Skip to content

Commit

Permalink
Code review fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@alxkzmn
alxkzmn committed Dec 5, 2023
1 parent 6b84f82 commit 1805224
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 42 deletions.
5 changes: 0 additions & 5 deletions kzg_prover/Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 0 additions & 3 deletions kzg_prover/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,5 @@ regex-simple = { version = "1", package = "regex" }
num-traits = "0.2.16"
rayon = "1.8.0"

[patch."https://github.com/privacy-scaling-explorations/halo2?rev=v2023_04_20"]
halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2" }

[dev-dependencies]
criterion= "0.3"
12 changes: 6 additions & 6 deletions kzg_prover/src/circuits/tests.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ mod test {

// 1. Proving phase
// The Custodian generates the ZK proof
let (zk_proof, advice_polys, omega) =
let (zk_snark_proof, advice_polys, omega) =
full_prover(&params, &pk, circuit.clone(), vec![vec![]]);

// Both the Custodian and the Verifier know what column range are the balance columns
Expand All @@ -125,7 +125,7 @@ mod test {
let user_index = 3_u16;

let balance_column_range = 1..N_CURRENCIES + 1;
let user_balances_kzg_proofs = open_user_balances::<N_CURRENCIES>(
let balance_opening_proofs = open_user_balances::<N_CURRENCIES>(
&advice_polys.advice_polys,
&advice_polys.advice_blinds,
&params,
Expand All @@ -136,7 +136,7 @@ mod test {

// 2. Verification phase
// The Verifier verifies the ZK proof
assert!(full_verifier(&params, &vk, &zk_proof, vec![vec![]]));
assert!(full_verifier(&params, &vk, &zk_snark_proof, vec![vec![]]));

// The Verifier is able to independently extract the omega from the verification key
let omega = pk.get_vk().get_domain().get_omega();
Expand All @@ -151,7 +151,7 @@ mod test {
// The Verifier verifies the KZG opening transcripts and calculates the grand sums
let (verified, grand_sum) = verify_grand_sum_openings::<N_CURRENCIES>(
&params,
&zk_proof,
&zk_snark_proof,
kzg_proofs,
poly_degree,
balance_column_range,
Expand All @@ -165,8 +165,8 @@ mod test {
let balance_column_range = 1..N_CURRENCIES + 1;
let (balances_verified, balance_values) = verify_user_inclusion::<N_CURRENCIES>(
&params,
&zk_proof,
user_balances_kzg_proofs,
&zk_snark_proof,
balance_opening_proofs,
balance_column_range,
omega,
user_index,
Expand Down
60 changes: 32 additions & 28 deletions kzg_prover/src/circuits/utils.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,10 +127,10 @@ pub fn open_grand_sums<const N_CURRENCIES: usize>(
balance_column_range: Range<usize>,
) -> Vec<Vec<u8>> {
let challenge = Fp::zero();
let mut kzg_proofs = Vec::new();
let mut challenge_opening_proofs = Vec::new();
balance_column_range.for_each(|i| {
kzg_proofs.push(
create_kzg_proof::<
challenge_opening_proofs.push(
create_opening_proof_at_challenge::<
KZGCommitmentScheme<Bn256>,
ProverSHPLONK<'_, Bn256>,
Challenge255<G1Affine>,
Expand All @@ -139,7 +139,7 @@ pub fn open_grand_sums<const N_CURRENCIES: usize>(
.to_vec(),
)
});
kzg_proofs
challenge_opening_proofs
}

pub fn open_user_balances<const N_CURRENCIES: usize>(
Expand All @@ -151,10 +151,10 @@ pub fn open_user_balances<const N_CURRENCIES: usize>(
user_index: u16,
) -> Vec<Vec<u8>> {
let omega_raised = omega.pow_vartime([user_index as u64]);
let mut kzg_proofs = Vec::new();
let mut balance_opening_proofs = Vec::new();
balance_column_range.for_each(|i| {
kzg_proofs.push(
create_kzg_proof::<
balance_opening_proofs.push(
create_opening_proof_at_challenge::<
KZGCommitmentScheme<Bn256>,
ProverSHPLONK<'_, Bn256>,
Challenge255<G1Affine>,
Expand All @@ -168,26 +168,26 @@ pub fn open_user_balances<const N_CURRENCIES: usize>(
.to_vec(),
)
});
kzg_proofs
balance_opening_proofs
}

