Compatability changes to work with arb nitro

Cargo.toml

@@ -16,14 +16,16 @@ directories = "5.0.1"
 hex-literal = "0.4.1"
 rand = "0.8.5"
 sha2 = "0.10.8"
+tracing = { version = "^0.1.34", features = ["log"] }
+tracing-subscriber = "0.3.18"
 ureq = "2.9.6"
 num-bigint = "0.4"
 rayon = "^1.5"
 num-traits = "0.2"
 byteorder = "1.4"
 ark-poly = "0.4.2"
 crossbeam-channel = "0.5"
-num_cpus = "^1.16.0"
+num_cpus = "1.13.0"
 
 [dev-dependencies]
 criterion = "0.5"

rust-toolchain

@@ -1,5 +1,5 @@
 [toolchain]
-channel = 'nightly-2024-04-29'
+channel = '1.74'
 profile = 'minimal'
 components = ['clippy', 'rustfmt']
-targets = ["x86_64-unknown-linux-gnu", "x86_64-pc-windows-gnu", "wasm32-unknown-unknown"]
+targets = ["x86_64-unknown-linux-gnu", "x86_64-pc-windows-gnu", "wasm32-unknown-unknown", "aarch64-apple-darwin"]

src/blob.rs

@@ -39,6 +39,27 @@ impl Blob {
         }
     }
 
+    /// Creates a new `Blob` from the provided byte slice and assumes it's
+    /// already padded according to DA specs.
+    pub fn from_padded_bytes(input: &[u8]) -> Result<Self, BlobError> {
+        // check to see if bytes are modulo bn254
+        // set_bytes_canonical used in to_fr_array calls from_be_bytes_mod_order
+        // if the bytes passed into set_bytes_canonical are larger than the bn254 field
+        // modulo order then the bytes will be modded by the order of the field
+        let length_after_padding = input.len();
+        let fr_vec = helpers::to_fr_array(input);
+        let bytes = helpers::to_byte_array(&fr_vec, length_after_padding);
+        if bytes != input {
+            return Err(BlobError::NotPaddedError);
+        }
+
+        Ok(Blob {
+            blob_data: bytes,
+            is_padded: true,
+            length_after_padding,
+        })
+    }
+
     /// Returns the blob data
     pub fn get_blob_data(&self) -> Vec<u8> {
         self.blob_data.clone()

src/errors.rs

@@ -24,6 +24,7 @@ pub enum PolynomialError {
     SerializationFromStringError,
     CommitError(String),
     GenericError(String),
+    FFTError(String),
 }
 
 impl fmt::Display for PolynomialError {
@@ -33,6 +34,7 @@ impl fmt::Display for PolynomialError {
                 write!(f, "couldn't load string to fr vector")
             },
             PolynomialError::CommitError(ref msg) => write!(f, "Commitment error: {}", msg),
+            PolynomialError::FFTError(ref msg) => write!(f, "FFT error: {}", msg),
             PolynomialError::GenericError(ref msg) => write!(f, "generic error: {}", msg),
         }
     }
@@ -85,6 +87,13 @@ mod tests {
         assert_eq!(format!("{}", error), format!("generic error: {}", msg));
     }
 
+    #[test]
+    fn test_polynomial_error_fft() {
+        let msg = String::from("test fft error");
+        let error = PolynomialError::FFTError(msg.clone());
+        assert_eq!(format!("{}", error), format!("FFT error: {}", msg));
+    }
+
     #[test]
     fn test_polynomial_error_equality() {
         let error1 = PolynomialError::SerializationFromStringError;

src/kzg.rs

@@ -390,7 +390,11 @@ impl Kzg {
     }
 
     /// commit the actual polynomial with the values setup
-    pub fn commit(&self, polynomial: &Polynomial) -> Result<G1Affine, KzgError> {
+    pub fn commit(
+        &self,
+        polynomial: &Polynomial,
+        is_data_polynomial_evaluations: bool,
+    ) -> Result<G1Affine, KzgError> {
         if polynomial.len() > self.g1.len() {
             return Err(KzgError::SerializationError(
                 "polynomial length is not correct".to_string(),
@@ -405,20 +409,30 @@ impl Kzg {
 
