Merge remote-tracking branch 'origin/main' into fft-file

bindings/rust/README.md

@@ -19,3 +19,9 @@ cargo test --release
 ```
 cargo bench
 ```
+
+## Update `generated.rs`
+
+```
+cargo build --features generate-bindings
+```

bindings/rust/build.rs

@@ -82,6 +82,7 @@ fn make_bindings(header_path: &str, blst_headers_dir: &str, bindings_out_path: &
         .allowlist_type("C_KZG_RET")
         .allowlist_var("BYTES_PER_.*")
         .allowlist_var("FIELD_ELEMENTS_PER_BLOB")
+        .allowlist_var("FIELD_ELEMENTS_PER_EXT_BLOB")
         .allowlist_file(".*eip.*.h")
         .allowlist_file(".*setup.h")
         /*

src/Makefile

@@ -39,15 +39,21 @@ BLST_BUILDSCRIPT_FLAGS = -D__BLST_PORTABLE__
 # Libraries to build with.
 LIBS = $(BLST_LIBRARY)
 
-# List of individual implementation files.
-IMPL_FILES = common.c debug.c eip4844.c eip7594.c fft.c setup.c
-HEADER_FILES = $(patsubst %.c, %.h, $(IMPL_FILES))
+# Create file lists.
+SOURCE_FILES := $(shell find . -name '*.c' | sed 's|^\./||' | sort)
+HEADER_FILES := $(patsubst %.c, %.h, $(SOURCE_FILES))
+OBJECT_FILES := $(patsubst %.c, %.o, $(SOURCE_FILES))
+
+# There is no tests header file.
+HEADER_FILES := $(filter-out tests.h, $(HEADER_FILES))
+# We don't want to format this and it is not expected to change.
+HEADER_FILES := $(filter-out tinytest.h, $(HEADER_FILES))
 
 ###############################################################################
 # Core
 ###############################################################################
 
-all: ckzg.o test
+all: $(OBJECT_FILES) test
 
 $(BLST_BUILDSCRIPT):
 	@git submodule update --init
@@ -62,8 +68,8 @@ $(BLST_LIBRARY): $(BLST_BUILDSCRIPT)
 blst: $(BLST_LIBRARY)
 
 tests: CFLAGS += -O0
-tests: tests.c $(BLST_LIBRARY)
-	@$(CC) $(CFLAGS) -o $@ $< $(LIBS)
+tests: $(SOURCE_FILES) $(HEADER_FILES) $(BLST_LIBRARY)
+	@$(CC) $(CFLAGS) -o $@ tests.c $(LIBS)
 
 .PHONY: test
 test: tests
@@ -74,17 +80,17 @@ test: tests
 ###############################################################################
 
 tests_cov: CFLAGS += -O0 -fprofile-instr-generate -fcoverage-mapping
-tests_cov: tests.c ckzg.c
-	@$(CC) $(CFLAGS) -o $@ $< $(LIBS)
+tests_cov: $(SOURCE_FILES) $(HEADER_FILES) $(BLST_LIBRARY)
+	@$(CC) $(CFLAGS) -o $@ tests.c $(LIBS)
 
 .PHONY: coverage
 coverage: tests_cov
 	@LLVM_PROFILE_FILE="ckzg.profraw" ./$<
 	@$(XCRUN) llvm-profdata merge --sparse ckzg.profraw -o ckzg.profdata
 	@$(XCRUN) llvm-cov show --instr-profile=ckzg.profdata --format=html \
-	    $< $(IMPL_FILES) > coverage.html
+	    $< $(SOURCE_FILES) > coverage.html
 	@$(XCRUN) llvm-cov report --instr-profile=ckzg.profdata \
-	    --show-functions $< $(IMPL_FILES)
+	    --show-functions $< $(SOURCE_FILES)
 
 ###############################################################################
 # Profile
@@ -96,8 +102,8 @@ ifeq ($(PLATFORM),Darwin)
 tests_prof: CFLAGS += -L$(shell brew --prefix gperftools)/lib
 tests_prof: CFLAGS += -I$(shell brew --prefix gperftools)/include
 endif
-tests_prof: tests.c
-	@$(CC) $(CFLAGS) -o $@ $< $(LIBS)
+tests_prof: $(SOURCE_FILES) $(HEADER_FILES) $(BLST_LIBRARY)
+	@$(CC) $(CFLAGS) -o $@ tests.c $(LIBS)
 
