Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: 1 blob -> 3 blobs #10014

Merged
merged 7 commits into from
Nov 19, 2024
Merged

feat: 1 blob -> 3 blobs #10014

merged 7 commits into from
Nov 19, 2024

Conversation

MirandaWood
Copy link
Contributor

Made a separate PR just because there are a lot of changes.

(pls ignore the commits from merging with master!)

@MirandaWood MirandaWood added the e2e-all CI: Enables this CI job. label Nov 16, 2024
@MirandaWood MirandaWood self-assigned this Nov 16, 2024
@MirandaWood MirandaWood changed the base branch from mw/blob-circuit to master November 16, 2024 19:40
@MirandaWood MirandaWood changed the base branch from master to mw/blob-circuit November 16, 2024 19:40
@MirandaWood MirandaWood marked this pull request as ready for review November 16, 2024 19:40
@MirandaWood MirandaWood changed the base branch from mw/blob-circuit to master November 16, 2024 20:43
@MirandaWood MirandaWood changed the base branch from master to mw/blob-circuit November 16, 2024 20:43
Copy link
Contributor

@iAmMichaelConnor iAmMichaelConnor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DELIGHTFUL! Thanks so much for this.
I've only properly checked the smart contracts and circuits. I've added some comments.

It's quite elegant, really. There's no extra complex stuff to handle info that spans multiple blobs, because it's all shoved into one continuous sponge.


// protocol_contract_tree_root
publicInputs[feesEnd + 1] = protocolContractTreeRoot;
publicInputs[offset++] = protocolContractTreeRoot;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a feeling this might break. I faintly recall that in Solidity, offset++ will return the old value of offset, and then increment, which (comparing against what was previously here: feesEnd + 1) is not what we want, here.
Either ++offset, or (because I think some people don't like ++ operators because of their bad readability) increment it on a separate line with offset += 1;

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoops - I just forgot to add ++ to the previous use of offset. I'm a bit confused why all the verification tests I ran passed then, so I'll take a look.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ohhh, good point. If you discover why they're passing, we should add a test to catch whatever's been missed!


// prover_id: id of current epoch's prover
publicInputs[feesEnd + 2] = _args[6];
publicInputs[offset++] = _args[6];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same comment.

{
bytes32 calcBlobPublicInputsHash = sha256(
abi.encodePacked(
_blobPublicInputsAndAggregationObject[blobOffset:blobOffset + 112 * blobsInBlock]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Magic number 112 should eventually be a constant (although I appreciate the code you're making changes to already included lots of magic numbers that should also be constants, so maybe make it a todo). Maybe also a comment to say: 112 = |z| + |y| + |commitment|, where commitment encoded as 31 + 17 bytes.

l1-contracts/src/core/Rollup.sol Show resolved Hide resolved
l1-contracts/src/core/Rollup.sol Show resolved Hide resolved
blob_hash: Field,
blob_commitments: [[Field; 2]; BLOBS_PER_BLOCK],
// Flat sha256 hash of the EVM blob hashes, can be injected here as the contract check its validity vs the blob_public_inputs below
// NB: to fit it into a field, we truncate to 31 bytes
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Todo: We should have a think about what happens if Ethereum updates blobs, to introduce a new "version" of the versioned hash. Suppose we end up in a world with more than one value for a "first byte" is possible for a versioned-blob-hash. And suppose Aztec can't update at the exact same pace as Ethereum. Are there any attacks that can be done, if we're omitting this first byte?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From only a quick think, I believe the answer is no. Simply because our repo-coded version = 0x01, so if the version updates, ours will be out of sync, and anything going on-chain will fail. Only the circuits deal with the truncated version of the hash, and they 'don't care' what the version is, just to have a number to hash into the header.
Since this 'version' number is one constant on the EVM, i don't think they will ever allow two versions to be running at once

This comment was marked as off-topic.

Copy link
Contributor

github-actions bot commented Nov 19, 2024

Changes to circuit sizes

Generated at commit: 4ad3a52c6bb11970ed227f91bdab6a2d84ef4d4e, compared to commit: 526b4c6f6c339d43fbb8e241a5fcf32d40c108ab

🧾 Summary (100% most significant diffs)

Program ACIR opcodes (+/-) % Circuit size (+/-) %
rollup_block_root +347,152 ❌ +183.74% +797,652 ❌ +23.96%
rollup_block_root_empty +384 ❌ +134.27% +384 ❌ +12.46%
rollup_base_public 0 ➖ 0.00% -41,201 ✅ -1.34%
rollup_base_private 0 ➖ 0.00% -41,201 ✅ -1.50%
rollup_block_merge +1,296 ❌ +9.48% -54,677 ✅ -2.79%
rollup_root +1,296 ❌ +9.49% -54,677 ✅ -2.79%
rollup_merge 0 ➖ 0.00% -82,400 ✅ -4.33%
parity_root 0 ➖ 0.00% -164,800 ✅ -4.34%
private_kernel_empty 0 ➖ 0.00% -41,200 ✅ -4.37%

Full diff report 👇
Program ACIR opcodes (+/-) % Circuit size (+/-) %
rollup_block_root 536,093 (+347,152) +183.74% 4,126,541 (+797,652) +23.96%
rollup_block_root_empty 670 (+384) +134.27% 3,467 (+384) +12.46%
rollup_base_public 438,963 (0) 0.00% 3,034,905 (-41,201) -1.34%
rollup_base_private 301,891 (0) 0.00% 2,699,136 (-41,201) -1.50%
rollup_block_merge 14,964 (+1,296) +9.48% 1,901,762 (-54,677) -2.79%
rollup_root 14,948 (+1,296) +9.49% 1,901,748 (-54,677) -2.79%
rollup_merge 2,038 (0) 0.00% 1,819,204 (-82,400) -4.33%
parity_root 5,034 (0) 0.00% 3,636,752 (-164,800) -4.34%
private_kernel_empty 612 (0) 0.00% 901,639 (-41,200) -4.37%

This comment was marked as off-topic.

@MirandaWood MirandaWood merged commit 512d1b0 into mw/blob-circuit Nov 19, 2024
97 of 105 checks passed
@MirandaWood MirandaWood deleted the mw/blob-circuit-3 branch November 19, 2024 10:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
e2e-all CI: Enables this CI job.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants