Skip to content

Commit

Permalink
more debug output #296
Browse files Browse the repository at this point in the history
  • Loading branch information
@vo-nil
vo-nil committed Feb 26, 2024
1 parent ed7f089 commit 5bffeaa
Show file tree
Hide file tree
Showing 3 changed files with 142 additions and 11 deletions.
148 changes: 138 additions & 10 deletions include/nil/crypto3/zk/commitments/polynomial/kzg.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,90 @@ using namespace nil::crypto3::math;

using namespace nil::crypto3;

template<typename FieldParams>
void print_field_element(std::ostream &os, const typename fields::detail::element_fp<FieldParams> &e) {
os << std::hex << std::setw((FieldParams::modulus_bits+7)/4) << std::setfill('0') << e.data;
}

template<typename FieldParams>
void print_field_element(std::ostream &os, const typename fields::detail::element_fp2<FieldParams> &e) {
os << "[";
print_field_element(os, e.data[0]);
os << ", ";
print_field_element(os, e.data[1]);
os << "]";
}

template<typename FieldParams>
void print_field_element(std::ostream &os, const typename fields::detail::element_fp3<FieldParams> &e) {
os << "[";
print_field_element(os, e.data[0]);
os << ", ";
print_field_element(os, e.data[1]);
os << ", ";
print_field_element(os, e.data[2]);
os << "]";
}

template<typename FieldParams>
void print_field_element(std::ostream &os, const typename fields::detail::element_fp4<FieldParams> &e) {
os << "[";
print_field_element(os, e.data[0]);
os << ", ";
print_field_element(os, e.data[1]);
os << "]";
}

template<typename FieldParams>
void print_field_element(std::ostream &os, const typename fields::detail::element_fp6_2over3<FieldParams> &e) {
os << "[";
print_field_element(os, e.data[0]);
os << ", ";
print_field_element(os, e.data[1]);
os << "]";
}

template<typename FieldParams>
void print_field_element(std::ostream &os, const typename fields::detail::element_fp6_3over2<FieldParams> &e) {
os << "[";
print_field_element(os, e.data[0]);
os << ", ";
print_field_element(os, e.data[1]);
os << ", ";
print_field_element(os, e.data[3]);
os << "]";
}

template<typename CurveGroupValue>
void print_curve_group_element(std::ostream &os, const CurveGroupValue &e) {
auto a = e.to_affine();

os << "affine: (";
print_field_element(os, a.X);
os << ",";
print_field_element(os, a.Y);
os << ")";
os << " projective: (";
print_field_element(os, e.X);
os << ",";
print_field_element(os, e.Y);
os << ",";
print_field_element(os, e.Z);
os << ")";
}


template<typename FieldParams>
void print_field_element(std::ostream &os, const fields::detail::element_fp12_2over3over2<FieldParams> &e) {
os << "[[[" << e.data[0].data[0].data[0].data << "," << e.data[0].data[0].data[1].data << "],["
<< e.data[0].data[1].data[0].data << "," << e.data[0].data[1].data[1].data << "],["
<< e.data[0].data[2].data[0].data << "," << e.data[0].data[2].data[1].data << "]],"
<< "[[" << e.data[1].data[0].data[0].data << "," << e.data[1].data[0].data[1].data << "],["
<< e.data[1].data[1].data[0].data << "," << e.data[1].data[1].data[1].data << "],["
<< e.data[1].data[2].data[0].data << "," << e.data[1].data[2].data[1].data << "]]]";
}


namespace nil {
namespace crypto3 {
namespace zk {
Expand Down Expand Up @@ -135,7 +219,7 @@ namespace nil {
void dump_vector(std::vector<uint8_t> const& x, std::string label = "") {
std::cout << label << "[" << std::dec << x.size() << "] ";
for(auto v: x) {
std::cout << std::hex << std::setw(2) << std::setfill('0') << int(v);
std::cout << std::hex << std::setw(2) << std::setfill('0') << int(v) <<" ";
}
std::cout << "" << std::endl;
}
Expand Down Expand Up @@ -227,9 +311,15 @@ namespace nil {
public_key.eval * KZG::curve_type::template g1_type<>::value_type::one() - public_key.commit,
KZG::curve_type::template g2_type<>::value_type::one());

std::cout << "left:" << std::endl;
print_field_element(std::cout, left);
std::cout << "right:" << std::endl;
print_field_element(std::cout, right);

