@aztec/blob-lib 5.0.0-nightly.20260421 → 5.0.0-nightly.20260422
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dest/blob_batching.d.ts +2 -2
- package/dest/blob_batching.d.ts.map +1 -1
- package/dest/blob_batching.js +18 -18
- package/dest/hash.d.ts +5 -4
- package/dest/hash.d.ts.map +1 -1
- package/dest/hash.js +9 -7
- package/package.json +3 -3
- package/src/blob_batching.ts +15 -12
- package/src/hash.ts +11 -6
package/dest/blob_batching.d.ts
CHANGED
|
@@ -103,7 +103,7 @@ export declare class BatchedBlobAccumulator {
|
|
|
103
103
|
* - z := z_acc (final challenge, at which all blobs are evaluated)
|
|
104
104
|
* - y := y_acc (final opening to be checked on L1)
|
|
105
105
|
* - c := c_acc (final commitment to be checked on L1)
|
|
106
|
-
* - gamma := poseidon2(gamma_acc, z) (challenge for linear combination of y and C, above)
|
|
106
|
+
* - gamma := poseidon2(BLOB_GAMMA_FINAL, gamma_acc, z) (challenge for linear combination of y and C, above)
|
|
107
107
|
*
|
|
108
108
|
* @param verifyProof - Whether to verify the KZG proof.
|
|
109
109
|
* @returns A batched blob.
|
|
@@ -115,4 +115,4 @@ export declare class BatchedBlobAccumulator {
|
|
|
115
115
|
toBlobAccumulator(): BlobAccumulator;
|
|
116
116
|
toFinalBlobAccumulator(): FinalBlobAccumulator;
|
|
117
117
|
}
|
|
118
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
118
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYmxvYl9iYXRjaGluZy5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2Jsb2JfYmF0Y2hpbmcudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBR0EsT0FBTyxFQUFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUNyRSxPQUFPLEVBQUUsRUFBRSxFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFFcEQsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBQ2hELE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFFakMsT0FBTyxFQUFFLGVBQWUsRUFBRSxvQkFBb0IsRUFBRSwyQkFBMkIsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBSTlHOzs7R0FHRztBQUNILHFCQUFhLHNCQUFzQjtJQUUvQiw4Q0FBOEM7YUFDOUIsc0JBQXNCLEVBQUUsRUFBRTtJQUMxQyxzRUFBc0U7YUFDdEQsSUFBSSxFQUFFLEVBQUU7SUFDeEIseUdBQXlHO2FBQ3pGLElBQUksRUFBRSxPQUFPO0lBQzdCLHFHQUFxRzthQUNyRixJQUFJLEVBQUUsVUFBVTtJQUNoQyxvR0FBb0c7YUFDcEYsSUFBSSxFQUFFLFVBQVU7SUFDaEM7Ozs7T0FJRzthQUNhLFFBQVEsRUFBRSxFQUFFO0lBQzVCLHVHQUF1RzthQUN2RixRQUFRLEVBQUUsT0FBTztJQUNqQyxvR0FBb0c7YUFDcEYsbUJBQW1CLEVBQUUsMkJBQTJCO0lBcEJsRTtJQUNFLDhDQUE4QztJQUM5QixzQkFBc0IsRUFBRSxFQUFFO0lBQzFDLHNFQUFzRTtJQUN0RCxJQUFJLEVBQUUsRUFBRTtJQUN4Qix5R0FBeUc7SUFDekYsSUFBSSxFQUFFLE9BQU87SUFDN0IscUdBQXFHO0lBQ3JGLElBQUksRUFBRSxVQUFVO0lBQ2hDLG9HQUFvRztJQUNwRixJQUFJLEVBQUUsVUFBVTtJQUNoQzs7OztPQUlHO0lBQ2EsUUFBUSxFQUFFLEVBQUU7SUFDNUIsdUdBQXVHO0lBQ3ZGLFFBQVEsRUFBRSxPQUFPO0lBQ2pDLG9HQUFvRztJQUNwRixtQkFBbUIsRUFBRSwyQkFBMkIsRUFDOUQ7SUFFSjs7O09BR0c7SUFDSCxNQUFNLENBQUMsaUJBQWlCLENBQUMsbUJBQW1CLEVBQUUsMkJBQTJCLEdBQUcsc0JBQXNCLENBV2pHO0lBRUQ7Ozs7T0FJRztJQUNILE9BQWEsY0FBYyxDQUFDLHVCQUF1QixFQUFFLEVBQUUsRUFBRSxFQUFFLEdBQUcsT0FBTyxDQUFDLHNCQUFzQixDQUFDLENBRzVGO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsT0FBYSxLQUFLLENBQUMsdUJBQXVCLEVBQUUsRUFBRSxFQUFFLEVBQUUsRUFBRSxXQUFXLFVBQVEsR0FBRyxPQUFPLENBQUMsV0FBVyxDQUFDLENBZTdGO0lBRUQ7Ozs7Ozs7Ozs7O09BV0c7SUFDSCxPQUFhLCtCQUErQixDQUFDLHVCQUF1QixFQUFFLEVBQUUsRUFBRSxFQUFFLEdBQUcsT0FBTyxDQUFDLDJCQUEyQixDQUFDLENBbUNsSDtJQUVEOzs7O09BSUc7SUFDRyxjQUFjLENBQUMsSUFBSSxFQUFFLElBQUksRUFBRSxjQUFjLEVBQUUsRUFBRSxtQ0F1Q2xEO0lBRUQ7Ozs7O09BS0c7SUFDRyxnQkFBZ0IsQ0FBQyxVQUFVLEVBQUUsRUFBRSxFQUFFLG1DQWtCdEM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0csUUFBUSxDQUFDLFdBQVcsVUFBUSxHQUFHLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0F5QnhEO0lBRUQsTUFBTSxZQU9MO0lBRUQsWUFBWSxZQVVYO0lBRUQsS0FBSywyQkFXSjtJQUVELGlCQUFpQixvQkFTaEI7SUFFRCxzQkFBc0IseUJBRXJCO0NBQ0YifQ==
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"blob_batching.d.ts","sourceRoot":"","sources":["../src/blob_batching.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,gCAAgC,CAAC;AACrE,OAAO,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,2BAA2B,EAAE,MAAM,0BAA0B,CAAC;AAI9G;;;GAGG;AACH,qBAAa,sBAAsB;IAE/B,8CAA8C;aAC9B,sBAAsB,EAAE,EAAE;IAC1C,sEAAsE;aACtD,IAAI,EAAE,EAAE;IACxB,yGAAyG;aACzF,IAAI,EAAE,OAAO;IAC7B,qGAAqG;aACrF,IAAI,EAAE,UAAU;IAChC,oGAAoG;aACpF,IAAI,EAAE,UAAU;IAChC;;;;OAIG;aACa,QAAQ,EAAE,EAAE;IAC5B,uGAAuG;aACvF,QAAQ,EAAE,OAAO;IACjC,oGAAoG;aACpF,mBAAmB,EAAE,2BAA2B;IApBlE;IACE,8CAA8C;IAC9B,sBAAsB,EAAE,EAAE;IAC1C,sEAAsE;IACtD,IAAI,EAAE,EAAE;IACxB,yGAAyG;IACzF,IAAI,EAAE,OAAO;IAC7B,qGAAqG;IACrF,IAAI,EAAE,UAAU;IAChC,oGAAoG;IACpF,IAAI,EAAE,UAAU;IAChC;;;;OAIG;IACa,QAAQ,EAAE,EAAE;IAC5B,uGAAuG;IACvF,QAAQ,EAAE,OAAO;IACjC,oGAAoG;IACpF,mBAAmB,EAAE,2BAA2B,EAC9D;IAEJ;;;OAGG;IACH,MAAM,CAAC,iBAAiB,CAAC,mBAAmB,EAAE,2BAA2B,GAAG,sBAAsB,CAWjG;IAED;;;;OAIG;IACH,OAAa,cAAc,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAG5F;IAED;;;;;;OAMG;IACH,OAAa,KAAK,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,EAAE,WAAW,UAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,CAe7F;IAED;;;;;;;;;;;OAWG;IACH,OAAa,+BAA+B,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAmClH;IAED;;;;OAIG;IACG,cAAc,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,mCAuClD;IAED;;;;;OAKG;IACG,gBAAgB,CAAC,UAAU,EAAE,EAAE,EAAE,mCAkBtC;IAED;;;;;;;;;;;;;OAaG;IACG,QAAQ,CAAC,WAAW,UAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"blob_batching.d.ts","sourceRoot":"","sources":["../src/blob_batching.