Merge pull request #3097 from asn-d6/verify_kzg_proof_bytes_api
EIP4844: Refactor `verify_kzg_proof()` to receive bytes (used in precompile)
This commit is contained in:
commit
a45627164d
|
@ -32,6 +32,7 @@
|
||||||
- [KZG](#kzg)
|
- [KZG](#kzg)
|
||||||
- [`blob_to_kzg_commitment`](#blob_to_kzg_commitment)
|
- [`blob_to_kzg_commitment`](#blob_to_kzg_commitment)
|
||||||
- [`verify_kzg_proof`](#verify_kzg_proof)
|
- [`verify_kzg_proof`](#verify_kzg_proof)
|
||||||
|
- [`verify_kzg_proof_impl`](#verify_kzg_proof_impl)
|
||||||
- [`compute_kzg_proof`](#compute_kzg_proof)
|
- [`compute_kzg_proof`](#compute_kzg_proof)
|
||||||
- [`compute_aggregated_poly_and_commitment`](#compute_aggregated_poly_and_commitment)
|
- [`compute_aggregated_poly_and_commitment`](#compute_aggregated_poly_and_commitment)
|
||||||
- [`compute_aggregate_kzg_proof`](#compute_aggregate_kzg_proof)
|
- [`compute_aggregate_kzg_proof`](#compute_aggregate_kzg_proof)
|
||||||
|
@ -45,6 +46,8 @@
|
||||||
|
|
||||||
This document specifies basic polynomial operations and KZG polynomial commitment operations as they are needed for the EIP-4844 specification. The implementations are not optimized for performance, but readability. All practical implementations should optimize the polynomial operations.
|
This document specifies basic polynomial operations and KZG polynomial commitment operations as they are needed for the EIP-4844 specification. The implementations are not optimized for performance, but readability. All practical implementations should optimize the polynomial operations.
|
||||||
|
|
||||||
|
Functions flagged as "Public method" MUST be provided by the underlying KZG library as public functions. All other functions are private functions used internally by the KZG library.
|
||||||
|
|
||||||
## Custom types
|
## Custom types
|
||||||
|
|
||||||
| Name | SSZ equivalent | Description |
|
| Name | SSZ equivalent | Description |
|
||||||
|
@ -289,6 +292,9 @@ KZG core functions. These are also defined in EIP-4844 execution specs.
|
||||||
|
|
||||||
```python
|
```python
|
||||||
def blob_to_kzg_commitment(blob: Blob) -> KZGCommitment:
|
def blob_to_kzg_commitment(blob: Blob) -> KZGCommitment:
|
||||||
|
"""
|
||||||
|
Public method.
|
||||||
|
"""
|
||||||
return g1_lincomb(bit_reversal_permutation(KZG_SETUP_LAGRANGE), blob_to_polynomial(blob))
|
return g1_lincomb(bit_reversal_permutation(KZG_SETUP_LAGRANGE), blob_to_polynomial(blob))
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -296,11 +302,27 @@ def blob_to_kzg_commitment(blob: Blob) -> KZGCommitment:
|
||||||
|
|
||||||
```python
|
```python
|
||||||
def verify_kzg_proof(polynomial_kzg: KZGCommitment,
|
def verify_kzg_proof(polynomial_kzg: KZGCommitment,
|
||||||
z: BLSFieldElement,
|
z: Bytes32,
|
||||||
y: BLSFieldElement,
|
y: Bytes32,
|
||||||
kzg_proof: KZGProof) -> bool:
|
kzg_proof: KZGProof) -> bool:
|
||||||
"""
|
"""
|
||||||
Verify KZG proof that ``p(z) == y`` where ``p(z)`` is the polynomial represented by ``polynomial_kzg``.
|
Verify KZG proof that ``p(z) == y`` where ``p(z)`` is the polynomial represented by ``polynomial_kzg``.
|
||||||
|
Receives inputs as bytes.
|
||||||
|
Public method.
|
||||||
|
"""
|
||||||
|
return verify_kzg_proof_impl(polynomial_kzg, bytes_to_bls_field(z), bytes_to_bls_field(y), kzg_proof)
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
#### `verify_kzg_proof_impl`
|
||||||
|
|
||||||
|
```python
|
||||||
|
def verify_kzg_proof_impl(polynomial_kzg: KZGCommitment,
|
||||||
|
z: BLSFieldElement,
|
||||||
|
y: BLSFieldElement,
|
||||||
|
kzg_proof: KZGProof) -> bool:
|
||||||
|
"""
|
||||||
|
Verify KZG proof that ``p(z) == y`` where ``p(z)`` is the polynomial represented by ``polynomial_kzg``.
