Merge branch 'develop' into mcopy

crypto/kzg4844/kzg4844.go

@@ -66,7 +66,7 @@ func UseCKZG(use bool) error {
 }
 
 // BlobToCommitment creates a small commitment out of a data blob.
-func BlobToCommitment(blob Blob) (Commitment, error) {
+func BlobToCommitment(blob *Blob) (Commitment, error) {
  if useCKZG.Load() {
  return ckzgBlobToCommitment(blob)
  }
@@ -75,7 +75,7 @@ func BlobToCommitment(blob Blob) (Commitment, error) {
 
 // ComputeProof computes the KZG proof at the given point for the polynomial
 // represented by the blob.
-func ComputeProof(blob Blob, point Point) (Proof, Claim, error) {
+func ComputeProof(blob *Blob, point Point) (Proof, Claim, error) {
  if useCKZG.Load() {
  return ckzgComputeProof(blob, point)
  }
@@ -95,15 +95,15 @@ func VerifyProof(commitment Commitment, point Point, claim Claim, proof Proof) e
 // the commitment.
 //
 // This method does not verify that the commitment is correct with respect to blob.
-func ComputeBlobProof(blob Blob, commitment Commitment) (Proof, error) {
+func ComputeBlobProof(blob *Blob, commitment Commitment) (Proof, error) {
  if useCKZG.Load() {
  return ckzgComputeBlobProof(blob, commitment)
  }
  return gokzgComputeBlobProof(blob, commitment)
 }
 
 // VerifyBlobProof verifies that the blob data corresponds to the provided commitment.
-func VerifyBlobProof(blob Blob, commitment Commitment, proof Proof) error {
+func VerifyBlobProof(blob *Blob, commitment Commitment, proof Proof) error {
  if useCKZG.Load() {
  return ckzgVerifyBlobProof(blob, commitment, proof)
  }

crypto/kzg4844/kzg4844_ckzg_cgo.go

@@ -62,10 +62,10 @@ func ckzgInit() {
 }
 
 // ckzgBlobToCommitment creates a small commitment out of a data blob.
-func ckzgBlobToCommitment(blob Blob) (Commitment, error) {
+func ckzgBlobToCommitment(blob *Blob) (Commitment, error) {
  ckzgIniter.Do(ckzgInit)
 
- commitment, err := ckzg4844.BlobToKZGCommitment((ckzg4844.Blob)(blob))
+ commitment, err := ckzg4844.BlobToKZGCommitment((*ckzg4844.Blob)(blob))
  if err != nil {
  return Commitment{}, err
  }
@@ -74,10 +74,10 @@ func ckzgBlobToCommitment(blob Blob) (Commitment, error) {
 
 // ckzgComputeProof computes the KZG proof at the given point for the polynomial
 // represented by the blob.
-func ckzgComputeProof(blob Blob, point Point) (Proof, Claim, error) {
+func ckzgComputeProof(blob *Blob, point Point) (Proof, Claim, error) {
  ckzgIniter.Do(ckzgInit)
 
- proof, claim, err := ckzg4844.ComputeKZGProof((ckzg4844.Blob)(blob), (ckzg4844.Bytes32)(point))
+ proof, claim, err := ckzg4844.ComputeKZGProof((*ckzg4844.Blob)(blob), (ckzg4844.Bytes32)(point))
  if err != nil {
  return Proof{}, Claim{}, err
  }
@@ -103,21 +103,21 @@ func ckzgVerifyProof(commitment Commitment, point Point, claim Claim, proof Proo
 // the commitment.
 //
 // This method does not verify that the commitment is correct with respect to blob.
-func ckzgComputeBlobProof(blob Blob, commitment Commitment) (Proof, error) {
+func ckzgComputeBlobProof(blob *Blob, commitment Commitment) (Proof, error) {
  ckzgIniter.Do(ckzgInit)
 
- proof, err := ckzg4844.ComputeBlobKZGProof((ckzg4844.Blob)(blob), (ckzg4844.Bytes48)(commitment))
+ proof, err := ckzg4844.ComputeBlobKZGProof((*ckzg4844.Blob)(blob), (ckzg4844.Bytes48)(commitment))
  if err != nil {
  return Proof{}, err
  }
  return (Proof)(proof), nil
 }
 
 // ckzgVerifyBlobProof verifies that the blob data corresponds to the provided commitment.
-func ckzgVerifyBlobProof(blob Blob, commitment Commitment, proof Proof) error {
+func ckzgVerifyBlobProof(blob *Blob, commitment Commitment, proof Proof) error {
  ckzgIniter.Do(ckzgInit)
 
- valid, err := ckzg4844.VerifyBlobKZGProof((ckzg4844.Blob)(blob), (ckzg4844.Bytes48)(commitment), (ckzg4844.Bytes48)(proof))
+ valid, err := ckzg4844.VerifyBlobKZGProof((*ckzg4844.Blob)(blob), (ckzg4844.Bytes48)(commitment), (ckzg4844.Bytes48)(proof))
  if err != nil {
  return err
  }

crypto/kzg4844/kzg4844_ckzg_nocgo.go

@@ -32,13 +32,13 @@ func ckzgInit() {
 }
 
 // ckzgBlobToCommitment creates a small commitment out of a data blob.
-func ckzgBlobToCommitment(blob Blob) (Commitment, error) {
+func ckzgBlobToCommitment(blob *Blob) (Commitment, error) {
  panic("unsupported platform")
 }
 
 // ckzgComputeProof computes the KZG proof at the given point for the polynomial
 // represented by the blob.
-func ckzgComputeProof(blob Blob, point Point) (Proof, Claim, error) {
+func ckzgComputeProof(blob *Blob, point Point) (Proof, Claim, error) {
  panic("unsupported platform")
 }
 
@@ -52,11 +52,11 @@ func ckzgVerifyProof(commitment Commitment, point Point, claim Claim, proof Proo
 // the commitment.
 //
 // This method does not verify that the commitment is correct with respect to blob.
-func ckzgComputeBlobProof(blob Blob, commitment Commitment) (Proof, error) {
+func ckzgComputeBlobProof(blob *Blob, commitment Commitment) (Proof, error) {
  panic("unsupported platform")
 }
 
 // ckzgVerifyBlobProof verifies that the blob data corresponds to the provided commitment.
-func ckzgVerifyBlobProof(blob Blob, commitment Commitment, proof Proof) error {
+func ckzgVerifyBlobProof(blob *Blob, commitment Commitment, proof Proof) error {
  panic("unsupported platform")
 }

crypto/kzg4844/kzg4844_gokzg.go

@@ -46,10 +46,10 @@ func gokzgInit() {
 }
 
 // gokzgBlobToCommitment creates a small commitment out of a data blob.
-func gokzgBlobToCommitment(blob Blob) (Commitment, error) {
+func gokzgBlobToCommitment(blob *Blob) (Commitment, error) {
  gokzgIniter.Do(gokzgInit)
 
- commitment, err := context.BlobToKZGCommitment((gokzg4844.Blob)(blob), 0)
+ commitment, err := context.BlobToKZGCommitment((*gokzg4844.Blob)(blob), 0)
  if err != nil {
  return Commitment{}, err
  }
@@ -58,10 +58,10 @@ func gokzgBlobToCommitment(blob Blob) (Commitment, error) {
 
 // gokzgComputeProof computes the KZG proof at the given point for the polynomial
 // represented by the blob.
-func gokzgComputeProof(blob Blob, point Point) (Proof, Claim, error) {
+func gokzgComputeProof(blob *Blob, point Point) (Proof, Claim, error) {
  gokzgIniter.Do(gokzgInit)
 
- proof, claim, err := context.ComputeKZGProof((gokzg4844.Blob)(blob), (gokzg4844.Scalar)(point), 0)
+ proof, claim, err := context.ComputeKZGProof((*gokzg4844.Blob)(blob), (gokzg4844.Scalar)(point), 0)
  if err != nil {
  return Proof{}, Claim{}, err
  }
@@ -80,19 +80,19 @@ func gokzgVerifyProof(commitment Commitment, point Point, claim Claim, proof Pro
 // the commitment.
 //
 // This method does not verify that the commitment is correct with respect to blob.
-func gokzgComputeBlobProof(blob Blob, commitment Commitment) (Proof, error) {
+func gokzgComputeBlobProof(blob *Blob, commitment Commitment) (Proof, error) {
  gokzgIniter.Do(gokzgInit)
 
- proof, err := context.ComputeBlobKZGProof((gokzg4844.Blob)(blob), (gokzg4844.KZGCommitment)(commitment), 0)
+ proof, err := context.ComputeBlobKZGProof((*gokzg4844.Blob)(blob), (gokzg4844.KZGCommitment)(commitment), 0)
  if err != nil {
  return Proof{}, err
  }
  return (Proof)(proof), nil
 }
 
 // gokzgVerifyBlobProof verifies that the blob data corresponds to the provided commitment.
-func gokzgVerifyBlobProof(blob Blob, commitment Commitment, proof Proof) error {
+func gokzgVerifyBlobProof(blob *Blob, commitment Commitment, proof Proof) error {
  gokzgIniter.Do(gokzgInit)
 
