1) move BlobsToKZGCommitment functionality into kzg_new and make it m…

…ore closely follow the spec.

2) Remove the BlobsBatch stuff which seems only to be for legacy benchmarking.

core/types/data_blob.go

@@ -172,11 +172,7 @@ func (blob *Blob) ComputeCommitment() (commitment KZGCommitment, ok bool) {
 			return KZGCommitment{}, false
 		}
 	}
-	// data is presented in eval form
-	commitmentG1 := kzg.BlobToKzg(frs)
-	var out KZGCommitment
-	copy(out[:], bls.ToCompressedG1(commitmentG1))
-	return out, true
+	return KZGCommitment(kzg.BlobToKZGCommitment(kzg.Blob(frs))), true
 }
 
 func (blob *Blob) MarshalText() ([]byte, error) {

crypto/kzg/kzg.go

@@ -3,10 +3,10 @@ package kzg
 import (
 	"encoding/json"
 	"errors"
-	"fmt"
+	//"fmt"
 	"math/big"
 	"math/bits"
-	"sync"
+	//"sync"
 
 	"github.com/ethereum/go-ethereum/params"
 
@@ -45,68 +45,6 @@ func init() {
 	initDomain()
 }
 
-// Convert polynomial in evaluation form to KZG commitment
-func BlobToKzg(eval []bls.Fr) *bls.G1Point {
-	return bls.LinCombG1(kzgSetupLagrange, eval)
-}
-
-type BlobsBatch struct {
-	sync.Mutex
-	init                bool
-	aggregateCommitment bls.G1Point
-	aggregateBlob       [params.FieldElementsPerBlob]bls.Fr
-}
-
-func (batch *BlobsBatch) Join(commitments []*bls.G1Point, blobs [][]bls.Fr) error {
-	batch.Lock()
-	defer batch.Unlock()
-	if len(commitments) != len(blobs) {
-		return fmt.Errorf("expected commitments len %d to equal blobs len %d", len(commitments), len(blobs))
-	}
-	if !batch.init && len(commitments) > 0 {
-		batch.init = true
-		bls.CopyG1(&batch.aggregateCommitment, commitments[0])
-		copy(batch.aggregateBlob[:], blobs[0])
-		commitments = commitments[1:]
-		blobs = blobs[1:]
-	}
-	for i, commit := range commitments {
-		batch.join(commit, blobs[i])
-	}
-	return nil
-}
-
-func (batch *BlobsBatch) join(commitment *bls.G1Point, blob []bls.Fr) {
-	// we multiply the input we are joining with a random scalar, so we can add it to the aggregate safely
-	randomScalar := bls.RandomFr()
-
-	// TODO: instead of computing the lin-comb of the commitments on the go, we could buffer
-	// the random scalar and commitment, and run a LinCombG1 over all of them during Verify()
-	var tmpG1 bls.G1Point
-	bls.MulG1(&tmpG1, commitment, randomScalar)
-	bls.AddG1(&batch.aggregateCommitment, &batch.aggregateCommitment, &tmpG1)
-
-	var tmpFr bls.Fr
-	for i := 0; i < params.FieldElementsPerBlob; i++ {
-		bls.MulModFr(&tmpFr, &blob[i], randomScalar)
-		bls.AddModFr(&batch.aggregateBlob[i], &batch.aggregateBlob[i], &tmpFr)
-	}
-}
-
-func (batch *BlobsBatch) Verify() error {
-	batch.Lock()
-	defer batch.Unlock()
-	if !batch.init {
-		return nil // empty batch
-	}
-	// Compute both MSMs and check equality
-	lResult := bls.LinCombG1(kzgSetupLagrange, batch.aggregateBlob[:])
-	if !bls.EqualG1(lResult, &batch.aggregateCommitment) {
-		return errors.New("BlobsBatch failed to Verify")
-	}
-	return nil
-}
-
 // Bit-reversal permutation helper functions
 
 // Check if `value` is a power of two integer.

crypto/kzg/kzg_new.go

@@ -16,7 +16,7 @@ import (
 //  *bls.Fr for BLSFieldElement
 //  *bls.G1Point for G1Point
 //  *bls.G2Point for G2Point
-type Blob [32 * params.FieldElementsPerBlob]byte
+type Blob []bls.Fr
 type KZGCommitment [48]byte
 type KZGProof [48]byte
 type VersionedHash [32]byte
@@ -116,3 +116,12 @@ func ComputePowers(r *bls.Fr, n int) []bls.Fr {
 	}
 	return powers
 }
+
+// BlobToKZGCommitment implements blob_to_kzg_commitment from the EIP-4844 consensus spec:
+// https://github.com/ethereum/consensus-specs/blob/dev/specs/eip4844/polynomial-commitments.md#blob_to_kzg_commitment
+func BlobToKZGCommitment(eval Blob) KZGCommitment {
+	g1 := bls.LinCombG1(kzgSetupLagrange, []bls.Fr(eval))
+	var out KZGCommitment
+	copy(out[:], bls.ToCompressedG1(g1))
+	return out
+}

tests/kzg_bench_test.go

@@ -27,7 +27,7 @@ func BenchmarkBlobToKzg(b *testing.B) {
 	blob := randomBlob()
 	b.ResetTimer()
 	for i := 0; i < b.N; i++ {
-		kzg.BlobToKzg(blob)
+		kzg.BlobToKZGCommitment(blob)
 	}
 }
 
@@ -94,7 +94,8 @@ func BenchmarkVerifyKZGProof(b *testing.B) {
 
 	// Now let's start testing the kzg module
 	// Create a commitment
-	commitment := kzg.BlobToKzg(evalPoly)
+	k := kzg.BlobToKZGCommitment(evalPoly)
+	commitment, _ := bls.FromCompressedG1(k[:])
 
 	// Create proof for testing
 	x := uint64(17)
@@ -188,41 +189,3 @@ func BenchmarkVerifyMultiple(b *testing.B) {
 	runBenchmark(8)
 	runBenchmark(16)
 }
-
-func BenchmarkBatchVerifyWithoutKZGProofs(b *testing.B) {
-	runBenchmark := func(siz int) {
-		b.Run(fmt.Sprintf("%d", siz), func(b *testing.B) {
-			var blobsSet [][][]bls.Fr
-			var commitmentsSet [][]*bls.G1Point
-			for i := 0; i < siz; i++ {
-				var blobs [][]bls.Fr
-				var commitments []*bls.G1Point
-				for i := 0; i < params.MaxBlobsPerBlock; i++ {
-					blob := randomBlob()
-					blobs = append(blobs, blob)
-					commitments = append(commitments, kzg.BlobToKzg(blob))
-				}
-				blobsSet = append(blobsSet, blobs)
-				commitmentsSet = append(commitmentsSet, commitments)
-			}
-
-			b.ResetTimer()
-			for i := 0; i < b.N; i++ {
-				var batchVerify kzg.BlobsBatch
-				for i := range blobsSet {
-					if err := batchVerify.Join(commitmentsSet[i], blobsSet[i]); err != nil {
-						b.Fatalf("unable to join: %v", err)
-					}
-				}
-				if err := batchVerify.Verify(); err != nil {
-					b.Fatalf("batch verify failed: %v", err)
-				}
-			}
-		})
-	}
-
-	//runBenchmark(2)
-	//runBenchmark(4)
-	runBenchmark(8)
-	runBenchmark(16)
-}

tests/kzg_test.go

@@ -223,7 +223,7 @@ func TestPointEvaluationTestVector(t *testing.T) {
 	}
 
 	// Create a commitment
-	commitment := kzg.BlobToKzg(evalPoly)
+	commitment := kzg.BlobToKZGCommitment(evalPoly)
 
 	// Create proof for testing
 	x := uint64(0x42)
@@ -241,9 +241,7 @@ func TestPointEvaluationTestVector(t *testing.T) {
 	//	panic("failed proof verification")
 	//}
 
-	var commitmentBytes types.KZGCommitment
-	copy(commitmentBytes[:], bls.ToCompressedG1(commitment))
-
+	commitmentBytes := types.KZGCommitment(commitment)
 	versionedHash := commitmentBytes.ComputeVersionedHash()
 
 	proofBytes := bls.ToCompressedG1(proof)