-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(precompiles): optimize bn128 precompiles #5507
base: develop
Are you sure you want to change the base?
feat(precompiles): optimize bn128 precompiles #5507
Conversation
1. implement bn128 precompiles using arkworks wrapper 2. add tests from go-ethereum
There are some concerns here. upgrade If this optimization is not enabled at the specified block height or through a proposal, the related contract transaction results may behave inconsistently on different nodes due to differences in node upgrade times. For example, some SRs have adopted the latest version, and other SRs(even fullnodes) have not been upgraded in time. At this time, if a user initiates a transaction involving these precompilations, there is a high probability that the transaction will be successfully executed on the upgraded SRs, but timeout on the non-upgraded SRs. This will cause a network fork. Therefore, in theory, it should be ensured that this optimization is enabled on all nodes at the same time. There are currently two feasible solutions:
Both require a mandatory upgrade, option1 seems simpler, but there is no guarantee that all nodes will run the latest version in advance. option2 is more formal, but requires more development and community coordination. Of course, we can also discuss whether there are other better ways. @lvs007 @Federico2014 @halibobo1205 @ss3344520 Another concern: fee. If all of you feel these concerns are complex and independent, we can also try to open a new issue for discussion. |
@tomatoishealthy, thanks for description, these concerns seem reasonable. |
@r0wdy1 I agree with the idea.
cc @tomatoishealthy @lvs007 @Federico2014 @ss3344520 |
Yes, a detailed code review is also required |
@r0wdy1 Sorry for not replying to you in time, because there are some details that need to be confirmed
Although the specific time cannot be determined at present, if we can solve the problems mentioned above, there is a high probability that this optimization can be launched on the |
For upgrade compatibility I prefer option 1. This solution is simpler. It only needs to determine the effective block height and does not require SR voting to reach a consensus. Because this PR itself is a performance optimization, it is not like one that requires consensus to take effect. In addition, no matter which solution we adopt, we need to retain the previous logic and use a way like In addition, we also need to confirm: Should the code responsible for compatibility be submitted with a separate PR? @AllFi @halibobo1205 @lvs007 @Federico2014 @yanghang8612 Fee I think the fee should be adjusted appropriately. After all, once optimized, the resource consumption of this instruction will be greatly reduced. In principle: However, the priority of fee adjustment is not high, and it should not affect our overall progress of the upgrades. |
The purpose of this is to avoid and necessity of simultaneous upgrade and let anyone to upgrade anytime before certain block height, right? |
With my pleasure, after the devs confirm whether to choose Now, we need to wait for this PR and the PR for the |
the patch code coverage is lower than 80%, so the ci task is failed. |
@tomatoishealthy @halibobo1205 @lvs007 @mumianhua My nickname is @maikyman and the link to the profile I want to make a small pre-announce for the Tron audience that we're working together on deploying the privacy ZKP protocol on the Tron network. I think they will be interested to hear about this 😌 |
1. add test cases with invalid data
Hello, @mumianhua! I've added test cases with invalid data to cover most of the logic. The only code that is still uncovered is the handling of unsuccessful calls to The CentOS build has two failed tests but it seems that I didn't change anything related to them. Should I investigate this further, or are they possibly just flaky tests? |
The relevant person in charge has been notified and will notify you as soon as possible after access is opened. @maikReal |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a perfect
@mumianhua @tomatoishealthy , is there anything else we can help you with to proceed with this? |
Sorry, some colleagues are celebrating the Chinese National Day holiday recently and will start working after October 7th. We can continue to move forward then. |
v4.7.3 is expected to be released at the end of this month. After that, we can immediately start processing the next mandatory upgrade which will include this optimization. If all goes well, these PRs are expected to be merged next month, and we will immediately start developing the compatibility logic. The development of the compatibility logic will not take long. After both are completed, I think the feature can be merged into the test net and start testing. Thank you very much for your contribution. Any changes will be notified here in time. |
The next step #5529 |
@@ -39,20 +39,14 @@ | |||
import org.tron.common.crypto.Hash; | |||
import org.tron.common.crypto.SignUtils; | |||
import org.tron.common.crypto.SignatureInterface; | |||
import org.tron.common.crypto.zksnark.BN128; | |||
import org.tron.common.crypto.zksnark.BN128Fp; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thus one
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- [ ]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could you please elaborate?
import org.tron.common.crypto.zksnark.BN128Fp; | ||
import org.tron.common.crypto.zksnark.BN128G1; | ||
import org.tron.common.crypto.zksnark.BN128G2; | ||
import org.tron.common.crypto.zksnark.Fp; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- @.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could you please elaborate?
To make this solution feasible, it is essential to ensure the security and stability of third-party packages. |
@AllFi
|
This is exactly the same approach that has already been implemented with shielded transactions more than 3 years ago. You can check out zksnark sdk repo
I'm afraid timeout increase is not a "performance improvement" , it's just a way to lower the bar. As you can see from pairing benchmarks the timeout would have to be increased by a factor of 30 to gain the same result. There are other factors like allowing to build more complex applications and being able to maintain this code further ( see next paragraph)
Quite the contrary arkworks is very well-known and widely used library you can see the list projects that use it as dependency https://crates.io/crates/ark-ff/reverse_dependencies |
@lxcmyf @tomatoishealthy @halibobo1205 looking forward for your feedback and updated plan on the issue: we should either proceed with this PR or reopen #4311 and make some plan for timeout increase. |
@r0wdy1 Very impressive points. @lxcmyf suggested increasing the transaction timeout. The focus is more on maintaining the stability of the network. After all, TRON carries huge value, and any small changes may bring huge losses. From this perspective, it may be a quick intermediate solution. This PR is more of a long-term solution and can bring huge improvements to performance and user experience. From the perspective of long-term development, this plan is better than the above-mentioned plans. However, considering security and stability, this optimization requires comprehensive and sufficient testing. Currently, v4.7.3 is in the grayscale release stage, and it is expected that it will take a few days to confirm the stability of this version. This window period can give everyone more time to think about these issues. Maybe we can reach a consensus in the near future. @AllFi @r0wdy1 @halibobo1205 @lxcmyf @lvs007 @yuekun0707 In addition, the development to provide compatibility for upgrades is not complicated. Once the final solution is determined, we should be able to immediately promote the subsequent process. |
What does this PR do?
This PR optimizes
BN128Addition
,BN128Multiplication
, andBN128Pairing
precompiled contracts by using arkworks implementation of bn128 operations. This PR usesLibarkworksWrapper
introduced in tronprotocol/zksnark-java-sdk#9.Why are these changes required?
The native implementation of these precompiles is relatively slow. In general, this hinders on-chain zkSNARKs verification and, consequently, makes zk-based apps almost unfeasible (#4311). With this PR (or a similar approach), these applications become viable. This PR is necessary to resolve this issue.
It is important to note that these changes are not proposed to solve a specific problem of ZkBob but rather enable a whole class of applications and protocols based on elliptic curve cryptography and pairings in particular. The possibilities brought by ZKP are not limited to privacy focused protocols , some other examples are zk based auth for AA wallets, light clients, zk based bridges, computational integrity enforcing contracts etc.
This PR has been tested by:
go-ethereum
)Follow up
Extra details
I've added some benchmarks before (https://github.com/zkBob/java-tron/tree/bn128-native-bench) and after modifications (https://github.com/zkBob/java-tron/tree/bn128-arkworks-bench). The results can be found below.
The average time of operations before (Intel(R) Core(TM) i7-10750H CPU, 32 GB RAM):
The average time of operations after:
Closes #5492