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,gCAAgC,CAAC;AACrE,OAAO,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,2BAA2B,EAAE,MAAM,0BAA0B,CAAC;AAI9G;;;GAGG;AACH,qBAAa,sBAAsB;IAE/B,8CAA8C;aAC9B,sBAAsB,EAAE,EAAE;IAC1C,sEAAsE;aACtD,IAAI,EAAE,EAAE;IACxB,yGAAyG;aACzF,IAAI,EAAE,OAAO;IAC7B,qGAAqG;aACrF,IAAI,EAAE,UAAU;IAChC,oGAAoG;aACpF,IAAI,EAAE,UAAU;IAChC;;;;OAIG;aACa,QAAQ,EAAE,EAAE;IAC5B,uGAAuG;aACvF,QAAQ,EAAE,OAAO;IACjC,oGAAoG;aACpF,mBAAmB,EAAE,2BAA2B;IApBlE;IACE,8CAA8C;IAC9B,sBAAsB,EAAE,EAAE;IAC1C,sEAAsE;IACtD,IAAI,EAAE,EAAE;IACxB,yGAAyG;IACzF,IAAI,EAAE,OAAO;IAC7B,qGAAqG;IACrF,IAAI,EAAE,UAAU;IAChC,oGAAoG;IACpF,IAAI,EAAE,UAAU;IAChC;;;;OAIG;IACa,QAAQ,EAAE,EAAE;IAC5B,uGAAuG;IACvF,QAAQ,EAAE,OAAO;IACjC,oGAAoG;IACpF,mBAAmB,EAAE,2BAA2B,EAC9D;IAEJ;;;OAGG;IACH,MAAM,CAAC,iBAAiB,CAAC,mBAAmB,EAAE,2BAA2B,GAAG,sBAAsB,CAWjG;IAED;;;;OAIG;IACH,OAAa,cAAc,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAG5F;IAED;;;;;;OAMG;IACH,OAAa,KAAK,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,EAAE,WAAW,UAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,CAe7F;IAED;;;;;;;;;;;OAWG;IACH,OAAa,+BAA+B,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAmClH;IAED;;;;OAIG;IACG,cAAc,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,mCAuClD;IAED;;;;;OAKG;IACG,gBAAgB,CAAC,UAAU,EAAE,EAAE,EAAE,mCAkBtC;IAED;;;;;;;;;;;;;OAaG;IACG,QAAQ,CAAC,WAAW,UAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,CAyBxD;IAED,MAAM,YAOL;IAED,YAAY,YAUX;IAED,KAAK,2BAWJ;IAED,iBAAiB,oBAShB;IAED,sBAAsB,yBAErB;CACF"}
|
package/dest/blob_batching.js
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { BLOBS_PER_CHECKPOINT, MAX_CHECKPOINTS_PER_EPOCH } from '@aztec/constants';
|
|
2
|
-
import {
|
|
1
|
+
import { BLOBS_PER_CHECKPOINT, DomainSeparator, MAX_CHECKPOINTS_PER_EPOCH } from '@aztec/constants';
|
|
2
|
+
import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
|
|
3
3
|
import { sha256ToField } from '@aztec/foundation/crypto/sha256';
|
|
4
4
|
import { BLS12Fr, BLS12Point } from '@aztec/foundation/curves/bls12';
|
|
5
5
|
import { Fr } from '@aztec/foundation/curves/bn254';
|
|
6
6
|
import { BatchedBlob } from './batched_blob.js';
|
|
7
7
|
import { getBlobsPerL1Block } from './blob_utils.js';
|
|
8
8
|
import { BlobAccumulator, FinalBlobAccumulator, FinalBlobBatchingChallenges } from './circuit_types/index.js';
|
|
9
|
-
import { computeBlobFieldsHash,
|
|
9
|
+
import { computeBlobFieldsHash, hashBlobYLimbs } from './hash.js';
|
|
10
10
|
import { getKzg } from './kzg_context.js';
|
|
11
11
|
/**
|
|
12
12
|
* A class to create, manage, and prove batched EVM blobs.
