base · roger-bai-coinbase · Mar 27, 2026 · Mar 27, 2026 · Mar 27, 2026 · Mar 27, 2026
diff --git a/scripts/deploy/DeployImplementations.s.sol b/scripts/deploy/DeployImplementations.s.sol
@@ -736,7 +736,7 @@ contract DeployImplementations is Script {
                     IVerifier(teeVerifierImpl),
                     IVerifier(zkVerifier),
                     _input.teeImageHash,
-                    bytes32(0),
+                    AggregateVerifier.ZkHashes(bytes32(0), bytes32(0)),
                     _input.multiproofConfigHash,
                     _input.l2ChainID,
                     _input.multiproofBlockInterval,

diff --git a/scripts/multiproof/DeployDevNoNitro.s.sol b/scripts/multiproof/DeployDevNoNitro.s.sol
@@ -194,7 +194,7 @@ contract DeployDevNoNitro is Script {
                 IVerifier(teeVerifier),
                 IVerifier(zkVerifier),
                 cfg.teeImageHash(),
-                bytes32(0),
+                AggregateVerifier.ZkHashes(bytes32(0), bytes32(0)),
                 cfg.multiproofConfigHash(),
                 8453,
                 BLOCK_INTERVAL,

diff --git a/scripts/multiproof/DeployDevWithNitro.s.sol b/scripts/multiproof/DeployDevWithNitro.s.sol
@@ -229,7 +229,7 @@ contract DeployDevWithNitro is Script {
                 IVerifier(teeVerifier),
                 IVerifier(zkVerifier),
                 cfg.teeImageHash(),
-                bytes32(0),
+                AggregateVerifier.ZkHashes(bytes32(0), bytes32(0)),
                 cfg.multiproofConfigHash(),
                 8453,
                 BLOCK_INTERVAL,

diff --git a/snapshots/abi/AggregateVerifier.json b/snapshots/abi/AggregateVerifier.json
@@ -32,9 +32,21 @@
         "type": "bytes32"
       },
       {
-        "internalType": "bytes32",
-        "name": "zkImageHash",
-        "type": "bytes32"
+        "components": [
+          {
+            "internalType": "bytes32",
+            "name": "rangeHash",
+            "type": "bytes32"
+          },
+          {
+            "internalType": "bytes32",
+            "name": "aggregateHash",
+            "type": "bytes32"
+          }
+        ],
+        "internalType": "struct AggregateVerifier.ZkHashes",
+        "name": "zkHashes",
+        "type": "tuple"
       },
       {
         "internalType": "bytes32",
@@ -249,7 +261,20 @@
   },
   {
     "inputs": [],
-    "name": "ZK_IMAGE_HASH",
+    "name": "ZK_AGGREGATE_HASH",
+    "outputs": [
+      {
+        "internalType": "bytes32",
+        "name": "",
+        "type": "bytes32"
+      }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [],
+    "name": "ZK_RANGE_HASH",
     "outputs": [
       {
         "internalType": "bytes32",

diff --git a/snapshots/semver-lock.json b/snapshots/semver-lock.json
@@ -240,15 +240,15 @@
     "sourceCodeHash": "0x955bd0c9b47e43219865e4e92abf28d916c96de20cbdf2f94c8ab14d02083759"
   },
   "src/multiproof/AggregateVerifier.sol:AggregateVerifier": {
-    "initCodeHash": "0xe631e0c2e8e86711f83cb97884065ce38d1ff519e0d2dbf8704e7e4c183a56cc",
-    "sourceCodeHash": "0xfa0464c07c06fddc98ba20e9a362ba10ecf94496556d0f7ac88d1986f79a8a6b"
+    "initCodeHash": "0x720595c92e78d68910ee2c853ffafa828e390f0db87285bd5f6fc2efc46cef23",
+    "sourceCodeHash": "0x829e926bac073d6754e7dd7003c25d562d6281eb4155b47e2538cfc1b2e39481"
   },
   "src/multiproof/AggregateVerifier.sol:AggregateVerifier:dispute": {
-    "initCodeHash": "0x89f15344142ede7ca9d6af3c998fb3ffec84293105b28daa8427aa0608dd1d9e",
-    "sourceCodeHash": "0xfa0464c07c06fddc98ba20e9a362ba10ecf94496556d0f7ac88d1986f79a8a6b"
+    "initCodeHash": "0x99f1a7cde19973758521b30278bbb075ae1122c1628385fbf52d5c0671e9c51a",
+    "sourceCodeHash": "0x829e926bac073d6754e7dd7003c25d562d6281eb4155b47e2538cfc1b2e39481"
   },
   "src/multiproof/tee/NitroEnclaveVerifier.sol:NitroEnclaveVerifier": {
-    "initCodeHash": "0xf7659c1a42a51292c1e4be84ade2bbe76bca784152335fc9cb98a38f042a1eed",
+    "initCodeHash": "0x339f7b174480929ff3d095717ad121bd775c69dbe753c7e8cd6de5bcae40a992",
     "sourceCodeHash": "0xd0e5da001f950a9d7325b0ecdffd46ef1c361eb749133c30689853dbf9886ff5"
   },
   "src/multiproof/tee/TEEProverRegistry.sol:TEEProverRegistry": {