- return context.VerifyBlobKZGProof((gokzg4844.Blob)(blob), (gokzg4844.KZGCommitment)(commitment), (gokzg4844.KZGProof)(proof))
+ return context.VerifyBlobKZGProof((*gokzg4844.Blob)(blob), (gokzg4844.KZGCommitment)(commitment), (gokzg4844.KZGProof)(proof))
 }

crypto/kzg4844/kzg4844_test.go

@@ -36,13 +36,13 @@ func randFieldElement() [32]byte {
  return gokzg4844.SerializeScalar(r)
 }
 
-func randBlob() Blob {
+func randBlob() *Blob {
  var blob Blob
  for i := 0; i < len(blob); i += gokzg4844.SerializedScalarSize {
  fieldElementBytes := randFieldElement()
  copy(blob[i:i+gokzg4844.SerializedScalarSize], fieldElementBytes[:])
  }
- return blob
+ return &blob
 }
 
 func TestCKZGWithPoint(t *testing.T) { testKZGWithPoint(t, true) }

crypto/poseidon/poseidon.go

@@ -16,6 +16,7 @@ import (
 const NROUNDSF = 8 //nolint:golint
 
 var NROUNDSP = []int{56, 57, 56, 60, 60, 63, 64, 63, 60, 66, 60, 65, 70, 60, 64, 68} //nolint:golint
+const MAX_WIDTH = 18 // len(NROUNDSP)+2
 
 func zero() *ff.Element {
  return ff.NewElement()
@@ -28,37 +29,38 @@ func exp5(a *ff.Element) {
 }
 
 // exp5state perform exp5 for whole state
-func exp5state(state []*ff.Element) {
- for i := 0; i < len(state); i++ {
- exp5(state[i])
+func exp5state(state []ff.Element, t int) {
+ for i := 0; i < t; i++ {
+ exp5(&state[i])
  }
 }
 
 // ark computes Add-Round Key, from the paper https://eprint.iacr.org/2019/458.pdf
-func ark(state []*ff.Element, c []*ff.Element, it int) {
- for i := 0; i < len(state); i++ {
- state[i].Add(state[i], c[it+i])
+func ark(state []ff.Element, c []*ff.Element, it int, t int) {
+ for i := 0; i < t; i++ {
+ state[i].Add(&state[i], c[it+i])
  }
 }
 
 // mix returns [[matrix]] * [vector]
-func mix(state []*ff.Element, t int, m [][]*ff.Element) []*ff.Element {
+func mix(state []ff.Element, t int, m [][]*ff.Element) []ff.Element {
  mul := zero()
- newState := make([]*ff.Element, t)
+ newState := make([]ff.Element, MAX_WIDTH)
  for i := 0; i < t; i++ {
- newState[i] = zero()
- }
- for i := 0; i < len(state); i++ {
  newState[i].SetUint64(0)
- for j := 0; j < len(state); j++ {
- mul.Mul(m[j][i], state[j])
- newState[i].Add(newState[i], mul)
+ for j := 0; j < t; j++ {
+ mul.Mul(m[j][i], &state[j])
+ newState[i].Add(&newState[i], mul)
  }
  }
- return newState
+
+ for i := 0; i < t; i++ {
+ state[i].Set(&newState[i])
+ }
+ return state
 }
 
-func permute(state []*ff.Element, t int) []*ff.Element {
+func permute(state []ff.Element, t int) []ff.Element {
 
  nRoundsF := NROUNDSF
  nRoundsP := NROUNDSP[t-2]
@@ -67,41 +69,40 @@ func permute(state []*ff.Element, t int) []*ff.Element {
  M := c.m[t-2]
  P := c.p[t-2]
 
- ark(state, C, 0)
+ ark(state, C, 0, t)
 
  for i := 0; i < nRoundsF/2-1; i++ {
- exp5state(state)
- ark(state, C, (i+1)*t)
+ exp5state(state, t)
+ ark(state, C, (i+1)*t, t)
  state = mix(state, t, M)
  }
- exp5state(state)
- ark(state, C, (nRoundsF/2)*t)
+ exp5state(state, t)
+ ark(state, C, (nRoundsF/2)*t, t)
  state = mix(state, t, P)
 
  for i := 0; i < nRoundsP; i++ {
- exp5(state[0])
- state[0].Add(state[0], C[(nRoundsF/2+1)*t+i])
+ exp5(&state[0])
+ state[0].Add(&state[0], C[(nRoundsF/2+1)*t+i])
 
  mul := zero()
  newState0 := zero()
- for j := 0; j < len(state); j++ {
- mul.Mul(S[(t*2-1)*i+j], state[j])
+ for j := 0; j < t; j++ {
+ mul.Mul(S[(t*2-1)*i+j], &state[j])
  newState0.Add(newState0, mul)
  }
 
  for k := 1; k < t; k++ {
- mul = zero()
- state[k] = state[k].Add(state[k], mul.Mul(state[0], S[(t*2-1)*i+t+k-1]))
+ state[k].Add(&state[k], mul.Mul(&state[0], S[(t*2-1)*i+t+k-1]))
  }
- state[0] = newState0
+ state[0].Set(newState0)
  }
 
  for i := 0; i < nRoundsF/2-1; i++ {
- exp5state(state)
- ark(state, C, (nRoundsF/2+1)*t+nRoundsP+i*t)
+ exp5state(state, t)
+ ark(state, C, (nRoundsF/2+1)*t+nRoundsP+i*t, t)
  state = mix(state, t, M)
  }
- exp5state(state)
+ exp5state(state, t)
  return mix(state, t, M)
 }
 
