fix endianness issues in commitment calculations (#185)

* fix endianness issues in commitment calculations * remove MakeVerkleProofOneLeaf: broken and unnecessary * fix: key mutability issue in GetCommitmentsAlongPath * fix stateless test ToDot display
ethereum · Feb 4, 2022 · 2997a4a · 2997a4a
1 parent 150c713
commit 2997a4a
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 46 deletions.
diff --git a/ipa.go b/ipa.go
@@ -44,22 +44,25 @@ func CopyPoint(dst, src *Point) {
 
 func toFr(fr *Fr, p *Point) {
 	bytes := p.Bytes()
-	fr.SetBytes(bytes[:])
+	fr.SetBytesLE(bytes[:])
 }
 
 func from32(fr *Fr, data [32]byte) {
 	fr.SetBytes(data[:])
 }
 
 func FromLEBytes(fr *Fr, data []byte) {
+	var aligned [32]byte
 	for i := range data {
-		data[i], data[len(data)-1-i] = data[len(data)-1-i], data[i]
+		aligned[31-i] = data[i]
 	}
-	fr.SetBytes(data)
+	fr.SetBytes(aligned[:])
 }
 
-func FromBytes(fr *Fr, data []byte) {
-	FromLEBytes(fr, data)
+func StemFromBytes(fr *Fr, data []byte) {
+	bytes := make([]byte, len(data))
+	copy(bytes, data)
+	fr.SetBytesLE(bytes)
 }
 
 func Equal(fr *Fr, other *Fr) bool {

diff --git a/proof_ipa.go b/proof_ipa.go
@@ -44,26 +44,6 @@ type Proof struct {
 	Values     [][]byte
 }
 
-func MakeVerkleProofOneLeaf(root VerkleNode, key []byte) *Proof {
-	tr := common.NewTranscript("multiproof")
-	root.ComputeCommitment()
-	pe, extStatus, alt := root.GetCommitmentsAlongPath(key)
-	val, _ := root.Get(key, nil)
-	proof := &Proof{
-		Multipoint: ipa.CreateMultiProof(tr, GetConfig().conf, pe.Cis, pe.Fis, pe.Zis),
-		Cs:         pe.Cis,
-		ExtStatus:  []byte{extStatus},
-		Keys:       [][]byte{key},
-		Values:     [][]byte{val},
-	}
-
-	if alt != nil {
-		proof.PoaStems = [][]byte{alt}
-	}
-
-	return proof
-}
-
 func GetCommitmentsForMultiproof(root VerkleNode, keys [][]byte) (*ProofElements, []byte, [][]byte) {
 	p := &ProofElements{ByPath: make(map[string]*Point)}
 	var extStatuses []byte
@@ -182,7 +162,6 @@ func SerializeProof(proof *Proof) ([]byte, []KeyValuePair, error) {
 
 	proof.Multipoint.Write(&bufProof)
 
-	// Temporary: add the keys and values to the proof
 	keyvals := make([]KeyValuePair, 0, len(proof.Keys))
 	for i, key := range proof.Keys {
 		keyvals = append(keyvals, KeyValuePair{key, proof.Values[i]})

diff --git a/proof_test.go b/proof_test.go
@@ -39,7 +39,7 @@ func TestProofVerifyTwoLeaves(t *testing.T) {
 	root.Insert(oneKeyTest, zeroKeyTest, nil)
 	root.Insert(ffx32KeyTest, zeroKeyTest, nil)
 
-	proof := MakeVerkleProofOneLeaf(root, ffx32KeyTest)
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{ffx32KeyTest}, map[string][]byte{string(ffx32KeyTest): zeroKeyTest})
 
 	pe, _, _ := root.GetCommitmentsAlongPath(ffx32KeyTest)
 	if !VerifyVerkleProof(proof, pe.Cis, pe.Zis, pe.Yis, GetConfig()) {
@@ -59,7 +59,7 @@ func TestProofVerifyMultipleLeaves(t *testing.T) {
 		root.Insert(key, fourtyKeyTest, nil)
 	}
 
