Consolidate header files (#14)
* Consolidate header files User should now need only include c_kzg.h and bls12_381.h. * Update README
This commit is contained in:
parent
ca1acf61d6
commit
b21d13684b
12
README.md
12
README.md
|
@ -29,8 +29,8 @@ That's basically all the necessary stuff for Eth2 use cases. Things remaining (a
|
||||||
|
|
||||||
Build the [Blst library](https://github.com/supranational/blst) following the instructions there. Then,
|
Build the [Blst library](https://github.com/supranational/blst) following the instructions there. Then,
|
||||||
|
|
||||||
1. Copy the resulting `libblst.a` file into the `lib/` directory here.
|
1. Copy the resulting *libblst.a* file into the *lib/* directory here.
|
||||||
2. From Blst's `bindings/` directory copy `blst.h` and `blst_aux.h` to `inc/`
|
2. From Blst's *bindings/* directory copy *blst.h* and *blst_aux.h* to *inc/*
|
||||||
|
|
||||||
That is,
|
That is,
|
||||||
|
|
||||||
|
@ -39,11 +39,13 @@ cp ../blst/libblast.a lib/
|
||||||
cp ../blst/bindings/*.h inc/
|
cp ../blst/bindings/*.h inc/
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Alternatively, change the `INCLUDE_DIRS` in *Makefile* to point to the Blst header files.
|
||||||
|
|
||||||
This version of c-kzg is tested with Blst's master branch, commit `d4b40c3`. Blst release 0.3.4 is not sufficient since we make use of the more recently implemented Pippenger multiscalar multiplication for the polynomial commitments.
|
This version of c-kzg is tested with Blst's master branch, commit `d4b40c3`. Blst release 0.3.4 is not sufficient since we make use of the more recently implemented Pippenger multiscalar multiplication for the polynomial commitments.
|
||||||
|
|
||||||
## Build
|
## Build
|
||||||
|
|
||||||
Build the `libckzg.a` library:
|
Build the *libckzg.a* library:
|
||||||
|
|
||||||
```
|
```
|
||||||
cd src
|
cd src
|
||||||
|
@ -57,6 +59,10 @@ cd src
|
||||||
make debuglib
|
make debuglib
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Integrate
|
||||||
|
|
||||||
|
Once you have *libkzg.a*, the only other files you should need in order to integrate `c-kzg` with your own application are *c_kzg.h* and *bls12_381.h* (in addition to the Blst library and header files). *c_kzg.h* contains all the prototypes for the accessible functions in `c-kzg` and the associated data structures.
|
||||||
|
|
||||||
## Run tests
|
## Run tests
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
14
src/Makefile
14
src/Makefile
|
@ -1,8 +1,8 @@
|
||||||
TESTS = bls12_381_test das_extension_test c_kzg_util_test fft_common_test fft_fr_test fft_g1_test \
|
TESTS = bls12_381_test das_extension_test c_kzg_alloc_test fft_common_test fft_fr_test fft_g1_test \
|
||||||
fk20_proofs_test kzg_proofs_test poly_test recover_test utility_test zero_poly_test
|
fk20_proofs_test kzg_proofs_test poly_test recover_test utility_test zero_poly_test
|
||||||
BENCH = fft_fr_bench fft_g1_bench recover_bench zero_poly_bench kzg_proofs_bench poly_bench
|
BENCH = fft_fr_bench fft_g1_bench recover_bench zero_poly_bench kzg_proofs_bench poly_bench
|
||||||
TUNE = poly_mul_tune poly_div_tune
|
TUNE = poly_mul_tune poly_div_tune
|
||||||
LIB_SRC = bls12_381.c c_kzg_util.c das_extension.c fft_common.c fft_fr.c fft_g1.c fk20_proofs.c kzg_proofs.c poly.c recover.c utility.c zero_poly.c
|
LIB_SRC = bls12_381.c c_kzg_alloc.c das_extension.c fft_common.c fft_fr.c fft_g1.c fk20_proofs.c kzg_proofs.c poly.c recover.c utility.c zero_poly.c
|
||||||
LIB_OBJ = $(LIB_SRC:.c=.o)
|
LIB_OBJ = $(LIB_SRC:.c=.o)
|
||||||
|
|
||||||
KZG_CFLAGS =
|
KZG_CFLAGS =
|
||||||
|
@ -10,7 +10,7 @@ INCLUDE_DIRS = ../inc
|
||||||
|
|
||||||
.PRECIOUS: %.o
|
.PRECIOUS: %.o
|
||||||
|
|
||||||
%.o: %.c %.h c_kzg.h Makefile
|
%.o: %.c c_kzg.h bls12_381.h Makefile
|
||||||
clang -Wall -I$(INCLUDE_DIRS) $(CFLAGS) $(KZG_CFLAGS) -c $*.c
|
clang -Wall -I$(INCLUDE_DIRS) $(CFLAGS) $(KZG_CFLAGS) -c $*.c
|
||||||
|
|
||||||
libckzg.a: $(LIB_OBJ) Makefile
|
libckzg.a: $(LIB_OBJ) Makefile
|
||||||
|
@ -27,14 +27,14 @@ libckzg.a: $(LIB_OBJ) Makefile
|
||||||
|
|
||||||
# Benchmarks
|
# Benchmarks
|
||||||
%_bench: KZG_CFLAGS += -O
|
%_bench: KZG_CFLAGS += -O
|
||||||
%_bench: %_bench.c bench_util.o test_util.o $(LIB_OBJ) Makefile
|
%_bench: %_bench.c bench_util.o test_util.o libckzg.a Makefile
|
||||||
clang -Wall -I$(INCLUDE_DIRS) $(CFLAGS) $(KZG_CFLAGS) -o $@ $@.c bench_util.o test_util.o $(LIB_OBJ) -L../lib -lblst
|
clang -Wall -I$(INCLUDE_DIRS) $(CFLAGS) $(KZG_CFLAGS) -o $@ $@.c bench_util.o test_util.o libckzg.a -L../lib -lblst
|
||||||
./$@
|
./$@
|
||||||
|
|
||||||
# Tuning
|
# Tuning
|
||||||
%_tune: KZG_CFLAGS += -O
|
%_tune: KZG_CFLAGS += -O
|
||||||
%_tune: %_tune.c bench_util.o test_util.o $(LIB_OBJ) Makefile
|
%_tune: %_tune.c bench_util.o test_util.o libckzg.a Makefile
|
||||||
clang -Wall -I$(INCLUDE_DIRS) $(CFLAGS) $(KZG_CFLAGS) -o $@ $@.c bench_util.o test_util.o $(LIB_OBJ) -L../lib -lblst
|
clang -Wall -I$(INCLUDE_DIRS) $(CFLAGS) $(KZG_CFLAGS) -o $@ $@.c bench_util.o test_util.o libckzg.a -L../lib -lblst
|
||||||
./$@
|
./$@
|
||||||
|
|
||||||
lib: KZG_CFLAGS += -O
|
lib: KZG_CFLAGS += -O
|
||||||
|
|
|
@ -15,7 +15,6 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <time.h> // CLOCK_REALTIME, clock_gettime(), timespec
|
#include <time.h> // CLOCK_REALTIME, clock_gettime(), timespec
|
||||||
#include "c_kzg.h"
|
|
||||||
|
|
||||||
typedef struct timespec timespec_t;
|
typedef struct timespec timespec_t;
|
||||||
|
|
||||||
|
|
200
src/c_kzg.h
200
src/c_kzg.h
|
@ -14,7 +14,11 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/** @file c_kzg.h */
|
/**
|
||||||
|
* @file c_kzg.h
|
||||||
|
*
|
||||||
|
* Type definitions and function prototypes for all user-accessible parts of the library.
|
||||||
|
*/
|
||||||
|
|
||||||
#ifndef C_KZG_H
|
#ifndef C_KZG_H
|
||||||
#define C_KZG_H
|
#define C_KZG_H
|
||||||
|
@ -37,81 +41,137 @@ typedef enum {
|
||||||
C_KZG_MALLOC, /**< Could not allocate memory */
|
C_KZG_MALLOC, /**< Could not allocate memory */
|
||||||
} C_KZG_RET;
|
} C_KZG_RET;
|
||||||
|
|
||||||
#ifdef DEBUG
|
//
|
||||||
#include <stdlib.h>
|
// fft_common.c
|
||||||
#include <stdio.h>
|
//
|
||||||
#define CHECK(cond) \
|
|
||||||
if (!(cond)) { \
|
|
||||||
printf("\n%s:%d: Failed CHECK: %s\n", __FILE__, __LINE__, #cond); \
|
|
||||||
abort(); \
|
|
||||||
}
|
|
||||||
#define TRY(result) \
|
|
||||||
{ \
|
|
||||||
C_KZG_RET ret = (result); \
|
|
||||||
if (ret != C_KZG_OK) { \
|
|
||||||
printf("\n%s:%d: Failed TRY: %s, result = %d\n", __FILE__, __LINE__, #result, ret); \
|
|
||||||
abort(); \
|
|
||||||
} \
|
|
||||||
}
|
|
||||||
#define ASSERT(cond) \
|
|
||||||
if (!(cond)) { \
|
|
||||||
printf("\n%s:%d: Failed ASSERT: %s\n", __FILE__, __LINE__, #cond); \
|
|
||||||
abort(); \
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
#define CHECK(cond) \
|
|
||||||
if (!(cond)) return C_KZG_BADARGS
|
|
||||||
#define TRY(result) \
|
|
||||||
{ \
|
|
||||||
C_KZG_RET ret = (result); \
|
|
||||||
if (ret == C_KZG_MALLOC) return ret; \
|
|
||||||
if (ret != C_KZG_OK) return C_KZG_ERROR; \
|
|
||||||
}
|
|
||||||
#define ASSERT(cond) \
|
|
||||||
if (!(cond)) return C_KZG_ERROR
|
|
||||||
#endif // DEBUG
|
|
||||||
|
|
||||||
/** @def CHECK
|
/**
|
||||||
|
* Stores the setup and parameters needed for performing FFTs.
|
||||||
*
|
*
|
||||||
* Test input parameters.
|
* Initialise with #new_fft_settings. Free after use with #free_fft_settings.
|
||||||
*
|
|
||||||
* Differs from `ASSERT` in returning `C_KZG_BADARGS`.
|
|
||||||
*
|
|
||||||
* This macro comes in two versions according to whether `DEBUG` is defined or not (`-DDEBUG` compiler flag).
|
|
||||||
* - `DEBUG` is undefined: when @p cond is false, return from the current function with the value `C_KZG_BADARGS`,
|
|
||||||
* otherwise continue.
|
|
||||||
* - `DEBUG` is defined: when @p cond is false, print file and line number information and abort the run. This is very
|
|
||||||
* useful for dubugging. The @p ret parameter is ignored in this case.
|
|
||||||
*
|
|
||||||
* @param cond The condition to be tested
|
|
||||||
*/
|
*/
|
||||||
|
typedef struct {
|
||||||
|
uint64_t max_width; /**< The maximum size of FFT these settings support, a power of 2. */
|
||||||
|
fr_t root_of_unity; /**< The root of unity used to generate the lists in the structure. */
|
||||||
|
fr_t *expanded_roots_of_unity; /**< Ascending powers of the root of unity, size `width + 1`. */
|
||||||
|
fr_t *reverse_roots_of_unity; /**< Descending powers of the root of unity, size `width + 1`. */
|
||||||
|
} FFTSettings;
|
||||||
|
|
||||||
/** @def TRY
|
C_KZG_RET new_fft_settings(FFTSettings *s, unsigned int max_scale);
|
||||||
*
|
void free_fft_settings(FFTSettings *s);
|
||||||
* Handle errors in called functions.
|
|
||||||
*
|
|
||||||
* This macro comes in two versions according to whether `DEBUG` is defined or not (`-DDEBUG` compiler flag).
|
|
||||||
* - `DEBUG` is undefined: if the @p result is not `C_KZG_OK`, return immediately with either `C_KZG_MALLOC` or
|
|
||||||
* `C_KZG_ERROR`. Otherwise continue.
|
|
||||||
* - `DEBUG` is defined: if @p result is not `C_KZG_OK`, print file and line number information and abort the run.
|
|
||||||
* This is very useful for dubugging.
|
|
||||||
*
|
|
||||||
* @param result The function call result to be tested
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @def ASSERT
|
//
|
||||||
|
// fft_fr.c
|
||||||
|
//
|
||||||
|
|
||||||
|
C_KZG_RET fft_fr(fr_t *out, const fr_t *in, bool inverse, uint64_t n, const FFTSettings *fs);
|
||||||
|
|
||||||
|
//
|
||||||
|
// fft_g1.c
|
||||||
|
//
|
||||||
|
|
||||||
|
C_KZG_RET fft_g1(g1_t *out, const g1_t *in, bool inverse, uint64_t n, const FFTSettings *fs);
|
||||||
|
|
||||||
|
//
|
||||||
|
// poly.c
|
||||||
|
//
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Defines a polynomial whose coefficients are members of the finite field F_r.
|
||||||
*
|
*
|
||||||
* Test the correctness of statements.
|
* Initialise the storage with #new_poly. After use, free the storage with #free_poly.
|
||||||
*
|
|
||||||
* Differs from `CHECK` in returning `C_KZG_ERROR`.
|
|
||||||
*
|
|
||||||
* This macro comes in two versions according to whether `DEBUG` is defined or not (`-DDEBUG` compiler flag).
|
|
||||||
* - `DEBUG` is undefined: when @p cond is false, return from the current function with the value `C_KZG_ERROR`,
|
|
||||||
* otherwise continue.
|
|
||||||
* - `DEBUG` is defined: when @p cond is false, print file and line number information and abort the run. This is very
|
|
||||||
* useful for dubugging. The @p ret parameter is ignored in this case.
