Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch from ark-bn254 to matterlabs/pairing (BFT-325) #28

Merged
merged 19 commits into from
Nov 10, 2023

Conversation

moshababo
Copy link
Contributor

@moshababo moshababo commented Nov 8, 2023

Switching bn254 implementation from crates/ark-bn254 to matter-labs/pairing due to compatibility issues of zksync-era with the former.

Notes:

  • bn254::tests::byte_fmt_correctness tests were added, previously not covered

TODO:

  • bn254::tests::aggregate_signature_distinct_messages is failing, need to figure out why
  • pairing dependency was redirected to a fork, due to missing functionality. If no other solution is found, it should be merged to upstream and dependency to be redirected back
  • bn254::testonly: need to find a solution for rand::Rng (rand = "0.8.0") trait object incompatibility with rand04::Rng (rand = "0.4.6") trait bound

@brunoffranca brunoffranca changed the title [WIP] Switch from ark-bn254 to matterlabs/pairing [WIP] Switch from ark-bn254 to matterlabs/pairing (BFT-325) Nov 8, 2023
node/Cargo.toml Outdated Show resolved Hide resolved
node/deny.toml Outdated Show resolved Hide resolved
node/libs/crypto/src/bn254/testonly.rs Outdated Show resolved Hide resolved
@moshababo
Copy link
Contributor Author

Pending matter-labs/pairing#11 to be merged.

@moshababo moshababo changed the title [WIP] Switch from ark-bn254 to matterlabs/pairing (BFT-325) Switch from ark-bn254 to matterlabs/pairing (BFT-325) Nov 9, 2023
@moshababo moshababo marked this pull request as ready for review November 9, 2023 16:42
node/Cargo.toml Outdated Show resolved Hide resolved
brunoffranca
brunoffranca previously approved these changes Nov 9, 2023
@@ -25,52 +27,66 @@ pub mod hash;
mod testonly;

/// Type safety wrapper around a scalar value.
#[derive(Debug, PartialEq)]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since SecretKey is sensitive information, it makes sense to manually define Debug so that it only outputs the corresponding public key.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use other private key types in crypto crate as example

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed here: d0eeea4

.map(Self)
.context("failed to decode secret key")
let mut fr_repr = FrRepr::default();
fr_repr.read_be(Cursor::new(bytes))?;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Nit: Cursor is not strictly necessary here; std::io::Read is implemented for &mut &[u8] as well (i.e., a shared reference to bytes, where the reference itself can change). Thus, you can declare mut bytes: &[u8] and call fr_repr.read_be(&mut bytes) and maybe check that all bytes were read.
  • Is big-endian encoding canonical for BN254 (i.e., used in other implementations)? Or is there no convention? I'm not entirely sure, but the ark implementation looks little-endian, although the Go one by Consensys is big-endian.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Nit: Cursor is not strictly necessary here; std::io::Read is implemented for &mut &[u8] as well (i.e., a shared reference to bytes, where the reference itself can change). Thus, you can declare mut bytes: &[u8] and call fr_repr.read_be(&mut bytes) and maybe check that all bytes were read.

Right it's not necessary. Simply removing it seems to be enough.

  • Is big-endian encoding canonical for BN254 (i.e., used in other implementations)? Or is there no convention? I'm not entirely sure, but the ark implementation looks little-endian, although the Go one by Consensys is big-endian.

I'm not sure, but I don't think that there is a convention regarding the endianness.

@@ -25,52 +27,66 @@ pub mod hash;
mod testonly;

/// Type safety wrapper around a scalar value.
#[derive(Debug, PartialEq)]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't implement PartialEq for private key. Always compare corresponding public keys instead.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about this: e3074cb?

@brunoffranca brunoffranca merged commit fefb04a into main Nov 10, 2023
4 checks passed
@brunoffranca brunoffranca deleted the switch_bn254 branch November 10, 2023 16:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants