Merge pull request #3513 from asn-d6/testgen_kzg_4844_positive_g1_at_inf
generators/kzg_4844: Add positive G1_POINT_AT_INFINITY test vectors
This commit is contained in:
commit
b04430332e
|
@ -67,6 +67,7 @@ INVALID_G1_POINTS = [G1_INVALID_TOO_FEW_BYTES, G1_INVALID_TOO_MANY_BYTES,
|
||||||
G1_INVALID_P1_NOT_IN_G1, G1_INVALID_P1_NOT_ON_CURVE]
|
G1_INVALID_P1_NOT_IN_G1, G1_INVALID_P1_NOT_ON_CURVE]
|
||||||
|
|
||||||
BLOB_ALL_ZEROS = spec.Blob()
|
BLOB_ALL_ZEROS = spec.Blob()
|
||||||
|
BLOB_ALL_TWOS = spec.Blob(b''.join([field_element_bytes(2) for n in range(4096)]))
|
||||||
BLOB_RANDOM_VALID1 = spec.Blob(b''.join([field_element_bytes(pow(2, n + 256, spec.BLS_MODULUS)) for n in range(4096)]))
|
BLOB_RANDOM_VALID1 = spec.Blob(b''.join([field_element_bytes(pow(2, n + 256, spec.BLS_MODULUS)) for n in range(4096)]))
|
||||||
BLOB_RANDOM_VALID2 = spec.Blob(b''.join([field_element_bytes(pow(3, n + 256, spec.BLS_MODULUS)) for n in range(4096)]))
|
BLOB_RANDOM_VALID2 = spec.Blob(b''.join([field_element_bytes(pow(3, n + 256, spec.BLS_MODULUS)) for n in range(4096)]))
|
||||||
BLOB_RANDOM_VALID3 = spec.Blob(b''.join([field_element_bytes(pow(5, n + 256, spec.BLS_MODULUS)) for n in range(4096)]))
|
BLOB_RANDOM_VALID3 = spec.Blob(b''.join([field_element_bytes(pow(5, n + 256, spec.BLS_MODULUS)) for n in range(4096)]))
|
||||||
|
@ -79,7 +80,7 @@ BLOB_INVALID_CLOSE = spec.Blob(b''.join(
|
||||||
BLOB_INVALID_LENGTH_PLUS_ONE = BLOB_RANDOM_VALID1 + b"\x00"
|
BLOB_INVALID_LENGTH_PLUS_ONE = BLOB_RANDOM_VALID1 + b"\x00"
|
||||||
BLOB_INVALID_LENGTH_MINUS_ONE = BLOB_RANDOM_VALID1[:-1]
|
BLOB_INVALID_LENGTH_MINUS_ONE = BLOB_RANDOM_VALID1[:-1]
|
||||||
|
|
||||||
VALID_BLOBS = [BLOB_ALL_ZEROS, BLOB_RANDOM_VALID1, BLOB_RANDOM_VALID2,
|
VALID_BLOBS = [BLOB_ALL_ZEROS, BLOB_ALL_TWOS, BLOB_RANDOM_VALID1, BLOB_RANDOM_VALID2,
|
||||||
BLOB_RANDOM_VALID3, BLOB_ALL_MODULUS_MINUS_ONE, BLOB_ALMOST_ZERO]
|
BLOB_RANDOM_VALID3, BLOB_ALL_MODULUS_MINUS_ONE, BLOB_ALMOST_ZERO]
|
||||||
INVALID_BLOBS = [BLOB_INVALID, BLOB_INVALID_CLOSE, BLOB_INVALID_LENGTH_PLUS_ONE, BLOB_INVALID_LENGTH_MINUS_ONE]
|
INVALID_BLOBS = [BLOB_INVALID, BLOB_INVALID_CLOSE, BLOB_INVALID_LENGTH_PLUS_ONE, BLOB_INVALID_LENGTH_MINUS_ONE]
|
||||||
|
|
||||||
|
@ -216,19 +217,61 @@ def case03_verify_kzg_proof():
|
||||||
|
|
||||||
# Incorrect `G1_POINT_AT_INFINITY` proof
|
# Incorrect `G1_POINT_AT_INFINITY` proof
|
||||||
blob = BLOB_RANDOM_VALID1
|
blob = BLOB_RANDOM_VALID1
|
||||||
_, y = spec.compute_kzg_proof(blob, z)
|
for z in VALID_FIELD_ELEMENTS:
|
||||||
commitment = spec.blob_to_kzg_commitment(blob)
|
_, y = spec.compute_kzg_proof(blob, z)
|
||||||
proof = spec.G1_POINT_AT_INFINITY
|
commitment = spec.blob_to_kzg_commitment(blob)
|
||||||
assert not spec.verify_kzg_proof(commitment, z, y, proof)
|
proof = spec.G1_POINT_AT_INFINITY
|
||||||
yield 'verify_kzg_proof_case_incorrect_proof_point_at_infinity', {
|
assert not spec.verify_kzg_proof(commitment, z, y, proof)
|
||||||
'input': {
|
prefix = 'verify_kzg_proof_case_incorrect_proof_point_at_infinity'
|
||||||
'commitment': encode_hex(commitment),
|
identifier = f'{encode_hex(hash(blob))}_{encode_hex(z)}'
|
||||||
'z': encode_hex(z),
|
yield f'{prefix}_{(hash(bytes(identifier, "utf-8"))[:8]).hex()}', {
|
||||||
'y': encode_hex(y),
|
'input': {
|
||||||
'proof': encode_hex(proof),
|
'commitment': encode_hex(commitment),
|
||||||
},
|
'z': encode_hex(z),
|
||||||
'output': False
|
'y': encode_hex(y),
|
||||||
}
|
'proof': encode_hex(proof),
|
||||||
|
},
|
||||||
|
'output': False
|
||||||
|
}
|
||||||
|
|
||||||
|
# Correct `G1_POINT_AT_INFINITY` proof for zero poly
|
||||||
|
blob = BLOB_ALL_ZEROS
|
||||||
|
for z in VALID_FIELD_ELEMENTS:
|
||||||
|
_, y = spec.compute_kzg_proof(blob, z)
|
||||||
|
commitment = spec.blob_to_kzg_commitment(blob)
|
||||||
|
proof = spec.G1_POINT_AT_INFINITY
|
||||||
|
assert spec.verify_kzg_proof(commitment, z, y, proof)
|
||||||
|
prefix = 'verify_kzg_proof_case_correct_proof_point_at_infinity_for_zero_poly'
|
||||||
|
identifier = f'{encode_hex(hash(blob))}_{encode_hex(z)}'
|
||||||
|
yield f'{prefix}_{(hash(bytes(identifier, "utf-8"))[:8]).hex()}', {
|
||||||
|
'input': {
|
||||||
|
'commitment': encode_hex(commitment),
|
||||||
|
'z': encode_hex(z),
|
||||||
|
'y': encode_hex(y),
|
||||||
|
'proof': encode_hex(proof),
|
||||||
|
},
|
||||||
|
'output': True
|
||||||
|
}
|
||||||
|
|
||||||
|
# Correct `G1_POINT_AT_INFINITY` proof for poly of all twos
|
||||||
|
blob = BLOB_ALL_TWOS
|
||||||
|
for z in VALID_FIELD_ELEMENTS:
|
||||||
|
_, y = spec.compute_kzg_proof(blob, z)
|
||||||
|
commitment = spec.blob_to_kzg_commitment(blob)
|
||||||
|
proof = spec.G1_POINT_AT_INFINITY
|
||||||
|
assert spec.verify_kzg_proof(commitment, z, y, proof)
|
||||||
|
assert y == field_element_bytes(2)
|
||||||
|
prefix = 'verify_kzg_proof_case_correct_proof_point_at_infinity_for_twos_poly'
|
||||||
|
identifier = f'{encode_hex(hash(blob))}_{encode_hex(z)}'
|
||||||
|
yield f'{prefix}_{(hash(bytes(identifier, "utf-8"))[:8]).hex()}', {
|
||||||
|
'input': {
|
||||||
|
'commitment': encode_hex(commitment),
|
||||||
|
'z': encode_hex(z),
|
||||||
|
'y': encode_hex(y),
|
||||||
|
'proof': encode_hex(proof),
|
||||||
|
},
|
||||||
|
'output': True
|
||||||
|
}
|
||||||
|
|
||||||
# Edge case: Invalid commitment
|
# Edge case: Invalid commitment
|
||||||
for commitment in INVALID_G1_POINTS:
|
for commitment in INVALID_G1_POINTS:
|
||||||
|
@ -384,6 +427,36 @@ def case05_verify_blob_kzg_proof():
|
||||||
'output': False
|
'output': False
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Correct `G1_POINT_AT_INFINITY` proof and commitment for zero poly
|
||||||
|
blob = BLOB_ALL_ZEROS
|
||||||
|
commitment = spec.blob_to_kzg_commitment(blob)
|
||||||
|
proof = spec.G1_POINT_AT_INFINITY
|
||||||
|
assert commitment == spec.G1_POINT_AT_INFINITY
|
||||||
|
assert spec.verify_blob_kzg_proof(blob, commitment, proof)
|
||||||
|
yield 'verify_blob_kzg_proof_case_correct_proof_point_at_infinity_for_zero_poly', {
|
||||||
|
'input': {
|
||||||
|
'blob': encode_hex(blob),
|
||||||
|
'commitment': encode_hex(commitment),
|
||||||
|
'proof': encode_hex(proof),
|
||||||
|
},
|
||||||
|
'output': True
|
||||||
|
}
|
||||||
|
|
||||||
|
# Correct `G1_POINT_AT_INFINITY` proof for all twos poly
|
||||||
|
blob = BLOB_ALL_TWOS
|
||||||
|
commitment = spec.blob_to_kzg_commitment(blob)
|
||||||
|
proof = spec.G1_POINT_AT_INFINITY
|
||||||
|
assert commitment != spec.G1_POINT_AT_INFINITY
|
||||||
|
assert spec.verify_blob_kzg_proof(blob, commitment, proof)
|
||||||
|
yield 'verify_blob_kzg_proof_case_correct_proof_point_at_infinity_for_twos_poly', {
|
||||||
|
'input': {
|
||||||
|
'blob': encode_hex(blob),
|
||||||
|
'commitment': encode_hex(commitment),
|
||||||
|
'proof': encode_hex(proof),
|
||||||
|
},
|
||||||
|
'output': True
|
||||||
|
}
|
||||||
|
|
||||||
# Edge case: Invalid blob
|
# Edge case: Invalid blob
|
||||||
for blob in INVALID_BLOBS:
|
for blob in INVALID_BLOBS:
|
||||||
proof = G1
|
proof = G1
|
||||||
|
|
Loading…
Reference in New Issue