/// Verifies the univariate polynomial grand sum openings
pub fn verify_grand_sum_openings<const N_CURRENCIES: usize>(
params: &ParamsKZG<Bn256>,
zk_proof: &[u8],
kzg_proofs: Vec<Vec<u8>>,
zk_snark_proof: &[u8],
challenge_opening_proofs: Vec<Vec<u8>>,
polynomial_degree: u64,
balance_column_range: Range<usize>,
) -> (Vec<bool>, Vec<BigUint>) {
let mut transcript: Blake2bRead<&[u8], G1Affine, Challenge255<G1Affine>> =
Blake2bRead::<_, _, Challenge255<_>>::init(zk_proof);
Blake2bRead::<_, _, Challenge255<_>>::init(zk_snark_proof);

//Read the commitment points for all the advice polynomials from the proof transcript and put them into a vector
let mut advice_commitments = Vec::new();
for i in 0..N_CURRENCIES + balance_column_range.start {
let point = transcript.read_point().unwrap();
// Skip the balances column commitment
if i != 0 {
// Skip the advice commitments before the desired range
if i >= balance_column_range.start {
advice_commitments.push(point);
}
}
Expand All @@ -196,14 +196,18 @@ pub fn verify_grand_sum_openings<const N_CURRENCIES: usize>(
let mut constant_terms = Vec::<BigUint>::new();

for (i, advice_commitment) in advice_commitments.iter().enumerate() {
let (verified, constant_term) =
verify_kzg_proof::<
KZGCommitmentScheme<Bn256>,
VerifierSHPLONK<'_, Bn256>,
Challenge255<G1Affine>,
Blake2bRead<_, _, Challenge255<_>>,
AccumulatorStrategy<_>,
>(params, &kzg_proofs[i], Fp::zero(), *advice_commitment);
let (verified, constant_term) = verify_opening::<
KZGCommitmentScheme<Bn256>,
VerifierSHPLONK<'_, Bn256>,
Challenge255<G1Affine>,
Blake2bRead<_, _, Challenge255<_>>,
AccumulatorStrategy<_>,
>(
params,
&challenge_opening_proofs[i],
Fp::zero(),
*advice_commitment,
);
verification_results.push(verified);

if verified {
Expand All @@ -217,14 +221,14 @@ pub fn verify_grand_sum_openings<const N_CURRENCIES: usize>(

pub fn verify_user_inclusion<const N_CURRENCIES: usize>(
params: &ParamsKZG<Bn256>,
zk_proof: &[u8],
kzg_proofs: Vec<Vec<u8>>,
zk_snark_proof: &[u8],
balance_opening_proofs: Vec<Vec<u8>>,
balance_column_range: Range<usize>,
omega: Fp,
user_index: u16,
) -> (Vec<bool>, Vec<BigUint>) {
let mut transcript: Blake2bRead<&[u8], G1Affine, Challenge255<G1Affine>> =
Blake2bRead::<_, _, Challenge255<_>>::init(zk_proof);
Blake2bRead::<_, _, Challenge255<_>>::init(zk_snark_proof);

//Read the commitment points for all the advice polynomials from the proof transcript and put them into a vector
let mut advice_commitments = Vec::new();
Expand All @@ -240,15 +244,15 @@ pub fn verify_user_inclusion<const N_CURRENCIES: usize>(
let mut balances = Vec::<BigUint>::new();

for (i, advice_commitment) in advice_commitments.iter().enumerate() {
let (verified, eval_at_challenge) = verify_kzg_proof::<
let (verified, eval_at_challenge) = verify_opening::<
KZGCommitmentScheme<Bn256>,
VerifierSHPLONK<'_, Bn256>,
Challenge255<G1Affine>,
Blake2bRead<_, _, Challenge255<_>>,
AccumulatorStrategy<_>,
>(
params,
&kzg_proofs[i],
&balance_opening_proofs[i],
omega.pow_vartime([user_index as u64]),
*advice_commitment,
);
Expand All @@ -264,7 +268,7 @@ pub fn verify_user_inclusion<const N_CURRENCIES: usize>(
}

/// Creates a KZG proof for a polynomial evaluation at a challenge
fn create_kzg_proof<
fn create_opening_proof_at_challenge<
'params,
Scheme: CommitmentScheme<Curve = halo2_proofs::halo2curves::bn256::G1Affine, Scalar = Fp>,
P: Prover<'params, Scheme>,
Expand Down Expand Up @@ -301,7 +305,7 @@ where
}

/// Verifies a KZG proof for a polynomial evaluation at a challenge
pub fn verify_kzg_proof<
pub fn verify_opening<
'a,
'params,
Scheme: CommitmentScheme<Curve = halo2_proofs::halo2curves::bn256::G1Affine, Scalar = Fp>,
Expand Down

0 comments on commit 1805224

Please sign in to comment.