Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tests/fuzzers/bn256: add PairingCheck fuzzer #27252

Merged
merged 2 commits into from
May 16, 2023
Merged

tests/fuzzers/bn256: add PairingCheck fuzzer #27252

merged 2 commits into from
May 16, 2023

Conversation

MariusVanDerWijden
Copy link
Member

This PR removes Gnark from the Pair fuzzer. Because gnark uses a different pairing algorithm, it might produce a different result than the other implementations. However this is not an issue, since the bilinearity of a pairing means both results are correct.
In order to preserve some fuzzing of the gnark pairing, I added a fuzzer that fuzzes the pairingCheck function, which does a pairing and verifies that the result is not equal to one. This is the function we use in ethereum, the pairing algorithm is not under consensus, only the pairing check algorithm.

holiman
holiman reviewed May 11, 2023
View reviewed changes
Copy link
Contributor

@holiman holiman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO let's keep it in one method, the inputs are the same (and probably the interesting paths/inputs too), so splitting it doesn't make much sense to me

tests/fuzzers/bn256/bn256_fuzz.go Outdated
Comment on lines 160 to 184
// gnark uses a different pairing algorithm than google & cloudflare, so the results might not match up
// which is not a problem because of the bilinearity of the pairing.

return 1
}

func FuzzPairingCheck(data []byte) int {
input := bytes.NewReader(data)
pc, pg, ps := getG1Points(input)
if pc == nil {
return 0
}
tc, tg, ts := getG2Points(input)
if tc == nil {
return 0
}

// Pair the two points and ensure they result in the same output
clOK := cloudflare.PairingCheck([]*cloudflare.G1{pc}, []*cloudflare.G2{tc})
gOK := google.PairingCheck([]*google.G1{pg}, []*google.G2{tg})
if clOK != gOK {
panic("pairing check mismatch: cloudflare/google")
}

cOK, err := bn254.PairingCheck([]bn254.G1Affine{*ps}, []bn254.G2Affine{*ts})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// gnark uses a different pairing algorithm than google & cloudflare, so the results might not match up
// which is not a problem because of the bilinearity of the pairing.
return 1
}
func FuzzPairingCheck(data []byte) int {
input := bytes.NewReader(data)
pc, pg, ps := getG1Points(input)
if pc == nil {
return 0
}
tc, tg, ts := getG2Points(input)
if tc == nil {
return 0
}
// Pair the two points and ensure they result in the same output
clOK := cloudflare.PairingCheck([]*cloudflare.G1{pc}, []*cloudflare.G2{tc})
gOK := google.PairingCheck([]*google.G1{pg}, []*google.G2{tg})
if clOK != gOK {
panic("pairing check mismatch: cloudflare/google")
}
cOK, err := bn254.PairingCheck([]bn254.G1Affine{*ps}, []bn254.G2Affine{*ts})
// gnark uses a different pairing algorithm than google & cloudflare, so the results might not match up
// which is not a problem because of the bilinearity of the pairing.
// Pair the two points and ensure they result in the same output
clOK := cloudflare.PairingCheck([]*cloudflare.G1{pc}, []*cloudflare.G2{tc})
gOK := google.PairingCheck([]*google.G1{pg}, []*google.G2{tg})
if clOK != gOK {
panic("pairing check mismatch: cloudflare/google")
}
cOK, err := bn254.PairingCheck([]bn254.G1Affine{*ps}, []bn254.G2Affine{*ts})

tests/fuzzers/bn256/bn256_fuzz.go Outdated
@@ -141,11 +141,11 @@ func FuzzMul(data []byte) int {

func FuzzPair(data []byte) int {
input := bytes.NewReader(data)
pc, pg, ps := getG1Points(input)
pc, pg, _ := getG1Points(input)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
pc, pg, _ := getG1Points(input)
pc, pg, ps := getG1Points(input)

tests/fuzzers/bn256/bn256_fuzz.go Outdated
if pc == nil {
return 0
}
tc, tg, ts := getG2Points(input)
tc, tg, _ := getG2Points(input)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
tc, tg, _ := getG2Points(input)
tc, tg, ts := getG2Points(input)

holiman
holiman reviewed May 11, 2023
View reviewed changes
oss-fuzz.sh Outdated
@@ -93,6 +93,7 @@ compile_fuzzer tests/fuzzers/bitutil Fuzz fuzzBitutilCompress
compile_fuzzer tests/fuzzers/bn256 FuzzAdd fuzzBn256Add
compile_fuzzer tests/fuzzers/bn256 FuzzMul fuzzBn256Mul
compile_fuzzer tests/fuzzers/bn256 FuzzPair fuzzBn256Pair
compile_fuzzer tests/fuzzers/bn256 FuzzPairingCheck fuzzBn256PairingCheck
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
compile_fuzzer tests/fuzzers/bn256 FuzzPairingCheck fuzzBn256PairingCheck

@holiman holiman added this to the 1.11.7 milestone May 16, 2023
@holiman holiman merged commit d46f69d into ethereum:master May 16, 2023
devopsbo3 pushed a commit to HorizenOfficial/go-ethereum that referenced this pull request Nov 10, 2023
@MariusVanDerWijden @devopsbo3
tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)
625cbea 
* tests/fuzzers/bn256: scale gnark result by constant

* tests/fuzzers/bn256: scale gnark result by constant
devopsbo3 added a commit to HorizenOfficial/go-ethereum that referenced this pull request Nov 10, 2023
@devopsbo3
Revert "tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)"
373b258 
This reverts commit 625cbea.
devopsbo3 added a commit to HorizenOfficial/go-ethereum that referenced this pull request Nov 10, 2023
@devopsbo3
Revert "tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)"
531daa3 
This reverts commit 625cbea.
gzliudan added a commit to gzliudan/XDPoSChain that referenced this pull request Nov 29, 2024
@gzliudan
tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)
70c8174 
* tests/fuzzers/bn256: scale gnark result by constant

* tests/fuzzers/bn256: scale gnark result by constant
@gzliudan gzliudan mentioned this pull request Nov 29, 2024
Merged
19 tasks
gzliudan added a commit to gzliudan/XDPoSChain that referenced this pull request Dec 2, 2024
@gzliudan
tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)
c613a79 
* tests/fuzzers/bn256: scale gnark result by constant

* tests/fuzzers/bn256: scale gnark result by constant
gzliudan added a commit to gzliudan/XDPoSChain that referenced this pull request Dec 2, 2024
@gzliudan
tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)
1beb517 
* tests/fuzzers/bn256: scale gnark result by constant

* tests/fuzzers/bn256: scale gnark result by constant
gzliudan added a commit to gzliudan/XDPoSChain that referenced this pull request Dec 4, 2024
@gzliudan
tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)
dc3f350 
* tests/fuzzers/bn256: scale gnark result by constant

* tests/fuzzers/bn256: scale gnark result by constant
gzliudan added a commit to gzliudan/XDPoSChain that referenced this pull request Dec 9, 2024
@gzliudan
tests/fuzzers/bn256: add PairingCheck fuzzer (ethereum#27252)
17c0480 
* tests/fuzzers/bn256: scale gnark result by constant

* tests/fuzzers/bn256: scale gnark result by constant
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@holiman holiman holiman approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.12.0
Development

Successfully merging this pull request may close these issues.
2 participants
@MariusVanDerWijden @holiman