diff --git a/README.md b/README.md index 227ece3..58a98b2 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,36 @@ # kzg-commitments-study [![GoDoc](https://godoc.org/github.com/arnaucube/kzg-commitments-study?status.svg)](https://godoc.org/github.com/arnaucube/kzg-commitments-study) [![Go Report Card](https://goreportcard.com/badge/github.com/arnaucube/kzg-commitments-study)](https://goreportcard.com/report/github.com/arnaucube/kzg-commitments-study) [![Test](https://github.com/arnaucube/kzg-commitments-study/workflows/Test/badge.svg)](https://github.com/arnaucube/kzg-commitments-study/actions?query=workflow%3ATest) -Doing this to study and learn [KZG commitments](http://cacr.uwaterloo.ca/techreports/2010/cacr2010-10.pdf), do not use in production. +Doing this to study and learn [KZG commitments](http://cacr.uwaterloo.ca/techreports/2010/cacr2010-10.pdf), do not use in production. More details at https://arnaucube.com/blog/kzg-commitments.html . Thanks to [Dankrad Feist](https://dankradfeist.de/ethereum/2020/06/16/kate-polynomial-commitments.html), [Alin Tomescu](https://alinush.github.io/2020/05/06/kzg-polynomial-commitments.html), [Tom Walton-Pocock](https://hackmd.io/@tompocock/Hk2A7BD6U) for their articles, which helped me understand a bit the KZG Commitments. + +### Usage +```go +// p(x) = x^3 + x + 5 +p := []*big.Int{ + big.NewInt(5), + big.NewInt(1), // x^1 + big.NewInt(0), // x^2 + big.NewInt(1), // x^3 +} +assert.Equal(t, "1x³ + 1x¹ + 5", PolynomialToString(p)) + +// TrustedSetup +ts, err := NewTrustedSetup(p) +assert.Nil(t, err) + +// Commit +c := Commit(ts, p) + +// p(z)=y --> p(3)=35 +z := big.NewInt(3) +y := big.NewInt(35) + +// z & y: to prove an evaluation p(z)=y +proof, err := EvaluationProof(ts, p, z, y) +assert.Nil(t, err) + +// verification +v := Verify(ts, c, proof, z, y) +assert.True(t, v) +``` diff --git a/arithmetic.go b/arithmetic.go index 11e96bc..2b03711 100644 --- a/arithmetic.go +++ b/arithmetic.go @@ -224,7 +224,9 @@ func intToSNum(n int) string { return sN } -func polynomialToString(p []*big.Int) string { +// PolynomialToString converts a polynomial represented by a *big.Int array, +// into its string human readable representation +func PolynomialToString(p []*big.Int) string { s := "" for i := len(p) - 1; i >= 1; i-- { if !bytes.Equal(p[i].Bytes(), big.NewInt(0).Bytes()) { diff --git a/kzg.go b/kzg.go index 037c35d..1c2bbca 100644 --- a/kzg.go +++ b/kzg.go @@ -65,14 +65,15 @@ func evaluateG2(ts *TrustedSetup, p []*big.Int) *bn256.G2 { // EvaluationProof generates the evaluation proof func EvaluationProof(ts *TrustedSetup, p []*big.Int, z, y *big.Int) (*bn256.G1, error) { - n := polynomialSub(p, []*big.Int{y}) // p-y + n := polynomialSub(p, []*big.Int{y}) // p-y + // n := p // we can omit y (p(z)) d := []*big.Int{fNeg(z), big.NewInt(1)} // x-z q, rem := polynomialDiv(n, d) if compareBigIntArray(rem, arrayOfZeroes(len(rem))) { return nil, fmt.Errorf("remainder should be 0, instead is %d", rem) } - fmt.Println("q(x):", polynomialToString(q)) // TMP DBG + fmt.Println("q(x):", PolynomialToString(q)) // TMP DBG // proof: e = [q(s)]₁ e := evaluateG1(ts, q) diff --git a/kzg_test.go b/kzg_test.go index 368469f..e865e9f 100644 --- a/kzg_test.go +++ b/kzg_test.go @@ -15,8 +15,7 @@ func TestSimpleFlow(t *testing.T) { big.NewInt(0), // x^2 big.NewInt(1), // x^3 } - // fmt.Println("p(x):", polynomialToString(p)) - assert.Equal(t, "1x³ + 1x¹ + 5", polynomialToString(p)) + assert.Equal(t, "1x³ + 1x¹ + 5", PolynomialToString(p)) // TrustedSetup ts, err := NewTrustedSetup(p)