diff --git a/pkg/encoding/kzgEncoder/encoder.go b/pkg/encoding/kzgEncoder/encoder.go index 295050705a..e5d634b12b 100644 --- a/pkg/encoding/kzgEncoder/encoder.go +++ b/pkg/encoding/kzgEncoder/encoder.go @@ -125,12 +125,12 @@ func NewKzgEncoderGroup(config *KzgConfig, isEncoder bool) (*KzgEncoderGroup, er } // n is the power -func (g *KzgEncoderGroup) ReadG1Point(n uint64) (bls.G1Point, error) { +func ReadG1Point(n uint64, g *KzgConfig) (bls.G1Point, error) { if n > g.SRSOrder { return bls.G1Point{}, fmt.Errorf("requested power %v is larger than SRSOrder %v", n, g.SRSOrder) } - g1point, err := utils.ReadG1PointSection(g.KzgConfig.G1Path, n, n+1, 1) + g1point, err := utils.ReadG1PointSection(g.G1Path, n, n+1, 1) if err != nil { return bls.G1Point{}, err } @@ -139,12 +139,12 @@ func (g *KzgEncoderGroup) ReadG1Point(n uint64) (bls.G1Point, error) { } // n is the power -func (g *KzgEncoderGroup) ReadG2Point(n uint64) (bls.G2Point, error) { +func ReadG2Point(n uint64, g *KzgConfig) (bls.G2Point, error) { if n > g.SRSOrder { return bls.G2Point{}, fmt.Errorf("requested power %v is larger than SRSOrder %v", n, g.SRSOrder) } - g2point, err := utils.ReadG2PointSection(g.KzgConfig.G2Path, n, n+1, 1) + g2point, err := utils.ReadG2PointSection(g.G2Path, n, n+1, 1) if err != nil { return bls.G2Point{}, err } diff --git a/pkg/encoding/kzgEncoder/frame.go b/pkg/encoding/kzgEncoder/frame.go index e5e716d56a..df344d6eba 100644 --- a/pkg/encoding/kzgEncoder/frame.go +++ b/pkg/encoding/kzgEncoder/frame.go @@ -37,7 +37,7 @@ func Decode(b []byte) (Frame, error) { } // Verify function assumes the Data stored is coefficients of coset's interpolating poly -func (f *Frame) Verify(ks *kzg.KZGSettings, commitment *bls.G1Point, x *bls.Fr) bool { +func (f *Frame) Verify(ks *kzg.KZGSettings, commitment *bls.G1Point, x *bls.Fr, g2Atn *bls.G2Point) bool { var xPow bls.Fr bls.CopyFr(&xPow, &bls.ONE) @@ -53,10 +53,15 @@ func (f *Frame) Verify(ks *kzg.KZGSettings, commitment *bls.G1Point, x *bls.Fr) // [s^n - x^n]_2 var xnMinusYn bls.G2Point - bls.SubG2(&xnMinusYn, &ks.Srs.G2[len(f.Coeffs)], &xn2) + + + //bls.SubG2(&xnMinusYn, &ks.Srs.G2[len(f.Coeffs)], &xn2) + bls.SubG2(&xnMinusYn, g2Atn, &xn2) + // [interpolation_polynomial(s)]_1 is1 := bls.LinCombG1(ks.Srs.G1[:len(f.Coeffs)], f.Coeffs) + // [commitment - interpolation_polynomial(s)]_1 = [commit]_1 - [interpolation_polynomial(s)]_1 var commitMinusInterpolation bls.G1Point bls.SubG1(&commitMinusInterpolation, commitment, is1) diff --git a/pkg/encoding/kzgEncoder/frame_test.go b/pkg/encoding/kzgEncoder/frame_test.go index 2ffc008d68..8934c680ea 100644 --- a/pkg/encoding/kzgEncoder/frame_test.go +++ b/pkg/encoding/kzgEncoder/frame_test.go @@ -64,5 +64,7 @@ func TestVerify(t *testing.T) { lc := enc.Fs.ExpandedRootsOfUnity[uint64(0)] require.NotNil(t, lc) - assert.True(t, frames[0].Verify(enc.Ks, commit, &lc)) + g2Atn, err := kzgRs.ReadG2Point(uint64(len(frames[0].Coeffs)), kzgConfig) + require.Nil(t, err) + assert.True(t, frames[0].Verify(enc.Ks, commit, &lc, &g2Atn)) } diff --git a/pkg/encoding/kzgEncoder/multiframe.go b/pkg/encoding/kzgEncoder/multiframe.go index 3a9ecc3379..e566c1e9fd 100644 --- a/pkg/encoding/kzgEncoder/multiframe.go +++ b/pkg/encoding/kzgEncoder/multiframe.go @@ -199,7 +199,7 @@ func (group *KzgEncoderGroup) UniversalVerify(params rs.EncodingParams, samples lhsG1 := bls.LinCombG1(proofs, randomsFr) // lhs g2 - G2atD, err := group.ReadG2Point(D) + G2atD, err := ReadG2Point(D, group.KzgConfig) if err != nil { return err } diff --git a/pkg/encoding/kzgEncoder/multiprover_test.go b/pkg/encoding/kzgEncoder/multiprover_test.go index c80c680ea1..11b6eefd7f 100644 --- a/pkg/encoding/kzgEncoder/multiprover_test.go +++ b/pkg/encoding/kzgEncoder/multiprover_test.go @@ -37,6 +37,8 @@ func TestProveAllCosetThreads(t *testing.T) { fmt.Printf("frame %v leading coset %v\n", i, j) lc := enc.Fs.ExpandedRootsOfUnity[uint64(j)] - assert.True(t, f.Verify(enc.Ks, commit, &lc), "Proof %v failed\n", i) + g2Atn, err := kzgRs.ReadG2Point(uint64(len(f.Coeffs)), kzgConfig) + require.Nil(t, err) + assert.True(t, f.Verify(enc.Ks, commit, &lc, &g2Atn), "Proof %v failed\n", i) } } diff --git a/pkg/encoding/kzgEncoder/verifier.go b/pkg/encoding/kzgEncoder/verifier.go index 19fef3519b..a0c7376f7e 100644 --- a/pkg/encoding/kzgEncoder/verifier.go +++ b/pkg/encoding/kzgEncoder/verifier.go @@ -73,7 +73,7 @@ func (g *KzgEncoderGroup) newKzgVerifier(params rs.EncodingParams) (*KzgVerifier // we leave it as a method of the KzgEncoderGroup func (v *KzgEncoderGroup) VerifyCommit(lengthCommit *wbls.G2Point, lowDegreeProof *wbls.G2Point, length uint64) error { - g1Challenge, err := v.ReadG1Point(v.SRSOrder - length) + g1Challenge, err := ReadG1Point(v.SRSOrder-length, v.KzgConfig) if err != nil { return err } @@ -96,7 +96,11 @@ func (v *KzgVerifier) VerifyFrame(commit *wbls.G1Point, f *Frame, index uint64) return err } - if !f.Verify(v.Ks, commit, &v.Ks.ExpandedRootsOfUnity[j]) { + g2Atn, err := ReadG2Point(uint64(len(f.Coeffs)), v.KzgConfig) + if err != nil { + return err + } + if !f.Verify(v.Ks, commit, &v.Ks.ExpandedRootsOfUnity[j], &g2Atn) { return errors.New("multireveal proof fails") } diff --git a/pkg/encoding/main.go b/pkg/encoding/main.go index 9889d31ca2..fe32838d39 100644 --- a/pkg/encoding/main.go +++ b/pkg/encoding/main.go @@ -107,7 +107,12 @@ func TestKzgRs() { fmt.Printf("frame %v leading coset %v\n", i, j) lc := enc.Fs.ExpandedRootsOfUnity[uint64(j)] - ok := f.Verify(enc.Ks, commit, &lc) + + g2Atn, err := kzgRs.ReadG2Point(uint64(len(f.Coeffs)), kzgConfig) + if err != nil { + log.Fatalf("Load g2 %v failed\n", err) + } + ok := f.Verify(enc.Ks, commit, &lc, &g2Atn) if !ok { log.Fatalf("Proof %v failed\n", i) }