|
|
@@ -92,10 +92,10 @@ import { getKzg } from './kzg_context.js';
|
|
|
92
92
|
if (!z) {
|
|
93
93
|
z = challengeZ;
|
|
94
94
|
} else {
|
|
95
|
-
z = await
|
|
95
|
+
z = await poseidon2HashWithSeparator([
|
|
96
96
|
z,
|
|
97
97
|
challengeZ
|
|
98
|
-
]);
|
|
98
|
+
], DomainSeparator.BLOB_Z_ACC);
|
|
99
99
|
}
|
|
100
100
|
}
|
|
101
101
|
allBlobs.push(...blobs);
|
|
@@ -105,20 +105,20 @@ import { getKzg } from './kzg_context.js';
|
|
|
105
105
|
}
|
|
106
106
|
// Now we have a shared challenge for all blobs, evaluate them...
|
|
107
107
|
const proofObjects = await Promise.all(allBlobs.map((b)=>b.evaluate(z)));
|
|
108
|
-
const evaluations = await Promise.all(proofObjects.map(({ y })=>
|
|
108
|
+
const evaluations = await Promise.all(proofObjects.map(({ y })=>hashBlobYLimbs(y)));
|
|
109
109
|
// ...and find the challenge for the linear combination of blobs.
|
|
110
110
|
let gamma = evaluations[0];
|
|
111
111
|
// We start at i = 1, because gamma is initialized as the first blob's evaluation.
|
|
112
112
|
for(let i = 1; i < allBlobs.length; i++){
|
|
113
|
-
gamma = await
|
|
113
|
+
gamma = await poseidon2HashWithSeparator([
|
|
114
114
|
gamma,
|
|
115
115
|
evaluations[i]
|
|
116
|
-
]);
|
|
116
|
+
], DomainSeparator.BLOB_GAMMA_ACC);
|
|
117
117
|
}
|
|
118
|
-
gamma = await
|
|
118
|
+
gamma = await poseidon2HashWithSeparator([
|
|
119
119
|
gamma,
|
|
120
120
|
z
|
|
121
|
-
]);
|
|
121
|
+
], DomainSeparator.BLOB_GAMMA_FINAL);
|
|
122
122
|
return new FinalBlobBatchingChallenges(z, BLS12Fr.fromBN254Fr(gamma));
|
|
123
123
|
}
|
|
124
124
|
/**
|
|
@@ -141,19 +141,19 @@ import { getKzg } from './kzg_context.js';
|
|
|
141
141
|
* - gamma^(i + 1) = gamma^1 = gamma // denoted gamma_pow_acc
|
|
142
142
|
*/ return new BatchedBlobAccumulator(sha256ToField([
|
|
143
143
|
blob.commitment
|
|
144
|
-
]), blobChallengeZ, thisY, thisC, thisQ, await
|
|
144
|
+
]), blobChallengeZ, thisY, thisC, thisQ, await hashBlobYLimbs(thisY), this.finalBlobChallenges.gamma, this.finalBlobChallenges);
|
|
145
145
|
} else {
|
|
146
146
|
// Moving from i - 1 to i, so:
|
|
147
147
|
return new BatchedBlobAccumulator(sha256ToField([
|
|
148
148
|
this.blobCommitmentsHashAcc,
|
|
149
149
|
blob.commitment
|
|
150
|
-
]), await
|
|
150
|
+
]), await poseidon2HashWithSeparator([
|
|
151
151
|
this.zAcc,
|
|
152
152
|
blobChallengeZ
|
|
153
|
-
]), this.yAcc.add(thisY.mul(this.gammaPow)), this.cAcc.add(thisC.mul(this.gammaPow)), this.qAcc.add(thisQ.mul(this.gammaPow)), await
|
|
153
|
+
], DomainSeparator.BLOB_Z_ACC), this.yAcc.add(thisY.mul(this.gammaPow)), this.cAcc.add(thisC.mul(this.gammaPow)), this.qAcc.add(thisQ.mul(this.gammaPow)), await poseidon2HashWithSeparator([
|
|
154
154
|
this.gammaAcc,
|
|
155
|
-
await
|
|
156
|
-
]), this.gammaPow.mul(this.finalBlobChallenges.gamma), this.finalBlobChallenges);
|
|
155
|
+
await hashBlobYLimbs(thisY)
|
|
156
|
+
], DomainSeparator.BLOB_GAMMA_ACC), this.gammaPow.mul(this.finalBlobChallenges.gamma), this.finalBlobChallenges);
|
|
157
157
|
}
|
|
158
158
|
}
|
|
159
159
|
/**
|
|
@@ -184,16 +184,16 @@ import { getKzg } from './kzg_context.js';
|
|
|
184
184
|
* - z := z_acc (final challenge, at which all blobs are evaluated)
|
|
185
185
|
* - y := y_acc (final opening to be checked on L1)
|
|
186
186
|
* - c := c_acc (final commitment to be checked on L1)
|
|
187
|
-
* - gamma := poseidon2(gamma_acc, z) (challenge for linear combination of y and C, above)
|
|
187
|
+
* - gamma := poseidon2(BLOB_GAMMA_FINAL, gamma_acc, z) (challenge for linear combination of y and C, above)
|
|
188
188
|
*
|
|
189
189
|
* @param verifyProof - Whether to verify the KZG proof.
