chore: performance improvements (#14)

- Leverage cyclone msm
privacy-scaling-explorations/halo2curves#130
- Leverage improved FFT implementations 
- Much improved parallelism for mv-lookup and permutation commitment
calcs
- ASM in h2curves

Results: 30-80% reduction in proving time for benchmark circuits

.github/workflows/ci.yml

@@ -17,7 +17,7 @@ jobs:
         os: [ubuntu-latest, windows-latest, macOS-latest]
         include:
           - feature_set: basic
-            features: batch,dev-graph,gadget-traces,multicore
+            features: batch,dev-graph,gadget-traces
           - feature_set: all
             features: batch,dev-graph,gadget-traces,test-dev-graph,thread-safe-region,sanity-checks,circuit-params
 

halo2_gadgets/src/poseidon/pow5.rs

@@ -369,12 +369,7 @@ impl<
                             // The capacity element is never altered by the input.
                             .unwrap_or_else(|| Value::known(F::ZERO));
                     region
-                        .assign_advice(
-                            || format!("load output_{i}"),
-                            config.state[i],
-                            2,
-                            || value,
-                        )
+                        .assign_advice(|| format!("load output_{i}"), config.state[i], 2, || value)
                         .map(StateWord)
                 };
 

halo2_proofs/Cargo.toml

@@ -52,22 +52,24 @@ log = { version = "0.4.17", default_features = false }
 backtrace = { version = "0.3", optional = true }
 ff = "0.13"
 group = "0.13"
-halo2curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", rev="9fff22c", default-features = false }
+halo2curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", rev="b753a832e92d5c86c5c997327a9cf9de86a18851", default-features = false }
 rand_core = { version = "0.6", default-features = false }
 tracing = "0.1"
 blake2b_simd = "1" # MSRV 1.66.0
 sha3 = "0.9.1"
 rand_chacha = "0.3"
 maybe-rayon = { version = "0.1.1"}
-lazy_static = { version = "1", optional = true }
 env_logger = "0.10.0"
 rustc-hash = "2.0.0"
-
+lazy_static = "1.4.0"
 # GPU Icicle integration
 icicle = { git = "https://github.com/ingonyama-zk/icicle.git", branch = "rust/large-bucket-factor-msm", optional = true }
 rustacuda = { version = "0.1", optional = true }
-serde = { version = "1", optional = true, features = ["derive"] }
 serde_derive = { version = "1", optional = true}
+bincode = { version = "1.3.3", default_features = false }
+serde = { version = "1.0.126", features = ["derive"] }
+instant = { version = "0.1" }
+
 
 # Developer tooling dependencies
 plotters = { version = "0.3.0", default-features = false, optional = true }
@@ -88,26 +90,28 @@ serde_json = "1"
 getrandom = { version = "0.2", features = ["js"] }
 
 [features]
-default = ["batch", "bits"]
+default = ["batch", "bits", "derive_serde"]
 dev-graph = ["plotters", "tabbycat"]
 test-dev-graph = [
     "dev-graph",
     "plotters/bitmap_backend",
     "plotters/bitmap_encoder",
     "plotters/ttf",
 ]
+asm = ["halo2curves/asm"]
 bits = ["halo2curves/bits"]
 gadget-traces = ["backtrace"]
 thread-safe-region = []
 sanity-checks = []
 batch = ["rand_core/getrandom"]
 circuit-params = []
-counter = ["lazy_static"]
+counter = []
 icicle_gpu = ["icicle", "rustacuda"]
 mv-lookup = []
-cost-estimator = ["serde", "serde_derive"]
+cost-estimator = ["serde_derive"]
 derive_serde = ["halo2curves/derive_serde"]
 parallel-poly-read = []
+precompute-coset = []
 
 [lib]
 bench = false

halo2_proofs/examples/simple-lookup-unblinded.rs

@@ -250,9 +250,9 @@ fn main() {
     println!("k = {K}");
     // time it
     println!("keygen");
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     let (params, pk) = keygen(K);
-    let end = std::time::Instant::now();
+    let end = instant::Instant::now();
     println!("keygen time: {:?}", end.duration_since(start));
 
     println!("saving proving key 💾");
@@ -267,7 +267,7 @@ fn main() {
 
     println!("reloading proving key 💾");
 
