From e6c9a891226706e1a74b9a1cbda8a6a417fbd228 Mon Sep 17 00:00:00 2001
From: Ansgar Dietrichs <adietrichs@gmail.com>
Date: Tue, 1 Nov 2022 02:30:29 -0300
Subject: [PATCH 1/5] return modulus from precompile

---
 EIPS/eip-4844.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/EIPS/eip-4844.md b/EIPS/eip-4844.md
index de1a2c78bb285c..5b86b8685a72c9 100644
--- a/EIPS/eip-4844.md
+++ b/EIPS/eip-4844.md
@@ -271,7 +271,7 @@ def point_evaluation_precompile(input: Bytes) -> Bytes:
     # Quotient kzg: next 48 bytes
     quotient_kzg = input[144:192]
     assert verify_kzg_proof(data_kzg, x, y, quotient_kzg)
-    return Bytes([])
+    return Bytes(U256(BLS_MODULUS).to_bytes32())
 ```
 
 ### Gas price of blobs (Simplified version)

From e61cb64980cd36ffefef5a6809edc9317360b303 Mon Sep 17 00:00:00 2001
From: Ansgar Dietrichs <adietrichs@gmail.com>
Date: Tue, 8 Nov 2022 00:35:04 -0300
Subject: [PATCH 2/5] add FIELD_ELEMENTS_PER_BLOB to return data

Co-authored-by: dankrad <mail@dankradfeist.de>
---
 EIPS/eip-4844.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/EIPS/eip-4844.md b/EIPS/eip-4844.md
index 5b86b8685a72c9..a84fba866e8af5 100644
--- a/EIPS/eip-4844.md
+++ b/EIPS/eip-4844.md
@@ -271,7 +271,7 @@ def point_evaluation_precompile(input: Bytes) -> Bytes:
     # Quotient kzg: next 48 bytes
     quotient_kzg = input[144:192]
     assert verify_kzg_proof(data_kzg, x, y, quotient_kzg)
-    return Bytes(U256(BLS_MODULUS).to_bytes32())
+    return Bytes(U64(FIELD_ELEMENTS_PER_BLOB).to_bytes8() + U256(BLS_MODULUS).to_bytes32())
 ```
 
 ### Gas price of blobs (Simplified version)

From 56bab3e086af3d44993a11cf1343150ea930b715 Mon Sep 17 00:00:00 2001
From: Ansgar Dietrichs <adietrichs@gmail.com>
Date: Tue, 8 Nov 2022 00:53:01 -0300
Subject: [PATCH 3/5] add precompile return data rationale

---
 EIPS/eip-4844.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/EIPS/eip-4844.md b/EIPS/eip-4844.md
index a84fba866e8af5..b7852384a2e5ec 100644
--- a/EIPS/eip-4844.md
+++ b/EIPS/eip-4844.md
@@ -424,14 +424,18 @@ the kzg in the blob and some commitment using whatever proof system the ZK rollu
 They would use a commitment proof of equivalence protocol, using the point evaluation precompile,
 to prove that the kzg (which the protocol ensures points to available data) and the ZK rollup's own commitment refer to the same data.
 
-### Versioned hashes
+### Versioned hashes & precompile return data
 
 We use versioned hashes (rather than kzgs) as references to blobs in the execution layer to ensure forward compatibility with future changes.
 For example, if we need to switch to Merkle trees + STARKs for quantum-safety reasons, then we would add a new version,
-allowing the point verification precompile to work with the new format.
+allowing the point evaluation precompile to work with the new format.
 Rollups would not have to make any EVM-level changes to how they work;
 sequencers would simply have to switch over to using a new transaction type at the appropriate time.
 
+However, the point evaluation happens inside a finite field, and it is only well defined if the field modulus is known. Smart contracts could contain a table mapping the commitment version to a modulus, but this would not allow smart contract to take into account future upgrades to a modulus that is not known yet. By allowing access to the modulus inside the EVM, the smart contract can be built so that it can use future commitments and proofs, without ever needing an upgrade.
+
+In the interest of not adding another precompile, we use the easiest way possible to add this functionality: Just make the point evaluation precompile return the modulus and the polynomial degree. It can then be used by the caller. It is also "free" in that the caller can just ignore this part of the return value without incurring an extra cost -- systems that remain upgradable for the foreseeable future will likely use this route for now.
+
 ### Data gasprice update rule
 
 The data gasprice update rule is intended to approximate the formula `data_gasprice = MIN_DATA_GASPRICE * e**(excess_data_gas / DATA_GASPRICE_UPDATE_FRACTION)`,

From 49156d0cb4e75e77114df2e5b795849de70b2c81 Mon Sep 17 00:00:00 2001
From: Ansgar Dietrichs <adietrichs@gmail.com>
Date: Tue, 22 Nov 2022 00:01:25 -0300
Subject: [PATCH 4/5] add return value padding

---
 EIPS/eip-4844.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/EIPS/eip-4844.md b/EIPS/eip-4844.md
index b7852384a2e5ec..b7631a78184a7f 100644
--- a/EIPS/eip-4844.md
+++ b/EIPS/eip-4844.md
@@ -271,7 +271,7 @@ def point_evaluation_precompile(input: Bytes) -> Bytes:
     # Quotient kzg: next 48 bytes
     quotient_kzg = input[144:192]
     assert verify_kzg_proof(data_kzg, x, y, quotient_kzg)
-    return Bytes(U64(FIELD_ELEMENTS_PER_BLOB).to_bytes8() + U256(BLS_MODULUS).to_bytes32())
+    return Bytes(U256(FIELD_ELEMENTS_PER_BLOB).to_bytes32() + U256(BLS_MODULUS).to_bytes32())
 ```
 
 ### Gas price of blobs (Simplified version)

From 43f6cda187e75ab3a467e80a62357c95688fd34e Mon Sep 17 00:00:00 2001
From: Ansgar Dietrichs <adietrichs@gmail.com>
Date: Tue, 22 Nov 2022 00:04:47 -0300
Subject: [PATCH 5/5] change precompile rationale wording

---
 EIPS/eip-4844.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/EIPS/eip-4844.md b/EIPS/eip-4844.md
index b7631a78184a7f..1be90913cb90e5 100644
--- a/EIPS/eip-4844.md
+++ b/EIPS/eip-4844.md
@@ -434,7 +434,7 @@ sequencers would simply have to switch over to using a new transaction type at t
 
 However, the point evaluation happens inside a finite field, and it is only well defined if the field modulus is known. Smart contracts could contain a table mapping the commitment version to a modulus, but this would not allow smart contract to take into account future upgrades to a modulus that is not known yet. By allowing access to the modulus inside the EVM, the smart contract can be built so that it can use future commitments and proofs, without ever needing an upgrade.
 
-In the interest of not adding another precompile, we use the easiest way possible to add this functionality: Just make the point evaluation precompile return the modulus and the polynomial degree. It can then be used by the caller. It is also "free" in that the caller can just ignore this part of the return value without incurring an extra cost -- systems that remain upgradable for the foreseeable future will likely use this route for now.
+In the interest of not adding another precompile, we return the modulus and the polynomial degree directly from the point evaluation precompile. It can then be used by the caller. It is also "free" in that the caller can just ignore this part of the return value without incurring an extra cost -- systems that remain upgradable for the foreseeable future will likely use this route for now.
 
 ### Data gasprice update rule