|
|
||||||
*
|
|
||||||
* @param cond The condition to be tested
|
|
||||||
*/
|
*/
|
||||||
|
typedef struct {
|
||||||
|
fr_t *coeffs; /**< `coeffs[i]` is the coefficient of the `x^i` term of the polynomial. */
|
||||||
|
uint64_t length; /**< One more than the polynomial's degree */
|
||||||
|
} poly;
|
||||||
|
|
||||||
|
void eval_poly(fr_t *out, const poly *p, const fr_t *x);
|
||||||
|
C_KZG_RET poly_inverse(poly *out, poly *b);
|
||||||
|
C_KZG_RET poly_mul(poly *out, const poly *a, const poly *b);
|
||||||
|
C_KZG_RET poly_mul_(poly *out, const poly *a, const poly *b, FFTSettings *fs);
|
||||||
|
C_KZG_RET new_poly_div(poly *out, const poly *dividend, const poly *divisor);
|
||||||
|
C_KZG_RET new_poly(poly *out, uint64_t length);
|
||||||
|
C_KZG_RET new_poly_with_coeffs(poly *out, const fr_t *coeffs, uint64_t length);
|
||||||
|
void free_poly(poly *p);
|
||||||
|
|
||||||
|
//
|
||||||
|
// kzg_proofs.c
|
||||||
|
//
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Stores the setup and parameters needed for computing KZG proofs.
|
||||||
|
*
|
||||||
|
* Initialise with #new_kzg_settings. Free after use with #free_kzg_settings.
|
||||||
|
*/
|
||||||
|
typedef struct {
|
||||||
|
const FFTSettings *fs; /**< The corresponding settings for performing FFTs */
|
||||||
|
g1_t *secret_g1; /**< G1 group elements from the trusted setup */
|
||||||
|
g2_t *secret_g2; /**< G2 group elements from the trusted setup */
|
||||||
|
uint64_t length; /**< The number of elements in secret_g1 and secret_g2 */
|
||||||
|
} KZGSettings;
|
||||||
|
|
||||||
|
C_KZG_RET commit_to_poly(g1_t *out, const poly *p, const KZGSettings *ks);
|
||||||
|
C_KZG_RET compute_proof_single(g1_t *out, const poly *p, const fr_t *x0, const KZGSettings *ks);
|
||||||
|
C_KZG_RET check_proof_single(bool *out, const g1_t *commitment, const g1_t *proof, const fr_t *x, fr_t *y,
|
||||||
|
const KZGSettings *ks);
|
||||||
|
C_KZG_RET compute_proof_multi(g1_t *out, const poly *p, const fr_t *x0, uint64_t n, const KZGSettings *ks);
|
||||||
|
C_KZG_RET check_proof_multi(bool *out, const g1_t *commitment, const g1_t *proof, const fr_t *x, const fr_t *ys,
|
||||||
|
uint64_t n, const KZGSettings *ks);
|
||||||
|
C_KZG_RET new_kzg_settings(KZGSettings *ks, const g1_t *secret_g1, const g2_t *secret_g2, uint64_t length,
|
||||||
|
const FFTSettings *fs);
|
||||||
|
void free_kzg_settings(KZGSettings *ks);
|
||||||
|
|
||||||
|
//
|
||||||
|
// fk20_proofs.c
|
||||||
|
//
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Stores the setup and parameters needed for computing FK20 single proofs.
|
||||||
|
*
|
||||||
|
* Initialise with #new_fk20_single_settings. Free after use with #free_fk20_single_settings.
|
||||||
|
*/
|
||||||
|
typedef struct {
|
||||||
|
const KZGSettings *ks; /**< The corresponding settings for performing KZG proofs */
|
||||||
|
g1_t *x_ext_fft; /**< The output of the first part of the Toeplitz process */
|
||||||
|
uint64_t x_ext_fft_len; /**< The length of the `x_ext_fft_len` array (TODO - do we need this?)*/
|
||||||
|
} FK20SingleSettings;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Stores the setup and parameters needed for computing FK20 multi proofs.
|
||||||
|
*/
|
||||||
|
typedef struct {
|
||||||
|
const KZGSettings *ks; /**< The corresponding settings for performing KZG proofs */
|
||||||
|
uint64_t chunk_len; /**< TODO */
|
||||||
|
g1_t **x_ext_fft_files; /**< TODO */
|
||||||
|
uint64_t length; /**< TODO */
|
||||||
|
} FK20MultiSettings;
|
||||||
|
|
||||||
|
C_KZG_RET da_using_fk20_single(g1_t *out, const poly *p, const FK20SingleSettings *fk);
|
||||||
|
C_KZG_RET da_using_fk20_multi(g1_t *out, const poly *p, const FK20MultiSettings *fk);
|
||||||
|
C_KZG_RET new_fk20_single_settings(FK20SingleSettings *fk, uint64_t n2, const KZGSettings *ks);
|
||||||
|
C_KZG_RET new_fk20_multi_settings(FK20MultiSettings *fk, uint64_t n2, uint64_t chunk_len, const KZGSettings *ks);
|
||||||
|
void free_fk20_single_settings(FK20SingleSettings *fk);
|
||||||
|
void free_fk20_multi_settings(FK20MultiSettings *fk);
|
||||||
|
|
||||||
|
//
|
||||||
|
// recover.c
|
||||||
|
//
|
||||||
|
|
||||||
|
C_KZG_RET recover_poly_from_samples(fr_t *reconstructed_data, fr_t *samples, uint64_t len_samples, FFTSettings *fs);
|
||||||
|
|
||||||
|
//
|
||||||
|
// zero_poly.c
|
||||||
|
//
|
||||||
|
|
||||||
|
C_KZG_RET zero_polynomial_via_multiplication(fr_t *zero_eval, poly *zero_poly, uint64_t width,
|
||||||
|
const uint64_t *missing_indices, uint64_t len_missing,
|
||||||
|
const FFTSettings *fs);
|
||||||
|
|
||||||
|
//
|
||||||
|
// das_extension.c
|
||||||
|
//
|
||||||
|
|
||||||
|
C_KZG_RET das_fft_extension(fr_t *vals, uint64_t n, const FFTSettings *fs);
|
||||||
|
|
||||||
#endif // C_KZG_H
|
#endif // C_KZG_H
|
||||||
|
|
|
@ -15,12 +15,12 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @file c_kzg_util.c
|
* @file c_kzg_alloc.c
|
||||||
*
|
*
|
||||||
* Utilities useful across the library.
|
* Utilities for dynamically allocating arrays of things.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "c_kzg_util.h"
|
#include "c_kzg_alloc.h"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Wrapped `malloc()` that reports failures to allocate.
|
* Wrapped `malloc()` that reports failures to allocate.
