reset with stake-root diffs

.gitmodules

@@ -16,3 +16,6 @@
 [submodule "lib/openzeppelin-contracts-upgradeable-v4.9.0"]
 	path = lib/openzeppelin-contracts-upgradeable-v4.9.0
 	url = https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
+[submodule "lib/risc0-ethereum"]
+	path = lib/risc0-ethereum
+	url = https://github.com/risc0/risc0-ethereum

remappings.txt

@@ -2,5 +2,6 @@
 @openzeppelin/=lib/openzeppelin-contracts/
 @openzeppelin-v4.9.0/=lib/openzeppelin-contracts-v4.9.0/
 @openzeppelin-upgrades-v4.9.0/=lib/openzeppelin-contracts-upgradeable-v4.9.0/
+@risc0=lib/risc0-ethereum/contracts/src/
 ds-test/=lib/ds-test/src/
 forge-std/=lib/forge-std/src/

script/deploy/devnet/operatorSets/PopulateSRC.sol

@@ -2,6 +2,8 @@
 pragma solidity ^0.8.12;
 
 import "../../../../src/contracts/core/StakeRootCompendium.sol";
+import {IRiscZeroVerifier} from "@risc0/IRiscZeroVerifier.sol";
+
 import "../../../utils/ExistingDeploymentParser.sol";
 import "forge-std/Test.sol";
 import "forge-std/Script.sol";
@@ -27,7 +29,7 @@ contract PopulateSRC is Script, Test, ExistingDeploymentParser {
             _allocationManager: allocationManager,
             _minBalanceThreshold: 0 ether,
             _minPrepaidProofs: 20,
-            _verifier: address(0),
+            _verifier: IRiscZeroVerifier(address(0)),
             _imageId: bytes32(0)
         });
         StakeRootCompendium stakeRootCompendium = StakeRootCompendium(payable(new TransparentUpgradeableProxy(

src/contracts/core/StakeRootCompendium.sol

@@ -2,7 +2,6 @@
 pragma solidity ^0.8.12;
 
 import "./StakeRootCompendiumStorage.sol";
-import "@openzeppelin/contracts/utils/structs/EnumerableMap.sol";
 import "../libraries/Snapshots.sol";
 
 contract StakeRootCompendium is StakeRootCompendiumStorage {
@@ -16,7 +15,7 @@ contract StakeRootCompendium is StakeRootCompendiumStorage {
         IAllocationManager _allocationManager,
         uint256 _minBalanceThreshold,
         uint256 _minPrepaidProofs,
-        address _verifier,
+        IRiscZeroVerifier _verifier,
         bytes32 _imageId    
     ) StakeRootCompendiumStorage(_delegationManager, _avsDirectory, _allocationManager, _minBalanceThreshold, _minPrepaidProofs, _verifier, _imageId) {}
 
@@ -26,8 +25,8 @@ contract StakeRootCompendium is StakeRootCompendiumStorage {
 
         rootConfirmer = _rootConfirmer;
 
-        maxTotalCharge = _maxTotalCharge;
         proofIntervalSeconds = _proofIntervalSeconds;
+        maxTotalCharge = _maxTotalCharge;
         chargePerOperatorSet = _chargePerOperatorSet;
         chargePerStrategy = _chargePerStrategy;
 
@@ -187,7 +186,7 @@ contract StakeRootCompendium is StakeRootCompendiumStorage {
         bytes32 stakeRoot,
         address chargeRecipient,
         uint256 indexChargePerProof,
-        Proof calldata _proof
+        bytes calldata seal
     ) external {
         require(calculationTimestamp % proofIntervalSeconds == 0, "StakeRootCompendium._postStakeRoot: timestamp must be a multiple of proofInterval");
         // no length check here is ok because the initializer adds a default submission
@@ -209,14 +208,18 @@ contract StakeRootCompendium is StakeRootCompendiumStorage {
             confirmed: false
         }));
 
-        (bool success, ) = payable(chargeRecipient).call{value: _snapshot._value}("");
-        require(success, "StakeRootCompendium.withdrawForChargeRecipient: eth transfer failed");   
+        // note external call to verify is intentionally last to mitigate reentrancy
 
-        // interactions
-
-        // note verify will be an external call, so adding to the end to apply the check, effect, interaction pattern to avoid reentrancy
-        // TODO: verify proof
         // TODO: prevent race incentives and public mempool sniping, eg embed chargeRecipient in the proof
+        // Construct the expected journal data. Verify will fail if journal does not match.
+        // https://github.com/risc0/risc0-foundry-template/blob/e296def1a60c92eeb9333fdfa19007e62286dc18/contracts/EvenNumber.sol#L48
+        bytes memory journal = abi.encode(stakeRoot);
+        // reverts on failure
+        verifier.verify(seal, imageId, sha256(journal));
+
+        // pay the charge recipient
+        (bool success, ) = payable(chargeRecipient).call{value: _snapshot._value}("");
+        require(success, "StakeRootCompendium.withdrawForChargeRecipient: eth transfer failed");   
     }
 
     /// @inheritdoc IStakeRootCompendium

src/contracts/core/StakeRootCompendiumStorage.sol

@@ -10,6 +10,7 @@ import "../libraries/Merkle.sol";
 
 import "@openzeppelin-upgrades/contracts/access/OwnableUpgradeable.sol";
 import "@openzeppelin/contracts/utils/structs/EnumerableMap.sol";
+import {IRiscZeroVerifier} from "@risc0/IRiscZeroVerifier.sol";
 import "../libraries/Snapshots.sol";
 
 abstract contract StakeRootCompendiumStorage is IStakeRootCompendium, OwnableUpgradeable {
@@ -37,7 +38,7 @@ abstract contract StakeRootCompendiumStorage is IStakeRootCompendium, OwnableUpg
     uint256 immutable public MIN_PREPAID_PROOFS;
 
     /// @notice the verifier contract that will be used to verify snark proofs
-    address public immutable verifier;
+    IRiscZeroVerifier public immutable verifier;
     /// @notice the id of the program being verified when roots are posted
     bytes32 public immutable imageId;
 
@@ -87,15 +88,15 @@ abstract contract StakeRootCompendiumStorage is IStakeRootCompendium, OwnableUpg
         IAllocationManager _allocationManager,
         uint256 _minBalanceThreshold,
         uint256 _minPrepaidProofs,
-        address _verifier,
+        IRiscZeroVerifier _verifier,
         bytes32 _imageId
     ) {
         delegationManager = _delegationManager;
         avsDirectory = _avsDirectory;
         allocationManager = _allocationManager;
         MIN_BALANCE_THRESHOLD = _minBalanceThreshold;
         MIN_PREPAID_PROOFS = _minPrepaidProofs;
-
+        
         // note verifier and imageId are immutable and set by implementation contract
         // since proof verification is in the hot path, this is a gas optimization to avoid calling the storage contract for verifier and imageId
         // however the new impl does not have access to the immutable variables of the last impl so we can't reference the old verifier and imageId

src/contracts/interfaces/IStakeRootCompendium.sol

@@ -4,6 +4,7 @@ pragma solidity ^0.8.12;
 import "../interfaces/IAVSDirectory.sol";
 import "../interfaces/IDelegationManager.sol";
 import "../interfaces/IStrategy.sol";
+import {IRiscZeroVerifier} from "@risc0/IRiscZeroVerifier.sol";
 
 interface IStakeRootCompendium {
     struct StrategyAndMultiplier {