Add comment to Fp12::square

Also fix a few poorly named namespaces

crates/bls12381/src/curves/g2.rs

@@ -208,13 +208,13 @@ impl<F: PrimeField + PrimeFieldBits> G2Point<F> {
             y: Fp2Element::zero(),
         };
         let inputx = Fp2Element::conditionally_select(
-            &mut cs.namespace(|| "asdfx"),
+            &mut cs.namespace(|| "tmp x"),
             &value.x,
             &dummy.x,
             &is_eq,
         )?;
         let inputy = Fp2Element::conditionally_select(
-            &mut cs.namespace(|| "asdfy"),
+            &mut cs.namespace(|| "tmp y"),
             &value.y,
             &dummy.y,
             &is_eq,
@@ -227,13 +227,13 @@ impl<F: PrimeField + PrimeFieldBits> G2Point<F> {
         let add = add.reduce(&mut cs.namespace(|| "add.reduce()"))?;
 
         let resx = Fp2Element::conditionally_select(
-            &mut cs.namespace(|| "asdfx2"),
+            &mut cs.namespace(|| "res x"),
             &add.x,
             &double.x,
             &is_eq,
         )?;
         let resy = Fp2Element::conditionally_select(
-            &mut cs.namespace(|| "asdfy2"),
+            &mut cs.namespace(|| "res y"),
             &add.y,
             &double.y,
             &is_eq,

crates/bls12381/src/fields/fp12.rs

@@ -309,7 +309,13 @@ impl<F: PrimeField + PrimeFieldBits> Fp12Element<F> {
         CS: ConstraintSystem<F>,
     {
         let mut cs = cs.namespace(|| "Fp12::square(x)");
+
+        // This explicit reduction is single-handedly responsible for saving
+        // millions of constraints during a pairing operation. This function is
+        // repeatedly called inside `miller_loop_lines`, and is responsible for
+        // a considerable chunk of the constraints
         let x = self.reduce(&mut cs.namespace(|| "x <- x.reduce()"))?;
+
         let c0 = x.c0.sub(&mut cs.namespace(|| "c0 <- x.c0 - x.c1"), &x.c1)?;
         let c3 =
             x.c1.mul_by_nonresidue(&mut cs.namespace(|| "c3 <- x.c1.mul_by_nonresidue()"))?;