feat(evm-ee): implement deposit validation

- Validate deposits from BlockInputs against block withdrawals field
- Add conversion helpers for SubjectId to Address and satoshis to gwei

Author: purusang

Cargo.lock

@@ -40,6 +40,7 @@ bincode.workspace = true
 itertools.workspace = true
 
 [dev-dependencies]
+alloy-eips.workspace = true
 serde.workspace = true
 serde_json.workspace = true
 

crates/evm-ee/Cargo.toml

@@ -22,7 +22,7 @@ use strata_ee_chain_types::{BlockInputs, BlockOutputs};
 
 use crate::{
     types::{EvmBlock, EvmHeader, EvmPartialState, EvmWriteBatch},
-    utils::{build_and_recover_block, compute_hashed_post_state},
+    utils::{build_and_recover_block, compute_hashed_post_state, validate_deposits_against_block},
 };
 
 //FIXME: should be set with real bridge gateway account
@@ -80,7 +80,7 @@ impl ExecutionEnvironment for EvmExecutionEnvironment {
         &self,
         pre_state: &Self::PartialState,
         exec_payload: &ExecPayload<'_, Self::Block>,
-        _inputs: &BlockInputs,
+        inputs: &BlockInputs,
     ) -> EnvResult<ExecBlockOutput<Self>> {
         // Step 1: Build block from exec_payload and recover senders
         let block = build_and_recover_block(exec_payload)?;
@@ -96,8 +96,7 @@ impl ExecutionEnvironment for EvmExecutionEnvironment {
         // Step 2a: Validate deposits from BlockInputs against block withdrawals
         // The withdrawals header field is hijacked to represent deposits from the OL.
         // We need to ensure the authenticated deposits from BlockInputs match what's in the block.
-        // TODO:
-        //validate_deposits_against_block(&block, inputs)?;
+        validate_deposits_against_block(&block, inputs)?;
 
         // Step 3: Prepare witness database from partial state
         let db = {

crates/evm-ee/src/execution.rs

@@ -8,7 +8,10 @@ use reth_evm::execute::BlockExecutionOutput;
 use reth_primitives::{Receipt as EthereumReceipt, RecoveredBlock, TransactionSigned};
 use reth_primitives_traits::Block;
 use reth_trie::{HashedPostState, KeccakKeyHasher};
+use revm_primitives::Address;
+use strata_acct_types::SubjectId;
 use strata_ee_acct_types::{EnvError, EnvResult, ExecPayload};
+use strata_ee_chain_types::BlockInputs;
 
 use crate::types::EvmBlock;
 