-	proof := MakeVerkleProofOneLeaf(root, keys[0])
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{keys[0]}, map[string][]byte{string(keys[0]): fourtyKeyTest})
 
 	pe, _, _ := root.GetCommitmentsAlongPath(keys[0])
 	if !VerifyVerkleProof(proof, pe.Cis, pe.Zis, pe.Yis, GetConfig()) {
@@ -152,7 +152,7 @@ func TestProofOfAbsenceInternalVerify(t *testing.T) {
 	root.Insert(zeroKeyTest, zeroKeyTest, nil)
 	root.Insert(oneKeyTest, zeroKeyTest, nil)
 
-	proof := MakeVerkleProofOneLeaf(root, ffx32KeyTest)
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{ffx32KeyTest}, map[string][]byte{})
 
 	pe, _, _ := root.GetCommitmentsAlongPath(ffx32KeyTest)
 	if !VerifyVerkleProof(proof, pe.Cis, pe.Zis, pe.Yis, GetConfig()) {
@@ -165,7 +165,7 @@ func TestProofOfAbsenceLeafVerify(t *testing.T) {
 	root.Insert(zeroKeyTest, zeroKeyTest, nil)
 	root.Insert(ffx32KeyTest, zeroKeyTest, nil)
 
-	proof := MakeVerkleProofOneLeaf(root, oneKeyTest)
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{oneKeyTest}, map[string][]byte{})
 
 	pe, _, _ := root.GetCommitmentsAlongPath(oneKeyTest)
 	if !VerifyVerkleProof(proof, pe.Cis, pe.Zis, pe.Yis, GetConfig()) {
@@ -182,7 +182,7 @@ func TestProofOfAbsenceLeafVerifyOtherSuffix(t *testing.T) {
 		return ret
 	}()
 
-	proof := MakeVerkleProofOneLeaf(root, key)
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{key}, map[string][]byte{})
 
 	pe, _, _ := root.GetCommitmentsAlongPath(key)
 	if !VerifyVerkleProof(proof, pe.Cis, pe.Zis, pe.Yis, GetConfig()) {
@@ -199,7 +199,7 @@ func TestProofOfAbsenceStemVerify(t *testing.T) {
 		return ret
 	}()
 
-	proof := MakeVerkleProofOneLeaf(root, key)
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{key}, map[string][]byte{})
 
 	pe, _, _ := root.GetCommitmentsAlongPath(key)
 	if !VerifyVerkleProof(proof, pe.Cis, pe.Zis, pe.Yis, GetConfig()) {
@@ -221,7 +221,7 @@ func BenchmarkProofCalculation(b *testing.B) {
 	b.ReportAllocs()
 
 	for i := 0; i < b.N; i++ {
-		MakeVerkleProofOneLeaf(root, keys[len(keys)/2])
+		MakeVerkleMultiProof(root, [][]byte{keys[len(keys)/2]}, map[string][]byte{})
 	}
 }
 
@@ -237,7 +237,7 @@ func BenchmarkProofVerification(b *testing.B) {
 
 	root.ComputeCommitment()
 	pe, _, _ := root.GetCommitmentsAlongPath(keys[len(keys)/2])
-	proof := MakeVerkleProofOneLeaf(root, keys[len(keys)/2])
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{keys[len(keys)/2]}, map[string][]byte{})
 
 	b.ResetTimer()
 	b.ReportAllocs()
@@ -259,7 +259,7 @@ func TestProofSerializationNoAbsentStem(t *testing.T) {
 		root.Insert(key, fourtyKeyTest, nil)
 	}
 
-	proof := MakeVerkleProofOneLeaf(root, keys[0])
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{keys[0]}, map[string][]byte{})
 
 	serialized, _, err := SerializeProof(proof)
 	if err != nil {
@@ -298,7 +298,7 @@ func TestProofSerializationWithAbsentStem(t *testing.T) {
 	absentkey[2] = 2
 	absentkey[3] = 1
 
-	proof := MakeVerkleProofOneLeaf(root, absentkey[:])
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{absentkey[:]}, map[string][]byte{})
 
 	serialized, _, err := SerializeProof(proof)
 	if err != nil {
@@ -337,7 +337,7 @@ func TestProofDeserialize(t *testing.T) {
 	absentkey[2] = 2
 	absentkey[3] = 1
 
-	proof := MakeVerkleProofOneLeaf(root, absentkey[:])
+	proof, _, _, _ := MakeVerkleMultiProof(root, [][]byte{absentkey[:]}, map[string][]byte{})
 
 	serialized, _, err := SerializeProof(proof)
 	if err != nil {

diff --git a/stateless.go b/stateless.go
@@ -293,7 +293,7 @@ func (n *StatelessNode) ComputeCommitment() *Fr {
 		count1, count2 := 0, 0
 		var poly, c1poly, c2poly [256]Fr
 		poly[0].SetUint64(1)
-		FromBytes(&poly[1], n.stem)
+		StemFromBytes(&poly[1], n.stem)
 
 		for idx, val := range n.values {
 			if idx < 128 {
@@ -372,7 +372,7 @@ func (n *StatelessNode) toDot(parent, path string) string {
 			}
 		}
 	} else {
-		ret = fmt.Sprintf("%s [label=\"I: %x\"]\n", me, n.hash.Bytes())
+		ret = fmt.Sprintf("%s [label=\"I: %x\"]\n", me, n.hash.BytesLE())
 		if len(parent) > 0 {
 			ret = fmt.Sprintf("%s %s -> %s\n", ret, parent, me)
 		}

diff --git a/stateless_test.go b/stateless_test.go
@@ -234,6 +234,6 @@ func TestStatelessToDot(t *testing.T) {
 	stlJ := strings.Join(stl, "\n")
 
 	if stfJ != stlJ {
-		t.Fatalf("hashes differ after insertion %v %v", stf, stl)
+		t.Fatalf("hashes differ after insertion %v ||| %v", stf, stl)
 	}
 }
diff --git a/tree.go b/tree.go
@@ -589,7 +589,7 @@ func (n *InternalNode) clearCache() {
 func (n *InternalNode) toDot(parent, path string) string {
 	n.ComputeCommitment()
 	me := fmt.Sprintf("internal%s", path)
-	ret := fmt.Sprintf("%s [label=\"I: %x\"]\n", me, n.hash.Bytes())
+	ret := fmt.Sprintf("%s [label=\"I: %x\"]\n", me, n.hash.BytesLE())
 	if len(parent) > 0 {
 		ret = fmt.Sprintf("%s %s -> %s\n", ret, parent, me)
 	}
@@ -657,7 +657,7 @@ func (n *LeafNode) ComputeCommitment() *Fr {
 	count := 0
 	var poly, c1poly, c2poly [256]Fr
 	poly[0].SetUint64(1)
-	FromBytes(&poly[1], n.stem)
+	StemFromBytes(&poly[1], n.stem)
 
 	count = fillSuffixTreePoly(c1poly[:], n.values[:128])
 	n.c1 = n.committer.CommitToPoly(c1poly[:], 256-count)
@@ -716,7 +716,7 @@ func (n *LeafNode) GetCommitmentsAlongPath(key []byte) (*ProofElements, byte, []
 	if !equalPaths(n.stem, key) {
 		var poly [256]Fr
 		poly[0].SetUint64(1)
-		poly[1].SetBytes(n.stem)
+		StemFromBytes(&poly[1], n.stem)
 		toFr(&poly[2], n.c1)
 		toFr(&poly[3], n.c2)
 		return &ProofElements{
@@ -743,7 +743,7 @@ func (n *LeafNode) GetCommitmentsAlongPath(key []byte) (*ProofElements, byte, []
 
 	var extPoly [256]Fr
 	extPoly[0].SetUint64(1)
-	extPoly[1].SetBytes(n.stem)
+	StemFromBytes(&extPoly[1], n.stem)
 	toFr(&extPoly[2], n.c1)
 	toFr(&extPoly[3], n.c2)
 

diff --git a/tree_ipa_test.go b/tree_ipa_test.go
@@ -48,7 +48,7 @@ func extensionAndSuffixOneKey(key, value []byte, ret *Point) {
 		t1, t2, c1                      Point
 	)
 	stemComm0 := srs[0]
-	FromBytes(&v, key[:31])
+	StemFromBytes(&v, key[:31])
 	stemComm1.ScalarMul(&srs[1], &v)
 
 	leafToComms(vs[:], value)
@@ -141,7 +141,7 @@ func TestInsertSameStemTwoLeaves(t *testing.T) {
 	comm := root.ComputeCommitment()
 
 	stemComm0 := GetConfig().conf.SRS[0]
-	FromBytes(&v, key_a[:31])
+	StemFromBytes(&v, key_a[:31])
 	stemComm1.ScalarMul(&srs[1], &v)
 
 	leafToComms(vs[:], key_a)