|
|
190
190
|
* @returns A batched blob.
|
|
191
191
|
*/ async finalize(verifyProof = false) {
|
|
192
192
|
// All values in acc are final, apart from gamma := poseidon2(gammaAcc, z):
|
|
193
|
-
const calculatedGamma = await
|
|
193
|
+
const calculatedGamma = await poseidon2HashWithSeparator([
|
|
194
194
|
this.gammaAcc,
|
|
195
195
|
this.zAcc
|
|
196
|
-
]);
|
|
196
|
+
], DomainSeparator.BLOB_GAMMA_FINAL);
|
|
197
197
|
// Check final values:
|
|
198
198
|
if (!this.zAcc.equals(this.finalBlobChallenges.z)) {
|
|
199
199
|
throw new Error(`Blob batching mismatch: accumulated z ${this.zAcc} does not equal injected z ${this.finalBlobChallenges.z}`);
|
package/dest/hash.d.ts
CHANGED
|
@@ -36,8 +36,9 @@ export declare function computeBlobCommitment(data: Uint8Array): Promise<Buffer>
|
|
|
36
36
|
export declare function commitmentToFields(commitment: Buffer): [Fr, Fr];
|
|
37
37
|
export declare function computeChallengeZ(blobFieldsHash: Fr, commitment: Buffer): Promise<Fr>;
|
|
38
38
|
/**
|
|
39
|
-
* Hash
|
|
40
|
-
*
|
|
39
|
+
* Hash the u128 limbs of a BLS field's noir bignum representation under the `BLOB_HASHED_Y_LIMBS` separator.
|
|
40
|
+
* Used to commit to blob evaluation values `y_i` before folding them into the gamma accumulator; mirrors the
|
|
41
|
+
* hash accumulation performed in the rollup circuits.
|
|
41
42
|
*/
|
|
42
|
-
export declare function
|
|
43
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
43
|
+
export declare function hashBlobYLimbs(field: BLS12Fr): Promise<Fr>;
|
|
44
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGFzaC5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2hhc2gudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBR0EsT0FBTyxFQUFFLE9BQU8sRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBQ3pELE9BQU8sRUFBRSxFQUFFLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQU9wRDs7R0FFRztBQUNILHdCQUFnQiwyQkFBMkIsQ0FBQyxVQUFVLEVBQUUsTUFBTSxHQUFHLE1BQU0sQ0FJdEU7QUFPRCx3QkFBZ0IsZ0JBQWdCLENBQUMsc0JBQXNCLEVBQUUsTUFBTSxFQUFFLEdBQUcsRUFBRSxDQUVyRTtBQUVEOzs7Ozs7Ozs7OztHQVdHO0FBQ0gsd0JBQXNCLHFCQUFxQixDQUFDLE1BQU0sRUFBRSxFQUFFLEVBQUUsR0FBRyxPQUFPLENBQUMsRUFBRSxDQUFDLENBSXJFO0FBRUQsd0JBQXNCLHFCQUFxQixDQUFDLElBQUksRUFBRSxVQUFVLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQU03RTtBQUVEOzs7Ozs7Ozs7Ozs7O0dBYUc7QUFDSCx3QkFBZ0Isa0JBQWtCLENBQUMsVUFBVSxFQUFFLE1BQU0sR0FBRyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FNL0Q7QUFFRCx3QkFBc0IsaUJBQWlCLENBQUMsY0FBYyxFQUFFLEVBQUUsRUFBRSxVQUFVLEVBQUUsTUFBTSxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUMsQ0FNM0Y7QUFFRDs7OztHQUlHO0FBQ0gsd0JBQXNCLGNBQWMsQ0FBQyxLQUFLLEVBQUUsT0FBTyxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUMsQ0FHaEUifQ==
|
package/dest/hash.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../src/hash.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../src/hash.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,MAAM,gCAAgC,CAAC;AACzD,OAAO,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AAOpD;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAItE;AAOD,wBAAgB,gBAAgB,CAAC,sBAAsB,EAAE,MAAM,EAAE,GAAG,EAAE,CAErE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,qBAAqB,CAAC,MAAM,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC,CAIrE;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAM7E;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAM/D;AAED,wBAAsB,iBAAiB,CAAC,cAAc,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,EAAE,CAAC,CAM3F;AAED;;;;GAIG;AACH,wBAAsB,cAAc,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,EAAE,CAAC,CAGhE"}
|
package/dest/hash.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { DomainSeparator } from '@aztec/constants';
|
|
2
|
+
import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
|
|
2
3
|
import { sha256, sha256ToField } from '@aztec/foundation/crypto/sha256';
|
|
3
4
|
import { Fr } from '@aztec/foundation/curves/bn254';
|
|
4
5
|
import { getBytesPerBlob, getBytesPerCommitment, getKzg } from './kzg_context.js';
|
|
@@ -65,16 +66,17 @@ export async function computeBlobCommitment(data) {
|
|
|
65
66
|
}
|
|
66
67
|
export async function computeChallengeZ(blobFieldsHash, commitment) {
|
|
67
68
|
const commitmentFields = commitmentToFields(commitment);
|
|
68
|
-
return await
|
|
69
|
+
return await poseidon2HashWithSeparator([
|
|
69
70
|
blobFieldsHash,
|
|
70
71
|
commitmentFields[0],
|
|
71
72
|
commitmentFields[1]
|
|
72
|
-
]);
|
|
73
|
+
], DomainSeparator.BLOB_CHALLENGE_Z);
|
|
73
74
|
}
|
|
74
75
|
/**
|
|
75
|
-
* Hash
|
|
76
|
-
*
|
|
77
|
-
|
|
76
|
+
* Hash the u128 limbs of a BLS field's noir bignum representation under the `BLOB_HASHED_Y_LIMBS` separator.
|
|
77
|
+
* Used to commit to blob evaluation values `y_i` before folding them into the gamma accumulator; mirrors the
|
|
78
|
+
* hash accumulation performed in the rollup circuits.
|
|
79
|
+
*/ export async function hashBlobYLimbs(field) {
|
|
78
80
|
const num = field.toNoirBigNum();
|
|
79
|
-
return await
|
|
81
|
+
return await poseidon2HashWithSeparator(num.limbs.map(Fr.fromHexString), DomainSeparator.BLOB_HASHED_Y_LIMBS);
|
|
80
82
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aztec/blob-lib",
|
|
3
|
-
"version": "5.0.0-nightly.
|
|
3
|
+
"version": "5.0.0-nightly.20260422",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": "./dest/index.js",
|
|
@@ -27,8 +27,8 @@
|
|
|
27
27
|
"../package.common.json"
|
|
28
28
|
],
|
|
29
29
|
"dependencies": {
|
|
30
|
-
"@aztec/constants": "5.0.0-nightly.
|
|
31
|
-
"@aztec/foundation": "5.0.0-nightly.