|
|
@ -14,11 +14,10 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/** @file c_kzg_util.h */
|
/** @file c_kzg_alloc.h */
|
||||||
|
|
||||||
#include <stdlib.h> // free()
|
#include <stdlib.h> // free(), NULL
|
||||||
#include "c_kzg.h"
|
#include "c_kzg.h"
|
||||||
#include "poly.h"
|
|
||||||
|
|
||||||
/** @def min_u64
|
/** @def min_u64
|
||||||
*
|
*
|
|
@ -0,0 +1,98 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2021 Benjamin Edgington
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @file control.h
|
||||||
|
*
|
||||||
|
* Macros for control flow and error handling.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifdef DEBUG
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#define CHECK(cond) \
|
||||||
|
if (!(cond)) { \
|
||||||
|
printf("\n%s:%d: Failed CHECK: %s\n", __FILE__, __LINE__, #cond); \
|
||||||
|
abort(); \
|
||||||
|
}
|
||||||
|
#define TRY(result) \
|
||||||
|
{ \
|
||||||
|
C_KZG_RET ret = (result); \
|
||||||
|
if (ret != C_KZG_OK) { \
|
||||||
|
printf("\n%s:%d: Failed TRY: %s, result = %d\n", __FILE__, __LINE__, #result, ret); \
|
||||||
|
abort(); \
|
||||||
|
} \
|
||||||
|
}
|
||||||
|
#define ASSERT(cond) \
|
||||||
|
if (!(cond)) { \
|
||||||
|
printf("\n%s:%d: Failed ASSERT: %s\n", __FILE__, __LINE__, #cond); \
|
||||||
|
abort(); \
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
#define CHECK(cond) \
|
||||||
|
if (!(cond)) return C_KZG_BADARGS
|
||||||
|
#define TRY(result) \
|
||||||
|
{ \
|
||||||
|
C_KZG_RET ret = (result); \
|
||||||
|
if (ret == C_KZG_MALLOC) return ret; \
|
||||||
|
if (ret != C_KZG_OK) return C_KZG_ERROR; \
|
||||||
|
}
|
||||||
|
#define ASSERT(cond) \
|
||||||
|
if (!(cond)) return C_KZG_ERROR
|
||||||
|
#endif // DEBUG
|
||||||
|
|
||||||
|
/** @def CHECK
|
||||||
|
*
|
||||||
|
* Test input parameters.
|
||||||
|
*
|
||||||
|
* Differs from `ASSERT` in returning `C_KZG_BADARGS`.
|
||||||
|
*
|
||||||
|
* This macro comes in two versions according to whether `DEBUG` is defined or not (`-DDEBUG` compiler flag).
|
||||||
|
* - `DEBUG` is undefined: when @p cond is false, return from the current function with the value `C_KZG_BADARGS`,
|
||||||
|
* otherwise continue.
|
||||||
|
* - `DEBUG` is defined: when @p cond is false, print file and line number information and abort the run. This is very
|
||||||
|
* useful for dubugging. The @p ret parameter is ignored in this case.
|
||||||
|
*
|
||||||
|
* @param cond The condition to be tested
|
||||||
|
*/
|
||||||
|
|
||||||
|
/** @def TRY
|
||||||
|
*
|
||||||
|
* Handle errors in called functions.
|
||||||
|
*
|
||||||
|
* This macro comes in two versions according to whether `DEBUG` is defined or not (`-DDEBUG` compiler flag).
|
||||||
|
* - `DEBUG` is undefined: if the @p result is not `C_KZG_OK`, return immediately with either `C_KZG_MALLOC` or
|
||||||
|
* `C_KZG_ERROR`. Otherwise continue.
|
||||||
|
* - `DEBUG` is defined: if @p result is not `C_KZG_OK`, print file and line number information and abort the run.
|
||||||
|
* This is very useful for dubugging.
|
||||||
|
*
|
||||||
|
* @param result The function call result to be tested
|
||||||
|
*/
|
||||||
|
|
||||||
|
/** @def ASSERT
|
||||||
|
*
|
||||||
|
* Test the correctness of statements.
|
||||||
|
*
|
||||||
|
* Differs from `CHECK` in returning `C_KZG_ERROR`.
|
||||||
|
*
|
||||||
|
* This macro comes in two versions according to whether `DEBUG` is defined or not (`-DDEBUG` compiler flag).
|
||||||
|
* - `DEBUG` is undefined: when @p cond is false, return from the current function with the value `C_KZG_ERROR`,
|
||||||
|
* otherwise continue.
|
||||||
|
* - `DEBUG` is defined: when @p cond is false, print file and line number information and abort the run. This is very
|
||||||
|
* useful for dubugging. The @p ret parameter is ignored in this case.
|
||||||
|
*
|
||||||
|
* @param cond The condition to be tested
|
||||||
|
*/
|
|
@ -20,7 +20,8 @@
|
||||||
* Perform polynomial extension for data availability sampling.
|
* Perform polynomial extension for data availability sampling.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "das_extension.h"
|
#include "control.h"
|
||||||
|
#include "c_kzg.h"
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -115,7 +116,7 @@ C_KZG_RET das_fft_extension(fr_t *vals, uint64_t n, const FFTSettings *fs) {
|
||||||
#ifdef KZGTEST
|
#ifdef KZGTEST
|
||||||
|
|
||||||
#include "../inc/acutest.h"
|
#include "../inc/acutest.h"
|
||||||
#include "c_kzg_util.h"
|
#include "c_kzg_alloc.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
|
|
||||||
void das_extension_test_known(void) {
|
void das_extension_test_known(void) {
|
||||||
|
|
|
@ -1,26 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @file das_extension.h
|
|
||||||
*
|
|
||||||
* Perform polynomial extension for data availability sampling.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include "c_kzg.h"
|
|
||||||
#include "fft_common.h"
|
|
||||||
|
|
||||||
C_KZG_RET das_fft_extension(fr_t *vals, uint64_t n, const FFTSettings *fs);
|
|
|
@ -14,6 +14,7 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
#include "debug_util.h"
|
#include "debug_util.h"
|
||||||
|
|
||||||
#ifdef BLST
|
#ifdef BLST
|
||||||
|
|
|
@ -14,8 +14,7 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stdio.h>
|
#include "bls12_381.h"
|
||||||
#include "c_kzg.h"
|
|
||||||
|
|
||||||
// Fr utilities
|
// Fr utilities
|
||||||
void print_fr(const fr_t *a);
|
void print_fr(const fr_t *a);
|
||||||
|
|
|
@ -20,8 +20,62 @@
|
||||||
* Code shared between the FFTs over field elements and FFTs over G1 group elements.
|
* Code shared between the FFTs over field elements and FFTs over G1 group elements.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "fft_common.h"
|
#include "control.h"
|
||||||
#include "c_kzg_util.h"
|
#include "c_kzg_alloc.h"
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The first 32 roots of unity in the finite field F_r.
|
||||||
|
*
|
||||||
|
* For element `{A, B, C, D}`, the field element value is `A + B * 2^64 + C * 2^128 + D * 2^192`. This format may be
|
||||||
|
* converted to an `fr_t` type via the #fr_from_uint64s library function.
|
||||||
|
*
|
||||||
|
* The decimal values may be calculated with the following Python code:
|
||||||
|
* @code{.py}
|
||||||
|
* MODULUS = 52435875175126190479447740508185965837690552500527637822603658699938581184513
|
||||||
|
* PRIMITIVE_ROOT = 7
|
||||||
|
* [pow(PRIMITIVE_ROOT, (MODULUS - 1) // (2**i), MODULUS) for i in range(32)]
|
||||||
|
* @endcode
|
||||||
|
*
|
||||||
|
* Note: Being a "primitive root" in this context means that r^k != 1 for any k < q-1 where q is the modulus. So
|
||||||
|
* powers of r generate the field. This is also known as being a "primitive element".
|
||||||
|
*
|
||||||
|
* This is easy to check for: we just require that r^((q-1)/2) != 1. Instead of 5, we could use 7, 10, 13, 14, 15, 20...
|
||||||
|
* to create the roots of unity below. There are a lot of primitive roots:
|
||||||
|
* https://crypto.stanford.edu/pbc/notes/numbertheory/gen.html
|
||||||
|
*/
|
||||||
|
static const uint64_t scale2_root_of_unity[][4] = {
|
||||||
|
{0x0000000000000001L, 0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L},
|
||||||
|
{0xffffffff00000000L, 0x53bda402fffe5bfeL, 0x3339d80809a1d805L, 0x73eda753299d7d48L},
|
||||||
|
{0x0001000000000000L, 0xec03000276030000L, 0x8d51ccce760304d0L, 0x0000000000000000L},
|
||||||
|
{0x7228fd3397743f7aL, 0xb38b21c28713b700L, 0x8c0625cd70d77ce2L, 0x345766f603fa66e7L},
|
||||||
|
{0x53ea61d87742bcceL, 0x17beb312f20b6f76L, 0xdd1c0af834cec32cL, 0x20b1ce9140267af9L},
|
||||||
|
{0x360c60997369df4eL, 0xbf6e88fb4c38fb8aL, 0xb4bcd40e22f55448L, 0x50e0903a157988baL},
|
||||||
|
{0x8140d032f0a9ee53L, 0x2d967f4be2f95155L, 0x14a1e27164d8fdbdL, 0x45af6345ec055e4dL},
|
||||||
|
{0x5130c2c1660125beL, 0x98d0caac87f5713cL, 0xb7c68b4d7fdd60d0L, 0x6898111413588742L},
|
||||||
|
{0x4935bd2f817f694bL, 0x0a0865a899e8deffL, 0x6b368121ac0cf4adL, 0x4f9b4098e2e9f12eL},
|
||||||
|
{0x4541b8ff2ee0434eL, 0xd697168a3a6000feL, 0x39feec240d80689fL, 0x095166525526a654L},
|
||||||
|
{0x3c28d666a5c2d854L, 0xea437f9626fc085eL, 0x8f4de02c0f776af3L, 0x325db5c3debf77a1L},
|
||||||
|
{0x4a838b5d59cd79e5L, 0x55ea6811be9c622dL, 0x09f1ca610a08f166L, 0x6d031f1b5c49c834L},
|
||||||
|
{0xe206da11a5d36306L, 0x0ad1347b378fbf96L, 0xfc3e8acfe0f8245fL, 0x564c0a11a0f704f4L},
|
||||||
|
{0x6fdd00bfc78c8967L, 0x146b58bc434906acL, 0x2ccddea2972e89edL, 0x485d512737b1da3dL},
|
||||||
|
{0x034d2ff22a5ad9e1L, 0xae4622f6a9152435L, 0xdc86b01c0d477fa6L, 0x56624634b500a166L},
|
||||||
|
{0xfbd047e11279bb6eL, 0xc8d5f51db3f32699L, 0x483405417a0cbe39L, 0x3291357ee558b50dL},
|
||||||
|
{0xd7118f85cd96b8adL, 0x67a665ae1fcadc91L, 0x88f39a78f1aeb578L, 0x2155379d12180caaL},
|
||||||
|
{0x08692405f3b70f10L, 0xcd7f2bd6d0711b7dL, 0x473a2eef772c33d6L, 0x224262332d8acbf4L},
|
||||||
|
{0x6f421a7d8ef674fbL, 0xbb97a3bf30ce40fdL, 0x652f717ae1c34bb0L, 0x2d3056a530794f01L},
|
||||||
|
{0x194e8c62ecb38d9dL, 0xad8e16e84419c750L, 0xdf625e80d0adef90L, 0x520e587a724a6955L},
|
||||||
|
{0xfece7e0e39898d4bL, 0x2f69e02d265e09d9L, 0xa57a6e07cb98de4aL, 0x03e1c54bcb947035L},
|
||||||
|
{0xcd3979122d3ea03aL, 0x46b3105f04db5844L, 0xc70d0874b0691d4eL, 0x47c8b5817018af4fL},
|
||||||
|
{0xc6e7a6ffb08e3363L, 0xe08fec7c86389beeL, 0xf2d38f10fbb8d1bbL, 0x0abe6a5e5abcaa32L},
|
||||||
|
{0x5616c57de0ec9eaeL, 0xc631ffb2585a72dbL, 0x5121af06a3b51e3cL, 0x73560252aa0655b2L},
|
||||||
|
{0x92cf4deb77bd779cL, 0x72cf6a8029b7d7bcL, 0x6e0bcd91ee762730L, 0x291cf6d68823e687L},
|
||||||
|
{0xce32ef844e11a51eL, 0xc0ba12bb3da64ca5L, 0x0454dc1edc61a1a3L, 0x019fe632fd328739L},
|
||||||
|
{0x531a11a0d2d75182L, 0x02c8118402867ddcL, 0x116168bffbedc11dL, 0x0a0a77a3b1980c0dL},
|
||||||
|
{0xe2d0a7869f0319edL, 0xb94f1101b1d7a628L, 0xece8ea224f31d25dL, 0x23397a9300f8f98bL},
|
||||||
|
{0xd7b688830a4f2089L, 0x6558e9e3f6ac7b41L, 0x99e276b571905a7dL, 0x52dd465e2f094256L},
|
||||||
|
{0x474650359d8e211bL, 0x84d37b826214abc6L, 0x8da40c1ef2bb4598L, 0x0c83ea7744bf1beeL},
|
||||||
|
{0x694341f608c9dd56L, 0xed3a181fabb30adcL, 0x1339a815da8b398fL, 0x2c6d4e4511657e1eL},
|
||||||
|
{0x63e7cb4906ffc93fL, 0xf070bb00e28a193dL, 0xad1715b02e5713b5L, 0x4b5371495990693fL}};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generate powers of a root of unity in the field for use in the FFTs.
|
* Generate powers of a root of unity in the field for use in the FFTs.
|
||||||
|
|
|
@ -1,93 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @file fft_common.h */
|
|
||||||
|
|
||||||
#ifndef FFT_COMMON
|
|
||||||
#define FFT_COMMON
|
|
||||||
|
|
||||||
#include "c_kzg.h"
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The first 32 roots of unity in the finite field F_r.
|
|
||||||
*
|
|
||||||
* For element `{A, B, C, D}`, the field element value is `A + B * 2^64 + C * 2^128 + D * 2^192`. This format may be
|
|
||||||
* converted to an `fr_t` type via the #fr_from_uint64s library function.
|
|
||||||
*
|
|
||||||
* The decimal values may be calculated with the following Python code:
|
|
||||||
* @code{.py}
|
|
||||||
* MODULUS = 52435875175126190479447740508185965837690552500527637822603658699938581184513
|
|
||||||
* PRIMITIVE_ROOT = 7
|
|
||||||
* [pow(PRIMITIVE_ROOT, (MODULUS - 1) // (2**i), MODULUS) for i in range(32)]
|
|
||||||
* @endcode
|
|
||||||
*
|
|
||||||
* Note: Being a "primitive root" in this context means that r^k != 1 for any k < q-1 where q is the modulus. So
|
|
||||||
* powers of r generate the field. This is also known as being a "primitive element".
