Conversation
gbotrel
requested changes
Apr 11, 2023
| // encode the ProvingKey | ||
| enc := {{ .CurvePackage }}.NewEncoder(w) | ||
|
|
||
| toEncode := []interface{}{ |
Collaborator
There was a problem hiding this comment.
no need for slice and for loop, just enc.Encode(pk.G1)
| return enc.BytesWritten(), nil | ||
| } | ||
|
|
||
| // WriteRawTo writes binary encoding of Proof to w without point compression |
| // WriteTo writes binary encoding of the entire SRS | ||
| func (srs *SRS) WriteTo(w io.Writer) (int64, error) { | ||
| // encode the SRS | ||
| // encode the VerifyingKey |
Collaborator
There was a problem hiding this comment.
bad comment.
Here I would rather call srs.Pk.WriteTo, srs.Vk.WriteTo, easier to maintain for future changes.
There is a duplicate point but it's not a crazy overhead.
| dec := {{ .CurvePackage }}.NewDecoder(r) | ||
|
|
||
| toDecode := []interface{}{ | ||
| &pk.G1, |
| &srs.G2[0], | ||
| &srs.G2[1], | ||
| &srs.G1, | ||
| &srs.Vk.G2[0], |
Collaborator
There was a problem hiding this comment.
same srs.Pk.ReadFrom... srs.Vk.ReadFrom(...)
Contributor
|
Could you modify to in BatchVerifyMultiPoints in the kzg.go files (e.g. l.419 for bls377) ? (Spotted by @kevaundray ) |
gbotrel
approved these changes
Apr 17, 2023
Collaborator
gbotrel
left a comment
gbotrel
left a comment
There was a problem hiding this comment.
minor comment on godoc format but lgtm 👍
| // SRS stores the result of the MPC | ||
| type SRS struct { | ||
| // Proving and Verifying keys together constitute the SRS (result of the MPC) | ||
| type ProvingKey struct { |
Collaborator
There was a problem hiding this comment.
godoc format: struct doc should be // ProvingKey ...
(else it isn't render properly in godoc)
ThomasPiellard
approved these changes
Apr 18, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The KZG SRS breaks up naturally into a prover component (G1[:]) and a verifier component (G1[0], G2[0:2]), which only have one G1 point in common (which is usually standardized and can be omitted anyway).
Treating it as a single object results in very long Plonk verifying keys for example, which can be problematic in Smart Contracts.
This PR implements the break-up.
WARNING: I've removed pretty much all pass-by-pointers I encountered. In case some of that was performance-critical, lmk and I'll add it back in.