Add BytesToBLSField go kzg_new, use it instead of hashToFr

Author: roberto-bayardo

core/types/data_blob.go

@@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"math/big"
 
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
@@ -328,13 +327,12 @@ func (blobs Blobs) ComputeCommitmentsAndAggregatedProof() (commitments []KZGComm
 		if err != nil {
 			return nil, nil, KZGProof{}, err
 		}
-		var z bls.Fr
-		hashToFr(&z, sum)
+		z := kzg.BytesToBLSField(sum)
 
 		var y bls.Fr
-		kzg.EvaluatePolyInEvaluationForm(&y, aggregatePoly[:], &z)
+		kzg.EvaluatePolyInEvaluationForm(&y, aggregatePoly[:], z)
 
-		aggProofG1, err := kzg.ComputeProof(aggregatePoly, &z)
+		aggProofG1, err := kzg.ComputeProof(aggregatePoly, z)
 		if err != nil {
 			return nil, nil, KZGProof{}, err
 		}
@@ -465,17 +463,16 @@ func (b *BlobTxWrapData) verifyBlobs(inner TxData) error {
 	if err != nil {
 		return err
 	}
-	var z bls.Fr
-	hashToFr(&z, sum)
+	z := kzg.BytesToBLSField(sum)
 
 	var y bls.Fr
-	kzg.EvaluatePolyInEvaluationForm(&y, aggregatePoly[:], &z)
+	kzg.EvaluatePolyInEvaluationForm(&y, aggregatePoly[:], z)
 
 	aggregateProofG1, err := bls.FromCompressedG1(b.KzgAggregatedProof[:])
 	if err != nil {
 		return fmt.Errorf("aggregate proof parse error: %v", err)
 	}
-	if !kzg.VerifyKZGProofFromPoints(aggregateCommitmentG1, &z, &y, aggregateProofG1) {
+	if !kzg.VerifyKZGProofFromPoints(aggregateCommitmentG1, z, &y, aggregateProofG1) {
 		return errors.New("failed to verify kzg")
 	}
 	return nil
@@ -524,10 +521,9 @@ func computeAggregateKzgCommitment(blobs Blobs, commitments []KZGCommitment) ([]
 	if err != nil {
 		return nil, nil, err
 	}
-	var r bls.Fr
-	hashToFr(&r, sum)
+	r := kzg.BytesToBLSField(sum)
 
-	powers := kzg.ComputePowers(&r, len(blobs))
+	powers := kzg.ComputePowers(r, len(blobs))
 
 	commitmentsG1 := make([]bls.G1Point, len(commitments))
 	for i := 0; i < len(commitmentsG1); i++ {
@@ -548,13 +544,3 @@ func computeAggregateKzgCommitment(blobs Blobs, commitments []KZGCommitment) ([]
 	}
 	return aggregatePoly, aggregateCommitmentG1, nil
 }
-
-func hashToFr(out *bls.Fr, h [32]byte) {
-	// re-interpret as little-endian
-	var b [32]byte = h
-	for i := 0; i < 16; i++ {
-		b[31-i], b[i] = b[i], b[31-i]
-	}
-	zB := new(big.Int).Mod(new(big.Int).SetBytes(b[:]), kzg.BLSModulus)
-	_ = kzg.BigToFr(out, zB)
-}

crypto/kzg/kzg.go

@@ -3,10 +3,8 @@ package kzg
 import (
 	"encoding/json"
 	"errors"
-	//"fmt"
 	"math/big"
 	"math/bits"
-	//"sync"
 
 	"github.com/ethereum/go-ethereum/params"
 

crypto/kzg/kzg_new.go

@@ -3,6 +3,7 @@ package kzg
 import (
 	"errors"
 	"fmt"
+	"math/big"
 
 	"github.com/protolambda/go-kzg/bls"
 
@@ -125,3 +126,17 @@ func BlobToKZGCommitment(eval Blob) KZGCommitment {
 	copy(out[:], bls.ToCompressedG1(g1))
 	return out
 }
+
+// BytesToBLSField implements bytes_to_bls_field from the EIP-4844 consensus spec:
+// https://github.com/ethereum/consensus-specs/blob/dev/specs/eip4844/polynomial-commitments.md#bytes_to_bls_field
+func BytesToBLSField(h [32]byte) *bls.Fr {
+	// re-interpret as little-endian
+	var b [32]byte = h
+	for i := 0; i < 16; i++ {
+		b[31-i], b[i] = b[i], b[31-i]
+	}
+	zB := new(big.Int).Mod(new(big.Int).SetBytes(b[:]), BLSModulus)
+	out := new(bls.Fr)
+	BigToFr(out, zB)
+	return out
+}