├── .gitignore ├── LICENSE ├── README.md ├── algebra ├── Proof and Implementation of Binary Euclidean Inversion.rs ├── Proof and Implementation of Euclidean Inversion.rs ├── Proof for Formula of Lagrange Basis Polynomials for Cyclic Multiplicative Subgroups.pdf ├── Proof of Euclidean Inversion for the Montgomery representation.pdf └── README.md └── protocols ├── A Brief Overview of the Modern Lookup Protocols Compatible With the KZG Polynomial Commitments (Draft).pdf └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | share/python-wheels/ 24 | *.egg-info/ 25 | .installed.cfg 26 | *.egg 27 | MANIFEST 28 | 29 | # PyInstaller 30 | # Usually these files are written by a python script from a template 31 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 32 | *.manifest 33 | *.spec 34 | 35 | # Installer logs 36 | pip-log.txt 37 | pip-delete-this-directory.txt 38 | 39 | # Unit test / coverage reports 40 | htmlcov/ 41 | .tox/ 42 | .nox/ 43 | .coverage 44 | .coverage.* 45 | .cache 46 | nosetests.xml 47 | coverage.xml 48 | *.cover 49 | *.py,cover 50 | .hypothesis/ 51 | .pytest_cache/ 52 | cover/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | .pybuilder/ 76 | target/ 77 | 78 | # Jupyter Notebook 79 | .ipynb_checkpoints 80 | 81 | # IPython 82 | profile_default/ 83 | ipython_config.py 84 | 85 | # pyenv 86 | # For a library or package, you might want to ignore these files since the code is 87 | # intended to run in multiple environments; otherwise, check them in: 88 | # .python-version 89 | 90 | # pipenv 91 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 92 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 93 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 94 | # install all needed dependencies. 95 | #Pipfile.lock 96 | 97 | # poetry 98 | # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control. 99 | # This is especially recommended for binary packages to ensure reproducibility, and is more 100 | # commonly ignored for libraries. 101 | # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control 102 | #poetry.lock 103 | 104 | # pdm 105 | # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control. 106 | #pdm.lock 107 | # pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it 108 | # in version control. 109 | # https://pdm.fming.dev/#use-with-ide 110 | .pdm.toml 111 | 112 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm 113 | __pypackages__/ 114 | 115 | # Celery stuff 116 | celerybeat-schedule 117 | celerybeat.pid 118 | 119 | # SageMath parsed files 120 | *.sage.py 121 | 122 | # Environments 123 | .env 124 | .venv 125 | env/ 126 | venv/ 127 | ENV/ 128 | env.bak/ 129 | venv.bak/ 130 | 131 | # Spyder project settings 132 | .spyderproject 133 | .spyproject 134 | 135 | # Rope project settings 136 | .ropeproject 137 | 138 | # mkdocs documentation 139 | /site 140 | 141 | # mypy 142 | .mypy_cache/ 143 | .dmypy.json 144 | dmypy.json 145 | 146 | # Pyre type checker 147 | .pyre/ 148 | 149 | # pytype static type analyzer 150 | .pytype/ 151 | 152 | # Cython debug symbols 153 | cython_debug/ 154 | 155 | # PyCharm 156 | # JetBrains specific template is maintained in a separate JetBrains.gitignore that can 157 | # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore 158 | # and can be added to the global gitignore or merged into this file. For a more nuclear 159 | # option (not recommended) you can uncomment the following to ignore the entire idea folder. 160 | #.idea/ 161 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2023 Taiko Labs 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Taiko Research 2 | 3 | This repository holds research ideas, investigations and results for Taiko's zkEVM. 4 | 5 | # License 6 | 7 | Licensed and distributed under 8 | 9 | * MIT license: [LICENSE](LICENSE) or http://opensource.org/licenses/MIT 10 | 11 | This repository content may not be copied, modified, or distributed except according to those terms. 12 | -------------------------------------------------------------------------------- /algebra/Proof and Implementation of Binary Euclidean Inversion.rs: -------------------------------------------------------------------------------- 1 | /* 2 | The Modular Inversion by Means of the Binary Extended Euclidean Algorithm: 3 | Implementation in Rust and Proof 4 | 5 | Aleksei Vambol 6 | June 2023 7 | */ 8 | // Computes the multiplicative inverse of x modulo n by applying the binary 9 | // Extended Euclidean Algorithm. For applying this method n must be odd, 10 | // x and n must be coprime (because if they are not comprime, the inverse 11 | // does not exist), both x and n must be positive 12 | fn mod_inv(x: i64, n: i64) -> i64 { 13 | let (mut a, mut b, mut u, mut v) = (x, n, 1, 0); 14 | // Now a = x, b = n; 15 | // (1) b is odd; (2) u < n and v < n; (3) a = u * x (mod n); 16 | // (4) b = v * x (mod n); (5) GCD(a, b) = GCD(x, n) = 1; 17 | // (6) a, b, u and v are non-negative. 18 | // In each iteration we perform the transformation of a and b as well as 19 | // their accompanying coefficients u and v, which preserves (1)-(6) and 20 | // decreases a + b. Thus, when a is 0, b is 1 due to (5), so v is the 21 | // inverse of x modulo n due to (4). Also, 0 < v < n due to (2) and (6). 