 .PHONY: run_profiler
 run_profiler: tests_prof
@@ -127,9 +133,9 @@ profile: \
 
 .PHONY: sanitize_%
 sanitize_%: CFLAGS += -O0 -fsanitize=$*
-sanitize_%: tests.c
+sanitize_%: $(SOURCE_FILES) $(HEADER_FILES) $(BLST_LIBRARY)
 	@echo Running sanitize=$*...
-	@$(CC) $(CFLAGS) -o $@ $< $(LIBS)
+	@$(CC) $(CFLAGS) -o $@ tests.c $(LIBS)
 	@ASAN_OPTIONS=allocator_may_return_null=1 \
 	    LSAN_OPTIONS=allocator_may_return_null=1 \
 	    ./$@; rm $@
@@ -152,7 +158,7 @@ endif
 ###############################################################################
 
 .PHONY: analyze
-analyze: $(IMPL_FILES)
+analyze: $(SOURCE_FILES) $(HEADER_FILES)
 	@$(CC) --analyze -Xanalyzer -analyzer-output=html \
 	    -o analysis-report $(CFLAGS) -c $<
 	@[ -d analysis-report ] && exit 1 || exit 0
@@ -163,7 +169,7 @@ analyze: $(IMPL_FILES)
 
 .PHONY: format
 format:
-	@clang-format -i --sort-includes $(IMPL_FILES) $(HEADER_FILES) tests.c
+	@clang-format -i --sort-includes $(SOURCE_FILES) $(HEADER_FILES)
 
 .PHONY: clean
 clean:

src/common.h

@@ -17,6 +17,7 @@
 #pragma once
 
 #include "blst.h"
+
 #include <stdbool.h>
 
 #ifdef __cplusplus
@@ -39,6 +40,9 @@ extern "C" {
 /** The number of field elements in a blob. */
 #define FIELD_ELEMENTS_PER_BLOB 4096
 
+/** The number of field elements in an extended blob */
+#define FIELD_ELEMENTS_PER_EXT_BLOB (FIELD_ELEMENTS_PER_BLOB * 2)
+
 /** The number of bytes in a blob. */
 #define BYTES_PER_BLOB (FIELD_ELEMENTS_PER_BLOB * BYTES_PER_FIELD_ELEMENT)
 
@@ -100,14 +104,31 @@ typedef Bytes48 KZGProof;
 
 /** Stores the setup and parameters needed for computing KZG proofs. */
 typedef struct {
-    /** The length of `roots_of_unity`, a power of 2. */
-    uint64_t max_width;
-    /** Powers of the primitive root of unity determined by `SCALE2_ROOT_OF_UNITY` in bit-reversal
-     * permutation order, length `max_width`. */
+    /**
+     * Roots of unity for the subgroup of size `domain_size`.
+     *
+     * The array contains `domain_size + 1` elements, it starts and ends with Fr::one().
+     */
     fr_t *roots_of_unity;
-    /** The expanded roots of unity. */
-    fr_t *expanded_roots_of_unity;
-    /** The bit-reversal permuted roots of unity. */
+    /**
+     * Roots of unity for the subgroup of size `domain_size` in bit-reversed order.
+     *
+     * This array is derived by applying a bit-reversal permutation to `roots_of_unity`
+     * excluding the last element. Essentially:
+     *   `brp_roots_of_unity = bit_reversal_permutation(roots_of_unity[:-1])`
+     *
+     * The array contains `domain_size` elements.
+     */
+    fr_t *brp_roots_of_unity;
+    /**
+     * Roots of unity for the subgroup of size `domain_size` in reversed order.
+     *
+     * It is the reversed version of `roots_of_unity`. Essentially:
+     *    `reverse_roots_of_unity = reverse(roots_of_unity)`
+     *
+     * This array is primarily used in FFTs.
+     * The array contains `domain_size + 1` elements, it starts and ends with Fr::one().
+     */
     fr_t *reverse_roots_of_unity;
     /** G1 group elements from the trusted setup in monomial form. */
     g1_t *g1_values_monomial;

src/debug.c

@@ -16,6 +16,8 @@
 
 #include "debug.h"
 
+#include <stdio.h>
+
 void print_bytes32(const Bytes32 *bytes) {
     for (size_t i = 0; i < 32; i++) {
         printf("%02x", bytes->bytes[i]);

src/eip4844.c

@@ -19,7 +19,9 @@
 
 #include "blst.h"
 
