key)
+  // Deploy the router
+  let receipt = send(&client, &anvil.keys()[0].clone().into(), deployer.deploy_router(&public_key))
+    .await
+    .unwrap();
+  assert!(receipt.status());
+  let contract = deployer.find_router(client.clone(), &public_key).await.unwrap().unwrap();
+
+  (anvil, client, chain_id, contract, keys, public_key)
+}
+
+async fn latest_block_hash(client: &RootProvider<SimpleRequest>) -> [u8; 32] {
+  client
+    .get_block(client.get_block_number().await.unwrap().into(), false)
+    .await
+    .unwrap()
+    .unwrap()
+    .header
+    .hash
+    .unwrap()
+    .0
 }

 #[tokio::test]
 async fn test_deploy_contract() {
-  setup_test().await;
+  let (_anvil, client, _, router, _, public_key) = setup_test().await;
+
+  let block_hash = latest_block_hash(&client).await;
+  assert_eq!(router.serai_key(block_hash).await.unwrap(), public_key);
+  assert_eq!(router.nonce(block_hash).await.unwrap(), U256::try_from(1u64).unwrap());
+  // TODO: Check it emitted SeraiKeyUpdated(public_key) at its genesis
 }

 pub fn hash_and_sign(
  keys: &HashMap<Participant, ThresholdKeys<Secp256k1>>,
  public_key: &PublicKey,
-  chain_id: U256,
  message: &[u8],
 ) -> Signature {
-  let hashed_message = keccak256(message);
-
-  let mut chain_id_bytes = [0; 32];
-  chain_id.to_big_endian(&mut chain_id_bytes);
-  let full_message = &[chain_id_bytes.as_slice(), &hashed_message].concat();
-
  let algo = IetfSchnorr::<Secp256k1, EthereumHram>::ietf();
-  let sig = sign(
-    &mut OsRng,
-    &algo,
-    keys.clone(),
-    algorithm_machines(&mut OsRng, &algo, keys),
-    full_message,
-  );
+  let sig =
+    sign(&mut OsRng, &algo, keys.clone(), algorithm_machines(&mut OsRng, &algo, keys), message);

-  Signature::new(public_key, k256::U256::from_words(chain_id.0), message, sig).unwrap()
+  Signature::new(public_key, message, sig).unwrap()
+}
+
+#[tokio::test]
+async fn test_router_update_serai_key() {
+  let (anvil, client, chain_id, contract, keys, public_key) = setup_test().await;
+
+  let next_key = loop {
+    let point = ProjectivePoint::random(&mut OsRng);
+    let Some(next_key) = PublicKey::new(point) else { continue };
+    break next_key;
+  };
+
+  let message = Router::update_serai_key_message(
+    U256::try_from(chain_id).unwrap(),
+    U256::try_from(1u64).unwrap(),
+    &next_key,
+  );
+  let sig = hash_and_sign(&keys, &public_key, &message);
+
+  let first_block_hash = latest_block_hash(&client).await;
+  assert_eq!(contract.serai_key(first_block_hash).await.unwrap(), public_key);
+
+  let receipt =
+    send(&client, &anvil.keys()[0].clone().into(), contract.update_serai_key(&next_key, &sig))
+      .await
+      .unwrap();
+  assert!(receipt.status());
+
+  let second_block_hash = latest_block_hash(&client).await;
+  assert_eq!(contract.serai_key(second_block_hash).await.unwrap(), next_key);
+  // Check this does still offer the historical state
+  assert_eq!(contract.serai_key(first_block_hash).await.unwrap(), public_key);
+  // TODO: Check logs
+
+  println!("gas used: {:?}", receipt.gas_used);
+  // println!("logs: {:?}", receipt.logs);
 }

 #[tokio::test]
 async fn test_router_execute() {
-  let (chain_id, _anvil, contract, keys, public_key) = setup_test().await;
+  let (anvil, client, chain_id, contract, keys, public_key) = setup_test().await;

-  let to = H160([0u8; 20]);
-  let value = U256([0u64; 4]);
-  let data = Bytes::from([0]);
-  let tx = OutInstruction { to, value, data: data.clone() };
+  let to = Address::from([0; 20]);
+  let value = U256::ZERO;
+  let tx = router::OutInstruction { to, value, calls: vec![] };
+  let txs = vec![tx];

-  let nonce_call = contract.nonce();
-  let nonce = nonce_call.call().await.unwrap();
+  let first_block_hash = latest_block_hash(&client).await;
+  let nonce = contract.nonce(first_block_hash).await.unwrap();
+  assert_eq!(nonce, U256::try_from(1u64).unwrap());

-  let encoded =
-    ("execute".to_string(), nonce, vec![router::OutInstruction { to, value, data }]).encode();
-  let sig = hash_and_sign(&keys, &public_key, chain_id.into(), &encoded);
+  let message = Router::execute_message(U256::try_from(chain_id).unwrap(), nonce, txs.clone());
+  let sig = hash_and_sign(&keys, &public_key, &message);

-  let tx = contract
-    .execute(vec![tx], router::Signature { c: sig.c.to_repr().into(), s: sig.s.to_repr().into() })
-    .gas(300_000);
-  let pending_tx = tx.send().await.unwrap();
-  let receipt = dbg!(pending_tx.await.unwrap().unwrap());
-  assert!(receipt.status == Some(1.into()));
+  let receipt =
+    send(&client, &anvil.keys()[0].clone().into(), contract.execute(&txs, &sig)).await.unwrap();
+  assert!(receipt.status());

