kzg

package

v1.1.0 Latest Latest Go to latest Published: Aug 20, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/crate-crypto/go-eth-kzg

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func BatchVerifyMultiPoints(commitments []Commitment, proofs []OpeningProof, openKey *OpeningKey) error
func Verify(commitment *Commitment, proof *OpeningProof, openKey *OpeningKey) error
type CommitKey
- func (c *CommitKey) Commit(p Polynomial, numGoRoutines int) (*Commitment, error)
- func (c *CommitKey) ReversePoints()
type Commitment
type OpeningKey
type OpeningProof
- func Open(domain *domain.Domain, p Polynomial, evaluationPoint fr.Element, ck *CommitKey, ...) (OpeningProof, error)
type Polynomial
type SRS

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrInvalidNumDigests              = errors.New("number of digests is not the same as the number of polynomials")
	ErrInvalidPolynomialSize          = errors.New("invalid polynomial size (larger than SRS or == 0)")
	ErrVerifyOpeningProof             = errors.New("can't verify opening proof")
	ErrPolynomialMismatchedSizeDomain = errors.New("domain size does not equal the number of evaluations in the polynomial")
	ErrMinSRSSize                     = errors.New("minimum srs size is 2")
)

Functions ¶

func BatchVerifyMultiPoints ¶

func BatchVerifyMultiPoints(commitments []Commitment, proofs []OpeningProof, openKey *OpeningKey) error

BatchVerifyMultiPoints verifies multiple KZG proofs in a batch. See verify_kzg_proof_batch.

This method is more efficient than calling Verify multiple times.
Randomness is used to combine multiple proofs into one.

Modified from gnark-crypto.

func Verify ¶

func Verify(commitment *Commitment, proof *OpeningProof, openKey *OpeningKey) error

Verify a single KZG proof. See verify_kzg_proof_impl. Returns `nil` if verification was successful, an error otherwise. If verification failed due to the pairings check it will return ErrVerifyOpeningProof.

Note: We could make this method faster by storing pre-computations for the generators in G1 and G2 as we only do scalar multiplications with those in this method.

Modified from gnark-crypto.

Types ¶

type CommitKey ¶

type CommitKey struct {
	// These are the G1 elements from the trusted setup.
	// In the specs this is denoted as `KZG_SETUP_G1` before
	// we processed it with `ifftG1`. Once we compute `ifftG1`
	// then this list is denoted as `KZG_SETUP_LAGRANGE` in the specs.
	G1 []bls12381.G1Affine
}

CommitKey holds the data needed to commit to polynomials and by proxy make opening proofs TODO: We currently use this for both monomial and lagrange form points. TODO: consider using two types

func (*CommitKey) Commit ¶

func (c *CommitKey) Commit(p Polynomial, numGoRoutines int) (*Commitment, error)

Commit commits to a polynomial using a multi exponentiation with the Commitment key.

numGoRoutines is used to configure the amount of concurrency needed. Setting this value to a negative number or 0 will make it default to the number of CPUs.

func (*CommitKey) ReversePoints ¶

func (c *CommitKey) ReversePoints()

ReversePoints applies the bit reversal permutation to the G1 points stored inside the CommitKey c.

type Commitment ¶

type Commitment = bls12381.G1Affine

A commitment to a polynomial Excluding tests, this will be produced by committing to a polynomial in lagrange form

type OpeningKey ¶

type OpeningKey struct {
	// This is the degree-0 G_1 element in the trusted setup.
	// In the specs, this is denoted as `KZG_SETUP_G1[0]`
	GenG1 bls12381.G1Affine
	// This is the degree-0 G_2 element in the trusted setup.
	// In the specs, this is denoted as `KZG_SETUP_G2[0]`
	GenG2 bls12381.G2Affine
	// This is the degree-1 G_2 element in the trusted setup.
	// In the specs, this is denoted as `KZG_SETUP_G2[1]`
	AlphaG2 bls12381.G2Affine
}

OpeningKey is the key used to verify opening proofs

type OpeningProof ¶

type OpeningProof struct {
	// Commitment to quotient polynomial (f(X) - f(z))/(X-z)
	QuotientCommitment bls12381.G1Affine

	// Point that we are evaluating the polynomial at : `z`
	InputPoint fr.Element

	// ClaimedValue purported value : `f(z)`
	ClaimedValue fr.Element
}

OpeningProof is a struct holding a (cryptographic) proof to the claim that a polynomial f(X) (represented by a commitment to it) evaluates at a point `z` to `f(z)`.

func Open ¶

func Open(domain *domain.Domain, p Polynomial, evaluationPoint fr.Element, ck *CommitKey, numGoRoutines int) (OpeningProof, error)

Open verifies that a polynomial f(x) when evaluated at a point `z` is equal to `f(z)`

numGoRoutines is used to configure the amount of concurrency needed. Setting this value to a negative number or 0 will make it default to the number of CPUs.

type Polynomial ¶

type Polynomial = []fr.Element

A polynomial in lagrange form

Note: This is intentionally not in the `poly` package as all methods, we want to do on the lagrange form as `kzg` related.

type SRS ¶

type SRS struct {
	CommitKey  CommitKey
	OpeningKey OpeningKey
}

SRS holds the structured reference string (SRS) for making and verifying KZG proofs

This codebase is only concerned with polynomials in Lagrange form, so we only expose methods to create the SRS in Lagrange form

The monomial SRS methods are solely used for testing.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL