From c854fb09671a1ff58439e4c4455f5cd3f31a9bc2 Mon Sep 17 00:00:00 2001 From: Vasiliy Olekhov Date: Tue, 21 May 2024 19:38:46 +0300 Subject: [PATCH 1/2] Removed divisions --- .../crypto3/zk/commitments/detail/polynomial/basic_fri.hpp | 4 ++-- .../zk/snark/systems/plonk/placeholder/lookup_argument.hpp | 2 +- .../snark/systems/plonk/placeholder/permutation_argument.hpp | 4 ++-- .../crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp b/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp index a08ade37..4df7190a 100644 --- a/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp +++ b/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp @@ -1030,8 +1030,8 @@ namespace nil { std::size_t id1 = s_indices[j][0] < s_indices[j][1] ? 1 : 0; Q[j][0] -= combined_U[p]; Q[j][1] -= combined_U[p]; - Q[j][0] /= denominators[p].evaluate(s[j][id0]); - Q[j][1] /= denominators[p].evaluate(s[j][id1]); + Q[j][0] *= denominators[p].evaluate(s[j][id0]).inversed(); + Q[j][1] *= denominators[p].evaluate(s[j][id1]).inversed(); y[j][0] += Q[j][0]; y[j][1] += Q[j][1]; } diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp index c8e14b22..969bf547 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp @@ -262,7 +262,7 @@ namespace nil { auto reduced_g = reduce_dfs_polynomial_domain(g, basic_domain->m); auto reduced_h = reduce_dfs_polynomial_domain(h, basic_domain->m); for( std::size_t j = 0; j < preprocessed_data.common_data.desc.usable_rows_amount; j++){ - current_poly[j] = (previous_poly[j] * reduced_g[j]) / reduced_h[j]; + current_poly[j] = (previous_poly[j] * reduced_g[j]) * reduced_h[j].inversed(); } commitment_scheme.append_to_batch(PERMUTATION_BATCH, current_poly); auto par = lookup_alphas[i] * (previous_poly * g - current_poly * h); diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp index 1a9b5538..fa60e433 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp @@ -129,7 +129,7 @@ namespace nil { nom *= g_v[i][j - 1]; denom *= h_v[i][j - 1]; } - V_P[j] = V_P[j - 1] * nom / denom; + V_P[j] = V_P[j - 1] * nom * denom.inversed(); } // 4. Compute and add commitment to $V_P$ to $\text{transcript}$. @@ -198,7 +198,7 @@ namespace nil { auto reduced_g = reduce_dfs_polynomial_domain(g, basic_domain->m); auto reduced_h = reduce_dfs_polynomial_domain(h, basic_domain->m); for(std::size_t j = 0; j < preprocessed_data.common_data.desc.usable_rows_amount; j++){ - current_poly[j] = (previous_poly[j] * reduced_g[j]) / reduced_h[j]; + current_poly[j] = (previous_poly[j] * reduced_g[j]) * reduced_h[j].inversed(); } commitment_scheme.append_to_batch(PERMUTATION_BATCH, current_poly); auto part = permutation_alphas[i] * (previous_poly * g - current_poly * h); diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp index 175fd8b2..65045c78 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp @@ -151,7 +151,7 @@ namespace nil { auto omega = common_data.basic_domain->get_domain_element(1); auto challenge = proof.eval_proof.challenge; auto numerator = challenge.pow(table_description.rows_amount) - FieldType::value_type::one(); - numerator /= typename FieldType::value_type(table_description.rows_amount); + numerator *= typename FieldType::value_type(table_description.rows_amount).inversed(); // If public input sizes are set, all of them should be set. if(constraint_system.public_input_sizes_num() != 0 && constraint_system.public_input_sizes_num() != table_description.public_input_columns){ @@ -165,7 +165,7 @@ namespace nil { max_size = std::min(max_size, constraint_system.public_input_size(i)); auto omega_pow = FieldType::value_type::one(); for( std::size_t j = 0; j < max_size; ++j ){ - value += (public_input[i][j] * omega_pow) / (challenge - omega_pow); + value += (public_input[i][j] * omega_pow) * (challenge - omega_pow).inversed(); omega_pow = omega_pow * omega; } value *= numerator; From 33e92e0731ebc8ae3f4a89816c4c505ecc09bc05 Mon Sep 17 00:00:00 2001 From: Vasiliy Olekhov Date: Wed, 22 May 2024 08:55:50 +0300 Subject: [PATCH 2/2] inplace operations update for kc #335 [skip ci] --- .../polynomial/element_knowledge_commitment.hpp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/include/nil/crypto3/zk/commitments/detail/polynomial/element_knowledge_commitment.hpp b/include/nil/crypto3/zk/commitments/detail/polynomial/element_knowledge_commitment.hpp index 3355cb29..19dc1db7 100644 --- a/include/nil/crypto3/zk/commitments/detail/polynomial/element_knowledge_commitment.hpp +++ b/include/nil/crypto3/zk/commitments/detail/polynomial/element_knowledge_commitment.hpp @@ -84,6 +84,21 @@ namespace nil { return element_kc(this->g.doubled(), this->h.doubled()); } + void mixed_add(const element_kc &other) { + g.mixed_add(other.g); + h.mixed_add(other.h); + } + + void double_inplace() { + g.double_inplace(); + h.double_inplace(); + } + element_kc& operator+=(const element_kc &other) { + g += other.g; + h += other.h; + return *this; + } + element_kc to_projective() { return element_kc(this->g.to_projective(), this->h.to_projective()); }