Escape Verifier

contract EscapeVerifier is IFactRegistry
function verifyEscape(uint256[] calldata escapeProof)

Verifies that the contents of a vault belong to a certain Merkle commitment (root).

The Merkle commitment uses the Pedersen hash variation described next:

  • Hash constants: A sequence \(p_i\) of 504 points on an elliptic curve and an additional \(ec_{shift}\) point

  • Input: A vector of 504 bits \(b_i\)

  • Output: The 252 bits x coordinate of \((ec_{shift} + \sum_i b_i*p_i)\)

The following table describes the expected escapeProof format. Note that unlike a standard Merkle proof, the escapeProof contains both the nodes along the Merkle path and their siblings. The proof ends with the expected root and the ID of the vault for which the proof is submitted (which implies the location of the nodes within the Merkle tree).

starkKey (252)

tokenId (252)

zeros (8)

hash(starkKey, tokenId) (252)

quantizedAmount (252)

zeros (8)

left_node_0 (252)

right_node_0 (252)

zeros (8)

left_node_n (252)

right_node_n (252)

zeros (8)

root (252)

zeros (4)

vaultId (248)

zeros (8)

If the proof is accepted, this is registered under the following claim hash that may later be queried for validity:

claimHash = keccak256(starkKey, tokenId, quantizedAmount, vaultRoot, treeHeight, vaultId)

For information about when this module is to be used, see Escapes.

function isValid(bytes32 hash)
returns (bool val)