         // Perform the multi-exponentiation
         config.install(|| {
-            let bases = self.g1_ifft(polynomial.len()).unwrap();
+            let bases = if is_data_polynomial_evaluations {
+                // if the blob data is polynomial evaluations then we use the original g1 points
+                self.g1[..polynomial.len()].to_vec()
+            } else {
+                // Use inverse FFT if not
+                self.g1_ifft(polynomial.len())?
+            };
+
             match G1Projective::msm(&bases, &polynomial.to_vec()) {
                 Ok(res) => Ok(res.into_affine()),
                 Err(err) => Err(KzgError::CommitError(err.to_string())),
             }
         })
     }
 
-    /// 4844 compatible helper function
-    pub fn blob_to_kzg_commitment(&self, blob: &Blob) -> Result<G1Affine, KzgError> {
+    pub fn blob_to_kzg_commitment(
+        &self,
+        blob: &Blob,
+        is_blob_ifft: bool,
+    ) -> Result<G1Affine, KzgError> {
         let polynomial = blob
             .to_polynomial()
             .map_err(|err| KzgError::SerializationError(err.to_string()))?;
-        let commitment = self.commit(&polynomial)?;
+        let commitment = self.commit(&polynomial, is_blob_ifft)?;
         Ok(commitment)
     }
 
@@ -427,8 +441,14 @@ impl Kzg {
         &self,
         polynomial: &Polynomial,
         index: u64,
+        is_data_polynomial_evaluations: bool,
     ) -> Result<G1Affine, KzgError> {
-        self.compute_kzg_proof(polynomial, index, &self.expanded_roots_of_unity)
+        self.compute_kzg_proof(
+            polynomial,
+            index,
+            &self.expanded_roots_of_unity,
+            is_data_polynomial_evaluations,
+        )
     }
 
     /// function to compute the kzg proof given the values.
@@ -437,6 +457,7 @@ impl Kzg {
         polynomial: &Polynomial,
         index: u64,
         root_of_unities: &Vec<Fr>,
+        is_data_polynomial_evaluations: bool,
     ) -> Result<G1Affine, KzgError> {
         if !self.params.completed_setup {
             return Err(KzgError::GenericError(
@@ -487,9 +508,15 @@ impl Kzg {
             }
         }
 
-        let g1_lagrange = self.g1_ifft(polynomial.len())?;
+        let bases = if is_data_polynomial_evaluations {
+            // if the blob data is polynomial evaluations then we use the original g1 points
+            self.g1[..polynomial.len()].to_vec()
+        } else {
+            // Use inverse FFT if not
+            self.g1_ifft(polynomial.len())?
+        };
 
-        match G1Projective::msm(&g1_lagrange, &quotient_poly) {
+        match G1Projective::msm(&bases, &quotient_poly) {
             Ok(res) => Ok(G1Affine::from(res)),
             Err(err) => Err(KzgError::SerializationError(err.to_string())),
         }
@@ -623,7 +650,7 @@ mod tests {
         }
 
         let polynomial = Polynomial::new(&poly, 2).unwrap();
-        let result = KZG_3000.commit(&polynomial);
+        let result = KZG_3000.commit(&polynomial, false);
         assert_eq!(
             result,
             Err(KzgError::SerializationError(
@@ -751,7 +778,7 @@ mod tests {
         use ark_bn254::Fq;
 
         let blob = Blob::from_bytes_and_pad(GETTYSBURG_ADDRESS_BYTES);
-        let fn_output = KZG_3000.blob_to_kzg_commitment(&blob).unwrap();
+        let fn_output = KZG_3000.blob_to_kzg_commitment(&blob, false).unwrap();
         let commitment_from_da = G1Affine::new_unchecked(
             Fq::from_str(
                 "2961155957874067312593973807786254905069537311739090798303675273531563528369",
@@ -786,9 +813,13 @@ mod tests {
 
