Verifying data contained within an Ethereum blob requires verifying a KZG proof that the polynomial committed to by the blob opens to a given value(s) at a given point(s).
The delivery of this project is two Noir libraries. One for efficient pairing checks for the BLS12-381 curve and another that uses this library to perform KZG multi-proof verification. This unlocks the ability to perform verifiable computations over Ethereum blob data within Aztec as well as any other applications that require verification of KZG commitments. The library will be delivered at a standard that is ready to proceed to an external audit including complete test coverage.
The public interface of the BLS12-381 pairing library will be the function and associated types to compute
Recent research by Geometry Research and Alpen Labs[1] has shown a number of different strategies that can be deployed to improve the efficiency of proving/verifying pairing checks and these will be considered for implementation as part of this engagement where possible.
The KZG library will have a similarly simple interface to allow consumers to verify proofs of N-point openings
It will additionally export functions to decode values from their binary representation as defined in the specification.
We are aware of existing Noir implementations of:
These will be used as reference and the authors credited where appropriate however to streamline auditing the implementation we ship will not depend on any code outside of the Noir standard library.
Existing Ethereum standardized test suites for KZG can be used to ensure compliance and reduce testing workload.
See test specifications and test example test consumer.
Similarly standard test vectors can be used for testing the pairing checks.
Milestone 1 - $28k USD
Milestone 2 - $14k USD
Total - $42k USD
ChainSafe R&D is a consulting team within ChainSafe with specialized skills in cryptography and systems design. Founded in 2020 we have successfully delivered projects for dozens of notable clients including:
We have experience developing production ready ZK implementations of cryptographic primitives. Notably a Halo2 implementation of BLS12-381 pairings which has been audited and is used in the Sygma cross-chain protocol.