rust_kzg_bn254_prover/lib.rs
1//! ## Library Design / Architecture
2//!
3//! The main purpose of this library is to allow taking a piece of data,
4//! committing to it, and then generating and verifying proofs against that
5//! commitment.
6//!
7//! ### Data Types
8//!
9//! The main data pipeline goes:
10//! > user data -> [blob::Blob] ->
11//! > [polynomial::PolynomialEvalForm]/[polynomial::PolynomialCoeffForm] -> KZG
12//! > Commitment / Proof
13//!
14//! - User Data: bytes array
15//! - meaningful to users (typically will be a rollup batch)
16//! - Blob: bn254 field elements array
17//! - meaningful to EigenDA network
18//! - Obtained from User Data by inserting zeroes every 31 bytes to make every
19//! 32 byte an element of bn254.
20//! - Polynomial: bn254 field elements array, interpreted as coefficients or
21//! evaluations of a polynomial
22//! - meaningful when committing and generating/verifying proofs
23//! - Obtained from Blob by appending zeroes to make the length a power of 2,
24//! and then interpreting the array as coefficients or evaluations of a
25//! polynomial.
26//! - KZG: struct storing the SRS points used to generate commitments and proofs
27//! - SRS points: bn254 group elements
28//! - inner producted with the polynomial to generate commitments
29//!
30//! The Blob and Polynomial structs are mostly
31//! [Plain Old Data](https://en.wikipedia.org/wiki/Passive_data_structure) with constructor and few helper methods.
32//! The interesting stuff happens in the [kzg::KZG] struct,
33//! which has methods for committing to a blob, polynomial in coeff or eval
34//! form, and generating and verifying proofs.
35//!
36//! Our current codebase has the types PolynomialEvalForm and
37//! PolynomialCoeffForm to represent the polynomial in evaluation and
38//! coefficient form respectively. However, we do not have types to represent
39//! the two forms of srs points. They are implicitly assumed to be in monomial
40//! form when loaded, and an IFFT is performed before taking the inner product
41//! with the polynomial in evaluation form.
42//!
43//! ### KZG Commitments
44//!
45//! A KZG commitment can be taken by an inner product between (poly_coeff,
46//! srs_monomial) or (poly_eval, srs_lagrange). FFT and IFFT operations can be
47//! performed to convert between these forms.
48//!
49//! 
50//!
51//! ### KZG Proofs
52//!
53//! TODO
54//!
55//! ## Examples
56//!
57//! ### Commit to a some user data
58//! ```rust
59//! use rust_kzg_bn254_prover::kzg::KZG;
60//! use rust_kzg_bn254_prover::srs::SRS;
61//! use rust_kzg_bn254_primitives::{blob::Blob};
62//! let kzg = KZG::new();
63//! let srs = SRS::new(
64//! "tests/test-files/mainnet-data/g1.131072.point",
65//! 268435456,
66//! 131072,
67//! ).unwrap();
68//!
69//! let rollup_data: &[u8] = "some rollup batcher data".as_bytes();
70//! let blob = Blob::from_raw_data(rollup_data);
71//! let poly = blob.to_polynomial_eval_form();
72//! let commitment = kzg.commit_eval_form(&poly, &srs).unwrap();
73//! ```
74//!
75//! ### Generate a proof for a piece of data
76//! ```rust
77//! // TODO:
78//! ```
79//!
80
81pub mod kzg;
82pub mod srs;