status-im
/
c-kzg-4844
mirror of https://github.com/status-im/c-kzg-4844.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Convert Polynomial type to struct (#60) 

* Convert Polynomial type to wrapped-struct

* Revert undesired change

* Rename poly.elements to poly.evals
This commit is contained in:
Justin Traglia 2023-01-12 11:35:59 -06:00 committed by GitHub
parent ee2fb80d7c
commit 42a4419641
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
src/c_kzg_4844.c
View File

@ -790,8 +790,7 @@ static bool pairings_verify(const g1_t *a1, const g2_t *a2, const g1_t *b1, cons
return blst_fp12_is_one(&gt_point); return blst_fp12_is_one(&gt_point);
} }
typedef struct { BLSFieldElement evals[FIELD_ELEMENTS_PER_BLOB]; } Polynomial;
typedef BLSFieldElement Polynomial[FIELD_ELEMENTS_PER_BLOB];
void bytes_from_g1(uint8_t out[48], const g1_t *in) { void bytes_from_g1(uint8_t out[48], const g1_t *in) {
blst_p1_compress(out, in); blst_p1_compress(out, in);
@ -913,15 +912,15 @@ C_KZG_RET bytes_to_bls_field(BLSFieldElement *out, const uint8_t bytes[32]) {
return C_KZG_OK; return C_KZG_OK;
} }
static void poly_lincomb(Polynomial out, const Polynomial vectors[], const fr_t scalars[], uint64_t n) { static void poly_lincomb(Polynomial *out, const Polynomial *vectors, const fr_t scalars[], uint64_t n) {
fr_t tmp; fr_t tmp;
uint64_t i, j; uint64_t i, j;
for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++) for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++)
out[j] = fr_zero; out->evals[j] = fr_zero;
for (i = 0; i < n; i++) { for (i = 0; i < n; i++) {
for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++) { for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++) {
fr_mul(&tmp, &scalars[i], &vectors[i][j]); fr_mul(&tmp, &scalars[i], &vectors[i].evals[j]);
fr_add(&out[j], &out[j], &tmp); fr_add(&out->evals[j], &out->evals[j], &tmp);
} }
} }
} }
@ -993,14 +992,14 @@ static C_KZG_RET g1_lincomb(g1_t *out, const g1_t *p, const fr_t *coeffs, const
return C_KZG_OK; return C_KZG_OK;
} }
static C_KZG_RET poly_to_kzg_commitment(KZGCommitment *out, const Polynomial p, const KZGSettings *s) { static C_KZG_RET poly_to_kzg_commitment(KZGCommitment *out, const Polynomial *p, const KZGSettings *s) {
return g1_lincomb(out, s->g1_values, p, FIELD_ELEMENTS_PER_BLOB); return g1_lincomb(out, s->g1_values, (const fr_t *)(&p->evals), FIELD_ELEMENTS_PER_BLOB);
} }
static C_KZG_RET poly_from_blob(Polynomial p, const Blob blob) { static C_KZG_RET poly_from_blob(Polynomial *p, const Blob blob) {
C_KZG_RET ret; C_KZG_RET ret;
for (size_t i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) { for (size_t i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
ret = bytes_to_bls_field(&p[i], &blob[i * BYTES_PER_FIELD_ELEMENT]); ret = bytes_to_bls_field(&p->evals[i], &blob[i * BYTES_PER_FIELD_ELEMENT]);
if (ret != C_KZG_OK) return ret; if (ret != C_KZG_OK) return ret;
} }
return C_KZG_OK; return C_KZG_OK;
@ -1008,9 +1007,9 @@ static C_KZG_RET poly_from_blob(Polynomial p, const Blob blob) {
C_KZG_RET blob_to_kzg_commitment(KZGCommitment *out, const Blob blob, const KZGSettings *s) { C_KZG_RET blob_to_kzg_commitment(KZGCommitment *out, const Blob blob, const KZGSettings *s) {
Polynomial p; Polynomial p;
C_KZG_RET ret = poly_from_blob(p, blob); C_KZG_RET ret = poly_from_blob(&p, blob);
if (ret != C_KZG_OK) return ret; if (ret != C_KZG_OK) return ret;
return poly_to_kzg_commitment(out, p, s); return poly_to_kzg_commitment(out, &p, s);
} }
/** /**
@ -1055,7 +1054,7 @@ C_KZG_RET verify_kzg_proof(bool *out,
return verify_kzg_proof_impl(out, commitment, &frz, &fry, kzg_proof, s); return verify_kzg_proof_impl(out, commitment, &frz, &fry, kzg_proof, s);
} }
static C_KZG_RET evaluate_polynomial_in_evaluation_form(BLSFieldElement *out, const Polynomial p, const BLSFieldElement *x, const KZGSettings *s) { static C_KZG_RET evaluate_polynomial_in_evaluation_form(BLSFieldElement *out, const Polynomial *p, const BLSFieldElement *x, const KZGSettings *s) {
C_KZG_RET ret; C_KZG_RET ret;
fr_t tmp; fr_t tmp;
