Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make multi scalar multiplication generic on the size of the Scalar #221

Merged
merged 1 commit into from
Oct 31, 2023
Merged

Make multi scalar multiplication generic on the size of the Scalar #221

merged 1 commit into from
Oct 31, 2023

Conversation

iquerejeta
Copy link

The multi-scalar multiplication algorithms in halo2 are written for scalars of 32 bytes. This PR uses generics (NUM_BITS) to make the algorithm generic over larger Scalar fields (such as those of Pluto/Eris curves).

@iquerejeta iquerejeta changed the title Make multiexp generic on the size of the Scalar Make multi scalar multiplication generic on the size of the Scalar Oct 30, 2023
CPerezz
CPerezz reviewed Oct 30, 2023
View reviewed changes
Copy link
Member

@CPerezz CPerezz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rather have shift than divide. But @han0110 any preferences from your side?

halo2_proofs/src/arithmetic.rs
@@ -40,7 +40,7 @@ fn multiexp_serial<C: CurveAffine>(coeffs: &[C::Scalar], bases: &[C], acc: &mut
let skip_bits = segment * c;
let skip_bytes = skip_bits / 8;

if skip_bytes >= 32 {
if skip_bytes >= (F::NUM_BITS as usize + 7) / 8 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if skip_bytes >= (F::NUM_BITS as usize + 7) / 8 {
if skip_bytes >= (F::NUM_BITS as usize + 7) >> 3 {

halo2_proofs/src/arithmetic.rs
@@ -122,7 +122,7 @@ pub fn small_multiexp<C: CurveAffine>(coeffs: &[C::Scalar], bases: &[C]) -> C::C
let mut acc = C::Curve::identity();

// for byte idx
for byte_idx in (0..32).rev() {
for byte_idx in (0..((C::Scalar::NUM_BITS as usize + 7) / 8)).rev() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
for byte_idx in (0..((C::Scalar::NUM_BITS as usize + 7) / 8)).rev() {
for byte_idx in (0..((C::Scalar::NUM_BITS as usize + 7) >> 3)).rev() {

davidnevadoc
davidnevadoc approved these changes Oct 30, 2023
View reviewed changes
Copy link

@davidnevadoc davidnevadoc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with @CPerezz comment. Otherwise LGTM!

han0110
han0110 approved these changes Oct 31, 2023
View reviewed changes
Copy link

@han0110 han0110 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! As for using div or shift I have no preference, I guess it'd be evaluated at compile time so either would be fine.

@CPerezz CPerezz merged commit b664023 into privacy-scaling-explorations:main Oct 31, 2023
12 checks passed
iquerejeta added a commit to input-output-hk/halo2 that referenced this pull request Dec 13, 2023
@iquerejeta
Make multiexp generic on the size of the Scalar (privacy-scaling-expl…
b55b77d 
…orations#221)
iquerejeta added a commit to input-output-hk/halo2 that referenced this pull request May 8, 2024
@iquerejeta @b13decker
Make multiexp generic on the size of the Scalar (privacy-scaling-expl…
4ffcd53 
…orations#221)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CPerezz CPerezz CPerezz left review comments

@han0110 han0110 han0110 approved these changes

@davidnevadoc davidnevadoc davidnevadoc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@iquerejeta @davidnevadoc @han0110 @CPerezz