Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Algebra OCL integration #81

Closed
wants to merge 71 commits into from
Closed

Algebra OCL integration #81

wants to merge 71 commits into from

Conversation

phoinic
Copy link

@phoinic phoinic commented Jan 14, 2021

No description provided.

|b, _samples| {
b.iter_batched(
|| {
let a: Vec<F> = load_data(num_coeffs);

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder why the FFT benches come with the load_data() and save_data() functions. Unlike generating points on an elliptic curve, sampling field elements is fast.

}
}

fn best_fft(a: &mut [F], _worker: &Worker, omega: F, log_n: u32) {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I expect that log_n is the ceiling of log_2(domain size)?

b: Option<F>,
}

impl<F: PrimeField> ConstraintSynthesizer<F> for TestCircuit1<F> {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should comment that TestCircuit1 has R1CS density d=1 and keeps the synthesizer costs low (no field inversion needed).

}
}

impl<F: PrimeField> ConstraintSynthesizer<F> for TestCircuit2<F> {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also here: let's comment the R1CS density d=1 and that every second constraint costs the synthesizer a field inversion (this should simulate EC arithmetics over prime fields).

Copy link

@UlrichHaboeck75 UlrichHaboeck75 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would change our x^5-Poseidon-128 number of partial rounds to R_p=57. This corresponds to the recommendation of the updated Poseidon paper on the IACR preprint archive.

@UlrichHaboeck75
Copy link

I would change our x^5-Poseidon-128 number of partial rounds to R_p=57. This corresponds to the recommendation of the updated Poseidon paper on the IACR preprint archive.

Not topic of this PR.

Copy link

@UlrichHaboeck75 UlrichHaboeck75 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Beside just a few comments to be resolved, everything's ok.

Copy link

@UlrichHaboeck75 UlrichHaboeck75 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Beside a few comments to be resolved everything is ok.

@albertog78 albertog78 closed this Apr 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants