Get working a final verification step with many corners cut #123
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/script/Verify.s.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Fix flag mask in G2 ppint deser --------- Co-authored-by: Pablo Deymonnaz <[email protected]>
pablodeymo
reviewed
Jan 26, 2024
pablodeymo
reviewed
Jan 26, 2024
xqft
added a commit
that referenced
this pull request
Jan 29, 2024
…on (#122) * Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Added pairing urs deserialization * Fixed G2 point multiplication * Change full_urs points to 3 * Revert "Change full_urs points to 3" This reverts commit 86aa70e. * Manually interpolate and commit divisor poly * Get working a final verification step with many corners cut (#123) * G2 Point deserialization support for the EVM verifier (#120) * Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/script/Verify.s.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Fix flag mask in G2 ppint deser --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Escape char * WIP debugging URS deserialization * Fix urs test * Fix G2 deserialize y sign * Fixed final verification with some corners cut * Add comment and return verify result * Remove evaluation point require * Update eth_verifier/src/Verifier.sol * Update eth_verifier/src/Verifier.sol * Delete unused file * Re-enable verify test * Refactor tests --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Added comments to test data --------- Co-authored-by: Pablo Deymonnaz <[email protected]>
pablodeymo
added a commit
that referenced
this pull request
Jan 30, 2024
* Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Added pairing urs deserialization * Fixed G2 point multiplication * Change full_urs points to 3 * Revert "Change full_urs points to 3" This reverts commit 86aa70e. * Manually interpolate and commit divisor poly * Get working a final verification step with many corners cut (#123) * G2 Point deserialization support for the EVM verifier (#120) * Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/script/Verify.s.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Fix flag mask in G2 ppint deser --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Escape char * WIP debugging URS deserialization * Fix urs test * Fix G2 deserialize y sign * Fixed final verification with some corners cut * Add comment and return verify result * Remove evaluation point require * Update eth_verifier/src/Verifier.sol * Update eth_verifier/src/Verifier.sol * Delete unused file * Re-enable verify test * Refactor tests --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Added first tests * squeeze() and absorb_scalar() fixes * Added challenge test and fixed Scalar's from_bytes_be() * Small tweak on both base and scalar from_bytes_be() * Added absorb_x_base tests * Added test and fixes for absoring a g1 point --------- Co-authored-by: Pablo Deymonnaz <[email protected]>
xqft
added a commit
that referenced
this pull request
Jan 30, 2024
* Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Added pairing urs deserialization * Fixed G2 point multiplication * Change full_urs points to 3 * Revert "Change full_urs points to 3" This reverts commit 86aa70e. * Manually interpolate and commit divisor poly * Get working a final verification step with many corners cut (#123) * G2 Point deserialization support for the EVM verifier (#120) * Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/script/Verify.s.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Fix flag mask in G2 ppint deser --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Escape char * WIP debugging URS deserialization * Fix urs test * Fix G2 deserialize y sign * Fixed final verification with some corners cut * Add comment and return verify result * Remove evaluation point require * Update eth_verifier/src/Verifier.sol * Update eth_verifier/src/Verifier.sol * Delete unused file * Re-enable verify test * Refactor tests --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Added first tests * squeeze() and absorb_scalar() fixes * Added challenge test and fixed Scalar's from_bytes_be() * Small tweak on both base and scalar from_bytes_be() * Added absorb_x_base tests * Added test and fixes for absoring a g1 point * Fix pairing URS deserialization * Fix rest of functions using buffers * Replace hardcoded values with file reads * Fix prover proof test * Fix tests and push proof data * Fix hard-coded evaluation points * Change o1js submodule branch --------- Co-authored-by: Pablo Deymonnaz <[email protected]>
pablodeymo
added a commit
that referenced
this pull request
Jan 31, 2024
* Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Added pairing urs deserialization * Fixed G2 point multiplication * Change full_urs points to 3 * Revert "Change full_urs points to 3" This reverts commit 86aa70e. * Manually interpolate and commit divisor poly * Get working a final verification step with many corners cut (#123) * G2 Point deserialization support for the EVM verifier (#120) * Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/script/Verify.s.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Fix flag mask in G2 ppint deser --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Escape char * WIP debugging URS deserialization * Fix urs test * Fix G2 deserialize y sign * Fixed final verification with some corners cut * Add comment and return verify result * Remove evaluation point require * Update eth_verifier/src/Verifier.sol * Update eth_verifier/src/Verifier.sol * Delete unused file * Re-enable verify test * Refactor tests --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Added first tests * squeeze() and absorb_scalar() fixes * Added challenge test and fixed Scalar's from_bytes_be() * Small tweak on both base and scalar from_bytes_be() * Added absorb_x_base tests * Added test and fixes for absoring a g1 point * Fix G1 endo coefficient * Absorb commitments to witness * Hardcode verifier index digest * Run verifier with hardcoded index digest * Wrote test for to_field() * Fix to_field() * Fix pairing URS deserialization * Fix rest of functions using buffers * Replace hardcoded values with file reads * Fix prover proof test * Fix tests and push proof data * Fix hard-coded evaluation points * Change o1js submodule branch * Harcode prover_proof in deserializer test * Add more sponge test cases * Multiple fixes to sponge and fiat-shamir * Tidy up code, add documentation * Switch commitment of o1js submodule --------- Co-authored-by: Pablo Deymonnaz <[email protected]>
