quilibrium-verkle
Verkle trie implementation with KZG polynomial commitments for the Quilibrium network.
Overview
This crate provides a Verkle trie data structure with KZG (Kate-Zaverucha-Goldberg) polynomial commitments. Verkle tries enable efficient, constant-size cryptographic proofs of inclusion for key-value data.
Features
- Vector Commitment Trie: 64-ary tree structure with KZG commitments at each branch
- Constant-Size Proofs: 74-byte commitments regardless of tree size
- Inclusion Proofs: Logarithmic-size proofs that a key-value pair exists in the tree
- Multiproofs: Efficient batch proofs for multiple keys simultaneously
- RDF Schema Support: Map structured data (like name records) using RDF Turtle schemas
- Go Compatibility: Byte-for-byte compatible with Quilibrium's monorepo go implementation
Installation
Add this to your Cargo.toml:
[]
= "2.1.0"
= "2.1.0" # Required for cryptographic operations
Quick Start
use VectorCommitmentTrie;
// Initialize the BLS library (required once)
init;
// Create a new verkle trie
let mut trie = new;
// Insert key-value pairs
trie.insert.unwrap;
trie.insert.unwrap;
// Get the root commitment (74 bytes)
let commitment = trie.commit.unwrap;
// Retrieve a value
let value = trie.get;
assert_eq!;
Generating Proofs
use VectorCommitmentTrie;
init;
let mut trie = new;
trie.insert.unwrap;
trie.insert.unwrap;
// Generate a proof that key [1] exists with value [10]
let proof = trie.prove.unwrap;
let commitment = trie.commit.unwrap;
// Verify the proof
assert!;
// Extract the proven value
let values = proof.verify_and_extract.unwrap;
assert_eq!;
Multiproofs
Prove multiple keys efficiently in a single proof:
use VectorCommitmentTrie;
init;
let mut trie = new;
trie.insert.unwrap;
trie.insert.unwrap;
trie.insert.unwrap;
// Generate a proof for multiple keys at once
let keys = vec!;
let proof = trie.prove_multiple.unwrap;
// Verify and extract all values
let commitment = trie.commit.unwrap;
let values = proof.verify_and_extract.unwrap;
assert_eq!;
RDF Schema-Based Proofs
The RDF multiprover allows you to define structured schemas using Turtle RDF format:
use ;
init;
// Define an RDF schema for a name record
let schema = r#"
@prefix qcl: <https://types.quilibrium.com/qcl/> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix name: <https://types.quilibrium.com/schema-repository/name/> .
name:NameRecord a rdfs:Class ;
rdfs:comment "Quilibrium name service record" .
name:Name a rdfs:Property ;
rdfs:range name:NameRecord ;
rdfs:domain qcl:String ;
qcl:size 32 ;
qcl:order 1 .
name:Owner a rdfs:Property ;
rdfs:range name:NameRecord ;
rdfs:domain qcl:ByteArray ;
qcl:size 57 ;
qcl:order 2 .
"#;
// Create tree and insert data
let mut tree = new;
tree.insert.unwrap;
tree.insert.unwrap;
// Generate a proof for specific fields
let multiprover = new;
let fields = vec!;
let proof = multiprover.prove.unwrap;
// Get commitment and proof bytes
let commitment = tree.commit.unwrap;
let proof_bytes = proof.to_bytes.unwrap;
// Verify the proof
let data = vec!;
let valid = multiprover.verify.unwrap;
assert!;
How It Works
Verkle Trie Structure
A Verkle trie is a 64-ary tree where:
- Each node has up to 64 children
- Leaf nodes store key-value pairs with SHA-512 commitments
- Branch nodes commit to their children using KZG polynomial commitments
- Paths through the tree are determined by 6-bit nibbles from the key
KZG Commitments
Each branch node's 64 children are represented as a degree-63 polynomial, which is committed using KZG commitments on the BLS48-581 elliptic curve. This enables:
- Constant-size commitments (74 bytes) for any number of children
- Efficient opening proofs at specific indices
- Batch verification of multiple openings
Cryptographic Security
The trie provides binding commitments: once data is committed, it cannot be changed without detectably altering the root commitment. Proofs are:
- Complete: Prove that a key exists with a specific value
- Sound: Cannot create false proofs for incorrect data
- Succinct: Logarithmic proof size relative to tree size
Use Cases
- Name Service Records: Prove specific fields of a name record without revealing the entire record
- State Commitments: Commit to application state with efficient partial proofs
- Blockchain Light Clients: Verify specific state values without downloading full state
- Verifiable Databases: Provide cryptographic proofs for database queries
Performance
- Commitment Size: 74 bytes (constant, regardless of tree size)
- Proof Size: ~437 bytes for single key, ~1.3KB for 3 keys
- Generation Time: ~10-15ms per single-key proof
- Verification Time: ~8-12ms per single-key proof
Compatibility
This implementation is byte-for-byte compatible with the Go implementation in Quilibrium's ceremonyclient.
Documentation
For complete API documentation, run:
Or visit docs.rs/quilibrium-verkle.
Testing
Run the test suite:
The test suite includes:
- Unit tests for all components
- Integration tests with known test vectors
- Go compatibility tests
License
Licensed under the MIT License. See LICENSE for details.
Contributing
Contributions are welcome! Please ensure:
- All tests pass (
cargo test) - Code is formatted (
cargo fmt) - No clippy warnings (
cargo clippy)