22 | // In the case of the classic Extended Euclidean Algorithm we would have 23 | // a = u * x + i * n and b = v * x + j * n instead of (3) and (4), only (5) 24 | // would still hold true. Since we do not seek all the Bezout coefficients 25 | // and have "(mod n)" in both (3) and (4), we discard "i * n" and "j * n" 26 | while a > 0 { 27 | if (a & 1) > 0 { 28 | // Both a and b are odd here. We decrease the greatest by the 29 | // smallest and satisfy (5), because GCD(p, q) = GCD(p - q, q), 30 | // update the greatest's accompanying coefficient to satisfy 31 | // (3) and (4), swap the values for a and b as well as for their 32 | // accompanying coefficients, if this is required, to satisfy (1) 33 | // without breaking (3)-(5). Thus, (1)-(5) are satisfied 34 | if a >= b { 35 | (a, u) = (a - b, u - v); 36 | } else { 37 | (a, b, u, v) = (b - a, a, v - u, u); 38 | } 39 | // We conditionally update u to satisfy (6) without breaking (1)-(5) 40 | if u < 0 { u += n; } 41 | } 42 | // Here a is even and (1)-(6) are satisfied. We divide a by 2 and still 43 | // satisfy (5), since b is odd due to (1) and GCD(p, q) = GCD(p / 2, q) 44 | // for even p and odd q. As the result, only (3) is not satisfied 45 | a >>= 1; 46 | // In order to satisfy (3) without breaking (1)-(2) and (4)-(6), 47 | // u should be set to u * 2^(-1) mod n. If u is even, it is done by 48 | // dividing u by 2. For odd u we set u to (u + n) / 2, since n is odd, 49 | // u < n due to (2) and u is non-negative due to (6) 50 | if u & 1 > 0 { u += n; } 51 | u = u >> 1; 52 | } 53 | v 54 | } 55 | 56 | fn main() { 57 | let (x, n) = (13, 97); 58 | let i = mod_inv(x, n); 59 | assert!((i * x) % n == 1, "Incorrect inverse!"); 60 | println!("{}", i); 61 | } 62 | -------------------------------------------------------------------------------- /algebra/Proof and Implementation of Euclidean Inversion.rs: -------------------------------------------------------------------------------- 1 | /* 2 | The Modular Inversion by Means of the Extended Euclidean Algorithm: 3 | Implementation in Rust and Proof 4 | 5 | Aleksei Vambol 6 | June 2023 7 | */ 8 | // Computes the multiplicative inverse of x modulo n by applying the Extended 9 | // Euclidean Algorithm; panics in the case of n < 2. If x and n are not coprime, 10 | // the aforementioned inverse does not exist, so None is returned 11 | fn mod_inv(x: i64, n: i64) -> Option { 12 | if n < 2 { panic!("The modulus must be greater than 1!"); } 13 | // Working not with x, but with such x' that 0 <= x' < n and x = x' (mod n) 14 | let (mut s, mut x_s, mut b, mut x_b) = (((x % n) + n) % n, 1, n, 0); 15 | // Now s = x', b = n; "s" and "b" stand for "small" and "big", respectively. 16 | // From now on we have s = x_s * x' + n_s * n and b = x_b * x' + n_b * n, 17 | // where x' and n are immutable. In each iteration until s = 0 we use 18 | // the formula "GCD(s, b) = GCD(b mod s, s)" and update the variables 19 | // accordingly. We do not need to store the values of n_s and n_b 20 | while s > 0 { 21 | let q = b / s; 22 | (s, x_s, b, x_b) = (b - q * s, x_b - q * x_s, s, x_s); 23 | } 24 | // Now we have b = GCD(0, b) = GCD(x', n). If b > 1, then x' is 25 | // not invertible modulo n. If b = 1, then 1 = x_b * x' + n_b * n, 26 | // so x_b * x' = 1 (mod n); since it is proven that |x_b| does not 27 | // exceed n, we return either x_b or x_b + n 28 | if b == 1 { Some(if x_b < 0 { x_b + n } else { x_b }) } else { None } 29 | } 30 | 31 | fn main() { 32 | let (x, n) = (3, 10); 33 | match mod_inv(x, n) { 34 | Some(r) => println!("{}", r), 35 | None => println!("{} and {} are not coprime!", x, n), 36 | } 37 | } -------------------------------------------------------------------------------- /algebra/Proof for Formula of Lagrange Basis Polynomials for Cyclic Multiplicative Subgroups.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/taikoxyz/research/55c93b696d26230043a6040e7b7482a8d9955f9a/algebra/Proof for Formula of Lagrange Basis Polynomials for Cyclic Multiplicative Subgroups.pdf -------------------------------------------------------------------------------- /algebra/Proof of Euclidean Inversion for the Montgomery representation.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/taikoxyz/research/55c93b696d26230043a6040e7b7482a8d9955f9a/algebra/Proof of Euclidean Inversion for the Montgomery representation.pdf -------------------------------------------------------------------------------- /algebra/README.md: -------------------------------------------------------------------------------- 1 | # Algebra research -------------------------------------------------------------------------------- /protocols/A Brief Overview of the Modern Lookup Protocols Compatible With the KZG Polynomial Commitments (Draft).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/taikoxyz/research/55c93b696d26230043a6040e7b7482a8d9955f9a/protocols/A Brief Overview of the Modern Lookup Protocols Compatible With the KZG Polynomial Commitments (Draft).pdf -------------------------------------------------------------------------------- /protocols/README.md: -------------------------------------------------------------------------------- 1 | # Protocol research --------------------------------------------------------------------------------