pablodeymo
added a commit
that referenced
this pull request
Jan 31, 2024
* Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Added pairing urs deserialization * Fixed G2 point multiplication * Change full_urs points to 3 * Revert "Change full_urs points to 3" This reverts commit 86aa70e. * Manually interpolate and commit divisor poly * Get working a final verification step with many corners cut (#123) * G2 Point deserialization support for the EVM verifier (#120) * Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/script/Verify.s.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Fix flag mask in G2 ppint deser --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Escape char * WIP debugging URS deserialization * Fix urs test * Fix G2 deserialize y sign * Fixed final verification with some corners cut * Add comment and return verify result * Remove evaluation point require * Update eth_verifier/src/Verifier.sol * Update eth_verifier/src/Verifier.sol * Delete unused file * Re-enable verify test * Refactor tests --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Added first tests * squeeze() and absorb_scalar() fixes * Added challenge test and fixed Scalar's from_bytes_be() * Small tweak on both base and scalar from_bytes_be() * Added absorb_x_base tests * Added test and fixes for absoring a g1 point * Fix G1 endo coefficient * Absorb commitments to witness * Hardcode verifier index digest * Run verifier with hardcoded index digest * Wrote test for to_field() * Fix to_field() * Fix pairing URS deserialization * Fix rest of functions using buffers * Replace hardcoded values with file reads * Fix prover proof test * Fix tests and push proof data * Fix hard-coded evaluation points * Change o1js submodule branch * Harcode prover_proof in deserializer test * Add more sponge test cases * Multiple fixes to sponge and fiat-shamir * Tidy up code, add documentation * Switch commitment of o1js submodule * Deserialize lookup commitments * Remove require public_comm --------- Co-authored-by: Pablo Deymonnaz <[email protected]>
xqft
added a commit
that referenced
this pull request
Feb 1, 2024
* Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Added pairing urs deserialization * Fixed G2 point multiplication * Change full_urs points to 3 * Revert "Change full_urs points to 3" This reverts commit 86aa70e. * Manually interpolate and commit divisor poly * Get working a final verification step with many corners cut (#123) * G2 Point deserialization support for the EVM verifier (#120) * Up anvil's block gas limit * Fixed verify script * Negate quotient commitment * Fix trusted setup length * Added Fq2 sqrt operation (an others necessary) * Fix fq2 sqrt typo * Added comments to the fq2 sqrt algorithm * Added fq2 sqrt test * Fix FQ1EulerCriterion * Fix FQ2Sqrt test * Add import * Added G2 decompression function * Formatting * Added test * Fixed G2Deserialize * Changed values order of deser test * Remove else case * Fixed deserializatio function * Added messagepack g2 deserialization functions * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/lib/bn254/BN256G2.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Update eth_verifier/script/Verify.s.sol Co-authored-by: Pablo Deymonnaz <[email protected]> * Fix flag mask in G2 ppint deser --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Escape char * WIP debugging URS deserialization * Fix urs test * Fix G2 deserialize y sign * Fixed final verification with some corners cut * Add comment and return verify result * Remove evaluation point require * Update eth_verifier/src/Verifier.sol * Update eth_verifier/src/Verifier.sol * Delete unused file * Re-enable verify test * Refactor tests --------- Co-authored-by: Pablo Deymonnaz <[email protected]> * Added first tests * squeeze() and absorb_scalar() fixes * Added challenge test and fixed Scalar's from_bytes_be() * Small tweak on both base and scalar from_bytes_be() * Added absorb_x_base tests * Added test and fixes for absoring a g1 point * Fix G1 endo coefficient * Absorb commitments to witness * Hardcode verifier index digest * Run verifier with hardcoded index digest * Wrote test for to_field() * Fix to_field() * Fix pairing URS deserialization * Fix rest of functions using buffers * Replace hardcoded values with file reads * Fix prover proof test * Fix tests and push proof data * Fix hard-coded evaluation points * Change o1js submodule branch * Harcode prover_proof in deserializer test * Add more sponge test cases * Multiple fixes to sponge and fiat-shamir * Tidy up code, add documentation * Switch commitment of o1js submodule * Deserialize lookup commitments * Remove require public_comm * Add null deserialization check * Deserialize more fields from the verifier index * Finish deserialization of verifier index parameters * Added verifier index digest impl * Add lookup index deser * Make lookup index optional * Finish verifier index digest * Use digest in fiat-shamir * Fix verifier index digest * Remove unused function --------- Co-authored-by: Pablo Deymonnaz <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes issues related to G2 point decompression and hardcodes the evaluation points to make the final verification succeed.
The next step is to test and fix the Keccak sponge and the first fiat-shamir steps to produce the same evaluations proofs as the Kimchi prover in Rust.