|
|
||||||
*
|
|
||||||
* This is easy to check for: we just require that r^((q-1)/2) != 1. Instead of 5, we could use 7, 10, 13, 14, 15, 20...
|
|
||||||
* to create the roots of unity below. There are a lot of primitive roots:
|
|
||||||
* https://crypto.stanford.edu/pbc/notes/numbertheory/gen.html
|
|
||||||
*/
|
|
||||||
static const uint64_t scale2_root_of_unity[][4] = {
|
|
||||||
{0x0000000000000001L, 0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L},
|
|
||||||
{0xffffffff00000000L, 0x53bda402fffe5bfeL, 0x3339d80809a1d805L, 0x73eda753299d7d48L},
|
|
||||||
{0x0001000000000000L, 0xec03000276030000L, 0x8d51ccce760304d0L, 0x0000000000000000L},
|
|
||||||
{0x7228fd3397743f7aL, 0xb38b21c28713b700L, 0x8c0625cd70d77ce2L, 0x345766f603fa66e7L},
|
|
||||||
{0x53ea61d87742bcceL, 0x17beb312f20b6f76L, 0xdd1c0af834cec32cL, 0x20b1ce9140267af9L},
|
|
||||||
{0x360c60997369df4eL, 0xbf6e88fb4c38fb8aL, 0xb4bcd40e22f55448L, 0x50e0903a157988baL},
|
|
||||||
{0x8140d032f0a9ee53L, 0x2d967f4be2f95155L, 0x14a1e27164d8fdbdL, 0x45af6345ec055e4dL},
|
|
||||||
{0x5130c2c1660125beL, 0x98d0caac87f5713cL, 0xb7c68b4d7fdd60d0L, 0x6898111413588742L},
|
|
||||||
{0x4935bd2f817f694bL, 0x0a0865a899e8deffL, 0x6b368121ac0cf4adL, 0x4f9b4098e2e9f12eL},
|
|
||||||
{0x4541b8ff2ee0434eL, 0xd697168a3a6000feL, 0x39feec240d80689fL, 0x095166525526a654L},
|
|
||||||
{0x3c28d666a5c2d854L, 0xea437f9626fc085eL, 0x8f4de02c0f776af3L, 0x325db5c3debf77a1L},
|
|
||||||
{0x4a838b5d59cd79e5L, 0x55ea6811be9c622dL, 0x09f1ca610a08f166L, 0x6d031f1b5c49c834L},
|
|
||||||
{0xe206da11a5d36306L, 0x0ad1347b378fbf96L, 0xfc3e8acfe0f8245fL, 0x564c0a11a0f704f4L},
|
|
||||||
{0x6fdd00bfc78c8967L, 0x146b58bc434906acL, 0x2ccddea2972e89edL, 0x485d512737b1da3dL},
|
|
||||||
{0x034d2ff22a5ad9e1L, 0xae4622f6a9152435L, 0xdc86b01c0d477fa6L, 0x56624634b500a166L},
|
|
||||||
{0xfbd047e11279bb6eL, 0xc8d5f51db3f32699L, 0x483405417a0cbe39L, 0x3291357ee558b50dL},
|
|
||||||
{0xd7118f85cd96b8adL, 0x67a665ae1fcadc91L, 0x88f39a78f1aeb578L, 0x2155379d12180caaL},
|
|
||||||
{0x08692405f3b70f10L, 0xcd7f2bd6d0711b7dL, 0x473a2eef772c33d6L, 0x224262332d8acbf4L},
|
|
||||||
{0x6f421a7d8ef674fbL, 0xbb97a3bf30ce40fdL, 0x652f717ae1c34bb0L, 0x2d3056a530794f01L},
|
|
||||||
{0x194e8c62ecb38d9dL, 0xad8e16e84419c750L, 0xdf625e80d0adef90L, 0x520e587a724a6955L},
|
|
||||||
{0xfece7e0e39898d4bL, 0x2f69e02d265e09d9L, 0xa57a6e07cb98de4aL, 0x03e1c54bcb947035L},
|
|
||||||
{0xcd3979122d3ea03aL, 0x46b3105f04db5844L, 0xc70d0874b0691d4eL, 0x47c8b5817018af4fL},
|
|
||||||
{0xc6e7a6ffb08e3363L, 0xe08fec7c86389beeL, 0xf2d38f10fbb8d1bbL, 0x0abe6a5e5abcaa32L},
|
|
||||||
{0x5616c57de0ec9eaeL, 0xc631ffb2585a72dbL, 0x5121af06a3b51e3cL, 0x73560252aa0655b2L},
|
|
||||||
{0x92cf4deb77bd779cL, 0x72cf6a8029b7d7bcL, 0x6e0bcd91ee762730L, 0x291cf6d68823e687L},
|
|
||||||
{0xce32ef844e11a51eL, 0xc0ba12bb3da64ca5L, 0x0454dc1edc61a1a3L, 0x019fe632fd328739L},
|
|
||||||
{0x531a11a0d2d75182L, 0x02c8118402867ddcL, 0x116168bffbedc11dL, 0x0a0a77a3b1980c0dL},
|
|
||||||
{0xe2d0a7869f0319edL, 0xb94f1101b1d7a628L, 0xece8ea224f31d25dL, 0x23397a9300f8f98bL},
|
|
||||||
{0xd7b688830a4f2089L, 0x6558e9e3f6ac7b41L, 0x99e276b571905a7dL, 0x52dd465e2f094256L},
|
|
||||||
{0x474650359d8e211bL, 0x84d37b826214abc6L, 0x8da40c1ef2bb4598L, 0x0c83ea7744bf1beeL},
|
|
||||||
{0x694341f608c9dd56L, 0xed3a181fabb30adcL, 0x1339a815da8b398fL, 0x2c6d4e4511657e1eL},
|
|
||||||
{0x63e7cb4906ffc93fL, 0xf070bb00e28a193dL, 0xad1715b02e5713b5L, 0x4b5371495990693fL}};
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Stores the setup and parameters needed for performing FFTs.
|
|
||||||
*
|
|
||||||
* Initialise with #new_fft_settings. Free after use with #free_fft_settings.
|
|
||||||
*/
|
|
||||||
typedef struct {
|
|
||||||
uint64_t max_width; /**< The maximum size of FFT these settings support, a power of 2. */
|
|
||||||
fr_t root_of_unity; /**< The root of unity used to generate the lists in the structure. */
|
|
||||||
fr_t *expanded_roots_of_unity; /**< Ascending powers of the root of unity, size `width + 1`. */
|
|
||||||
fr_t *reverse_roots_of_unity; /**< Descending powers of the root of unity, size `width + 1`. */
|
|
||||||
} FFTSettings;
|
|
||||||
|
|
||||||
C_KZG_RET new_fft_settings(FFTSettings *s, unsigned int max_scale);
|
|
||||||
void free_fft_settings(FFTSettings *s);
|
|
||||||
|
|
||||||
#endif // FFT_COMMON
|
|
|
@ -25,7 +25,8 @@
|
||||||
* @remark Functions here work only for lengths that are a power of two.
|
* @remark Functions here work only for lengths that are a power of two.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "fft_fr.h"
|
#include "control.h"
|
||||||
|
#include "c_kzg.h"
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
21
src/fft_fr.h
21
src/fft_fr.h
|
@ -1,21 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @file fft_fr.h */
|
|
||||||
|
|
||||||
#include "fft_common.h"
|
|
||||||
|
|
||||||
C_KZG_RET fft_fr(fr_t *out, const fr_t *in, bool inverse, uint64_t n, const FFTSettings *fs);
|
|
|
@ -20,7 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "fft_fr.h"
|
#include "c_kzg.h"
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale, int max_seconds) {
|
long run_bench(int scale, int max_seconds) {
|
||||||
|
|
|
@ -25,7 +25,8 @@
|
||||||
* @remark Functions here work only for lengths that are a power of two.
|
* @remark Functions here work only for lengths that are a power of two.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "fft_g1.h"
|
#include "control.h"
|
||||||
|
#include "c_kzg.h"
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -90,7 +91,6 @@ C_KZG_RET fft_g1(g1_t *out, const g1_t *in, bool inverse, uint64_t n, const FFTS
|
||||||
|
|
||||||
#include "../inc/acutest.h"
|
#include "../inc/acutest.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "fft_g1.h"
|
|
||||||
|
|
||||||
static void make_data(g1_t *out, uint64_t n) {
|
static void make_data(g1_t *out, uint64_t n) {
|
||||||
// Multiples of g1_gen
|
// Multiples of g1_gen
|
||||||
|
|
21
src/fft_g1.h
21
src/fft_g1.h
|
@ -1,21 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @file fft_g1.h */
|
|
||||||
|
|
||||||
#include "fft_common.h"
|
|
||||||
|
|
||||||
C_KZG_RET fft_g1(g1_t *out, const g1_t *in, bool inverse, uint64_t n, const FFTSettings *fs);
|
|
|
@ -20,7 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "fft_g1.h"
|
#include "c_kzg.h"
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale, int max_seconds) {
|
long run_bench(int scale, int max_seconds) {
|
||||||
|
|
|
@ -23,9 +23,8 @@
|
||||||
* @todo Split this out into smaller files.
|
* @todo Split this out into smaller files.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "fk20_proofs.h"
|
#include "control.h"
|
||||||
#include "fft_g1.h"
|
#include "c_kzg_alloc.h"
|
||||||
#include "c_kzg_util.h"
|
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1,47 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @file fk20_proofs.h */
|
|
||||||
|
|
||||||
#include "kzg_proofs.h"
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Stores the setup and parameters needed for computing FK20 single proofs.
|
|
||||||
*
|
|
||||||
* Initialise with #new_fk20_single_settings. Free after use with #free_fk20_single_settings.
|
|
||||||
*/
|
|
||||||
typedef struct {
|
|
||||||
const KZGSettings *ks; /**< The corresponding settings for performing KZG proofs */
|
|
||||||
g1_t *x_ext_fft; /**< The output of the first part of the Toeplitz process */
|
|
||||||
uint64_t x_ext_fft_len; /**< The length of the `x_ext_fft_len` array (TODO - do we need this?)*/
|
|
||||||
} FK20SingleSettings;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Stores the setup and parameters needed for computing FK20 multi proofs.
|
|
||||||
*/
|
|
||||||
typedef struct {
|
|
||||||
const KZGSettings *ks; /**< The corresponding settings for performing KZG proofs */
|
|
||||||
uint64_t chunk_len; /**< TODO */
|
|
||||||
g1_t **x_ext_fft_files; /**< TODO */
|
|
||||||
uint64_t length; /**< TODO */
|
|
||||||
} FK20MultiSettings;
|
|
||||||
|
|
||||||
C_KZG_RET da_using_fk20_single(g1_t *out, const poly *p, const FK20SingleSettings *fk);
|
|
||||||
C_KZG_RET da_using_fk20_multi(g1_t *out, const poly *p, const FK20MultiSettings *fk);
|
|
||||||
C_KZG_RET new_fk20_single_settings(FK20SingleSettings *fk, uint64_t n2, const KZGSettings *ks);
|
|
||||||
C_KZG_RET new_fk20_multi_settings(FK20MultiSettings *fk, uint64_t n2, uint64_t chunk_len, const KZGSettings *ks);
|
|
||||||
void free_fk20_single_settings(FK20SingleSettings *fk);
|
|
||||||
void free_fk20_multi_settings(FK20MultiSettings *fk);
|
|
|
@ -24,10 +24,9 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stddef.h> // NULL
|
#include <stddef.h> // NULL
|
||||||
#include "kzg_proofs.h"
|
#include "control.h"
|
||||||
#include "c_kzg_util.h"
|
#include "c_kzg_alloc.h"
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
#include <assert.h>
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Make a KZG commitment to a polynomial.
|
* Make a KZG commitment to a polynomial.
|
||||||
|
|
|
@ -1,48 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @file kzg_proofs.h */
|
|
||||||
|
|
||||||
#ifndef KZG_PROOFS_H
|
|
||||||
#define KZG_PROOFS_H
|
|
||||||
|
|
||||||
#include "fft_fr.h"
|
|
||||||
#include "poly.h"
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Stores the setup and parameters needed for computing KZG proofs.
|
|
||||||
*
|
|
||||||
* Initialise with #new_kzg_settings. Free after use with #free_kzg_settings.
|
|
||||||
*/
|
|
||||||
typedef struct {
|
|
||||||
const FFTSettings *fs; /**< The corresponding settings for performing FFTs */
|
|
||||||
g1_t *secret_g1; /**< G1 group elements from the trusted setup */
|
|
||||||
g2_t *secret_g2; /**< G2 group elements from the trusted setup */
|
|
||||||
uint64_t length; /**< The number of elements in secret_g1 and secret_g2 */
|
|
||||||
} KZGSettings;
|
|
||||||
|
|
||||||
C_KZG_RET commit_to_poly(g1_t *out, const poly *p, const KZGSettings *ks);
|
|
||||||
C_KZG_RET compute_proof_single(g1_t *out, const poly *p, const fr_t *x0, const KZGSettings *ks);
|
|
||||||
C_KZG_RET check_proof_single(bool *out, const g1_t *commitment, const g1_t *proof, const fr_t *x, fr_t *y,
|
|
||||||
const KZGSettings *ks);
|
|
||||||
C_KZG_RET compute_proof_multi(g1_t *out, const poly *p, const fr_t *x0, uint64_t n, const KZGSettings *ks);
|
|
||||||
C_KZG_RET check_proof_multi(bool *out, const g1_t *commitment, const g1_t *proof, const fr_t *x, const fr_t *ys,
|
|
||||||
uint64_t n, const KZGSettings *ks);
|
|
||||||
C_KZG_RET new_kzg_settings(KZGSettings *ks, const g1_t *secret_g1, const g2_t *secret_g2, uint64_t length,
|
|
||||||
const FFTSettings *fs);
|
|
||||||
void free_kzg_settings(KZGSettings *ks);
|
|
||||||
|
|
||||||
#endif // KZG_PROOFS_H
|
|
|
@ -20,7 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "kzg_proofs.h"
|
#include "c_kzg.h"
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale, int max_seconds) {
|
long run_bench(int scale, int max_seconds) {
|
||||||
|
|
|
@ -20,9 +20,9 @@
|
||||||
* Operations on polynomials defined over the finite field.
|
* Operations on polynomials defined over the finite field.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "c_kzg_util.h"
|
#include "control.h"
|
||||||
|
#include "c_kzg_alloc.h"
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
#include "poly.h"
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Internal utility for calculating the length to be allocated for the result of dividing two polynomials.
|
* Internal utility for calculating the length to be allocated for the result of dividing two polynomials.
|
||||||
|
|
44
src/poly.h
44
src/poly.h
|
@ -1,44 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @file poly.h */
|
|
||||||
|
|
||||||
#ifndef POLY_H
|
|
||||||
#define POLY_H
|
|
||||||
|
|
||||||
#include "c_kzg.h"
|
|
||||||
#include "fft_fr.h"
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Defines a polynomial whose coefficients are members of the finite field F_r.
|
|
||||||
*
|
|
||||||
* Initialise the storage with #new_poly. After use, free the storage with #free_poly.
|
|
||||||
*/
|
|
||||||
typedef struct {
|
|
||||||
fr_t *coeffs; /**< `coeffs[i]` is the coefficient of the `x^i` term of the polynomial. */
|
|
||||||
uint64_t length; /**< One more than the polynomial's degree */
|
|
||||||
} poly;
|
|
||||||
|
|
||||||
void eval_poly(fr_t *out, const poly *p, const fr_t *x);
|
|
||||||
C_KZG_RET poly_inverse(poly *out, poly *b);
|
|
||||||
C_KZG_RET poly_mul(poly *out, const poly *a, const poly *b);
|
|
||||||
C_KZG_RET poly_mul_(poly *out, const poly *a, const poly *b, FFTSettings *fs);
|
|
||||||
C_KZG_RET new_poly_div(poly *out, const poly *dividend, const poly *divisor);
|
|
||||||
C_KZG_RET new_poly(poly *out, uint64_t length);
|
|
||||||
C_KZG_RET new_poly_with_coeffs(poly *out, const fr_t *coeffs, uint64_t length);
|
|
||||||
void free_poly(poly *p);
|
|
||||||
|
|
||||||
#endif // POLY_H
|
|
|
@ -20,7 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "poly.h"
|
#include "c_kzg.h"
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale, int max_seconds) {
|
long run_bench(int scale, int max_seconds) {
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "poly.h"
|
#include "c_kzg.h"
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale_0, int scale_1, int max_seconds) {
|
long run_bench(int scale_0, int scale_1, int max_seconds) {
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "poly.h"
|
#include "c_kzg.h"
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale_0, int scale_1, int max_seconds) {
|
long run_bench(int scale_0, int scale_1, int max_seconds) {
|
||||||
|
|
|
@ -20,11 +20,9 @@
|
||||||
* Recover polynomials from samples.
|
* Recover polynomials from samples.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "recover.h"
|
#include "control.h"
|
||||||
#include "c_kzg_util.h"
|
#include "c_kzg_alloc.h"
|
||||||
#include "fft_fr.h"
|
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
#include "zero_poly.h"
|
|
||||||
|
|
||||||
/** 5 is a primitive element, but actually this can be pretty much anything not 0 or a low-degree root of unity */
|
/** 5 is a primitive element, but actually this can be pretty much anything not 0 or a low-degree root of unity */
|
||||||
#define SCALE_FACTOR 5
|
#define SCALE_FACTOR 5
|
||||||
|
|
|
@ -1,22 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/** @file recover.h */
|
|
||||||
|
|
||||||
#include "c_kzg.h"
|
|
||||||
#include "fft_common.h"
|
|
||||||
|
|
||||||
C_KZG_RET recover_poly_from_samples(fr_t *reconstructed_data, fr_t *samples, uint64_t len_samples, FFTSettings *fs);
|
|
|
@ -20,8 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "fft_fr.h"
|
#include "c_kzg.h"
|
||||||
#include "recover.h"
|
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale, int max_seconds) {
|
long run_bench(int scale, int max_seconds) {
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "c_kzg.h"
|
#include "bls12_381.h"
|
||||||
|
|
||||||
// The generator for our "trusted" setup
|
// The generator for our "trusted" setup
|
||||||
static const scalar_t secret = {0xa4, 0x73, 0x31, 0x95, 0x28, 0xc8, 0xb6, 0xea, 0x4d, 0x08, 0xcc,
|
static const scalar_t secret = {0xa4, 0x73, 0x31, 0x95, 0x28, 0xc8, 0xb6, 0xea, 0x4d, 0x08, 0xcc,
|
||||||
|
|
|
@ -21,6 +21,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <string.h> // memcpy()
|
#include <string.h> // memcpy()
|
||||||
|
#include "control.h"
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -157,7 +158,7 @@ C_KZG_RET reverse_bit_order(void *values, size_t size, uint64_t n) {
|
||||||
|
|
||||||
#include "../inc/acutest.h"
|
#include "../inc/acutest.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "c_kzg_util.h"
|
#include "c_kzg_alloc.h"
|
||||||
|
|
||||||
static uint32_t rev_bits_slow(uint32_t a) {
|
static uint32_t rev_bits_slow(uint32_t a) {
|
||||||
uint32_t ret = 0;
|
uint32_t ret = 0;
|
||||||
|
|
|
@ -20,9 +20,8 @@
|
||||||
* Methods for constructing polynomials that evaluate to zero for given lists of powers of roots of unity.
|
* Methods for constructing polynomials that evaluate to zero for given lists of powers of roots of unity.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "zero_poly.h"
|
#include "control.h"
|
||||||
#include "c_kzg_util.h"
|
#include "c_kzg_alloc.h"
|
||||||
#include "fft_fr.h"
|
|
||||||
#include "utility.h"
|
#include "utility.h"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1,29 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2021 Benjamin Edgington
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @file zero_poly.h
|
|
||||||
*
|
|
||||||
* Methods for constructing polynomials that evaluate to zero for given lists of powers of roots of unity.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include "c_kzg.h"
|
|
||||||
#include "fft_common.h"
|
|
||||||
#include "poly.h"
|
|
||||||
|
|
||||||
C_KZG_RET zero_polynomial_via_multiplication(fr_t *zero_eval, poly *zero_poly, uint64_t width,
|
|
||||||
const uint64_t *missing_indices, uint64_t len_missing,
|
|
||||||
const FFTSettings *fs);
|
|
|
@ -20,8 +20,7 @@
|
||||||
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
#include <unistd.h> // EXIT_SUCCESS/FAILURE
|
||||||
#include "bench_util.h"
|
#include "bench_util.h"
|
||||||
#include "test_util.h"
|
#include "test_util.h"
|
||||||
#include "fft_fr.h"
|
#include "c_kzg.h"
|
||||||
#include "zero_poly.h"
|
|
||||||
|
|
||||||
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
// Run the benchmark for `max_seconds` and return the time per iteration in nanoseconds.
|
||||||
long run_bench(int scale, int max_seconds) {
|
long run_bench(int scale, int max_seconds) {
|
||||||
|
|
Loading…
Reference in New Issue