fr_t *inverses_in = NULL; fr_t *inverses_in = NULL;
@ -1070,7 +1069,7 @@ static C_KZG_RET evaluate_polynomial_in_evaluation_form(BLSFieldElement *out, co
for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) { for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
if (fr_equal(x, &roots_of_unity[i])) { if (fr_equal(x, &roots_of_unity[i])) {
*out = p[i]; *out = p->evals[i];
ret = C_KZG_OK; ret = C_KZG_OK;
goto out; goto out;
} }
@ -1083,7 +1082,7 @@ static C_KZG_RET evaluate_polynomial_in_evaluation_form(BLSFieldElement *out, co
*out = fr_zero; *out = fr_zero;
for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) { for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
fr_mul(&tmp, &inverses[i], &roots_of_unity[i]); fr_mul(&tmp, &inverses[i], &roots_of_unity[i]);
fr_mul(&tmp, &tmp, &p[i]); fr_mul(&tmp, &tmp, &p->evals[i]);
fr_add(out, out, &tmp); fr_add(out, out, &tmp);
} }
fr_from_uint64(&tmp, FIELD_ELEMENTS_PER_BLOB); fr_from_uint64(&tmp, FIELD_ELEMENTS_PER_BLOB);
@ -1108,7 +1107,7 @@ out:
* @retval C_KZG_OK All is well * @retval C_KZG_OK All is well
* @retval C_KZG_MALLOC Memory allocation failed * @retval C_KZG_MALLOC Memory allocation failed
*/ */
static C_KZG_RET compute_kzg_proof(KZGProof *out, const Polynomial p, const BLSFieldElement *x, const KZGSettings *s) { static C_KZG_RET compute_kzg_proof(KZGProof *out, const Polynomial *p, const BLSFieldElement *x, const KZGSettings *s) {
C_KZG_RET ret; C_KZG_RET ret;
BLSFieldElement y; BLSFieldElement y;
fr_t *inverses_in = NULL; fr_t *inverses_in = NULL;
@ -1133,7 +1132,7 @@ static C_KZG_RET compute_kzg_proof(KZGProof *out, const Polynomial p, const BLSF
continue; continue;
} }
// (p_i - y) / (ω_i - x) // (p_i - y) / (ω_i - x)
fr_sub(&q[i], &p[i], &y); fr_sub(&q.evals[i], &p->evals[i], &y);
fr_sub(&inverses_in[i], &roots_of_unity[i], x); fr_sub(&inverses_in[i], &roots_of_unity[i], x);
} }
@ -1141,11 +1140,11 @@ static C_KZG_RET compute_kzg_proof(KZGProof *out, const Polynomial p, const BLSF
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) { for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
fr_mul(&q[i], &q[i], &inverses[i]); fr_mul(&q.evals[i], &q.evals[i], &inverses[i]);
} }
if (m) { // ω_m == x if (m) { // ω_m == x
q[--m] = fr_zero; q.evals[--m] = fr_zero;
for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) { for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
if (i == m) continue; if (i == m) continue;
// (p_i - y) * ω_i / (x * (x - ω_i)) // (p_i - y) * ω_i / (x * (x - ω_i))
@ -1155,14 +1154,14 @@ static C_KZG_RET compute_kzg_proof(KZGProof *out, const Polynomial p, const BLSF
ret = fr_batch_inv(inverses, inverses_in, FIELD_ELEMENTS_PER_BLOB); ret = fr_batch_inv(inverses, inverses_in, FIELD_ELEMENTS_PER_BLOB);
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) { for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
fr_sub(&tmp, &p[i], &y); fr_sub(&tmp, &p->evals[i], &y);
fr_mul(&tmp, &tmp, &roots_of_unity[i]); fr_mul(&tmp, &tmp, &roots_of_unity[i]);
fr_mul(&tmp, &tmp, &inverses[i]); fr_mul(&tmp, &tmp, &inverses[i]);
fr_add(&q[m], &q[m], &tmp); fr_add(&q.evals[m], &q.evals[m], &tmp);
} }
} }
ret = g1_lincomb(out, s->g1_values, q, FIELD_ELEMENTS_PER_BLOB); ret = g1_lincomb(out, s->g1_values, (const fr_t *)(&q.evals), FIELD_ELEMENTS_PER_BLOB);
out: out:
if (inverses_in != NULL) free(inverses_in); if (inverses_in != NULL) free(inverses_in);
@ -1196,7 +1195,7 @@ static void bytes_of_uint64(uint8_t out[8], uint64_t n) {
} }
static C_KZG_RET compute_challenges(BLSFieldElement *out, BLSFieldElement r_powers[], static C_KZG_RET compute_challenges(BLSFieldElement *out, BLSFieldElement r_powers[],
const Polynomial polys[], const KZGCommitment comms[], uint64_t n) { const Polynomial *polys, const KZGCommitment comms[], uint64_t n) {
size_t i; size_t i;
uint64_t j; uint64_t j;
const size_t ni = 32; // len(FIAT_SHAMIR_PROTOCOL_DOMAIN) + 8 + 8 const size_t ni = 32; // len(FIAT_SHAMIR_PROTOCOL_DOMAIN) + 8 + 8
@ -1214,7 +1213,7 @@ static C_KZG_RET compute_challenges(BLSFieldElement *out, BLSFieldElement r_powe