diff --git a/src/multiproof/AggregateVerifier.sol b/src/multiproof/AggregateVerifier.sol
@@ -37,6 +37,12 @@ contract AggregateVerifier is Clone, ReentrancyGuard, ISemver {
         ZK
     }
 
+    /// @notice Hashes for the ZK proving programs.
+    struct ZkHashes {
+        bytes32 rangeHash;
+        bytes32 aggregateHash;
+    }
+
     ////////////////////////////////////////////////////////////////
     //                         Constants                          //
     ////////////////////////////////////////////////////////////////
@@ -77,8 +83,11 @@ contract AggregateVerifier is Clone, ReentrancyGuard, ISemver {
     /// @notice The ZK prover.
     IVerifier public immutable ZK_VERIFIER;
 
-    /// @notice The hash of the ZK image.
-    bytes32 public immutable ZK_IMAGE_HASH;
+    /// @notice The hash of the ZK range program.
+    bytes32 public immutable ZK_RANGE_HASH;
+
+    /// @notice The hash of the ZK aggregate program.
+    bytes32 public immutable ZK_AGGREGATE_HASH;
 
     /// @notice The hash of the rollup configuration.
     bytes32 public immutable CONFIG_HASH;
@@ -247,7 +256,7 @@ contract AggregateVerifier is Clone, ReentrancyGuard, ISemver {
     /// @param teeVerifier The TEE verifier.
     /// @param zkVerifier The ZK verifier.
     /// @param teeImageHash The hash of the TEE image.
-    /// @param zkImageHash The hash of the ZK image.
+    /// @param zkHashes The hashes of the ZK range and aggregate programs.
     /// @param configHash The hash of the rollup configuration.
     /// @param l2ChainId The chain ID of the L2 network.
     /// @param blockInterval The block interval.
@@ -260,7 +269,7 @@ contract AggregateVerifier is Clone, ReentrancyGuard, ISemver {
         IVerifier teeVerifier,
         IVerifier zkVerifier,
         bytes32 teeImageHash,
-        bytes32 zkImageHash,
+        ZkHashes memory zkHashes,
         bytes32 configHash,
         uint256 l2ChainId,
         uint256 blockInterval,
@@ -283,7 +292,8 @@ contract AggregateVerifier is Clone, ReentrancyGuard, ISemver {
         TEE_VERIFIER = teeVerifier;
         ZK_VERIFIER = zkVerifier;
         TEE_IMAGE_HASH = teeImageHash;
-        ZK_IMAGE_HASH = zkImageHash;
+        ZK_RANGE_HASH = zkHashes.rangeHash;
+        ZK_AGGREGATE_HASH = zkHashes.aggregateHash;
         CONFIG_HASH = configHash;
         L2_CHAIN_ID = l2ChainId;
         BLOCK_INTERVAL = blockInterval;
@@ -910,12 +920,12 @@ contract AggregateVerifier is Clone, ReentrancyGuard, ISemver {
                 endingL2SequenceNumber,
                 intermediateRoots,
                 CONFIG_HASH,
-                ZK_IMAGE_HASH
+                ZK_RANGE_HASH
             )
         );
 