/*
dump_gt(left, "left");
dump_gt(right, "right");

*/
std::cout << "left*right == 1?" << (left*right == KZG::gt_value_type::one()) << std::endl;

return gt_4 == KZG::gt_value_type::one();
Expand Down Expand Up @@ -592,6 +682,7 @@ namespace nil {
std::cout << "accumulator: " << accum << std::endl;

//verify without pairing
/*
{
typename math::polynomial<typename KZG::scalar_value_type> right_side({{0}});
factor = KZG::scalar_value_type::one();
Expand All @@ -600,7 +691,7 @@ namespace nil {
factor = factor * gamma;
}
assert(accum * create_polynom_by_zeros<KZG>(public_key.T) == right_side);
}
}*/

return commit_one<KZG>(params, accum);
}
Expand Down Expand Up @@ -638,8 +729,11 @@ namespace nil {
auto right = commit_g2<KZG>(params, create_polynom_by_zeros<KZG>(public_key.T));
auto right_side_pairing = algebra::pair_reduced<typename KZG::curve_type>(proof, right);

dump_gt(left_side_pairing, "left");
dump_gt(right_side_pairing, "right");
std::cout << "left:" << std::endl;
print_field_element(std::cout, left_side_pairing);
std::cout << "right:" << std::endl;
print_field_element(std::cout, right_side_pairing);


return left_side_pairing == right_side_pairing;
}
Expand Down Expand Up @@ -700,6 +794,7 @@ namespace nil {
return typename math::polynomial<typename KZGScheme::scalar_value_type>({{1}});
}
BOOST_ASSERT(this->get_V(result) * this->get_V(points) == this->get_V(merged_points));
//return zk::algorithms::create_polynom_by_zeros<KZGScheme>(result);
return this->get_V(result);
}

Expand Down Expand Up @@ -744,20 +839,25 @@ namespace nil {

// Differs from static, because we pack the result into byte blob.
commitment_type commit(std::size_t index){
std::cout << "commiting to " << index << std::endl;
std::cout << "~-~-~-~ commiting to batch: " << index << "~-~-~-~" <<std::endl;
this->_ind_commitments[index] = {};
this->state_commited(index);

std::cout << "array has " << this->_polys[index].size() << " elements" << std::endl;
std::cout << "batch has " << this->_polys[index].size() << " elements" << std::endl;
std::vector<std::uint8_t> result = {};
for (std::size_t i = 0; i < this->_polys[index].size(); ++i) {
BOOST_ASSERT(this->_polys[index][i].degree() <= _params.commitment_key.size());
std::cout << "commiting to poly: " << this->_polys[index][i] << std::endl;
auto single_commitment = nil::crypto3::zk::algorithms::commit_one<KZGScheme>(_params, this->_polys[index][i]);
this->_ind_commitments[index].push_back(single_commitment);
std::cout << "commitment value: ";
print_curve_group_element(std::cout, single_commitment);
std::cout << std::endl;
nil::marshalling::status_type status;
std::vector<uint8_t> single_commitment_bytes =
nil::marshalling::pack<endianness>(single_commitment, status);
BOOST_ASSERT(status == nil::marshalling::status_type::success);
dump_vector(single_commitment_bytes, "single commitment marshalled:");

result.insert(result.end(), single_commitment_bytes.begin(), single_commitment_bytes.end());
}
Expand Down Expand Up @@ -799,6 +899,10 @@ namespace nil {
for( auto const &it: this->_polys ){
auto k = it.first;
for (std::size_t i = 0; i < this->_z.get_batch_size(k); ++i) {
auto polys_k_i=math::polynomial<typename KZGScheme::scalar_value_type>(this->_polys[k][i].coefficients());
std::cout << "polys_k_i:" << polys_k_i << std::endl;
std::cout << "U(k,i) (" << std::dec << k << "," <<i << "): " << this->get_U(k,i) << std::endl;

accum += factor * (math::polynomial<typename KZGScheme::scalar_value_type>(this->_polys[k][i].coefficients()) - this->get_U(k, i))/this->get_V(this->_points[k][i]);
factor *= gamma;
}
Expand All @@ -812,6 +916,7 @@ namespace nil {

