[move][natives] added batch bulletproof natives #15832
Conversation
⏱️ 9m total CI duration on this PR
|
aptos-move/aptos-release-builder/src/components/feature_flags.rs
Outdated
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Outdated
Show resolved
Hide resolved
dovgopoly
force-pushed
the
distributedlab/batch-rp-natives
branch
from
cc4a57b to
b07b143
Compare
dovgopoly
changed the title
dovgopoly
requested review from
alinush,
rex1fernando,
davidiw,
movekevin and
wrwg
as code owners
dovgopoly
force-pushed
the
distributedlab/batch-rp-natives
branch
from
b07b143 to
49abefc
Compare
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Outdated
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Outdated
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Show resolved
Hide resolved
aptos-move/framework/aptos-stdlib/sources/cryptography/ristretto255_bulletproofs.move
Outdated
Show resolved
Hide resolved
| ) -> SafeNativeResult<SmallVec<[Value; 1]>> { | ||
| charge_gas(context, comm_points.len(), bit_length)?; | ||
|
|
||
| let range_proof = match bulletproofs::RangeProof::from_bytes(proof_bytes) { |
There was a problem hiding this comment.
Abort here with the same error code as before.
There was a problem hiding this comment.
Also, in the native for individual proof verification, we charge for the deserialization.
We should do it here too.
There was a problem hiding this comment.
Added error code. Need to discuss charging.
| @@ -91,6 +104,54 @@ fn native_verify_range_proof( | |||
| verify_range_proof(context, &comm_point, &pg, &proof_bytes[..], num_bits, dst) | |||
| } | |||
|
|
|||
| fn native_verify_batch_range_proof( | |||
There was a problem hiding this comment.
This needs to also charge the BULLETPROOFS_BASE base cost (see the native for individual proof verification).
@zjma do you know why this is missing / what happened here?
There was a problem hiding this comment.
the batch verification implementation is multivariate and non-linear. I suggested we use a value table for gas charging, so BULLETPROOFS_BASE is not needed.
There was a problem hiding this comment.
Can you double check with @vgao1996. I recall he always advises to have a base cost.
There was a problem hiding this comment.
I think @vgao1996's point was: every native needs to have a non-zero cost, but that's it.
crates/aptos-crypto/src/secp256r1_ecdsa/secp256r1_ecdsa_sigs.rs
Outdated
Show resolved
Hide resolved
| // Generated at time 1738278510.3867955 by `scripts/algebra-gas/update_bulletproofs_batch_vrfy_gas_params.py` with gas_per_ns=295.16. | ||
| [bulletproofs_verify_base_batch_1_bits_8: InternalGas, { RELEASE_V1_27.. => "bulletproofs.verify.base_batch_1_bits_8" }, 133_731_503], | ||
| [bulletproofs_verify_base_batch_1_bits_16: InternalGas, { RELEASE_V1_27.. => "bulletproofs.verify.base_batch_1_bits_16" }, 195_542_132], | ||
| [bulletproofs_verify_base_batch_1_bits_32: InternalGas, { RELEASE_V1_27.. => "bulletproofs.verify.base_batch_1_bits_32" }, 310_976_813], |
There was a problem hiding this comment.
This needs to be (somewhat) consistent with the cost of individually verifying a Bulletproof for a 32-bit committed value via verify_range_proof_internal, no?
There, the cost would be:
bulletproofs_base + 32 * bulletproofs_per_bit_rangeproof_verify + (some very small deserialization cost)
=
11_794_651 + 32 * 1_004_253
=
43_930_747
But here the cost is 310_976_813 which is 7x larger.
There was a problem hiding this comment.
Thank you for this PR!
I requested a bunch of changes (see comments), amongst which:
- Please revert back the error code numbers. Otherwise, backwards compatibility issues.
- Please simplify the Move code. There is unnecessarily repeated code (some of it ours).
- Please make sure the batch verification native aborts when proof deserialization fails with the same code as the native for individual proof verification.
- Please make sure the new batch verification native always charges
BULLETPROOFS_BASElike the individual one (e.g., all the BLS12-381 natives charge the same base cost; see here)
Most importantly, this is a non-trivial change that requires a proper PR description. Please describe/include:
- The what
- The why
- The how
- Explain how gas costs were calibrated.
- Benchmarks for the (Rust) batch proving times and verification times, for all possible batch-size / num-bits combinations. (e.g., see "Benchmarks" here)
| let test_filter = std::env::var("TEST_FILTER").ok(); | ||
| run_tests_for_pkg("aptos-framework", test_filter); | ||
| } | ||
|
|
||
| #[test] | ||
| fn move_aptos_stdlib_unit_tests() { | ||
| run_tests_for_pkg("aptos-stdlib"); | ||
| let test_filter = std::env::var("TEST_FILTER").ok(); | ||
| run_tests_for_pkg("aptos-stdlib", test_filter); | ||
| } | ||
|
|
||
| #[test] | ||
| fn move_stdlib_unit_tests() { | ||
| run_tests_for_pkg("move-stdlib"); | ||
| let test_filter = std::env::var("TEST_FILTER").ok(); | ||
| run_tests_for_pkg("move-stdlib", test_filter); | ||
| } | ||
|
|
||
| #[test] | ||
| fn move_token_unit_tests() { | ||
| run_tests_for_pkg("aptos-token"); | ||
| let test_filter = std::env::var("TEST_FILTER").ok(); | ||
| run_tests_for_pkg("aptos-token", test_filter); | ||
| } | ||
|
|
||
| #[test] | ||
| fn move_token_objects_unit_tests() { | ||
| run_tests_for_pkg("aptos-token-objects"); | ||
| let test_filter = std::env::var("TEST_FILTER").ok(); | ||
| run_tests_for_pkg("aptos-token-objects", test_filter); |
There was a problem hiding this comment.
better load the env inside run_tests_for_pkg then?
| @@ -28,11 +28,14 @@ fn run_tests_for_pkg(path_to_pkg: impl Into<String>) { | |||
| ..Default::default() | |||
| }; | |||
|
|
|||
| let mut utc = UnitTestingConfig::default(); | |||
| utc.filter = test_filter; | |||
There was a problem hiding this comment.
@alinush
utc.report_statistics, if set to true, prints the amount of gas used. Can also be very useful and worth a separate envvar.
|
i can take care of the rebase. |
Description
Adds Move native functions for batch verification of Bulletproof ZK range proofs.
What
This pull request introduces native Move functions that wrap the batch operations provided by the underlying dalek-cryptography's Bulletproofs library.
Why
The primary goal is to reduce gas overhead when multiple range proofs of the same structure are needed to be verified at once. By batching the proofs together, the system minimizes repetitive computational costs, thereby enhancing performance.
How
The implementation leverages the existing Rust logic from the Bulletproofs library by wrapping its
prove_multipleandverify_multiplefunctions as native functions in Move.Other fixes/contributions:
aptos-cryptothat this PR was about to fix.TEST_FILTERenvironment variable to filter unit tests when testing the Move framework code withcargo testinsideaptos-move/frameworkHow Has This Been Tested?
Key Areas to Review
Type of Change
Which Components or Systems Does This Change Impact?
Checklist