status-im/c-kzg-4844
2
0
Fork 0
mirror of https://github.com/status-im/c-kzg-4844.git synced 2025-01-11 02:35:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15 from asn-d6/compute_challenges_spec

Browse Source 
Bring compute_challenges() and compute_powers() closer to the spec
This commit is contained in:
Ramana Kumar 2022-12-02 10:48:41 +00:00 committed by GitHub
commit 7b3477c6e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/c_kzg_4844.c
View File

@ -825,10 +825,12 @@ void free_trusted_setup(KZGSettings *s) {
free_kzg_settings(s); free_kzg_settings(s);
} }
static void compute_powers(fr_t out[], uint64_t n) { static void compute_powers(BLSFieldElement out[], BLSFieldElement *x, uint64_t n) {
out[0] = fr_one; BLSFieldElement current_power = fr_one;
for (uint64_t i = 2; i < n; i++) for (uint64_t i = 0; i < n; i++) {
fr_mul(&out[i], &out[i-1], &out[1]); out[i] = current_power;
fr_mul(&current_power, &current_power, x);
}
} }
void bytes_to_bls_field(BLSFieldElement *out, const uint8_t bytes[32]) { void bytes_to_bls_field(BLSFieldElement *out, const uint8_t bytes[32]) {
@ -1098,34 +1100,46 @@ static C_KZG_RET compute_challenges(BLSFieldElement *out, BLSFieldElement r_powe
const size_t np = ni + n * BYTES_PER_BLOB; const size_t np = ni + n * BYTES_PER_BLOB;
const size_t nb = np + n * 48; const size_t nb = np + n * 48;
uint8_t* bytes = calloc(nb + (n == 0), sizeof(uint8_t)); // need at least 1 byte more than ni for hash later uint8_t* bytes = calloc(nb, sizeof(uint8_t));
if (bytes == NULL) return C_KZG_MALLOC; if (bytes == NULL) return C_KZG_MALLOC;
/* Copy domain seperator */
memcpy(bytes, FIAT_SHAMIR_PROTOCOL_DOMAIN, 16); memcpy(bytes, FIAT_SHAMIR_PROTOCOL_DOMAIN, 16);
bytes_of_uint64(&bytes[16], FIELD_ELEMENTS_PER_BLOB); bytes_of_uint64(&bytes[16], FIELD_ELEMENTS_PER_BLOB);
bytes_of_uint64(&bytes[16 + 8], n); bytes_of_uint64(&bytes[16 + 8], n);
/* Copy polynomials */
for (i = 0; i < n; i++) for (i = 0; i < n; i++)
for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++) for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++)
bytes_from_bls_field(&bytes[ni + BYTES_PER_FIELD_ELEMENT * (i * FIELD_ELEMENTS_PER_BLOB + j)], &polys[i][j]); bytes_from_bls_field(&bytes[ni + BYTES_PER_FIELD_ELEMENT * (i * FIELD_ELEMENTS_PER_BLOB + j)], &polys[i][j]);
/* Copy commitments */
for (i = 0; i < n; i++) for (i = 0; i < n; i++)
bytes_from_g1(&bytes[np + i * 48], &comms[i]); bytes_from_g1(&bytes[np + i * 48], &comms[i]);
uint8_t hash_output[32] = {0}; /* Now let's create challenges! */
hash(hash_output, bytes, nb); uint8_t hashed_data[32] = {0};
memcpy(bytes, hash_output, 32); hash(hashed_data, bytes, nb);
bytes[32] = 0x0;
hash(hash_output, bytes, 33);
if (n > 0) { /* We will use hash_input in the computation of both challenges */
if (n > 1) bytes_to_bls_field(&r_powers[1], hash_output); uint8_t hash_input[33];
compute_powers(r_powers, n);
}
bytes[32] = 0x1; /* Compute r */
hash(hash_output, bytes, 33); uint8_t r_bytes[32] = {0};
bytes_to_bls_field(out, hash_output); memcpy(hash_input, hashed_data, 32);
hash_input[32] = 0x0;
hash(r_bytes, hash_input, 33);
/* Compute r_powers */
BLSFieldElement r;
bytes_to_bls_field(&r, r_bytes);
compute_powers(r_powers, &r, n);
/* Compute eval_challenge */
uint8_t eval_challenge[32] = {0};
hash_input[32] = 0x1;
hash(eval_challenge, hash_input, 33);
bytes_to_bls_field(out, eval_challenge);
free(bytes); free(bytes);
return C_KZG_OK; return C_KZG_OK;