|
|
30
|
+
"@aztec/constants": "5.0.0-nightly.20260422",
|
|
31
|
+
"@aztec/foundation": "5.0.0-nightly.20260422",
|
|
32
32
|
"@crate-crypto/node-eth-kzg": "^0.10.0",
|
|
33
33
|
"tslib": "^2.4.0"
|
|
34
34
|
},
|
package/src/blob_batching.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { BLOBS_PER_CHECKPOINT, MAX_CHECKPOINTS_PER_EPOCH } from '@aztec/constants';
|
|
2
|
-
import {
|
|
1
|
+
import { BLOBS_PER_CHECKPOINT, DomainSeparator, MAX_CHECKPOINTS_PER_EPOCH } from '@aztec/constants';
|
|
2
|
+
import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
|
|
3
3
|
import { sha256ToField } from '@aztec/foundation/crypto/sha256';
|
|
4
4
|
import { BLS12Fr, BLS12Point } from '@aztec/foundation/curves/bls12';
|
|
5
5
|
import { Fr } from '@aztec/foundation/curves/bn254';
|
|
@@ -8,7 +8,7 @@ import { BatchedBlob } from './batched_blob.js';
|
|
|
8
8
|
import { Blob } from './blob.js';
|
|
9
9
|
import { getBlobsPerL1Block } from './blob_utils.js';
|
|
10
10
|
import { BlobAccumulator, FinalBlobAccumulator, FinalBlobBatchingChallenges } from './circuit_types/index.js';
|
|
11
|
-
import { computeBlobFieldsHash,
|
|
11
|
+
import { computeBlobFieldsHash, hashBlobYLimbs } from './hash.js';
|
|
12
12
|
import { getKzg } from './kzg_context.js';
|
|
13
13
|
|
|
14
14
|
/**
|
|
@@ -116,7 +116,7 @@ export class BatchedBlobAccumulator {
|
|
|
116
116
|
if (!z) {
|
|
117
117
|
z = challengeZ;
|
|
118
118
|
} else {
|
|
119
|
-
z = await
|
|
119
|
+
z = await poseidon2HashWithSeparator([z, challengeZ], DomainSeparator.BLOB_Z_ACC);
|
|
120
120
|
}
|
|
121
121
|
}
|
|
122
122
|
allBlobs.push(...blobs);
|
|
@@ -127,14 +127,14 @@ export class BatchedBlobAccumulator {
|
|
|
127
127
|
|
|
128
128
|
// Now we have a shared challenge for all blobs, evaluate them...
|
|
129
129
|
const proofObjects = await Promise.all(allBlobs.map(b => b.evaluate(z)));
|
|
130
|
-
const evaluations = await Promise.all(proofObjects.map(({ y }) =>
|
|
130
|
+
const evaluations = await Promise.all(proofObjects.map(({ y }) => hashBlobYLimbs(y)));
|
|
131
131
|
// ...and find the challenge for the linear combination of blobs.
|
|
132
132
|
let gamma = evaluations[0];
|
|
133
133
|
// We start at i = 1, because gamma is initialized as the first blob's evaluation.
|
|
134
134
|
for (let i = 1; i < allBlobs.length; i++) {
|
|
135
|
-
gamma = await
|
|
135
|
+
gamma = await poseidon2HashWithSeparator([gamma, evaluations[i]], DomainSeparator.BLOB_GAMMA_ACC);
|
|
136
136
|
}
|
|
137
|
-
gamma = await
|
|
137
|
+
gamma = await poseidon2HashWithSeparator([gamma, z], DomainSeparator.BLOB_GAMMA_FINAL);
|
|
138
138
|
|
|
139
139
|
return new FinalBlobBatchingChallenges(z, BLS12Fr.fromBN254Fr(gamma));
|
|
140
140
|
}
|
|
@@ -166,7 +166,7 @@ export class BatchedBlobAccumulator {
|
|
|
166
166
|
thisY, // yAcc = gamma^0 * y_0 = 1 * y_0
|
|
167
167
|
thisC, // cAcc = gamma^0 * C_0 = 1 * C_0
|
|
168
168
|
thisQ, // qAcc = gamma^0 * Q_0 = 1 * Q_0
|
|
169
|
-
await
|
|
169
|
+
await hashBlobYLimbs(thisY), // gammaAcc = poseidon2(y_0.limbs)
|
|
170
170
|
this.finalBlobChallenges.gamma, // gammaPow = gamma^(i + 1) = gamma^1 = gamma
|
|
171
171
|
this.finalBlobChallenges,
|
|
172
172
|
);
|
|
@@ -174,11 +174,11 @@ export class BatchedBlobAccumulator {
|
|
|
174
174
|
// Moving from i - 1 to i, so:
|
|
175
175
|
return new BatchedBlobAccumulator(
|
|
176
176
|
sha256ToField([this.blobCommitmentsHashAcc, blob.commitment]), // blobCommitmentsHashAcc := sha256(blobCommitmentsHashAcc, C_i)
|
|
177
|
-
await
|
|
177
|
+
await poseidon2HashWithSeparator([this.zAcc, blobChallengeZ], DomainSeparator.BLOB_Z_ACC), // zAcc := poseidon2(BLOB_Z_ACC, zAcc, z_i)
|
|
178
178
|
this.yAcc.add(thisY.mul(this.gammaPow)), // yAcc := yAcc + (gamma^i * y_i)
|
|
179
179
|
this.cAcc.add(thisC.mul(this.gammaPow)), // cAcc := cAcc + (gamma^i * C_i)
|
|
180
180
|
this.qAcc.add(thisQ.mul(this.gammaPow)), // qAcc := qAcc + (gamma^i * C_i)
|
|
181
|
-
await
|
|
181
|
+
await poseidon2HashWithSeparator([this.gammaAcc, await hashBlobYLimbs(thisY)], DomainSeparator.BLOB_GAMMA_ACC), // gammaAcc := poseidon2(BLOB_GAMMA_ACC, gammaAcc, poseidon2(y_i.limbs))
|
|
182
182
|
this.gammaPow.mul(this.finalBlobChallenges.gamma), // gammaPow = gamma^(i + 1) = gamma^i * final_gamma
|
|
183
183
|
this.finalBlobChallenges,
|
|
184
184
|
);
|
|
@@ -220,14 +220,17 @@ export class BatchedBlobAccumulator {
|
|
|
220
220
|
* - z := z_acc (final challenge, at which all blobs are evaluated)
|
|
221
221
|
* - y := y_acc (final opening to be checked on L1)
|
|
222
222
|
* - c := c_acc (final commitment to be checked on L1)
|
|
223
|
-
* - gamma := poseidon2(gamma_acc, z) (challenge for linear combination of y and C, above)
|
|
223
|
+
* - gamma := poseidon2(BLOB_GAMMA_FINAL, gamma_acc, z) (challenge for linear combination of y and C, above)
|
|
224
224
|
*
|
|
225
225
|
* @param verifyProof - Whether to verify the KZG proof.
|
|
226
226
|
* @returns A batched blob.
|
|
227
227
|
*/
|
|
228
228
|
async finalize(verifyProof = false): Promise<BatchedBlob> {
|
|
229
229
|
// All values in acc are final, apart from gamma := poseidon2(gammaAcc, z):
|
|
230
|
-
const calculatedGamma = await
|
|
230
|
+
const calculatedGamma = await poseidon2HashWithSeparator(
|
|
231
|
+
[this.gammaAcc, this.zAcc],
|
|
232
|
+
DomainSeparator.BLOB_GAMMA_FINAL,
|
|
233
|
+
);
|
|
231
234
|
// Check final values:
|
|
232
235
|
if (!this.zAcc.equals(this.finalBlobChallenges.z)) {
|
|
233
236
|
throw new Error(
|
package/src/hash.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { DomainSeparator } from '@aztec/constants';
|
|
2
|
+
import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
|
|
2
3
|
import { sha256, sha256ToField } from '@aztec/foundation/crypto/sha256';
|
|
3
4
|
import { BLS12Fr } from '@aztec/foundation/curves/bls12';
|
|
4
5
|
import { Fr } from '@aztec/foundation/curves/bn254';
|
|
@@ -76,14 +77,18 @@ export function commitmentToFields(commitment: Buffer): [Fr, Fr] {
|
|
|
76
77
|
|
|
77
78
|
export async function computeChallengeZ(blobFieldsHash: Fr, commitment: Buffer): Promise<Fr> {
|
|
78
79
|
const commitmentFields = commitmentToFields(commitment);
|
|
79
|
-
return await
|
|
80
|
+
return await poseidon2HashWithSeparator(
|
|
81
|
+
[blobFieldsHash, commitmentFields[0], commitmentFields[1]],
|
|
82
|
+
DomainSeparator.BLOB_CHALLENGE_Z,
|
|
83
|
+
);
|
|
80
84
|
}
|
|
81
85
|
|
|
82
86
|
/**
|
|
83
|
-
* Hash
|
|
84
|
-
*
|
|
87
|
+
* Hash the u128 limbs of a BLS field's noir bignum representation under the `BLOB_HASHED_Y_LIMBS` separator.
|
|
88
|
+
* Used to commit to blob evaluation values `y_i` before folding them into the gamma accumulator; mirrors the
|
|
89
|
+
* hash accumulation performed in the rollup circuits.
|
|
85
90
|
*/
|
|
86
|
-
export async function
|
|
91
|
+
export async function hashBlobYLimbs(field: BLS12Fr): Promise<Fr> {
|
|
87
92
|
const num = field.toNoirBigNum();
|
|
88
|
-
return await
|
|
93
|
+
return await poseidon2HashWithSeparator(num.limbs.map(Fr.fromHexString), DomainSeparator.BLOB_HASHED_Y_LIMBS);
|
|
89
94
|
}
|