@@ -116,8 +117,8 @@ func HashWithCap(inpBI []*big.Int, width int, nBytes int64) (*big.Int, error) {
  if width < 2 {
  return nil, fmt.Errorf("width must be ranged from 2 to 16")
  }
- if width-2 > len(NROUNDSP) {
- return nil, fmt.Errorf("invalid inputs width %d, max %d", width, len(NROUNDSP)+1) //nolint:gomnd,lll
+ if width > MAX_WIDTH {
+ return nil, fmt.Errorf("invalid inputs width %d, max %d", width, MAX_WIDTH) //nolint:gomnd,lll
  }
 
  // capflag = nBytes * 2^64
@@ -127,19 +128,16 @@ func HashWithCap(inpBI []*big.Int, width int, nBytes int64) (*big.Int, error) {
  capflag.Mul(capflag, ff.NewElement().SetBigInt(pow64))
 
  // initialize the state
- state := make([]*ff.Element, width)
- state[0] = capflag
- for i := 1; i < width; i++ {
- state[i] = zero()
- }
+ state := make([]ff.Element, MAX_WIDTH)
+ state[0] = *capflag
 
  rate := width - 1
  i := 0
  // always perform one round of permutation even when input is empty
  for {
  // each round absorb at most `rate` elements from `inpBI`
  for j := 0; j < rate && i < len(inpBI); i, j = i+1, j+1 {
- state[j+1].Add(state[j+1], ff.NewElement().SetBigInt(inpBI[i]))
+ state[j+1].Add(&state[j+1], ff.NewElement().SetBigInt(inpBI[i]))
  }
  state = permute(state, width)
  if i == len(inpBI) {
@@ -164,10 +162,13 @@ func HashFixedWithDomain(inpBI []*big.Int, domain *big.Int) (*big.Int, error) {
  if !utils.CheckBigIntArrayInField(inpBI[:]) {
  return nil, errors.New("inputs values not inside Finite Field")
  }
- inp := utils.BigIntArrayToElementArray(inpBI[:])
+ inp := make([]ff.Element, MAX_WIDTH)
+ for idx, bi := range inpBI {
+ inp[idx].SetBigInt(bi)
+ }
 
- state := make([]*ff.Element, t)
- state[0] = ff.NewElement().SetBigInt(domain)
+ state := make([]ff.Element, MAX_WIDTH)
+ state[0] = *ff.NewElement().SetBigInt(domain)
  copy(state[1:], inp[:])
 
  state = permute(state, t)

crypto/poseidon/poseidon_test.go

@@ -173,6 +173,6 @@ func BenchmarkPoseidonHash(b *testing.B) {
  bigArray4 := []*big.Int{b1, b2, b0, b0, b0, b0}
 
  for i := 0; i < b.N; i++ {
- HashFixed(bigArray4) //nolint:errcheck,gosec
+ HashFixedWithDomain(bigArray4, b0) //nolint:errcheck,gosec
  }
 }

go.mod

@@ -13,7 +13,7 @@ require (
  github.com/cespare/cp v0.1.0
  github.com/cloudflare/cloudflare-go v0.14.0
  github.com/consensys/gnark-crypto v0.10.0
- github.com/crate-crypto/go-kzg-4844 v0.7.0
+ github.com/crate-crypto/go-kzg-4844 v1.0.0
  github.com/davecgh/go-spew v1.1.1
  github.com/deckarep/golang-set v0.0.0-20180603214616-504e848d77ea
  github.com/docker/docker v1.4.2-0.20180625184442-8e610b2b55bf
@@ -50,7 +50,7 @@ require (
  github.com/prometheus/tsdb v0.7.1
  github.com/rjeczalik/notify v0.9.1
  github.com/rs/cors v1.7.0
- github.com/scroll-tech/zktrie v0.6.0
+ github.com/scroll-tech/zktrie v0.8.2
  github.com/shirou/gopsutil v3.21.4-0.20210419000835-c7a38de76ee5+incompatible
  github.com/status-im/keycard-go v0.0.0-20190316090335-8537d3370df4
  github.com/stretchr/testify v1.8.2