-  println!("gas used: {:?}", receipt.cumulative_gas_used);
-  println!("logs: {:?}", receipt.logs);
+  let second_block_hash = latest_block_hash(&client).await;
+  assert_eq!(contract.nonce(second_block_hash).await.unwrap(), U256::try_from(2u64).unwrap());
+  // Check this does still offer the historical state
+  assert_eq!(contract.nonce(first_block_hash).await.unwrap(), U256::try_from(1u64).unwrap());
+  // TODO: Check logs
+
+  println!("gas used: {:?}", receipt.gas_used);
+  // println!("logs: {:?}", receipt.logs);
 }
--- a/coins/ethereum/src/tests/schnorr.rs
+++ b/coins/ethereum/src/tests/schnorr.rs
@@ -1,11 +1,9 @@
-use std::{convert::TryFrom, sync::Arc};
+use std::sync::Arc;

 use rand_core::OsRng;

-use ::k256::{elliptic_curve::bigint::ArrayEncoding, U256, Scalar};
-
-use ethers_core::utils::{keccak256, Anvil, AnvilInstance};
-use ethers_providers::{Middleware, Provider, Http};
+use group::ff::PrimeField;
+use k256::Scalar;

 use frost::{
  curve::Secp256k1,
@@ -13,24 +11,34 @@ use frost::{
  tests::{algorithm_machines, sign},
 };

+use alloy_core::primitives::Address;
+
+use alloy_sol_types::SolCall;
+
+use alloy_rpc_types::{TransactionInput, TransactionRequest};
+use alloy_simple_request_transport::SimpleRequest;
+use alloy_rpc_client::ClientBuilder;
+use alloy_provider::{Provider, RootProvider};
+
+use alloy_node_bindings::{Anvil, AnvilInstance};
+
 use crate::{
+  Error,
  crypto::*,
-  schnorr::*,
-  tests::{key_gen, deploy_contract},
+  tests::{key_gen, deploy_contract, abi::schnorr as abi},
 };

-async fn setup_test() -> (u32, AnvilInstance, Schnorr<Provider<Http>>) {
+async fn setup_test() -> (AnvilInstance, Arc<RootProvider<SimpleRequest>>, Address) {
  let anvil = Anvil::new().spawn();

-  let provider = Provider::<Http>::try_from(anvil.endpoint()).unwrap();
-  let chain_id = provider.get_chainid().await.unwrap().as_u32();
+  let provider = RootProvider::new(
+    ClientBuilder::default().transport(SimpleRequest::new(anvil.endpoint()), true),
+  );
  let wallet = anvil.keys()[0].clone().into();
  let client = Arc::new(provider);

-  let contract_address =
-    deploy_contract(chain_id, client.clone(), &wallet, "Schnorr").await.unwrap();
-  let contract = Schnorr::new(contract_address, client.clone());
-  (chain_id, anvil, contract)
+  let address = deploy_contract(client.clone(), &wallet, "TestSchnorr").await.unwrap();
+  (anvil, client, address)
 }

 #[tokio::test]
@@ -38,30 +46,48 @@ async fn test_deploy_contract() {
  setup_test().await;
 }

+pub async fn call_verify(
+  provider: &RootProvider<SimpleRequest>,
+  contract: Address,
+  public_key: &PublicKey,
+  message: &[u8],
+  signature: &Signature,
+) -> Result<(), Error> {
+  let px: [u8; 32] = public_key.px.to_repr().into();
+  let c_bytes: [u8; 32] = signature.c.to_repr().into();
+  let s_bytes: [u8; 32] = signature.s.to_repr().into();
+  let call = TransactionRequest::default().to(Some(contract)).input(TransactionInput::new(
+    abi::verifyCall::new((px.into(), message.to_vec().into(), c_bytes.into(), s_bytes.into()))
+      .abi_encode()
+      .into(),
+  ));
+  let bytes = provider.call(&call, None).await.map_err(|_| Error::ConnectionError)?;
+  let res =
+    abi::verifyCall::abi_decode_returns(&bytes, true).map_err(|_| Error::ConnectionError)?;
+
+  if res._0 {
+    Ok(())
+  } else {
+    Err(Error::InvalidSignature)
+  }
+}
+
 #[tokio::test]
 async fn test_ecrecover_hack() {
-  let (chain_id, _anvil, contract) = setup_test().await;
-  let chain_id = U256::from(chain_id);
+  let (_anvil, client, contract) = setup_test().await;

  let (keys, public_key) = key_gen();

  const MESSAGE: &[u8] = b"Hello, World!";
-  let hashed_message = keccak256(MESSAGE);
-  let full_message = &[chain_id.to_be_byte_array().as_slice(), &hashed_message].concat();

  let algo = IetfSchnorr::<Secp256k1, EthereumHram>::ietf();
-  let sig = sign(
-    &mut OsRng,
-    &algo,
-    keys.clone(),
-    algorithm_machines(&mut OsRng, &algo, &keys),
-    full_message,
-  );
-  let sig = Signature::new(&public_key, chain_id, MESSAGE, sig).unwrap();
+  let sig =
+    sign(&mut OsRng, &algo, keys.clone(), algorithm_machines(&mut OsRng, &algo, &keys), MESSAGE);
+  let sig = Signature::new(&public_key, MESSAGE, sig).unwrap();

-  call_verify(&contract, &public_key, MESSAGE, &sig).await.unwrap();
+  call_verify(&client, contract, &public_key, MESSAGE, &sig).await.unwrap();
  // Test an invalid signature fails
  let mut sig = sig;
  sig.s += Scalar::ONE;
-  assert!(call_verify(&contract, &public_key, MESSAGE, &sig).await.is_err());
+  assert!(call_verify(&client, contract, &public_key, MESSAGE, &sig).await.is_err());
 }