Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: remove challenge seed from NI-PoRep SnarkPack transcript #1755

Merged
merged 2 commits into from
May 15, 2024
Merged

fix: remove challenge seed from NI-PoRep SnarkPack transcript #1755

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a8517ed
fix: remove challenge seed from NI-PoRep SnarkPack transcript
DrPeterVanNostrand May 8, 2024
a9af8b7
Add comment in seal_commit_phase1 re. NI-PoRep seed value
DrPeterVanNostrand May 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 29 additions & 10 deletions filecoin-proofs/src/api/seal.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -352,6 +352,8 @@ pub fn seal_commit_phase1<T: AsRef<Path>, Tree: 'static + MerkleTreeTrait>(
prover_id: ProverId,
sector_id: SectorId,
ticket: Ticket,
// Note: when using NI-PoRep the PoRep challenge generation seed is ignored, thus any value can
// be passed in here for `seed`.
Comment on lines +355 to +356
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a note (feel free to ignore). I know we don't really use API docs here (their building is even broken). Though it could make sense to put it into the top of the function (or another note there) as a doc comment, in case we ever properly generate those.

seed: Ticket,
pre_commit: SealPreCommitOutput,
piece_infos: &[PieceInfo],
Expand Down Expand Up @@ -740,13 +742,22 @@ pub fn aggregate_seal_commit_proofs<Tree: 'static + MerkleTreeTrait>(
// If we're not at the pow2 target, duplicate the last proof until we are.
pad_proofs_to_target(&mut proofs, target_proofs_len)?;

// Hash all of the seeds and comm_r's pair-wise into a digest for the aggregate proof method.
// For standard PoRep, the SnarkPack transcript should include a hash of each aggregated PoRep's
// challenge seed and comm_r (pair-wise); however since NI-PoRep does not use a seed to generate
// it's challenges, any challenge seeds provided as arguments to this function should be ignored
// (and thus not be included in an NI-PoRep's SnarkPack transcript).
let hashed_seeds_and_comm_rs: [u8; 32] = {
let mut hasher = Sha256::new();
for cur in seeds.iter().zip(comm_rs.iter()) {
let (seed, comm_r) = cur;
hasher.update(seed);
hasher.update(comm_r);
if porep_config.feature_enabled(ApiFeature::NonInteractivePoRep) {
for comm_r in comm_rs.iter() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think for Non-interactive PoRep, it's always only a single comm_r only. Should we even be stricter here and just hash that value, instead of looping through all (I know it's the same outcome, but it might be clearer to the reader).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I wasn't totally sure what to do here. The way that it's currently written leaves open the possibility of aggregating multiple NI-PoReps into a single SnarkPack proof, however I don't know if that behavior should be allowed.

hasher.update(comm_r);
}
} else {
for cur in seeds.iter().zip(comm_rs.iter()) {
let (seed, comm_r) = cur;
hasher.update(seed);
hasher.update(comm_r);
}
}
hasher.finalize().into()
};
Expand Down Expand Up @@ -834,13 +845,21 @@ pub fn verify_aggregate_seal_commit_proofs<Tree: 'static + MerkleTreeTrait>(
let srs_verifier_key =
get_stacked_srs_verifier_key::<Tree>(porep_config, aggregated_proofs_len)?;

// Hash all of the seeds and comm_r's pair-wise into a digest for the aggregate proof method.
// For standard PoRep, the SnarkPack transcript should include a hash of each aggregated PoRep's
// challenge seed and comm_r (pair-wise); however NI-PoRep's transcript should only include
// comm_r (as NI-PoRep does not use a seed to generate its challenges).
let hashed_seeds_and_comm_rs: [u8; 32] = {
let mut hasher = Sha256::new();
for cur in seeds.iter().zip(comm_rs.iter()) {
let (seed, comm_r) = cur;
hasher.update(seed);
hasher.update(comm_r);
if porep_config.feature_enabled(ApiFeature::NonInteractivePoRep) {
for comm_r in comm_rs.iter() {
hasher.update(comm_r);
}
} else {
for cur in seeds.iter().zip(comm_rs.iter()) {
let (seed, comm_r) = cur;
hasher.update(seed);
hasher.update(comm_r);
}
}
hasher.finalize().into()
};
Expand Down