Update the endianness of the polynomial commitments to be big endian

setup.py

@@ -279,7 +279,7 @@ def get_spec(file_name: Path, preset: Dict[str, str], config: Dict[str, str], pr
                     elif name in config:
                         config_vars[name] = VariableDefinition(value_def.type_name, config[name], value_def.comment, None)
                     else:
-                        if name == 'ENDIANNESS':
+                        if name in ('ENDIANNESS', 'KZG_ENDIANNESS'):
                             # Deal with mypy Literal typing check
                             value_def = _parse_value(name, value, type_hint='Final')
                         constant_vars[name] = value_def

specs/deneb/polynomial-commitments.md

@@ -77,6 +77,7 @@ Public functions MUST accept raw bytes as input and perform the required cryptog
 | `BYTES_PER_FIELD_ELEMENT` | `uint64(32)` | Bytes used to encode a BLS scalar field element |
 | `BYTES_PER_BLOB` | `uint64(BYTES_PER_FIELD_ELEMENT * FIELD_ELEMENTS_PER_BLOB)` | The number of bytes in a blob |
 | `G1_POINT_AT_INFINITY` | `Bytes48(b'\xc0' + b'\x00' * 47)` | Serialized form of the point at infinity on the G1 group |
+| `KZG_ENDIANNESS` | `'big'` | The endianness of the field elements including blobs |
 
 
 ## Preset
@@ -161,7 +162,7 @@ def hash_to_bls_field(data: bytes) -> BLSFieldElement:
     The output is not uniform over the BLS field.
     """
     hashed_data = hash(data)
-    return BLSFieldElement(int.from_bytes(hashed_data, ENDIANNESS) % BLS_MODULUS)
+    return BLSFieldElement(int.from_bytes(hashed_data, KZG_ENDIANNESS) % BLS_MODULUS)
 ```
 
 #### `bytes_to_bls_field`
@@ -172,7 +173,7 @@ def bytes_to_bls_field(b: Bytes32) -> BLSFieldElement:
     Convert untrusted bytes to a trusted and validated BLS scalar field element.
     This function does not accept inputs greater than the BLS modulus.
     """
-    field_element = int.from_bytes(b, ENDIANNESS)
+    field_element = int.from_bytes(b, KZG_ENDIANNESS)
     assert field_element < BLS_MODULUS
     return BLSFieldElement(field_element)
 ```
@@ -237,7 +238,7 @@ def compute_challenge(blob: Blob,
     """
 
     # Append the degree of the polynomial as a domain separator
-    degree_poly = int.to_bytes(FIELD_ELEMENTS_PER_BLOB, 16, ENDIANNESS)
+    degree_poly = int.to_bytes(FIELD_ELEMENTS_PER_BLOB, 16, KZG_ENDIANNESS)
     data = FIAT_SHAMIR_PROTOCOL_DOMAIN + degree_poly
 
     data += blob
@@ -406,15 +407,15 @@ def verify_kzg_proof_batch(commitments: Sequence[KZGCommitment],
 
     # Compute a random challenge. Note that it does not have to be computed from a hash,
     # r just has to be random.
-    degree_poly = int.to_bytes(FIELD_ELEMENTS_PER_BLOB, 8, ENDIANNESS)
-    num_commitments = int.to_bytes(len(commitments), 8, ENDIANNESS)
+    degree_poly = int.to_bytes(FIELD_ELEMENTS_PER_BLOB, 8, KZG_ENDIANNESS)
+    num_commitments = int.to_bytes(len(commitments), 8, KZG_ENDIANNESS)
     data = RANDOM_CHALLENGE_KZG_BATCH_DOMAIN + degree_poly + num_commitments
 
     # Append all inputs to the transcript before we hash
     for commitment, z, y, proof in zip(commitments, zs, ys, proofs):
         data += commitment \
-            + int.to_bytes(z, BYTES_PER_FIELD_ELEMENT, ENDIANNESS) \
-            + int.to_bytes(y, BYTES_PER_FIELD_ELEMENT, ENDIANNESS) \
+            + int.to_bytes(z, BYTES_PER_FIELD_ELEMENT, KZG_ENDIANNESS) \
+            + int.to_bytes(y, BYTES_PER_FIELD_ELEMENT, KZG_ENDIANNESS) \
             + proof
 
     r = hash_to_bls_field(data)
@@ -451,7 +452,7 @@ def compute_kzg_proof(blob: Blob, z_bytes: Bytes32) -> Tuple[KZGProof, Bytes32]:
     assert len(z_bytes) == BYTES_PER_FIELD_ELEMENT
     polynomial = blob_to_polynomial(blob)
     proof, y = compute_kzg_proof_impl(polynomial, bytes_to_bls_field(z_bytes))
-    return proof, y.to_bytes(BYTES_PER_FIELD_ELEMENT, ENDIANNESS)
+    return proof, y.to_bytes(BYTES_PER_FIELD_ELEMENT, KZG_ENDIANNESS)
 ```
 
 #### `compute_quotient_eval_within_domain`

tests/core/pyspec/eth2spec/test/deneb/unittests/polynomial_commitments/test_polynomial_commitments.py

@@ -33,7 +33,7 @@ def bls_add_one(x):
 
 
 def field_element_bytes(x):
-    return int.to_bytes(x % BLS_MODULUS, 32, "little")
+    return int.to_bytes(x % BLS_MODULUS, 32, "big")
 
 
 @with_deneb_and_later
@@ -304,7 +304,7 @@ def test_bytes_to_bls_field_modulus_minus_one(spec):
     Verify that `bytes_to_bls_field` handles modulus minus one
     """
 
-    spec.bytes_to_bls_field((BLS_MODULUS - 1).to_bytes(spec.BYTES_PER_FIELD_ELEMENT, spec.ENDIANNESS))
+    spec.bytes_to_bls_field((BLS_MODULUS - 1).to_bytes(spec.BYTES_PER_FIELD_ELEMENT, spec.KZG_ENDIANNESS))
 
 
 @with_deneb_and_later
@@ -316,7 +316,7 @@ def test_bytes_to_bls_field_modulus(spec):
     """
 
     expect_assertion_error(lambda: spec.bytes_to_bls_field(
-        BLS_MODULUS.to_bytes(spec.BYTES_PER_FIELD_ELEMENT, spec.ENDIANNESS)
+        BLS_MODULUS.to_bytes(spec.BYTES_PER_FIELD_ELEMENT, spec.KZG_ENDIANNESS)
     ))
 
 

tests/core/pyspec/eth2spec/test/helpers/sharding.py

@@ -61,7 +61,7 @@ def get_sample_blob(spec, rng=None):
 
     b = bytes()
     for v in values:
-        b += v.to_bytes(32, spec.ENDIANNESS)
+        b += v.to_bytes(32, spec.KZG_ENDIANNESS)
 
     return spec.Blob(b)
 

tests/formats/kzg/compute_kzg_proof.md

@@ -14,8 +14,8 @@ output: Tuple[KZGProof, Bytes32] -- The KZG proof and the value y = f(z)
 ```
 
 - `blob` here is encoded as a string: hexadecimal encoding of `4096 * 32 = 131072` bytes, prefixed with `0x`.
-- `z` here is encoded as a string: hexadecimal encoding of `32` bytes representing a little endian encoded field element, prefixed with `0x`.
-- `y` here is encoded as a string: hexadecimal encoding of `32` bytes representing a little endian encoded field element, prefixed with `0x`.
+- `z` here is encoded as a string: hexadecimal encoding of `32` bytes representing a big endian encoded field element, prefixed with `0x`.
+- `y` here is encoded as a string: hexadecimal encoding of `32` bytes representing a big endian encoded field element, prefixed with `0x`.
 
 All byte(s) fields are encoded as strings, hexadecimal encoding, prefixed with `0x`.
 

tests/formats/kzg/verify_kzg_proof.md

@@ -15,8 +15,8 @@ input:
 output: bool -- true (valid proof) or false (incorrect proof)
 ```
 
-- `z` here is encoded as a string: hexadecimal encoding of `32` bytes representing a little endian encoded field element, prefixed with `0x`.
-- `y` here is encoded as a string: hexadecimal encoding of `32` bytes representing a little endian encoded field element, prefixed with `0x`.
+- `z` here is encoded as a string: hexadecimal encoding of `32` bytes representing a big endian encoded field element, prefixed with `0x`.
+- `y` here is encoded as a string: hexadecimal encoding of `32` bytes representing a big endian encoded field element, prefixed with `0x`.
 
 All byte(s) fields are encoded as strings, hexadecimal encoding, prefixed with `0x`.
 

tests/generators/kzg_4844/main.py

@@ -27,11 +27,11 @@ def expect_exception(func, *args):
 
 
 def field_element_bytes(x):
-    return int.to_bytes(x % spec.BLS_MODULUS, 32, spec.ENDIANNESS)
+    return int.to_bytes(x % spec.BLS_MODULUS, 32, spec.KZG_ENDIANNESS)
 
 
 def field_element_bytes_unchecked(x):
-    return int.to_bytes(x, 32, spec.ENDIANNESS)
+    return int.to_bytes(x, 32, spec.KZG_ENDIANNESS)
 
 
 def encode_hex_list(a):
@@ -54,7 +54,7 @@ def evaluate_blob_at(blob, z):
     )
 
 
-BLS_MODULUS_BYTES = spec.BLS_MODULUS.to_bytes(32, spec.ENDIANNESS)
+BLS_MODULUS_BYTES = spec.BLS_MODULUS.to_bytes(32, spec.KZG_ENDIANNESS)
 
 G1 = bls.G1_to_bytes48(bls.G1())
 G1_INVALID_TOO_FEW_BYTES = G1[:-1]