//verify without pairing. It's only for debug
//if something goes wrong, it may be useful to place here verification with pairings
/*
{
typename math::polynomial<typename KZGScheme::scalar_value_type> right_side({{0}});
factor = KZGScheme::scalar_value_type::one();
Expand All @@ -824,7 +929,7 @@ namespace nil {
}
}
assert(accum * this->get_V(this->_merged_points) == right_side);
}
}*/
auto res_commit = nil::crypto3::zk::algorithms::commit_one<KZGScheme>(_params, accum);
nil::marshalling::status_type status;
std::vector<std::uint8_t> res_bytes =
Expand Down Expand Up @@ -853,6 +958,7 @@ namespace nil {

for (const auto &it: this->_commitments) {
auto k = it.first;
std::cout << "~=~=~=~= batch "<<std::dec << k <<" (size: "<< this->_points.at(k).size() << " ) ~=~=~=~=" << std::endl;
for (std::size_t i = 0; i < this->_points.at(k).size(); ++i) {
std::size_t blob_size = this->_commitments.at(k).size() / this->_points.at(k).size();
std::vector<std::uint8_t> byteblob(blob_size);
Expand All @@ -861,15 +967,33 @@ namespace nil {
byteblob[j] = this->_commitments.at(k)[i * blob_size + j];
}
nil::marshalling::status_type status;
// dump_vector(byteblob, "demarshalling:");
typename curve_type::template g1_type<>::value_type
i_th_commitment = nil::marshalling::pack(byteblob, status);
// std::cout << std::dec << i << " commitment unpacked: ";
// print_curve_group_element(std::cout, i_th_commitment);
// std::cout << std::endl;
BOOST_ASSERT(status == nil::marshalling::status_type::success);
std::cout << "U(k,i) (" << std::dec << k << "," <<i << "): " << this->get_U(k,i) << std::endl;
auto U_commit = nil::crypto3::zk::algorithms::commit_one<KZGScheme>(_params, this->get_U(k,i));
std::cout << "U_commit: ";
print_curve_group_element(std::cout, U_commit);
std::cout << std::endl;

auto diffpoly = set_difference_polynom(_merged_points, this->_points.at(k)[i]);
std::cout << "diffpoly: " << diffpoly << std::endl;
auto cg2 = commit_g2(diffpoly);
std::cout << "cg2:";
print_curve_group_element(std::cout, cg2);
std::cout << std::endl;

auto left_side_pairing = nil::crypto3::algebra::pair_reduced<curve_type>(
factor*(i_th_commitment - U_commit),
commit_g2(set_difference_polynom(_merged_points, this->_points.at(k)[i]))
);
std::cout << "lsp:";
print_field_element(std::cout, left_side_pairing);
std::cout << std::endl;

left_side_accum = left_side_accum * left_side_pairing;
factor *= gamma;
Expand All @@ -884,8 +1008,12 @@ namespace nil {
commit_g2(this->get_V(this->_merged_points))
);

dump_gt(left_side_accum, "left");
dump_gt(right_side_pairing, "right");
std::cout << "left:" << std::endl;
print_field_element(std::cout, left_side_accum);
std::cout << std::endl;
std::cout << "right:" << std::endl;
print_field_element(std::cout, right_side_pairing);
std::cout << std::endl;

return left_side_accum == right_side_pairing;
}
Expand Down
3 changes: 2 additions & 1 deletion test/commitment/kzg.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,8 @@ BOOST_AUTO_TEST_SUITE(kzg_test_suite)

BOOST_AUTO_TEST_CASE(kzg_basic_test) {

typedef algebra::curves::bls12<381> curve_type;
typedef algebra::curves::mnt6_298 curve_type;
//typedef algebra::curves::bls12<381> curve_type;
typedef typename curve_type::scalar_field_type::value_type scalar_value_type;

typedef zk::commitments::kzg<curve_type> kzg_type;
Expand Down
2 changes: 2 additions & 0 deletions test/systems/plonk/placeholder/placeholder.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1339,6 +1339,7 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit2_kzg)
selector_columns_t,
usable_rows_t,
4, true>*/
/*
, placeholder_kzg_test_fixture<
algebra::curves::mnt4_298,
hashes::keccak_1600<256>,
Expand All @@ -1349,6 +1350,7 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit2_kzg)
selector_columns_t,
usable_rows_t,
4, true>
*/
, placeholder_kzg_test_fixture<
algebra::curves::mnt6_298,
hashes::keccak_1600<256>,
Expand Down

0 comments on commit 5bffeaa

Please sign in to comment.