status-im
/
c-kzg-4844
mirror of https://github.com/status-im/c-kzg-4844.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed test for check_proof_multi

This commit is contained in:
Dankrad Feist 2022-09-15 15:44:21 +01:00 committed by Ramana Kumar
parent 9bd8c3fdf8
commit 6b5140af66
No known key found for this signature in database
GPG Key ID: ED471C788B900433
1 changed files with 13 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/kzg_proofs.c
View File

@ -296,15 +296,15 @@ void proof_multi(void) {
uint64_t coeffs[] = {1, 2, 3, 4, 7, 7, 7, 7, 13, 13, 13, 13, 13, 13, 13, 13};
int poly_len = sizeof coeffs / sizeof coeffs[0];
FFTSettings fs1, fs2;
KZGSettings ks1, ks2;
FFTSettings fs;
KZGSettings ks;
poly p;
g1_t commitment, proof;
fr_t x, tmp;
bool result;
// Compute proof at 2^coset_scale points
int coset_scale = 4, coset_len = (1 << coset_scale);
int coset_scale = 3, coset_len = (1 << coset_scale);
fr_t y[coset_len];
uint64_t secrets_len = poly_len > coset_len ? poly_len : coset_len;
@ -319,38 +319,34 @@ void proof_multi(void) {
// Initialise the secrets and data structures
generate_trusted_setup(s1, s2, &secret, secrets_len);
TEST_CHECK(C_KZG_OK == new_fft_settings(&fs1, 4)); // ln_2 of poly_len
TEST_CHECK(C_KZG_OK == new_kzg_settings(&ks1, s1, s2, secrets_len, &fs1));
TEST_CHECK(C_KZG_OK == new_fft_settings(&fs, 4)); // ln_2 of poly_len
TEST_CHECK(C_KZG_OK == new_kzg_settings(&ks, s1, s2, secrets_len, &fs));
// Commit to the polynomial
TEST_CHECK(C_KZG_OK == commit_to_poly(&commitment, &p, &ks1));
TEST_CHECK(C_KZG_OK == new_fft_settings(&fs2, coset_scale));
TEST_CHECK(C_KZG_OK == new_kzg_settings(&ks2, s1, s2, secrets_len, &fs2));
TEST_CHECK(C_KZG_OK == commit_to_poly(&commitment, &p, &ks));
// Compute proof at the points [x * root_i] 0 <= i < coset_len
fr_from_uint64(&x, 5431);
TEST_CHECK(C_KZG_OK == compute_proof_multi(&proof, &p, &x, coset_len, &ks2));
TEST_CHECK(C_KZG_OK == compute_proof_multi(&proof, &p, &x, coset_len, &ks));
// y_i is the value of the polynomial at each x_i
uint64_t stride = secrets_len / coset_len;
for (int i = 0; i < coset_len; i++) {
fr_mul(&tmp, &x, &ks2.fs->expanded_roots_of_unity[i]);
fr_mul(&tmp, &x, &fs.expanded_roots_of_unity[i * stride]);
eval_poly(&y[i], &p, &tmp);
}
// Verify the proof that the (unknown) polynomial has value y_i at x_i
TEST_CHECK(C_KZG_OK == check_proof_multi(&result, &commitment, &proof, &x, y, coset_len, &ks2));
TEST_CHECK(C_KZG_OK == check_proof_multi(&result, &commitment, &proof, &x, y, coset_len, &ks));
TEST_CHECK(true == result);
// Change a value and check that the proof fails
fr_add(y + coset_len / 2, y + coset_len / 2, &fr_one);
TEST_CHECK(C_KZG_OK == check_proof_multi(&result, &commitment, &proof, &x, y, coset_len, &ks2));
TEST_CHECK(C_KZG_OK == check_proof_multi(&result, &commitment, &proof, &x, y, coset_len, &ks));
TEST_CHECK(false == result);
free_fft_settings(&fs1);
free_fft_settings(&fs2);
free_kzg_settings(&ks1);
free_kzg_settings(&ks2);
free_fft_settings(&fs);
free_kzg_settings(&ks);
free_poly(&p);
}