feat: do not use external input validator for programs [skip-line-limit]

README.md

@@ -148,12 +148,10 @@ sequenceDiagram
     participant CiphernodeRegistry
     participant E3Program
     participant ComputeProvider
-    participant InputValidator
     participant DecryptionVerifier
 
     Users->>Enclave: request(parameters)
     Enclave->>E3Program: validate(e3ProgramParams)
-    E3Program-->>Enclave: inputValidator
     Enclave->>ComputeProvider: validate(computeProviderParams)
     ComputeProvider-->>Enclave: decryptionVerifier
     Enclave->>CiphernodeRegistry: requestCommittee(e3Id, seed, threshold)
@@ -167,8 +165,8 @@ sequenceDiagram
     Enclave-->>Users: success
 
     Users->>Enclave: publishInput(e3Id, data)
-    Enclave->>InputValidator: validate(msg.sender, data)
-    InputValidator-->>Enclave: input, success
+    Enclave->>E3Program: validateInput(msg.sender, data)
+    E3Program-->>Enclave: input, success
     Enclave->>Enclave: Store input
     Enclave-->>Users: success
 

crates/evm-helpers/src/contracts.rs

@@ -50,7 +50,6 @@ sol! {
         address e3Program;
         bytes e3ProgramParams;
         bytes customParams;
-        address inputValidator;
         address decryptionVerifier;
         bytes32 committeePublicKey;
         bytes32 ciphertextOutput;

crates/evm-helpers/src/events.rs

@@ -20,11 +20,6 @@ sol! {
         function e3Program() external view returns (address);
     }
 
-    #[derive(Debug)]
-    interface IInputValidator {
-        function validateInput(bytes data) external view returns (bool);
-    }
-
     #[derive(Debug)]
     interface IDecryptionVerifier {
         function verifyDecryption(bytes data) external view returns (bool);
@@ -42,7 +37,6 @@ sol! {
         IE3Program e3Program;
         bytes e3ProgramParams;
         bytes customParams;
-        IInputValidator inputValidator;
         IDecryptionVerifier decryptionVerifier;
         bytes32 committeePublicKey;
         bytes32 ciphertextOutput;

crates/evm-helpers/tests/fixtures/fake_enclave.sol

@@ -78,7 +78,6 @@ contract FakeEnclave {
             expiration: block.timestamp + 1 days,
             encryptionSchemeId: bytes32(keccak256("AES-256-GCM")),
             e3Program: 0x7F3E4df648B8Cb96C1D343be976b91B97CaD5c21,
-            inputValidator: 0xA51D5E87c0C82dDEBfa4E7E515B2D8Eea8f3e4f2,
             decryptionVerifier: 0x4B0D8c2E5f7a6c832f8b16d3aB0e7F5d9E9B24b1,
             e3ProgramParams: abi.encode(42, "testParams"),
             customParams: abi.encode("custom_params"),
@@ -100,7 +99,6 @@ struct E3 {
     address e3Program;
     bytes e3ProgramParams;
     bytes customParams;
-    address inputValidator;
     address decryptionVerifier;
     bytes32 committeePublicKey;
     bytes32 ciphertextOutput;

crates/indexer/tests/fixtures/fake_enclave.sol

@@ -78,7 +78,6 @@ contract FakeEnclave {
             expiration: block.timestamp + 1 days,
             encryptionSchemeId: bytes32(keccak256("AES-256-GCM")),
             e3Program: 0x7F3E4df648B8Cb96C1D343be976b91B97CaD5c21,
-            inputValidator: 0xA51D5E87c0C82dDEBfa4E7E515B2D8Eea8f3e4f2,
             decryptionVerifier: 0x4B0D8c2E5f7a6c832f8b16d3aB0e7F5d9E9B24b1,
             e3ProgramParams: abi.encode(42, "testParams"),
             customParams: abi.encode("custom_params"),
@@ -100,7 +99,6 @@ struct E3 {
     address e3Program;
     bytes e3ProgramParams;
     bytes customParams;
-    address inputValidator;
     address decryptionVerifier;
     bytes32 committeePublicKey;
     bytes32 ciphertextOutput;

docs/pages/CRISP/introduction.mdx

@@ -76,12 +76,10 @@ Solidity contracts implementing the E3 program interface:
 Main E3 program contract implementing the `IE3Program` interface:
 - `validate()`: Validates voting parameters and setup
 - `verify()`: Verifies zkVM proofs of computation
-
-#### **CRISPInputValidator.sol**
-Handles vote validation and zero-knowledge proof verification:
-- Validates encrypted vote format
-- Verifies voter eligibility proofs
-- Ensures vote uniqueness
+- `validateInput()`: Handles vote validation and zero-knowledge proof verification:
+    - Validates encrypted vote format
+    - Verifies voter eligibility proofs
+    - Ensures vote uniqueness
 
 #### **CRISPVerifier.sol**
 Noir verifier for proof of correct encryption:

docs/pages/CRISP/setup.mdx

@@ -115,9 +115,6 @@ will look like the following:
 [DEPLOY]   Deployed Semaphore to 0x9A9f2CCfdE556A7E9Ff0848998Aa4a0CFD8863AE
 [DEPLOY]   Deployed CRISPCheckerFactory to 0x68B1D87F95878fE05B998F19b66F4baba5De1aed
 [DEPLOY]   Deployed CRISPPolicyFactory to 0x3Aa5ebB10DC797CAC828524e59A333d0A371443c
-[DEPLOY]   Using CRISPInputValidator
-[DEPLOY]   Deployed InputValidator to:  0xc6e7DF5E7b4f2A278906862b61205850344D4e7d
-[DEPLOY]   Deployed CRISPInputValidatorFactory to 0x59b670e9fA9D0A427751Af201D676719a970857b
 [DEPLOY]   Deployed HonkVerifier to 0x4ed7c70F96B99c776995fB64377f0d4aB3B0e1C1
 [DEPLOY]   Deployed CRISPProgram to 0x322813Fd9A801c5507c9de605d63CEA4f2CE6c44
 [DEPLOY]   Enabled E3 Program on Enclave
@@ -312,7 +309,6 @@ The following steps are optional. You can config
    chainId = 31337
    riscZeroVerifierAddress = "0x0000000000000000000000000000000000000000"
    enclaveAddress = "0xe7f1725E7734CE288F8367e1Bb143E90bb3F0512"
-   inputValidatorAddress = "0xa513E6E4b8f2a923D98304ec87F64353C4D5C853"
    ```
 
 3. Export the ETH_WALLET_PRIVATE_KEY environment variable (Anvil's default private key):

docs/pages/architecture-overview.mdx

@@ -40,12 +40,9 @@ and workflows to help you implement it effectively.
 - Verifies computation proofs
 - Interfaces with the Enclave contract
 - Ensures correct execution of the E3P
-
-#### InputValidator Contract
-
-- Validates and sanitizes input data
-- Verifies Zero-Knowledge Proofs (ZKPs)
-- Prevents malicious input injection
+- Validates and sanitizes input data 
+   - this might involve verifying a Zero-Knowledge Proof (ZKP) to ensure data integrity and authenticity
+   - prevents malicious input injection that could compromise the computation
 
 #### Decryption Verifier Contract
 

docs/pages/building-with-enclave.mdx

@@ -56,7 +56,7 @@ function request(
 ```
 
 2. Contract validates request parameters
-3. E3 Program contract is set and used to get the InputValidator contract & Encryption scheme.
+3. E3 Program contract is set and used to get the Encryption scheme.
 4. Request is submitted to the ciphernodeRegistry for committee selection.
 5. `E3Requested` event is emitted
 
@@ -117,14 +117,14 @@ As much as possible, you should aim to validate inputs via proofs generated by D
 rather than in your Secure Process. This pushed computation to the edges and allows you to reduce
 the complexity of your FHE computation.
 
-Your E3 Program must include a contract that implements IInputValidator. When publishing an input,
-the Enclave contracts will call the `validate()` function on your Input Validator contract.
+Your E3 Program must include logic that validates user inputs. When publishing an input,
+the Enclave contracts will call the `validateInput()` function on your Program contract.
 
 ```solidity
-function validate(
+function validateInput(
         address sender,
         bytes memory params
-    ) external returns (bytes memory input, bool success);
+    ) external returns (bytes memory input);
 ```
 
 At a minimum, this function should validate a proof that the given ciphertext is a valid encryption
@@ -218,9 +218,9 @@ higher cost to compromise the E3), but incurs a higher protocol fee.
 
 2. **Input Validation**
 
-Your InputValidator contract is critical to ensuring that inputs come from approved parties, are
+Your Program contract is critical to ensuring that inputs come from approved parties, are
 sanitized for your computation, and truthfully correspond to any specific sources of truth. You can
-use your InputValidator contract to push computation to the edges, reducing the complexity of your
+use your Program contract to push computation to the edges, reducing the complexity of your
 FHE computation.
 
 3. **Result Verification**

docs/pages/computation-flow.mdx

@@ -57,12 +57,12 @@ During this phase, Data Providers — who may include individual users, applicat
    ensure they are valid for the requested E3. Some of these proofs are generic (e.g., proof of
    valid encryption) while others will be specific to your application.
 3. **Submit Inputs**: Both encrypted data and ZKPs are submitted to the Enclave contract, which will
-   call the `validate` function on your E3P InputValidator smart contract. The input hash is then
+   call the `validateInput` function on your E3P smart contract. The input hash is then
    added to a Merkle tree, the root of which can later be used to anchor proofs of correct execution
    of your E3 Program.
 
    ```solidity
-   function validate(
+   function validateInput(
       address sender,
       bytes memory data
    ) external returns (bytes memory input);

docs/pages/putting-it-together.mdx

@@ -103,31 +103,27 @@ impl ComputeProvider for Risc0Provider {
 // or FITNESS FOR A PARTICULAR PURPOSE.
 pragma solidity >=0.8.27;
 
-import {CRISPBase, IEnclave, IE3Program, IInputValidator} from "evm_base/contracts/CRISPBase.sol";
+import {CRISPBase, IEnclave, IE3Program} from "evm_base/contracts/CRISPBase.sol";
 import {IRiscZeroVerifier} from "risc0/IRiscZeroVerifier.sol";
 
 contract MyE3Program is CRISPBase {
     bytes32 public constant IMAGE_ID = /* Your Image ID */;
     bytes32 public constant ENCRYPTION_SCHEME_ID = /* Your Encryption Scheme ID */;
 
     IRiscZeroVerifier public verifier;
-    IInputValidator public inputValidator;
 
     constructor(
         IEnclave _enclave,
-        IInputValidator _inputValidator,
         IRiscZeroVerifier _verifier
     ) {
-        initialize(_enclave, _inputValidator, _verifier);
+        initialize(_enclave, _verifier);
     }
 
     function initialize(
         IEnclave _enclave,
-        IInputValidator _inputValidator,
         IRiscZeroVerifier _verifier
     ) public {
         CRISPBase.initialize(_enclave);
-        inputValidator = _inputValidator;
         verifier = _verifier;
     }
 

docs/pages/write-e3-contract.mdx

@@ -30,7 +30,7 @@ parameters when a new E3 instance is created and another to verify the output of
     bytes calldata computeProviderParams
   )
     external
-    returns (bytes32 encryptionSchemeId, IInputValidator inputValidator);
+    returns (bytes32 encryptionSchemeId);
 ```
 
 When a new instance of your E3 Program is requested, the `validate` function is called to validate
@@ -63,11 +63,10 @@ your chosen Compute Provider to assess the validity of the proof and ciphertext.
 example of this using
 [RISC Zero's Verifier in our CRISP E3 contract](https://github.com/gnosisguild/CRISP/blob/9ffc89aedf92e8f8eb8a21b03091b1f48b587fe4/packages/risc0/contracts/CRISPRisc0.sol#L45).
 
-### Input Validator
+### Input Validation
 
-In order to ensure correct computation, we recommend creating or using an existing input verifier
-contract to check that the encrypted data submitted to your E3 is properly structured. This will
-most likely be used in tandem with a proof generated by your Data Provider.
+In order to ensure correct computation, we should be checking that the encrypted data submitted to your E3 is properly structured. This will
+most likely be used in tandem with a proof generated by your Data Provider. The function should be implemented in the E3 Program contract.
 
 **Responsibilities:**
 
@@ -80,13 +79,10 @@ most likely be used in tandem with a proof generated by your Data Provider.
 ```solidity
 pragma solidity >=0.8.27;
 
-import {IInputValidator} from "@enclave-e3/contracts/interfaces.sol";
-
-contract MyInputValidator is IInputValidator {
-    function validate(address sender, bytes memory data) external override returns (bytes memory, bool) {
-        // Decode data
-        // Verify ZKP
-        // Return validated input
-    }
+function validateInput(address sender, bytes memory data) external returns (bytes memory input) {
+    // Decode the input data
+    // Verify associated ZKPs
+    // Return the validated input
+    return data; // Placeholder: replace with actual validated input
 }
 ```

examples/CRISP/Readme.md

@@ -99,8 +99,6 @@ Deployments:
 ----------------------------------------------------------------------
 Enclave: 0x9fE46736679d2D9a65F0992F2272dE9f3c7fa6e0
 Verifier: 0xA51c1fc2f0D1a1b8494Ed1FE312d7C3a78Ed91C0
-InputValidator: 0x610178dA211FEF7D417bC0e6FeD39F05609AD788
-CRISPInputValidatorFactory: 0x0DCd1Bf9A1b36cE34237eEaFef220932846BCD82
 HonkVerifier: 0x9A676e781A523b5d0C0e43731313A708CB607508
 CRISPProgram: 0x959922bE3CAee4b8Cd9a407cc3ac1C251C2007B1
 ```

examples/CRISP/client/.env.example

@@ -1,4 +1,3 @@
 VITE_ENCLAVE_API=http://127.0.0.1:4000
 VITE_TWITTER_SERVERLESS_API=
 VITE_WALLETCONNECT_PROJECT_ID=
-VITE_E3_PROGRAM_ADDRESS=0xc3e53F4d16Ae77Db1c982e75a937B9f60FE63690 # Default E3 program address from hardhat

examples/CRISP/enclave.config.yaml

@@ -3,7 +3,7 @@ chains:
     rpc_url: "ws://localhost:8545"
     contracts:
       e3_program:
-        address: "0xc3e53F4d16Ae77Db1c982e75a937B9f60FE63690"
+        address: "0xc5a5C42992dECbae36851359345FE25997F5C42d"
         deploy_block: 1 # Set to actual deploy block
       enclave:
         address: "0xA51c1fc2f0D1a1b8494Ed1FE312d7C3a78Ed91C0"