-    let f = std::fs::File::open(path.clone()).unwrap();
+    let f = std::fs::File::open(path).unwrap();
     let mut reader = std::io::BufReader::new(f);
     #[cfg(feature = "circuit-params")]
     let pk = ProvingKey::<G1Affine>::read::<_, MyCircuit<Fr>>(
@@ -297,7 +297,7 @@ fn main() {
 
     println!("reloading verifier key 💾");
 
-    let f = std::fs::File::open(path.clone()).unwrap();
+    let f = std::fs::File::open(path).unwrap();
     let mut reader = std::io::BufReader::new(f);
     #[cfg(feature = "circuit-params")]
     let vk = VerifyingKey::<G1Affine>::read::<_, MyCircuit<Fr>>(
@@ -315,14 +315,14 @@ fn main() {
 
     // time it
     println!("prover");
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     let proof = prover(K, &params, &pk);
-    let end = std::time::Instant::now();
+    let end = instant::Instant::now();
     println!("prover time: {:?}", end.duration_since(start));
     // time it
     println!("verifier");
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     verifier(&params, &vk, &proof);
-    let end = std::time::Instant::now();
+    let end = instant::Instant::now();
     println!("verifier time: {:?}", end.duration_since(start));
 }

halo2_proofs/examples/simple-lookup.rs

@@ -250,9 +250,9 @@ fn main() {
     println!("k = {K}");
     // time it
     println!("keygen");
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     let (params, pk) = keygen(K);
-    let end = std::time::Instant::now();
+    let end = instant::Instant::now();
     println!("keygen time: {:?}", end.duration_since(start));
 
     println!("saving proving key 💾");
@@ -267,7 +267,7 @@ fn main() {
 
     println!("reloading proving key 💾");
 
-    let f = std::fs::File::open(path.clone()).unwrap();
+    let f = std::fs::File::open(path).unwrap();
     let mut reader = std::io::BufReader::new(f);
     #[cfg(feature = "circuit-params")]
     let pk = ProvingKey::<G1Affine>::read::<_, MyCircuit<Fr>>(
@@ -297,7 +297,7 @@ fn main() {
 
     println!("reloading verifier key 💾");
 
-    let f = std::fs::File::open(path.clone()).unwrap();
+    let f = std::fs::File::open(path).unwrap();
     let mut reader = std::io::BufReader::new(f);
     #[cfg(feature = "circuit-params")]
     let vk = VerifyingKey::<G1Affine>::read::<_, MyCircuit<Fr>>(
@@ -315,14 +315,14 @@ fn main() {
 
     // time it
     println!("prover");
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     let proof = prover(K, &params, &pk);
-    let end = std::time::Instant::now();
+    let end = instant::Instant::now();
     println!("prover time: {:?}", end.duration_since(start));
     // time it
     println!("verifier");
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     verifier(&params, &vk, &proof);
-    let end = std::time::Instant::now();
+    let end = instant::Instant::now();
     println!("verifier time: {:?}", end.duration_since(start));
 }

halo2_proofs/examples/vector-mul-unblinded.rs

@@ -334,14 +334,14 @@ fn main() {
     // of the instance column, so we position it there in our public inputs.
     let mut public_inputs = c;
 
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     // Given the correct public input, our circuit will verify.
     let prover = MockProver::run(k, &circuit, vec![public_inputs.clone()]).unwrap();
     assert_eq!(prover.verify(), Ok(()));
     println!("positive test took {:?}", start.elapsed());
 
     // If we try some other public input, the proof will fail!
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     public_inputs[0] += Fp::one();
     let prover = MockProver::run(k, &circuit, vec![public_inputs]).unwrap();
     assert!(prover.verify().is_err());

halo2_proofs/examples/vector-mul.rs

@@ -300,14 +300,14 @@ fn main() {
     // of the instance column, so we position it there in our public inputs.
     let mut public_inputs = c;
 
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     // Given the correct public input, our circuit will verify.
     let prover = MockProver::run(k, &circuit, vec![public_inputs.clone()]).unwrap();
     assert_eq!(prover.verify(), Ok(()));
     println!("positive test took {:?}", start.elapsed());
 
     // If we try some other public input, the proof will fail!
-    let start = std::time::Instant::now();
+    let start = instant::Instant::now();
     public_inputs[0] += Fp::one();
     let prover = MockProver::run(k, &circuit, vec![public_inputs]).unwrap();
     assert!(prover.verify().is_err());