@@ -38,3 +41,200 @@ pub(crate) fn compute_hashed_post_state(
 ) -> HashedPostState {
     HashedPostState::from_bundle_state::<KeccakKeyHasher>(&execution_output.state.state)
 }
+
+/// Converts a SubjectId (32 bytes) to an EVM address (20 bytes).
+fn subject_id_to_address(subject_id: SubjectId) -> Address {
+    let subject_bytes: [u8; 32] = subject_id.into();
+    // Take the last 20 bytes to form an address
+    let mut address_bytes = [0u8; 20];
+    address_bytes.copy_from_slice(&subject_bytes[12..32]);
+    Address::from(address_bytes)
+}
+
+/// Converts satoshis to gwei for EVM compatibility.
+///
+/// In Alpen: 1 BTC = 10^8 sats = 10^9 gwei
+/// Therefore: 1 sat = 10 gwei
+///
+/// Per EIP-4895, withdrawal amounts are stored in Gwei (not Wei).
+fn sats_to_gwei(sats: u64) -> Option<u64> {
+    sats.checked_mul(10)
+}
+
+/// Validates that deposits from BlockInputs match the withdrawals field in the block.
+///
+/// In Alpen, the EIP-4895 withdrawals field is hijacked to represent deposits from the
+/// orchestration layer. This function ensures that the authenticated deposits in BlockInputs
+/// match what's committed in the block's withdrawals field.
+///
+/// # Warning
+/// **Deposits and withdrawals must be in the same order.** This function performs a
+/// pairwise comparison using `zip()`, so the nth deposit must match the nth withdrawal.
+/// Any reordering will cause validation to fail.
+///
+/// # Mapping
+/// - `Withdrawal.address` ← last 20 bytes of `SubjectDepositData.dest` (SubjectId)
+/// - `Withdrawal.amount` ← `SubjectDepositData.value` in Gwei
+/// - `Withdrawal.index` and `Withdrawal.validator_index` are ignored (not meaningful for deposits)
+///
+/// # Returns
+/// - `Ok(())` if deposits match
+/// - `Err(EnvError::InvalidBlock)` if there's a mismatch in count, address, or amount
+pub(crate) fn validate_deposits_against_block(
+    block: &RecoveredBlock<AlloyBlock<TransactionSigned>>,
+    inputs: &BlockInputs,
+) -> EnvResult<()> {
+    // Get withdrawals from the block body (this is where deposits are stored)
+    // Access the sealed block's body withdrawals through the nested structure
+    let block_withdrawals = block
+        .sealed_block()
+        .body()
+        .withdrawals
+        .as_ref()
+        .map(|w| w.as_slice())
+        .unwrap_or(&[]);
+
+    let subject_deposits = inputs.subject_deposits();
+
+    // Check counts match
+    if block_withdrawals.len() != subject_deposits.len() {
+        return Err(EnvError::InvalidBlock);
+    }
+
+    // Validate each deposit matches the corresponding withdrawal
+    for (withdrawal, deposit) in block_withdrawals.iter().zip(subject_deposits.iter()) {
+        // Convert SubjectId to Address (last 20 bytes)
+        let expected_address = subject_id_to_address(deposit.dest());
+
+        // Convert satoshis to gwei (1 sat = 10 gwei, per 1 BTC = 10^8 sats = 10^9 gwei)
+        let expected_amount =
+            sats_to_gwei(deposit.value().to_sat()).ok_or(EnvError::InvalidBlock)?;
+
+        // Validate address and amount match
+        if withdrawal.address != expected_address || withdrawal.amount != expected_amount {
+            return Err(EnvError::InvalidBlock);
+        }
+
+        // Note: withdrawal.index and withdrawal.validator_index are not validated
+        // as they are not meaningful in the deposit context
+    }
+
+    Ok(())
+}
+
+#[cfg(test)]
+mod tests {
+    use alloy_consensus::{BlockBody, Header};
+    use alloy_eips::eip4895::Withdrawal;
+    use reth_primitives::RecoveredBlock;
+    use strata_acct_types::{BitcoinAmount, SubjectId};
+    use strata_ee_chain_types::{BlockInputs, SubjectDepositData};
+
+    use super::*;
+
+    #[test]
+    fn test_validate_deposits_valid_match() {
+        // Create subject ID where last 20 bytes form an address
+        let mut subject_bytes = [0u8; 32];
+        subject_bytes[31] = 0x42; // Last byte
+        let subject_id = SubjectId::new(subject_bytes);
+        let expected_address = subject_id_to_address(subject_id);
+
+        // Create a block with matching withdrawal
+        let header = Header::default();
+        let body = BlockBody {
+            transactions: vec![],
+            ommers: vec![],
+            withdrawals: Some(
+                vec![Withdrawal {
+                    index: 0,
+                    validator_index: 0,
+                    address: expected_address,
+                    amount: 100, // 10 sats * 10 = 100 gwei
+                }]
+                .into(),
+            ),
+        };
+        let block = AlloyBlock { header, body };
+        let recovered_block: RecoveredBlock<AlloyBlock<TransactionSigned>> =
+            block.try_into_recovered().unwrap();
+
+        // Create matching deposit input
+        let mut inputs = BlockInputs::new_empty();
+        let deposit = SubjectDepositData::new(subject_id, BitcoinAmount::from_sat(10));
+        inputs.add_subject_deposit(deposit);
+
+        // Should succeed - perfect match
+        let result = validate_deposits_against_block(&recovered_block, &inputs);
+        assert!(result.is_ok());
+    }
+
+    #[test]
+    fn test_validate_deposits_address_mismatch() {
+        let subject_id = SubjectId::new([1u8; 32]);
+
+        // Create a block with different address
+        let header = Header::default();
+        let body = BlockBody {
+            transactions: vec![],
+            ommers: vec![],
+            withdrawals: Some(
+                vec![Withdrawal {
+                    index: 0,
+                    validator_index: 0,
+                    address: Address::ZERO, // Wrong address
+                    amount: 100,
+                }]
+                .into(),
+            ),
+        };
+        let block = AlloyBlock { header, body };
+        let recovered_block: RecoveredBlock<AlloyBlock<TransactionSigned>> =
+            block.try_into_recovered().unwrap();
+
+        // Create deposit with different address
+        let mut inputs = BlockInputs::new_empty();
+        let deposit = SubjectDepositData::new(subject_id, BitcoinAmount::from_sat(10));
+        inputs.add_subject_deposit(deposit);
+
+        // Should fail - address mismatch
+        let result = validate_deposits_against_block(&recovered_block, &inputs);
+        assert!(result.is_err());
+    }
+
+    #[test]
+    fn test_validate_deposits_amount_mismatch() {
+        let mut subject_bytes = [0u8; 32];
+        subject_bytes[31] = 0x42;
+        let subject_id = SubjectId::new(subject_bytes);
+        let expected_address = subject_id_to_address(subject_id);
+
+        // Create a block with wrong amount
+        let header = Header::default();
+        let body = BlockBody {
+            transactions: vec![],
+            ommers: vec![],
+            withdrawals: Some(
+                vec![Withdrawal {
+                    index: 0,
+                    validator_index: 0,
+                    address: expected_address,
+                    amount: 200, // Wrong amount (should be 100)
+                }]
+                .into(),
+            ),
+        };
+        let block = AlloyBlock { header, body };
+        let recovered_block: RecoveredBlock<AlloyBlock<TransactionSigned>> =
+            block.try_into_recovered().unwrap();
+
+        // Create deposit with different amount
+        let mut inputs = BlockInputs::new_empty();
+        let deposit = SubjectDepositData::new(subject_id, BitcoinAmount::from_sat(10)); // 10 sats = 100 gwei
+        inputs.add_subject_deposit(deposit);
+
+        // Should fail - amount mismatch
+        let result = validate_deposits_against_block(&recovered_block, &inputs);
+        assert!(result.is_err());
+    }
+}