|
||||||
"""
|
"""
|
||||||
# Verify: P - y = Q * (X - z)
|
# Verify: P - y = Q * (X - z)
|
||||||
X_minus_z = bls.add(bls.bytes96_to_G2(KZG_SETUP_G2[1]), bls.multiply(bls.G2, BLS_MODULUS - z))
|
X_minus_z = bls.add(bls.bytes96_to_G2(KZG_SETUP_G2[1]), bls.multiply(bls.G2, BLS_MODULUS - z))
|
||||||
|
@ -367,6 +389,9 @@ def compute_aggregated_poly_and_commitment(
|
||||||
|
|
||||||
```python
|
```python
|
||||||
def compute_aggregate_kzg_proof(blobs: Sequence[Blob]) -> KZGProof:
|
def compute_aggregate_kzg_proof(blobs: Sequence[Blob]) -> KZGProof:
|
||||||
|
"""
|
||||||
|
Public method.
|
||||||
|
"""
|
||||||
commitments = [blob_to_kzg_commitment(blob) for blob in blobs]
|
commitments = [blob_to_kzg_commitment(blob) for blob in blobs]
|
||||||
aggregated_poly, aggregated_poly_commitment, evaluation_challenge = compute_aggregated_poly_and_commitment(
|
aggregated_poly, aggregated_poly_commitment, evaluation_challenge = compute_aggregated_poly_and_commitment(
|
||||||
blobs,
|
blobs,
|
||||||
|
@ -381,6 +406,9 @@ def compute_aggregate_kzg_proof(blobs: Sequence[Blob]) -> KZGProof:
|
||||||
def verify_aggregate_kzg_proof(blobs: Sequence[Blob],
|
def verify_aggregate_kzg_proof(blobs: Sequence[Blob],
|
||||||
expected_kzg_commitments: Sequence[KZGCommitment],
|
expected_kzg_commitments: Sequence[KZGCommitment],
|
||||||
kzg_aggregated_proof: KZGCommitment) -> bool:
|
kzg_aggregated_proof: KZGCommitment) -> bool:
|
||||||
|
"""
|
||||||
|
Public method.
|
||||||
|
"""
|
||||||
aggregated_poly, aggregated_poly_commitment, evaluation_challenge = compute_aggregated_poly_and_commitment(
|
aggregated_poly, aggregated_poly_commitment, evaluation_challenge = compute_aggregated_poly_and_commitment(
|
||||||
blobs,
|
blobs,
|
||||||
expected_kzg_commitments,
|
expected_kzg_commitments,
|
||||||
|
@ -390,5 +418,5 @@ def verify_aggregate_kzg_proof(blobs: Sequence[Blob],
|
||||||
y = evaluate_polynomial_in_evaluation_form(aggregated_poly, evaluation_challenge)
|
y = evaluate_polynomial_in_evaluation_form(aggregated_poly, evaluation_challenge)
|
||||||
|
|
||||||
# Verify aggregated proof
|
# Verify aggregated proof
|
||||||
return verify_kzg_proof(aggregated_poly_commitment, evaluation_challenge, y, kzg_aggregated_proof)
|
return verify_kzg_proof_impl(aggregated_poly_commitment, evaluation_challenge, y, kzg_aggregated_proof)
|
||||||
```
|
```
|
||||||
|
|
|
@ -17,4 +17,4 @@ def test_verify_kzg_proof(spec, state):
|
||||||
proof = spec.compute_kzg_proof(polynomial, x)
|
proof = spec.compute_kzg_proof(polynomial, x)
|
||||||
|
|
||||||
y = spec.evaluate_polynomial_in_evaluation_form(polynomial, x)
|
y = spec.evaluate_polynomial_in_evaluation_form(polynomial, x)
|
||||||
assert spec.verify_kzg_proof(commitment, x, y, proof)
|
assert spec.verify_kzg_proof_impl(commitment, x, y, proof)
|
||||||
|
|
Loading…
Reference in New Issue