             let index = rand::thread_rng()
                 .gen_range(0..input_poly.get_length_of_padded_blob_as_fr_vector());
-            let commitment = kzg.commit(&input_poly.clone()).unwrap();
+            let commitment = kzg.commit(&input_poly.clone(), false).unwrap();
             let proof = kzg
-                .compute_kzg_proof_with_roots_of_unity(&input_poly, index.try_into().unwrap())
+                .compute_kzg_proof_with_roots_of_unity(
+                    &input_poly,
+                    index.try_into().unwrap(),
+                    false,
+                )
                 .unwrap();
             let value_fr = input_poly.get_at_index(index).unwrap();
             let z_fr = kzg.get_nth_root_of_unity(index).unwrap();
@@ -821,9 +852,9 @@ mod tests {
         let mut kzg = KZG_INSTANCE.clone();
 
         let input = Blob::from_bytes_and_pad(GETTYSBURG_ADDRESS_BYTES);
-        let input_poly = input.to_polynomial().unwrap();
+        let input_poly_coefficients = input.to_polynomial().unwrap();
 
-        for index in 0..input_poly.len() - 1 {
+        for index in 0..input_poly_coefficients.len() - 1 {
             // let index = rand::thread_rng().gen_range(0..input_poly.len());
             kzg.data_setup_custom(4, input.len().try_into().unwrap())
                 .unwrap();
@@ -835,11 +866,15 @@ mod tests {
                     break;
                 }
             }
-            let commitment = kzg.commit(&input_poly.clone()).unwrap();
+            let commitment = kzg.commit(&input_poly_coefficients.clone(), false).unwrap();
             let proof = kzg
-                .compute_kzg_proof_with_roots_of_unity(&input_poly, index.try_into().unwrap())
+                .compute_kzg_proof_with_roots_of_unity(
+                    &input_poly_coefficients,
+                    index.try_into().unwrap(),
+                    false,
+                )
                 .unwrap();
-            let value_fr = input_poly.get_at_index(index).unwrap();
+            let value_fr = input_poly_coefficients.get_at_index(index).unwrap();
             let z_fr = kzg.get_nth_root_of_unity(index).unwrap();
             let pairing_result =
                 kzg.verify_kzg_proof(commitment, proof, value_fr.clone(), z_fr.clone());
@@ -854,6 +889,45 @@ mod tests {
                 false
             )
         }
+
+        let mut input_poly_evaluation = input_poly_coefficients.clone();
+        input_poly_evaluation.ifft_on_elements().unwrap();
+
+        for index in 0..input_poly_evaluation.len() - 1 {
+            kzg.data_setup_custom(4, input.len().try_into().unwrap())
+                .unwrap();
+            let mut rand_index = rand::thread_rng().gen_range(0..kzg.expanded_roots_of_unity.len());
+            loop {
+                if index == rand_index {
+                    rand_index = rand::thread_rng().gen_range(0..kzg.expanded_roots_of_unity.len());
+                } else {
+                    break;
+                }
+            }
+            let commitment = kzg.commit(&input_poly_evaluation.clone(), true).unwrap();
+            let proof = kzg
+                .compute_kzg_proof_with_roots_of_unity(
+                    &input_poly_evaluation,
+                    index.try_into().unwrap(),
+                    true,
+                )
+                .unwrap();
+            // because this polynomial is evaluations we want to get the value at the same index of the polynomial that is the coefficients of the polynomial
+            let value_fr = input_poly_coefficients.get_at_index(index).unwrap();
+            let z_fr = kzg.get_nth_root_of_unity(index).unwrap();
+            let pairing_result =
+                kzg.verify_kzg_proof(commitment, proof, value_fr.clone(), z_fr.clone());
+            assert_eq!(pairing_result, true);
+            assert_eq!(
+                kzg.verify_kzg_proof(
+                    commitment,
+                    proof,
+                    value_fr.clone(),
+                    kzg.get_nth_root_of_unity(rand_index).unwrap().clone()
+                ),
+                true
+            )
+        }
     }
 
     #[test]
@@ -1016,7 +1090,7 @@ mod tests {
             kzg.data_setup_custom(4, poly.len().try_into().unwrap())
                 .unwrap();
             let result = kzg
-                .compute_kzg_proof(&poly, index, &roots_of_unities)
+                .compute_kzg_proof(&poly, index, &roots_of_unities, false)
                 .unwrap();
             assert_eq!(gnark_proof, result)
         }