Merge pull request #14 from PopcornPaws/I3-refactor-cleanup

I3 refactor cleanup
PopcornPaws · Jan 29, 2024 · a0d8ff4 · a0d8ff4
2 parents 7579f23 + 37b9986
commit a0d8ff4
Show file tree

Hide file tree

Showing 28 changed files with 1,415 additions and 1,224 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -7,7 +7,7 @@ edition = "2021"
 opt-level = 3
 
 [features]
-default = ["std", "parallel", "paillier"]
+default = ["std", "parallel"]
 std = [
     "ark-crypto-primitives/std",
     "ark-ec/std",
@@ -26,11 +26,6 @@ parallel = [
     "ark-std/parallel",
     "rayon"
 ]
-paillier = [
-    "num-bigint",
-    "num-integer",
-    "num-prime",
-]
 
 [dependencies]
 ark-crypto-primitives = { version = "0.4", default-features = false, features = ["signature"] }
@@ -40,9 +35,9 @@ ark-poly = { version = "0.4", default-features = false }
 ark-poly-commit = { version = "0.4", default-features = false }
 ark-serialize = { version = "0.4", default-features = false }
 ark-std = { version = "0.4", default-features = false }
-num-bigint = { version = "0.4", features = ["rand"], optional = true }
-num-integer = { version = "0.1", optional = true }
-num-prime = { version = "0.4", optional = true }
+num-bigint = { version = "0.4", features = ["rand"] }
+num-integer = "0.1"
+num-prime = "0.4"
 digest = { version = "0.10", default-features = false }
 rayon = { version = "1.8", optional = true }
 thiserror = "1"
@@ -54,16 +49,21 @@ criterion = "0.5"
 sha3 = "0.10"
 
 [[bench]]
-name = "kzg-elgamal-backend"
-path = "benches/kzg_elgamal.rs"
+name = "kzg-paillier-veck"
+path = "benches/kzg_paillier.rs"
 harness = false
 
-#[[bench]]
-#name = "kzg-elgamal-slow-backend"
-#path = "benches/kzg_elgamal_slow.rs"
-#harness = false
+[[bench]]
+name = "kzg-elgamal-veck"
+path = "benches/kzg_elgamal.rs"
+harness = false
 
 [[bench]]
 name = "split-elgamal-encryption"
 path = "benches/elgamal.rs"
 harness = false
+
+[[bench]]
+name = "range-proof"
+path = "benches/range_proof.rs"
+harness = false
diff --git a/benches/kzg_elgamal.rs b/benches/kzg_elgamal.rs
@@ -1,4 +1,3 @@
-use ark_bls12_381::Bls12_381 as BlsCurve;
 use ark_ec::pairing::Pairing;
 use ark_ec::{CurveGroup, Group};
 use ark_ff::PrimeField;
@@ -11,63 +10,84 @@ use fde::commit::kzg::Powers;
 const DATA_LOG_SIZE: usize = 12; // 4096 = 2^12
 const N: usize = Scalar::MODULUS_BIT_SIZE as usize / fde::encrypt::elgamal::MAX_BITS + 1;
 
-type Scalar = <BlsCurve as Pairing>::ScalarField;
+type TestCurve = ark_bls12_381::Bls12_381;
+type TestHash = sha3::Keccak256;
+type Scalar = <TestCurve as Pairing>::ScalarField;
 type UniPoly = DensePolynomial<Scalar>;
-type Proof = fde::backend::kzg_elgamal::Proof<{ N }, BlsCurve, sha3::Keccak256>;
-type PublicInput = fde::backend::kzg_elgamal::PublicInput<{ N }, BlsCurve>;
+type Proof = fde::veck::kzg::elgamal::Proof<{ N }, TestCurve, TestHash>;
+type EncryptionProof = fde::veck::kzg::elgamal::EncryptionProof<{ N }, TestCurve, TestHash>;
 
 fn bench_proof(c: &mut Criterion) {
     let mut group = c.benchmark_group("kzg-elgamal");
+    group.sample_size(10);
 
     let data_size = 1 << DATA_LOG_SIZE;
     assert_eq!(data_size, 4096);
 
     let rng = &mut test_rng();
     let tau = Scalar::rand(rng);
-    let powers = Powers::<BlsCurve>::unsafe_setup(tau, data_size + 1);
+    let powers = Powers::<TestCurve>::unsafe_setup(tau, data_size + 1);
 
     let encryption_sk = Scalar::rand(rng);
-    let encryption_pk = (<BlsCurve as Pairing>::G1::generator() * encryption_sk).into_affine();
+    let encryption_pk = (<TestCurve as Pairing>::G1::generator() * encryption_sk).into_affine();
 
+    println!("Generating encryption proofs for 4096 * 8 split field elements...");
+    println!("This might take a few minutes and it's not included in the actual benchmarks.");
+    let t_start = std::time::Instant::now();
     let data: Vec<Scalar> = (0..data_size).map(|_| Scalar::rand(rng)).collect();
-    let input = PublicInput::new(&data, &encryption_pk, rng);
+    let encryption_proof = EncryptionProof::new(&data, &encryption_pk, &powers, rng);
+    let elapsed = std::time::Instant::now().duration_since(t_start).as_secs();
+    println!("Generated encryption proofs, elapsed time: {} [s]", elapsed);
 
-    let evaluations = Evaluations::from_vec_and_domain(data, input.domain);
+    let domain = GeneralEvaluationDomain::new(data.len()).expect("valid domain");
+    let index_map = fde::veck::index_map(domain);
+
+    let evaluations = Evaluations::from_vec_and_domain(data, domain);
     let f_poly: UniPoly = evaluations.interpolate_by_ref();
     let com_f_poly = powers.commit_g1(&f_poly);
 
-    let index_map = input.index_map();
-
     for i in 0..=12 {
         let subset_size = 1 << i;
         let proof_gen_name = format!("proof-gen-{}", subset_size);
         let proof_vfy_name = format!("proof-vfy-{}", subset_size);
 
-        let sub_domain = GeneralEvaluationDomain::new(subset_size).unwrap();
-        let sub_indices = sub_domain
-            .elements()
-            .map(|elem| *index_map.get(&elem).unwrap())
-            .collect::<Vec<usize>>();
-        let sub_data = sub_indices
-            .iter()
-            .map(|&i| evaluations.evals[i])
-            .collect::<Vec<Scalar>>();
-        let sub_evaluations = Evaluations::from_vec_and_domain(sub_data, sub_domain);
-        let f_s_poly: UniPoly = sub_evaluations.interpolate_by_ref();
+        let subdomain = GeneralEvaluationDomain::new(subset_size).unwrap();
+        let subset_indices = fde::veck::subset_indices(&index_map, &subdomain);
+        let subset_evaluations = fde::veck::subset_evals(&evaluations, &subset_indices, subdomain);
+
+        let f_s_poly: UniPoly = subset_evaluations.interpolate_by_ref();
         let com_f_s_poly = powers.commit_g1(&f_s_poly);
 
-        let sub_input = input.subset(&sub_indices);
+        let sub_encryption_proof = encryption_proof.subset(&subset_indices);
 
         group.bench_function(&proof_gen_name, |b| {
             b.iter(|| {
-                Proof::new(&f_poly, &f_s_poly, &encryption_sk, &sub_input, &powers, rng);
+                Proof::new(
+                    &f_poly,
+                    &f_s_poly,
+                    &encryption_sk,
+                    sub_encryption_proof.clone(),
+                    &powers,
+                    rng,
+                )
+                .unwrap();
             })
         });
 
         group.bench_function(&proof_vfy_name, |b| {
-            let proof = Proof::new(&f_poly, &f_s_poly, &encryption_sk, &sub_input, &powers, rng);
+            let proof = Proof::new(
+                &f_poly,
+                &f_s_poly,
+                &encryption_sk,
+                sub_encryption_proof.clone(),
+                &powers,
+                rng,
+            )
+            .unwrap();
             b.iter(|| {
-                assert!(proof.verify(com_f_poly, com_f_s_poly, encryption_pk, &sub_input, &powers))
+                assert!(proof
+                    .verify(com_f_poly, com_f_s_poly, encryption_pk, &powers)
+                    .is_ok())
             })
         });
     }

diff --git a/benches/kzg_elgamal_slow.rs b/benches/kzg_elgamal_slow.rs