Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Iota refactor #538

Merged
merged 10 commits into from
May 31, 2022
Merged

Iota refactor #538

merged 10 commits into from
May 31, 2022

Conversation

ChihChengLiang
Copy link
Collaborator

@ChihChengLiang ChihChengLiang commented May 27, 2022
edited

What we did

  • Consolidate 3 iota gates into 1.
  • remove instance columns
  • simplify the round constant handling

Why does it work?

The original 3 gates:

# iota_b9 0~23
adv__next_lane00 = adv__lane00 + const__A4 * instance__round_constant_b9
# iota_b9 24th no mixing
adv__next_lane00 = adv__lane00 + (const__1 - adv__mixing) * (const__A4 * instance__round_constant_b9)
# iota_b13 24th mixing
adv__next_lane00 = adv__lane00 + adv__mixing * instance__round_constant_b13

The new gate

adv__next_lane00 = adv__lane00 + adv__flag * fixed__constant_value

We argue the new gate can achieve all the functionalities of the old gates.

First, the values of round constants and A4 are known at the setup time. So does the multiplication of them. So we can move them into fixed columns. This saved some verifying time overheads.
Second, (const__1 - adv__mixing) and adv__mixing can be achieved by adv__flag. We can just copy the right cells to the adv__flag respectively.

Performance

Before

Num advice columns: 31
Num fixed columns: 23
Num instance columns: 2
Num lookups: 6
Num gates: 18
Max advice rows 19042 - Constraint out_state and out_mixing
num polys: 109
max_gate_degree_poly: 6 -

After

Num advice columns: 30
Num fixed columns: 22
Num instance columns: 0
Num lookups: 6
Num gates: 14
Max advice rows 19042 - Constraint out_state and out_mixing
num polys: 105
max_gate_degree_poly: 6 -

TODO

  • doc

@github-actions github-actions bot added the crate-keccak Issues related to the keccak workspace member label May 27, 2022
@ChihChengLiang ChihChengLiang marked this pull request as ready for review May 28, 2022 12:35
@ChihChengLiang ChihChengLiang force-pushed the iota-refacot branch 3 times, most recently from 2fae2e0 to f8b063b Compare May 29, 2022 21:52
CPerezz
CPerezz reviewed May 30, 2022
View reviewed changes
Copy link
Member

@CPerezz CPerezz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work! Just some comments!

keccak256/src/permutation/iota.rs Outdated Show resolved Hide resolved
keccak256/src/permutation/iota.rs Outdated
Comment on lines 21 to 22
round_constant_b13: F,
round_constants_b9: [BigUint; PERMUTATION],
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does the config need to store the constants?

We already know them right? So we can just take them directly from the constants file where they're defined.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The type of F is known at the configuration time, and we eventually need to convert them to F at some point. Config is the earliest possible place to define them.

ChihChengLiang and others added 2 commits May 30, 2022 21:23
@ChihChengLiang @CPerezz
Update keccak256/src/permutation/iota.rs
0c8eafe 
Co-authored-by: Carlos Pérez <37264926+CPerezz@users.noreply.github.com>
@ChihChengLiang
simplify constants
ad75196
CPerezz
CPerezz approved these changes May 31, 2022
View reviewed changes
Copy link
Member

@CPerezz CPerezz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work!
LGTM

@ChihChengLiang ChihChengLiang merged commit 394f3d6 into main May 31, 2022
@ChihChengLiang ChihChengLiang deleted the iota-refacot branch May 31, 2022 08:20
jonathanpwang pushed a commit to axiom-crypto/zkevm-circuits that referenced this pull request Aug 1, 2023
@lispc @roynalnaruto
@zhenfeizhang @kunxian-xia
refactor sig verify subcircuit (privacy-scaling-explorations#538)
fcf0381 
* xx

* fix: skip first 12 bytes for eth address

* chore: fmt

* feat: add sig table to evm circuit

* impl SubCircuit trait for TxCircuitTester

* fill r s v in test_util sig

* lint

* lint

* clean code

* chore: refactoring witness assignment

* [fix] soundness bug in ctr int (privacy-scaling-explorations#543)

* [fix] soundness bug in ctr int

* [fix] clippy

* move assign function to make git diff easier

* Feat: assert v is odd (privacy-scaling-explorations#546)

* [fix] soundness bug in ctr int

* [fix] clippy

* [feat] implement v_is_odd check

* [fix] extract v from affine coord

* [chore] cargo clippy; fmt

---------

Co-authored-by: Zhang Zhuo <mycinbrin@gmail.com>

* address some comments

* fix instance col

* fix v permutation

* sync up changes with halo2-lib; remove lifetimers (privacy-scaling-explorations#554)

* [fix] sync up api changes with halo2-lib: removing lifetimes

* [minor] update cargo lock

* [chore] clippy; update cargo lock

* Update sig_circuit.rs

---------

Co-authored-by: Zhang Zhuo <mycinbrin@gmail.com>

* lint

* add lookup to sig table in tx circuit

* add lookup to sig table in tx_circuit

* remove get_num_rows_required

* Update tx_circuit.rs

* fix sig circuit assignment

* fix: sign_data of padding tx

* fmt

---------

Co-authored-by: Rohit Narurkar <rohit.narurkar@protonmail.com>
Co-authored-by: zhenfei <zhenfei.zhang@hotmail.com>
Co-authored-by: kunxian xia <xiakunxian130@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CPerezz CPerezz CPerezz approved these changes

Assignees
No one assigned
Labels
crate-keccak Issues related to the keccak workspace member
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ChihChengLiang @CPerezz