         // Validate the proof.
-        if (!ZK_VERIFIER.verify(proofBytes, ZK_IMAGE_HASH, journal)) revert InvalidProof();
+        if (!ZK_VERIFIER.verify(proofBytes, ZK_AGGREGATE_HASH, journal)) revert InvalidProof();
     }
 
     /// @notice Returns the status of the parent game.

diff --git a/test/multiproof/AggregateVerifier.t.sol b/test/multiproof/AggregateVerifier.t.sol
@@ -323,7 +323,7 @@ contract AggregateVerifierTest is BaseTest {
             IVerifier(address(teeVerifier)),
             IVerifier(address(zkVerifier)),
             TEE_IMAGE_HASH,
-            ZK_IMAGE_HASH,
+            AggregateVerifier.ZkHashes(ZK_RANGE_HASH, ZK_AGGREGATE_HASH),
             CONFIG_HASH,
             L2_CHAIN_ID,
             0,
@@ -340,7 +340,7 @@ contract AggregateVerifierTest is BaseTest {
             IVerifier(address(teeVerifier)),
             IVerifier(address(zkVerifier)),
             TEE_IMAGE_HASH,
-            ZK_IMAGE_HASH,
+            AggregateVerifier.ZkHashes(ZK_RANGE_HASH, ZK_AGGREGATE_HASH),
             CONFIG_HASH,
             L2_CHAIN_ID,
             BLOCK_INTERVAL,
@@ -357,7 +357,7 @@ contract AggregateVerifierTest is BaseTest {
             IVerifier(address(teeVerifier)),
             IVerifier(address(zkVerifier)),
             TEE_IMAGE_HASH,
-            ZK_IMAGE_HASH,
+            AggregateVerifier.ZkHashes(ZK_RANGE_HASH, ZK_AGGREGATE_HASH),
             CONFIG_HASH,
             L2_CHAIN_ID,
             3,
@@ -376,7 +376,7 @@ contract AggregateVerifierTest is BaseTest {
             IVerifier(address(teeVerifier)),
             IVerifier(address(zkVerifier)),
             TEE_IMAGE_HASH,
-            ZK_IMAGE_HASH,
+            AggregateVerifier.ZkHashes(ZK_RANGE_HASH, ZK_AGGREGATE_HASH),
             CONFIG_HASH,
             L2_CHAIN_ID,
             BLOCK_INTERVAL,
@@ -393,7 +393,7 @@ contract AggregateVerifierTest is BaseTest {
             IVerifier(address(teeVerifier)),
             IVerifier(address(zkVerifier)),
             TEE_IMAGE_HASH,
-            ZK_IMAGE_HASH,
+            AggregateVerifier.ZkHashes(ZK_RANGE_HASH, ZK_AGGREGATE_HASH),
             CONFIG_HASH,
             L2_CHAIN_ID,
             BLOCK_INTERVAL,

diff --git a/test/multiproof/BaseTest.t.sol b/test/multiproof/BaseTest.t.sol
@@ -46,7 +46,8 @@ contract BaseTest is Test {
     address public immutable ATTACKER = makeAddr("attacker");
 
     bytes32 public immutable TEE_IMAGE_HASH = keccak256("tee-image");
-    bytes32 public immutable ZK_IMAGE_HASH = keccak256("zk-image");
+    bytes32 public immutable ZK_RANGE_HASH = keccak256("zk-range");
+    bytes32 public immutable ZK_AGGREGATE_HASH = keccak256("zk-aggregate");
     bytes32 public immutable CONFIG_HASH = keccak256("config");
 
     ProxyAdmin public proxyAdmin;
@@ -128,7 +129,7 @@ contract BaseTest is Test {
             IVerifier(address(teeVerifier)),
             IVerifier(address(zkVerifier)),
             TEE_IMAGE_HASH,
-            ZK_IMAGE_HASH,
+            AggregateVerifier.ZkHashes(ZK_RANGE_HASH, ZK_AGGREGATE_HASH),
             CONFIG_HASH,
             L2_CHAIN_ID,
             BLOCK_INTERVAL,