/* Copy polynomials */ /* Copy polynomials */
for (i = 0; i < n; i++) for (i = 0; i < n; i++)
for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++) for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++)
bytes_from_bls_field(&bytes[ni + BYTES_PER_FIELD_ELEMENT * (i * FIELD_ELEMENTS_PER_BLOB + j)], &polys[i][j]); bytes_from_bls_field(&bytes[ni + BYTES_PER_FIELD_ELEMENT * (i * FIELD_ELEMENTS_PER_BLOB + j)], &polys[i].evals[j]);
/* Copy commitments */ /* Copy commitments */
for (i = 0; i < n; i++) for (i = 0; i < n; i++)
@ -1248,8 +1247,8 @@ static C_KZG_RET compute_challenges(BLSFieldElement *out, BLSFieldElement r_powe
return C_KZG_OK; return C_KZG_OK;
} }
static C_KZG_RET compute_aggregated_poly_and_commitment(Polynomial poly_out, KZGCommitment *comm_out, BLSFieldElement *chal_out, static C_KZG_RET compute_aggregated_poly_and_commitment(Polynomial *poly_out, KZGCommitment *comm_out, BLSFieldElement *chal_out,
const Polynomial polys[], const Polynomial *polys,
const KZGCommitment kzg_commitments[], const KZGCommitment kzg_commitments[],
size_t n) { size_t n) {
BLSFieldElement* r_powers = calloc(n, sizeof(BLSFieldElement)); BLSFieldElement* r_powers = calloc(n, sizeof(BLSFieldElement));
@ -1289,19 +1288,19 @@ C_KZG_RET compute_aggregate_kzg_proof(KZGProof *out,
} }
for (size_t i = 0; i < n; i++) { for (size_t i = 0; i < n; i++) {
ret = poly_from_blob(polys[i], blobs[i]); ret = poly_from_blob(&polys[i], blobs[i]);
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
ret = poly_to_kzg_commitment(&commitments[i], polys[i], s); ret = poly_to_kzg_commitment(&commitments[i], &polys[i], s);
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
} }
Polynomial aggregated_poly; Polynomial aggregated_poly;
KZGCommitment aggregated_poly_commitment; KZGCommitment aggregated_poly_commitment;
BLSFieldElement evaluation_challenge; BLSFieldElement evaluation_challenge;
ret = compute_aggregated_poly_and_commitment(aggregated_poly, &aggregated_poly_commitment, &evaluation_challenge, polys, commitments, n); ret = compute_aggregated_poly_and_commitment(&aggregated_poly, &aggregated_poly_commitment, &evaluation_challenge, polys, commitments, n);
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
ret = compute_kzg_proof(out, aggregated_poly, &evaluation_challenge, s); ret = compute_kzg_proof(out, &aggregated_poly, &evaluation_challenge, s);
out: out:
if (commitments != NULL) free(commitments); if (commitments != NULL) free(commitments);
@ -1319,18 +1318,18 @@ C_KZG_RET verify_aggregate_kzg_proof(bool *out,
Polynomial* polys = calloc(n, sizeof(Polynomial)); Polynomial* polys = calloc(n, sizeof(Polynomial));
if (polys == NULL) return C_KZG_MALLOC; if (polys == NULL) return C_KZG_MALLOC;
for (size_t i = 0; i < n; i++) { for (size_t i = 0; i < n; i++) {
ret = poly_from_blob(polys[i], blobs[i]); ret = poly_from_blob(&polys[i], blobs[i]);
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
} }
Polynomial aggregated_poly; Polynomial aggregated_poly;
KZGCommitment aggregated_poly_commitment; KZGCommitment aggregated_poly_commitment;
BLSFieldElement evaluation_challenge; BLSFieldElement evaluation_challenge;
ret = compute_aggregated_poly_and_commitment(aggregated_poly, &aggregated_poly_commitment, &evaluation_challenge, polys, expected_kzg_commitments, n); ret = compute_aggregated_poly_and_commitment(&aggregated_poly, &aggregated_poly_commitment, &evaluation_challenge, polys, expected_kzg_commitments, n);
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
BLSFieldElement y; BLSFieldElement y;
ret = evaluate_polynomial_in_evaluation_form(&y, aggregated_poly, &evaluation_challenge, s); ret = evaluate_polynomial_in_evaluation_form(&y, &aggregated_poly, &evaluation_challenge, s);
if (ret != C_KZG_OK) goto out; if (ret != C_KZG_OK) goto out;
ret = verify_kzg_proof_impl(out, &aggregated_poly_commitment, &evaluation_challenge, &y, kzg_aggregated_proof, s); ret = verify_kzg_proof_impl(out, &aggregated_poly_commitment, &evaluation_challenge, &y, kzg_aggregated_proof, s);