Skip to content
This repository has been archived by the owner on Dec 23, 2024. It is now read-only.

fix: missing gas costs and memory issues #121

Merged
merged 1 commit into from
Jun 19, 2024
Merged

fix: missing gas costs and memory issues #121

merged 1 commit into from
Jun 19, 2024

Conversation

dartdart26
Copy link
Contributor

Add missing gas costs for multiple operations, mainly for FheBool, FheUint160 and FheUint2048.

Note that verify for bool is more expensive due to lack of cast from 2048 bits to bool - doing not equal instead.

Make castTo() fail and not panic on bad type input.

Fixed a memory leak in executeTernaryCiphertextOperation() - the first_ptr pointer was never freed.

Refactor some of the code such that it uses defer with destroy as close to the point where memory is allocated as possible - that fixes memory leaks on early returns in multiple places.

C code needs to be refactored and reduced. Maybe we can use codegen or a tool for that.

@dartdart26 dartdart26 self-assigned this Jun 19, 2024
fhevm/params.go Outdated Show resolved Hide resolved
tfhe.FheUint64: SstoreFheUint4Gas * 16,
tfhe.FheUint128: SstoreFheUint4Gas * 32,
tfhe.FheUint160: SstoreFheUint4Gas * 40,
tfhe.FheUint2048: SstoreFheUint4Gas * 120,
Copy link
Member

@jatZama jatZama Jun 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldnt price be proportional to number of bits here as well to avoid DDOS?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In general, yes, but the size is around 8 MB for FheUint2048. Not sure what the best approach is here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, then if price becomes prohibitive maybe it would make sense to reduce SstoreFheUint4Gas.

Copy link
Contributor Author

@dartdart26 dartdart26 Jun 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, could be. But reducing cost for other types could also be an attack. Maybe let's deal with that later.

tfhe.FheUint64: SstoreFheUint4Gas * 16,
tfhe.FheUint128: SstoreFheUint4Gas * 32,
tfhe.FheUint160: SstoreFheUint4Gas * 40,
tfhe.FheBool: SstoreFheUint4Gas / 2,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't price be divided by 4 instead of 2, since ebool is a single bit?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me check, because it is related to serialised size and not plaintext bits. Overall, these values might be off.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jatZama Sizes for these data types as serialised:


FheBool (0) = 0x0:
8268 = 0x204c
FheUint4 (1) = 0x0:
16544 = 0x40a0

Copy link
Member

@jatZama jatZama Jun 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

weird... wondering why ebool is an exception here with respect to size.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because of the way the ciphetext is represented, I think. I guess 4 bit is two 2 bit low-level ciphertexts. And 1 bit is just one.

Add missing gas costs for multiple operations, mainly for FheBool,
FheUint160 and FheUint2048.

Note that verify for bool is more expensive due to lack of cast from
2048 bits to bool - doing not equal instead.

Make `castTo()` fail and not panic on bad type input.

Fixed a memory leak in `executeTernaryCiphertextOperation()` - the
`first_ptr` pointer was never freed.

Refactor some of the code such that it uses `defer` with destroy as
close to the point where memory is allocated as possible - that fixes
memory leaks on early returns in multiple places.

C code needs to be refactored and reduced. Maybe we can use codegen or
a tool for that.
@dartdart26 dartdart26 merged commit 47dccc3 into main Jun 19, 2024
2 checks passed
@dartdart26 dartdart26 deleted the petar/fixes branch June 19, 2024 12:15
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants