Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[zk-token-sdk] Add aggregate range proof instructions #31793

Merged
merged 11 commits into from
May 26, 2023
Merged

[zk-token-sdk] Add aggregate range proof instructions #31793

merged 11 commits into from
May 26, 2023

Conversation

samkim-crypto
Copy link
Contributor

@samkim-crypto samkim-crypto commented May 24, 2023
edited
Loading

Problem

The zk-token-proof program does not yet have an instruction that can verify an aggregate range proof on a multiple Pedersen commitment.

Summary of Changes

Add VerifyAggregateRangeProof64, VerifyAggregateRangeProof128 and VerifyAggregateRangeProof256 instructions. These instructions have separate instruction data, but share the same context. The proof data types are organized in the submodule instruction::aggregate_range_proof.

The verification for these instructions were benched in the devserver and CU units were computed assuming that 1 CU should take roughly 33ns (as per #25464 (comment)).

Fixes #

@samkim-crypto samkim-crypto added work in progress This isn't quite right yet and removed work in progress This isn't quite right yet labels May 24, 2023
@codecov
Copy link

codecov bot commented May 24, 2023
edited
Loading

Codecov Report

Merging #31793 (8a16b09) into master (8a3f446) will decrease coverage by 0.1%.
The diff coverage is 83.2%.

@@            Coverage Diff            @@
##           master   #31793     +/-   ##
=========================================
- Coverage    81.9%    81.9%   -0.1%     
=========================================
  Files         740      745      +5     
  Lines      206372   206700    +328     
=========================================
+ Hits       169096   169347    +251     
- Misses      37276    37353     +77

mvines
mvines reviewed May 24, 2023
View reviewed changes
programs/zk-token-proof-tests/tests/process_transaction.rs Outdated
Comment on lines 31 to 33
ProofInstruction::VerifyAggregateRangeProof64,
ProofInstruction::VerifyAggregateRangeProof128,
ProofInstruction::VerifyAggregateRangeProof256,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar comment to the other review, I wish these instruction names were named in a less general way and where closer to the actual math they're doing. In this case I don't have a good suggestion for what those names could be though

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, so naming here could be a bit complicated. These instructions are basically verifying multiple range proofs in a single instruction. Doing so is more efficient (and proofs more compact) than verifying individual range proofs separately.

A suitable name could be VerifyMultiplePedersenCommitmentsHoldSpecifiedRangeValues, but this is a long name and there are also three variations of them depending on the sum of the bit lengths... so it would be VerifyMultiplePedersenCommitmentsHoldSpecifiedRangeValuesWithTotalBitLength64... I think it might be better to change the name to VerifyBatchedRangeProofsBitLength64. Wdyt?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@CriesofCarrots - wdyt? Would you mind weighing in here, a 3rd pov would probably be useful

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm leaning toward something like VerifyBatchedRangeProofsU64

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay, I'll update to VerifyBatchedRangeProofsU64 and then add proof description on the zk_token_proof_instruction.rs.

zk-token-sdk/src/instruction/aggregate_range_proof/aggregate_range_proof_256.rs Outdated Show resolved Hide resolved
@samkim-crypto samkim-crypto mentioned this pull request May 24, 2023
Merged
@samkim-crypto samkim-crypto requested a review from mvines May 25, 2023 01:03
@samkim-crypto samkim-crypto mentioned this pull request May 25, 2023
Closed
mvines
mvines approved these changes May 26, 2023
View reviewed changes
Copy link
Member

@mvines mvines left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks great, hmu for another approval if needed once the PR is rebased

@samkim-crypto samkim-crypto merged commit ad4d1e5 into solana-labs:master May 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mvines mvines mvines approved these changes

@CriesofCarrots CriesofCarrots Awaiting requested review from CriesofCarrots

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@samkim-crypto @mvines @CriesofCarrots