-#include <assert.h>
+#include <assert.h> /* For assert */
+#include <stdlib.h> /* For NULL */
+#include <string.h> /* For memcpy */
 
 ////////////////////////////////////////////////////////////////////////////////////////////////////
 // Macros
@@ -197,7 +199,7 @@ static C_KZG_RET evaluate_polynomial_in_evaluation_form(
     fr_t *inverses_in = NULL;
     fr_t *inverses = NULL;
     uint64_t i;
-    const fr_t *roots_of_unity = s->roots_of_unity;
+    const fr_t *brp_roots_of_unity = s->brp_roots_of_unity;
 
     ret = new_fr_array(&inverses_in, FIELD_ELEMENTS_PER_BLOB);
     if (ret != C_KZG_OK) goto out;
@@ -210,20 +212,20 @@ static C_KZG_RET evaluate_polynomial_in_evaluation_form(
          * given, we can just return the result directly.  Note that special-casing this is
          * necessary, as the formula below would divide by zero otherwise.
          */
-        if (fr_equal(x, &roots_of_unity[i])) {
+        if (fr_equal(x, &brp_roots_of_unity[i])) {
             *out = p->evals[i];
             ret = C_KZG_OK;
             goto out;
         }
-        blst_fr_sub(&inverses_in[i], x, &roots_of_unity[i]);
+        blst_fr_sub(&inverses_in[i], x, &brp_roots_of_unity[i]);
     }
 
     ret = fr_batch_inv(inverses, inverses_in, FIELD_ELEMENTS_PER_BLOB);
     if (ret != C_KZG_OK) goto out;
 
     *out = FR_ZERO;
     for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
-        blst_fr_mul(&tmp, &inverses[i], &roots_of_unity[i]);
+        blst_fr_mul(&tmp, &inverses[i], &brp_roots_of_unity[i]);
         blst_fr_mul(&tmp, &tmp, &p->evals[i]);
         blst_fr_add(out, out, &tmp);
     }
@@ -428,7 +430,7 @@ static C_KZG_RET compute_kzg_proof_impl(
 
     fr_t tmp;
     Polynomial q;
-    const fr_t *roots_of_unity = s->roots_of_unity;
+    const fr_t *brp_roots_of_unity = s->brp_roots_of_unity;
     uint64_t i;
     /* m != 0 indicates that the evaluation point z equals root_of_unity[m-1] */
     uint64_t m = 0;
@@ -439,15 +441,15 @@ static C_KZG_RET compute_kzg_proof_impl(
     if (ret != C_KZG_OK) goto out;
 
     for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
-        if (fr_equal(z, &roots_of_unity[i])) {
+        if (fr_equal(z, &brp_roots_of_unity[i])) {
             /* We are asked to compute a KZG proof inside the domain */
             m = i + 1;
             inverses_in[i] = FR_ONE;
             continue;
         }
         // (p_i - y) / (ω_i - z)
         blst_fr_sub(&q.evals[i], &polynomial->evals[i], y_out);
-        blst_fr_sub(&inverses_in[i], &roots_of_unity[i], z);
+        blst_fr_sub(&inverses_in[i], &brp_roots_of_unity[i], z);
     }
 
     ret = fr_batch_inv(inverses, inverses_in, FIELD_ELEMENTS_PER_BLOB);
@@ -462,7 +464,7 @@ static C_KZG_RET compute_kzg_proof_impl(
         for (i = 0; i < FIELD_ELEMENTS_PER_BLOB; i++) {
             if (i == m) continue;
             /* Build denominator: z * (z - ω_i) */
-            blst_fr_sub(&tmp, z, &roots_of_unity[i]);
+            blst_fr_sub(&tmp, z, &brp_roots_of_unity[i]);
             blst_fr_mul(&inverses_in[i], &tmp, z);
         }
 
@@ -473,7 +475,7 @@ static C_KZG_RET compute_kzg_proof_impl(
             if (i == m) continue;
             /* Build numerator: ω_i * (p_i - y) */
             blst_fr_sub(&tmp, &polynomial->evals[i], y_out);
-            blst_fr_mul(&tmp, &tmp, &roots_of_unity[i]);
+            blst_fr_mul(&tmp, &tmp, &brp_roots_of_unity[i]);
             /* Do the division: (p_i - y) * ω_i / (z * (z - ω_i)) */
             blst_fr_mul(&tmp, &tmp, &inverses[i]);
             blst_fr_add(&q.evals[m], &q.evals[m], &tmp);