Expose mod permutation and re-export permutation::keygen::Assembly
#147
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Perhaps I would need to Clone Assembly in order to compare all the results from different tests. |
Added in 3d3856b. |
|
Close in favor of #149 |
iquerejeta
pushed a commit
to input-output-hk/halo2
that referenced
this pull request
May 8, 2024
…-hk/dev-feature/98-gen-fbsm Generalize fbsm part of Ecc Chip # Project Context Part of the SOW task of generalizing the Ecc Chip to Pluto. This builds on top of privacy-scaling-explorations#144. The corresponding Galois internal issue is [Galois#98](https://gitlab-ext.galois.com/iog-midnight/halo2/-/issues/98). # Issue Description This issue is concerned with generalizing the fixed-base scalar-mul (fbsm) part of the Ecc Chip to arbitrary curves. Besides generalizing all of the types, and adding tests for all supported curves, the major technical task is to generalize the canonicity check on the windowed scalar decomposition: this canonicity check ensures that the decomposition of the scalar into 3-bit windows is correct. This is a "range check" type task, similar to existing range checks in variable-base scalar mul. See the Halo 2 Book [chapter on fbsm](http://localhost:3000/design/gadgets/ecc/fixed-base-scalar-mul.html) for details. # Notes to Reviewers * The canonicity check is generalized in ["Generalize canonicity check using 3-high-low decomp"](input-output-hk/galois_recursion@f8d2927) (with corresponding book updates in ["[book] fbsm: generalize, and document simplified canonicity check"](560a7d3b9af6df3031584acce4d80c119388df60)). This is the second example application of the [$K$-high-low decomp](privacy-scaling-explorations#114), and again we see a bunch of complex, bespoke range checking being replaced by a conceptually simple use of the decomp gadget :) * The fbsm works by precomputing a table of multiples of a fixed base, and then using the values to improve the efficiency (constraint complexity / proof burden) of multiplying the fixed base by scalars. This precomputation is very expensive, already taking 1+ hours for Pallas. For Pluto/Eris the precomputation time jumps to 17+ hours, which makes running the tests impractical. However, in a later PR (privacy-scaling-explorations#147), we cache the precomputation for the test bases to disk, which reduces the test time to a few minutes. * This PR includes a simple custom gate, that replaces the more complex custom gate for the old canonicity check. The new custom gate should be replaced by calls to the [gen arith gate](input-output-hk/galois_recursion#58) once that's available.
iquerejeta
pushed a commit
to input-output-hk/halo2
that referenced
this pull request
May 8, 2024
…-hk/dev-feature/99-cache-fbsm-test-bases Speed up testing of fixed-base scalar mul # Project Context This builds on top of privacy-scaling-explorations#146. The corresponding Galois internal issue is [Galois#99](https://gitlab-ext.galois.com/iog-midnight/halo2/-/issues/99). # Issue Description For Pallas the fbsm tests already took 1+ hours, and blew up to 17+ hours for Pluto/Eris, when support for those curves was added in privacy-scaling-explorations#145. The goal of this issue is to greatly reduce the test times by caching to disk the expensive data that takes 17+ hours to compute. The end result is that the test times are back down to a few minutes :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Expose module
plonk::permutationand re-exportplonk::permutation::keygen::Assembly. Also update the field ofAssemblyto be private to avoid misuse, and instead add getter for thecolumnsandmapping.Resolves #146