Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Faster RP commits with multi-exponentiation #184

Draft
wants to merge 26 commits into
base: master
Choose a base branch
from
Draft

Faster RP commits with multi-exponentiation #184

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
bf9acac
Synthetic benchmark for exponentiation with known totient
dvdplm Jan 8, 2025
a6e4168
Initial benchmark for Fac proof
dvdplm Jan 8, 2025
936fceb
Init tracing for FacProof benches
dvdplm Jan 16, 2025
3d8ebf0
Add test that exercise the ser-/deserialization of FacProof
dvdplm Jan 16, 2025
72355d1
Add benchmark for AffG
dvdplm Jan 17, 2025
e225fb2
mod.rs is not allowed and other clippy fixes
dvdplm Jan 17, 2025
0c78a5c
Allow formatting args in string literals
dvdplm Jan 17, 2025
0d748b7
Benchmark for DecProof construction and verification
dvdplm Jan 17, 2025
0e9b77c
Add Enc proof
dvdplm Jan 17, 2025
c310e31
Add Paillier Mul proof benchmark
dvdplm Jan 17, 2025
b6c79c9
Clippy fixes
dvdplm Jan 17, 2025
6f88bef
moar clippy crap
dvdplm Jan 17, 2025
7cf86ec
Add benches for Prm and Sch proofs
dvdplm Jan 17, 2025
30cc953
Remove workaround for broken/quirky clippy on nightly (https://github…
dvdplm Jan 20, 2025
5eedb88
Prm proofs are broken for now
dvdplm Jan 20, 2025
d45d19c
Appease clippy
dvdplm Jan 20, 2025
05d714b
Don't use a PublicSigned for PrmProof
dvdplm Jan 20, 2025
6ad3132
Merge branch 'master' into dp-zk-proof-benches
dvdplm Jan 21, 2025
58d9fb4
Re-enable Prm benchmark
dvdplm Jan 21, 2025
df1f717
Merge branch 'master' into dp-zk-proof-benches
dvdplm Jan 30, 2025
c3d0d4f
Use multi-exponentiation in ZK proofs
dvdplm Jan 30, 2025
5ab592a
CHANGELOG
dvdplm Jan 30, 2025
d58011e
Extract common code
dvdplm Jan 30, 2025
17c2aa6
Justify inversions
dvdplm Jan 30, 2025
7019228
Docs for PublicModulus
dvdplm Jan 30, 2025
80c49a3
Remove clippy too many args left-over since refactor
dvdplm Jan 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

- Switch the protocol framework to `manul`. ([#156])
- Bumped MSRV to 1.83 ([#176])
- Faster RP commits with multi-exponentiation ([#184])

[#156]: https://github.com/entropyxyz/synedrion/pull/156
[#176]: https://github.com/entropyxyz/synedrion/pull/176
[#184]: https://github.com/entropyxyz/synedrion/pull/184


## [0.2.0] - 2024-11-17
Expand Down
27 changes: 27 additions & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 16 additions & 0 deletions synedrion/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ serde = { version = "1", default-features = false, features = ["derive"] }
serde-encoded-bytes = { version = "0.1", default-features = false, features = ["hex", "base64"] }
bincode = { version = "2.0.0-rc.3", default-features = false, features = ["serde", "alloc"] }
displaydoc = { version = "0.2", default-features = false }
criterion = { version = "0.5", optional = true }

[dev-dependencies]
manul = { version = "0.1", features = ["dev"] }
Expand All @@ -50,9 +51,24 @@ k256 = { version = "0.13", default-features = false, features = ["ecdsa", "arith
impls = "1"
hex = { version = "0.4", default-features = false, features = ["alloc"] }
test-log = { version = "0.2.16", default-features = false, features = ["trace", "color"] }
tracing-subscriber = "0.3.19"

[features]
private_benches = ["criterion"]

[[bench]]
bench = true
name = "bench"
harness = false
path = "benches/bench.rs"

[[bench]]
bench = true
name = "pow"
harness = false
path = "benches/pow.rs"

[[bench]]
bench = true
name = "zk_proofs"
harness = false
125 changes: 125 additions & 0 deletions synedrion/benches/pow.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,125 @@
use criterion::{black_box, criterion_group, criterion_main, BatchSize, Criterion};
use crypto_bigint::{
modular::{MontyForm, MontyParams},
NonZero, Odd, Random, Uint, U1024, U2048, U256, U4096, U512,
};
use crypto_primes::RandomPrimeWithRng;
use rand::SeedableRng;

fn bench_pow_known_totient_512(c: &mut Criterion) {
let mut group = c.benchmark_group("modpow, 512^1024");

let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
let p: U512 = (U256::generate_prime_with_rng(&mut rng, U256::BITS), U256::ZERO).into();
let q: U512 = (U256::generate_prime_with_rng(&mut rng, U256::BITS), U256::ZERO).into();
let m: U512 = p * q;
let totient = (p - U512::ONE) * (q - U512::ONE);
let prms = MontyParams::new_vartime(Odd::new(m).unwrap());

group.bench_function("vanilla", |b| {
let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
b.iter_batched(
|| {
let x = U512::random(&mut rng);
let x = MontyForm::new(&x, prms);
let exponent = U1024::random(&mut rng);
(x, exponent)
},
|(x, exponent)| black_box(x.pow(&exponent)),
BatchSize::SmallInput,
);
});

group.bench_function("known totient", |b| {
let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
b.iter_batched(
|| {
let x = U512::random(&mut rng);
let x = MontyForm::new(&x, prms);
let exponent = U1024::random(&mut rng);
let exponent = Uint::rem_wide_vartime(exponent.split(), &NonZero::new(totient).unwrap());
(x, exponent)
},
|(x, exponent)| black_box(x.pow(&exponent)),
BatchSize::SmallInput,
);
});

group.bench_function("known totient (not ammortized)", |b| {
let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
b.iter_batched(
|| {
let x = U512::random(&mut rng);
let x = MontyForm::new(&x, prms);
let exponent = U1024::random(&mut rng);
(x, exponent)
},
|(x, exponent)| {
let exponent = Uint::rem_wide_vartime(exponent.split(), &NonZero::new(totient).unwrap());
black_box(x.pow(&exponent))
},
BatchSize::SmallInput,
);
});
}

// Our production parameters use 1024-bit primes resulting in 2048-bit moduli
fn bench_pow_known_totient_2048(c: &mut Criterion) {
let mut group = c.benchmark_group("modpow, 2048^4096");

let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
let p: U2048 = (U1024::generate_prime_with_rng(&mut rng, U1024::BITS), U1024::ZERO).into();
let q: U2048 = (U1024::generate_prime_with_rng(&mut rng, U1024::BITS), U1024::ZERO).into();
let m: U2048 = p * q;
let totient = (p - U2048::ONE) * (q - U2048::ONE);
let prms = MontyParams::new_vartime(Odd::new(m).unwrap());

group.bench_function("vanilla", |b| {
let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
b.iter_batched(
|| {
let x = U2048::random(&mut rng);
let x = MontyForm::new(&x, prms);
let exponent = U4096::random(&mut rng);
(x, exponent)
},
|(x, exponent)| black_box(x.pow(&exponent)),
BatchSize::SmallInput,
);
});

group.bench_function("known totient", |b| {
let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
b.iter_batched(
|| {
let x = U2048::random(&mut rng);
let x = MontyForm::new(&x, prms);
let exponent = U4096::random(&mut rng);
let exponent = Uint::rem_wide_vartime(exponent.split(), &NonZero::new(totient).unwrap());
(x, exponent)
},
|(x, exponent)| black_box(x.pow(&exponent)),
BatchSize::SmallInput,
);
});

group.bench_function("known totient (not ammortized)", |b| {
let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(1234567890);
b.iter_batched(
|| {
let x = U2048::random(&mut rng);
let x = MontyForm::new(&x, prms);
let exponent = U4096::random(&mut rng);
(x, exponent)
},
|(x, exponent)| {
let exponent = Uint::rem_wide_vartime(exponent.split(), &NonZero::new(totient).unwrap());
black_box(x.pow(&exponent))
},
BatchSize::SmallInput,
);
});
}
criterion_group!(benches, bench_pow_known_totient_512, bench_pow_known_totient_2048);

criterion_main!(benches);
Loading
Loading