From 84585696d8f2d5d6c3f5b8685e038ff515864ba2 Mon Sep 17 00:00:00 2001
From: Chiro Hiro <chiro8x@gmail.com>
Date: Tue, 19 Sep 2023 11:23:08 +0700
Subject: [PATCH 1/3] improve root calculation for KZG setup()

---
 halo2_proofs/src/poly/kzg/commitment.rs | 23 +++++++++--------------
 1 file changed, 9 insertions(+), 14 deletions(-)

diff --git a/halo2_proofs/src/poly/kzg/commitment.rs b/halo2_proofs/src/poly/kzg/commitment.rs
index 70050e824b..c88f35f05d 100644
--- a/halo2_proofs/src/poly/kzg/commitment.rs
+++ b/halo2_proofs/src/poly/kzg/commitment.rs
@@ -88,11 +88,9 @@ where
         };
 
         let mut g_lagrange_projective = vec![E::G1::identity(); n as usize];
-        let mut root = E::Scalar::ROOT_OF_UNITY_INV.invert().unwrap();
-        for _ in k..E::Scalar::S {
-            root = root.square();
-        }
-        let n_inv = Option::<E::Scalar>::from(E::Scalar::from(n).invert())
+        let root = E::Scalar::ROOT_OF_UNITY.pow_vartime([1 << (E::Scalar::S - k)]);
+        let n_inv = E::Scalar::from(n)
+            .invert()
             .expect("inversion should be ok for n = 1<<k");
         let multiplier = (s.pow_vartime([n]) - E::Scalar::ONE) * n_inv;
         parallelize(&mut g_lagrange_projective, |g, start| {
@@ -106,11 +104,9 @@ where
 
         let g_lagrange = {
             let mut g_lagrange = vec![E::G1Affine::identity(); n as usize];
-            parallelize(&mut g_lagrange, |g_lagrange, starts| {
-                E::G1::batch_normalize(
-                    &g_lagrange_projective[starts..(starts + g_lagrange.len())],
-                    g_lagrange,
-                );
+            parallelize(&mut g_lagrange, |g_lagrange, start| {
+                let end = start + g_lagrange.len();
+                E::G1::batch_normalize(&g_lagrange_projective[start..end], g_lagrange);
             });
             drop(g_lagrange_projective);
             g_lagrange
@@ -142,10 +138,9 @@ where
         Self {
             k,
             n: 1 << k,
-            g_lagrange: if let Some(g_l) = g_lagrange {
-                g_l
-            } else {
-                g_to_lagrange(g.iter().map(PrimeCurveAffine::to_curve).collect(), k)
+            g_lagrange: match g_lagrange {
+                Some(g_l) => g_l,
+                None => g_to_lagrange(g.iter().map(PrimeCurveAffine::to_curve).collect(), k),
             },
             g,
             g2,

From 80b4a039ad8012b4a78e90b6fd4dadf9c46ca437 Mon Sep 17 00:00:00 2001
From: Chiro Hiro <chiro8x@gmail.com>
Date: Wed, 20 Sep 2023 16:18:33 +0700
Subject: [PATCH 2/3] Update halo2_proofs/src/poly/kzg/commitment.rs

Co-authored-by: Han <tinghan0110@gmail.com>
---
 halo2_proofs/src/poly/kzg/commitment.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/halo2_proofs/src/poly/kzg/commitment.rs b/halo2_proofs/src/poly/kzg/commitment.rs
index c88f35f05d..2eed21276d 100644
--- a/halo2_proofs/src/poly/kzg/commitment.rs
+++ b/halo2_proofs/src/poly/kzg/commitment.rs
@@ -88,7 +88,10 @@ where
         };
 
         let mut g_lagrange_projective = vec![E::G1::identity(); n as usize];
-        let root = E::Scalar::ROOT_OF_UNITY.pow_vartime([1 << (E::Scalar::S - k)]);
+        let mut root = E::Scalar::ROOT_OF_UNITY;
+        for _ in k..E::Scalar::S {
+             root = root.square();
+         }
         let n_inv = E::Scalar::from(n)
             .invert()
             .expect("inversion should be ok for n = 1<<k");

From b8f090118b0eaf3ac8a1e777e04d9a657ec6a463 Mon Sep 17 00:00:00 2001
From: Chiro Hiro <chiro8x@gmail.com>
Date: Wed, 20 Sep 2023 16:26:21 +0700
Subject: [PATCH 3/3] Fix rust format issue

---
 halo2_proofs/src/poly/kzg/commitment.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/halo2_proofs/src/poly/kzg/commitment.rs b/halo2_proofs/src/poly/kzg/commitment.rs
index 2eed21276d..c9157f843d 100644
--- a/halo2_proofs/src/poly/kzg/commitment.rs
+++ b/halo2_proofs/src/poly/kzg/commitment.rs
@@ -90,8 +90,8 @@ where
         let mut g_lagrange_projective = vec![E::G1::identity(); n as usize];
         let mut root = E::Scalar::ROOT_OF_UNITY;
         for _ in k..E::Scalar::S {
-             root = root.square();
-         }
+            root = root.square();
+        }
         let n_inv = E::Scalar::from(n)
             .invert()
             .expect("inversion should be ok for n = 1<<k");