diff --git a/src/c_kzg_4844.c b/src/c_kzg_4844.c index 44c12059c..e6978f674 100644 --- a/src/c_kzg_4844.c +++ b/src/c_kzg_4844.c @@ -590,7 +590,7 @@ static C_KZG_RET blob_to_polynomial( fr_t *p, const uint8_t *blob, const KZGSettings *s ) { C_KZG_RET ret; - for (size_t i = 0; i < s->poly_degree; i++) { + for (size_t i = 0; i < s->field_elements_per_blob; i++) { ret = bytes_to_bls_field( &p[i], (Bytes32 *)&blob[i * BYTES_PER_FIELD_ELEMENT] ); @@ -622,7 +622,8 @@ static C_KZG_RET compute_challenge( /* Input size to the Fiat-Shamir challenge computation. */ size_t challenge_input_size = DOMAIN_STR_LENGTH + 16 + - (BYTES_PER_FIELD_ELEMENT * s->poly_degree) + + (BYTES_PER_FIELD_ELEMENT * + s->field_elements_per_blob) + BYTES_PER_COMMITMENT; ret = c_kzg_malloc((void **)&bytes, challenge_input_size); if (ret != C_KZG_OK) goto out; @@ -637,7 +638,7 @@ static C_KZG_RET compute_challenge( /* Copy polynomial degree (16-bytes, big-endian) */ bytes_from_uint64(offset, 0); offset += sizeof(uint64_t); - bytes_from_uint64(offset, s->poly_degree); + bytes_from_uint64(offset, s->field_elements_per_blob); offset += sizeof(uint64_t); /* Copy blob */ @@ -796,12 +797,12 @@ static C_KZG_RET evaluate_polynomial_in_evaluation_form( uint64_t i; const fr_t *roots_of_unity = s->roots_of_unity; - ret = new_fr_array(&inverses_in, s->poly_degree); + ret = new_fr_array(&inverses_in, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; - ret = new_fr_array(&inverses, s->poly_degree); + ret = new_fr_array(&inverses, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; - for (i = 0; i < s->poly_degree; i++) { + for (i = 0; i < s->field_elements_per_blob; i++) { /* * If the point to evaluate at is one of the evaluation points by which * the polynomial is given, we can just return the result directly. @@ -816,18 +817,18 @@ static C_KZG_RET evaluate_polynomial_in_evaluation_form( blst_fr_sub(&inverses_in[i], x, &roots_of_unity[i]); } - ret = fr_batch_inv(inverses, inverses_in, s->poly_degree); + ret = fr_batch_inv(inverses, inverses_in, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; *out = FR_ZERO; - for (i = 0; i < s->poly_degree; i++) { + for (i = 0; i < s->field_elements_per_blob; i++) { blst_fr_mul(&tmp, &inverses[i], &roots_of_unity[i]); blst_fr_mul(&tmp, &tmp, &p[i]); blst_fr_add(out, out, &tmp); } - fr_from_uint64(&tmp, s->poly_degree); + fr_from_uint64(&tmp, s->field_elements_per_blob); fr_div(out, out, &tmp); - fr_pow(&tmp, x, s->poly_degree); + fr_pow(&tmp, x, s->field_elements_per_blob); blst_fr_sub(&tmp, &tmp, &FR_ONE); blst_fr_mul(out, out, &tmp); @@ -851,7 +852,7 @@ static C_KZG_RET evaluate_polynomial_in_evaluation_form( static C_KZG_RET poly_to_kzg_commitment( g1_t *out, const fr_t *p, const KZGSettings *s ) { - return g1_lincomb_fast(out, s->g1_values, p, s->poly_degree); + return g1_lincomb_fast(out, s->g1_values, p, s->field_elements_per_blob); } /** @@ -868,7 +869,7 @@ C_KZG_RET blob_to_kzg_commitment( fr_t *p = NULL; g1_t commitment; - ret = new_fr_array(&p, s->poly_degree); + ret = new_fr_array(&p, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; ret = blob_to_polynomial(p, blob, s); if (ret != C_KZG_OK) goto out; @@ -1001,7 +1002,7 @@ C_KZG_RET compute_kzg_proof( fr_t *polynomial = NULL; fr_t frz, fry; - ret = new_fr_array(&polynomial, s->poly_degree); + ret = new_fr_array(&polynomial, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; ret = blob_to_polynomial(polynomial, blob, s); if (ret != C_KZG_OK) goto out; @@ -1039,7 +1040,7 @@ static C_KZG_RET compute_kzg_proof_impl( fr_t *inverses = NULL; fr_t *q = NULL; - ret = new_fr_array(&q, s->poly_degree); + ret = new_fr_array(&q, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; ret = evaluate_polynomial_in_evaluation_form(y_out, polynomial, z, s); @@ -1051,12 +1052,12 @@ static C_KZG_RET compute_kzg_proof_impl( /* m != 0 indicates that the evaluation point z equals root_of_unity[m-1] */ uint64_t m = 0; - ret = new_fr_array(&inverses_in, s->poly_degree); + ret = new_fr_array(&inverses_in, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; - ret = new_fr_array(&inverses, s->poly_degree); + ret = new_fr_array(&inverses, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; - for (i = 0; i < s->poly_degree; i++) { + for (i = 0; i < s->field_elements_per_blob; i++) { if (fr_equal(z, &roots_of_unity[i])) { /* We are asked to compute a KZG proof inside the domain */ m = i + 1; @@ -1068,26 +1069,26 @@ static C_KZG_RET compute_kzg_proof_impl( blst_fr_sub(&inverses_in[i], &roots_of_unity[i], z); } - ret = fr_batch_inv(inverses, inverses_in, s->poly_degree); + ret = fr_batch_inv(inverses, inverses_in, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; - for (i = 0; i < s->poly_degree; i++) { + for (i = 0; i < s->field_elements_per_blob; i++) { blst_fr_mul(&q[i], &q[i], &inverses[i]); } if (m != 0) { /* ω_{m-1} == z */ q[--m] = FR_ZERO; - for (i = 0; i < s->poly_degree; i++) { + for (i = 0; i < s->field_elements_per_blob; i++) { if (i == m) continue; /* Build denominator: z * (z - ω_i) */ blst_fr_sub(&tmp, z, &roots_of_unity[i]); blst_fr_mul(&inverses_in[i], &tmp, z); } - ret = fr_batch_inv(inverses, inverses_in, s->poly_degree); + ret = fr_batch_inv(inverses, inverses_in, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; - for (i = 0; i < s->poly_degree; i++) { + for (i = 0; i < s->field_elements_per_blob; i++) { if (i == m) continue; /* Build numerator: ω_i * (p_i - y) */ blst_fr_sub(&tmp, &polynomial[i], y_out); @@ -1099,7 +1100,7 @@ static C_KZG_RET compute_kzg_proof_impl( } g1_t out_g1; - ret = g1_lincomb_fast(&out_g1, s->g1_values, q, s->poly_degree); + ret = g1_lincomb_fast(&out_g1, s->g1_values, q, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; bytes_from_g1(proof_out, &out_g1); @@ -1133,7 +1134,7 @@ C_KZG_RET compute_blob_kzg_proof( fr_t *polynomial = NULL; fr_t y; - ret = new_fr_array(&polynomial, s->poly_degree); + ret = new_fr_array(&polynomial, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; /* Do conversions first to fail fast, compute_challenge is expensive */ @@ -1182,7 +1183,7 @@ C_KZG_RET verify_blob_kzg_proof( *ok = false; /* Allocate a new polynomial */ - ret = new_fr_array(&polynomial, s->poly_degree); + ret = new_fr_array(&polynomial, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; /* Do conversions first to fail fast, compute_challenge is expensive */ @@ -1251,7 +1252,7 @@ static C_KZG_RET compute_r_powers( offset += DOMAIN_STR_LENGTH; /* Copy degree of the polynomial */ - bytes_from_uint64(offset, s->poly_degree); + bytes_from_uint64(offset, s->field_elements_per_blob); offset += sizeof(uint64_t); /* Copy number of commitments */ @@ -1427,7 +1428,7 @@ C_KZG_RET verify_blob_kzg_proof_batch( if (ret != C_KZG_OK) goto out; ret = new_fr_array(&ys_fr, n); if (ret != C_KZG_OK) goto out; - ret = new_fr_array(&polynomial, s->poly_degree); + ret = new_fr_array(&polynomial, s->field_elements_per_blob); if (ret != C_KZG_OK) goto out; for (size_t i = 0; i < n; i++) { @@ -1655,7 +1656,7 @@ static C_KZG_RET compute_roots_of_unity( */ void free_trusted_setup(KZGSettings *s) { if (s == NULL) return; - s->poly_degree = 0; + s->field_elements_per_blob = 0; s->bytes_per_blob = 0; s->max_width = 0; c_kzg_free(s->roots_of_unity); @@ -1715,7 +1716,7 @@ C_KZG_RET load_trusted_setup( while ((1ULL << max_scale) < n1) max_scale++; - out->poly_degree = n1; + out->field_elements_per_blob = n1; out->bytes_per_blob = n1 * BYTES_PER_FIELD_ELEMENT; out->max_width = 1ULL << max_scale; out->roots_of_unity = NULL; diff --git a/src/c_kzg_4844.h b/src/c_kzg_4844.h index c03748a2e..cf9990f7b 100644 --- a/src/c_kzg_4844.h +++ b/src/c_kzg_4844.h @@ -93,8 +93,8 @@ typedef enum { * Stores the setup and parameters needed for computing KZG proofs. */ typedef struct { - /** Number of terms in a polynomial. */ - uint64_t poly_degree; + /** Number of field elements in a blob. */ + uint64_t field_elements_per_blob; /** Number of bytes in a blob. */ size_t bytes_per_blob; /** The length of `roots_of_unity`, a power of 2. */ diff --git a/src/test_c_kzg_4844.c b/src/test_c_kzg_4844.c index ca350c398..2b848b354 100644 --- a/src/test_c_kzg_4844.c +++ b/src/test_c_kzg_4844.c @@ -71,7 +71,7 @@ static void get_rand_fr(fr_t *out) { } static void get_rand_blob(uint8_t *out) { - for (uint64_t i = 0; i < s.poly_degree; i++) { + for (uint64_t i = 0; i < s.field_elements_per_blob; i++) { get_rand_field_element((Bytes32 *)&out[i * 32]); } } @@ -131,8 +131,8 @@ static void get_rand_uint32(uint32_t *out) { } static void eval_poly(fr_t *out, fr_t *poly_coefficients, fr_t *x) { - *out = poly_coefficients[s.poly_degree - 1]; - for (size_t i = s.poly_degree - 1; i > 0; i--) { + *out = poly_coefficients[s.field_elements_per_blob - 1]; + for (size_t i = s.field_elements_per_blob - 1; i > 0; i--) { blst_fr_mul(out, out, x); blst_fr_add(out, out, &poly_coefficients[i - 1]); } @@ -1013,13 +1013,13 @@ static void test_evaluate_polynomial_in_evaluation_form__constant_polynomial( fr_t *p = NULL; fr_t x, y, c; - ret = new_fr_array(&p, s.poly_degree); + ret = new_fr_array(&p, s.field_elements_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); get_rand_fr(&c); get_rand_fr(&x); - for (size_t i = 0; i < s.poly_degree; i++) { + for (size_t i = 0; i < s.field_elements_per_blob; i++) { p[i] = c; } @@ -1036,13 +1036,13 @@ test_evaluate_polynomial_in_evaluation_form__constant_polynomial_in_range(void fr_t *p = NULL; fr_t x, y, c; - ret = new_fr_array(&p, s.poly_degree); + ret = new_fr_array(&p, s.field_elements_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); get_rand_fr(&c); x = s.roots_of_unity[123]; - for (size_t i = 0; i < s.poly_degree; i++) { + for (size_t i = 0; i < s.field_elements_per_blob; i++) { p[i] = c; } @@ -1055,18 +1055,18 @@ test_evaluate_polynomial_in_evaluation_form__constant_polynomial_in_range(void static void test_evaluate_polynomial_in_evaluation_form__random_polynomial(void ) { C_KZG_RET ret; - fr_t poly_coefficients[s.poly_degree]; + fr_t poly_coefficients[s.field_elements_per_blob]; fr_t *p = NULL; fr_t x, y, check; - ret = new_fr_array(&p, s.poly_degree); + ret = new_fr_array(&p, s.field_elements_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); - for (size_t i = 0; i < s.poly_degree; i++) { + for (size_t i = 0; i < s.field_elements_per_blob; i++) { get_rand_fr(&poly_coefficients[i]); } - for (size_t i = 0; i < s.poly_degree; i++) { + for (size_t i = 0; i < s.field_elements_per_blob; i++) { eval_poly(&p[i], poly_coefficients, &s.roots_of_unity[i]); } @@ -1134,7 +1134,7 @@ static void test_compute_kzg_proof__succeeds_expected_proof(void) { Bytes48 proof, expected_proof; int diff; - ret = new_fr_array(&poly, s.poly_degree); + ret = new_fr_array(&poly, s.field_elements_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); ret = c_kzg_malloc((void **)&blob, s.bytes_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); @@ -1201,7 +1201,7 @@ static void test_compute_and_verify_kzg_proof__succeeds_round_trip(void) { bool ok; int diff; - ret = new_fr_array(&poly, s.poly_degree); + ret = new_fr_array(&poly, s.field_elements_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); ret = c_kzg_malloc((void **)&blob, s.bytes_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); @@ -1257,7 +1257,7 @@ static void test_compute_and_verify_kzg_proof__succeeds_within_domain(void) { bool ok; int diff; - ret = new_fr_array(&poly, s.poly_degree); + ret = new_fr_array(&poly, s.field_elements_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); ret = c_kzg_malloc((void **)&blob, s.bytes_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); @@ -1308,7 +1308,7 @@ static void test_compute_and_verify_kzg_proof__fails_incorrect_proof(void) { fr_t y_fr, z_fr; bool ok; - ret = new_fr_array(&poly, s.poly_degree); + ret = new_fr_array(&poly, s.field_elements_per_blob); ASSERT_EQUALS(ret, C_KZG_OK); ret = c_kzg_malloc((void **)&blob, s.bytes_per_blob); ASSERT_EQUALS(ret, C_KZG_OK);