When batch verification fails, it may be useful to know which proofs are invalid. Unfortunately, Proof::verify_batch cannot identify this.
The optimal method for this depends on the caller's needs. If the caller only needs to identify one invalid proof in a failed batch, it's more efficient to use a binary search to identify it. But if the caller needs to identify all invalid proofs, we need to check them all individually.
This PR adds both of these. The new Proof::verify_batch_with_single_blame uses a binary search on batch failure, and returns an error containing the index of an invalid proof. The new Proof::verify_batch_with_all_blame iteratively checks all proofs on batch failure, and returns an error containing the indexes of all invalid proofs.
BREAKING CHANGE: Empty batches are now considered valid by definition.
When batch verification fails, it may be useful to know which proofs are invalid. Unfortunately,
Proof::verify_batch
cannot identify this.The optimal method for this depends on the caller's needs. If the caller only needs to identify one invalid proof in a failed batch, it's more efficient to use a binary search to identify it. But if the caller needs to identify all invalid proofs, we need to check them all individually.
This PR adds both of these. The new
Proof::verify_batch_with_single_blame
uses a binary search on batch failure, and returns an error containing the index of an invalid proof. The newProof::verify_batch_with_all_blame
iteratively checks all proofs on batch failure, and returns an error containing the indexes of all invalid proofs.BREAKING CHANGE: Empty batches are now considered valid by definition.