zec
/
halo2
mirror of https://github.com/zcash/halo2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
halo2/benches/plonk.rs

308 lines
10 KiB
Rust
Raw Normal View History

PLONK benchmarks.
2020-10-13 14:06:21 -07:00
#[macro_use]
extern crate criterion;
extern crate halo2;
Migrate to ff traits The `Field` trait in this crate is now `FieldExt: ff::PrimeField`.
2020-11-12 16:08:08 -08:00
use halo2::arithmetic::FieldExt;
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
use halo2::circuit::layouter::SingleChipLayouter;
use halo2::circuit::{Cell, Layouter};
Replace DummyHash with BLAKE2b
2021-01-27 02:30:39 -08:00
use halo2::pasta::{EqAffine, Fp};
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
use halo2::plonk::*;
Require Rotation instead of i32 for relative rows in circuits. Co-authored-by: str4d <thestr4d@gmail.com>
2020-12-23 08:45:16 -08:00
use halo2::poly::{commitment::Params, Rotation};
Replace ChallengeSpace with EncodedChallenge API Co-authored-by: Sean Bowe <ewillbefull@gmail.com>
2021-04-30 18:28:50 -07:00
use halo2::transcript::{Blake2bRead, Blake2bWrite, Challenge255};
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
use std::marker::PhantomData;
use criterion::Criterion;
fn bench_with_k(name: &str, k: u32, c: &mut Criterion) {
/// This represents an advice column at a certain row in the ConstraintSystem
#[derive(Copy, Clone, Debug)]
pub struct Variable(Column<Advice>, usize);
// Initialize the polynomial commitment parameters
Generate the URS using a homebrew mixture of blake2b and try-and-increment.
2020-12-23 15:09:17 -08:00
let params: Params<EqAffine> = Params::new(k);
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
Update tests
2021-02-18 23:24:21 -08:00
#[derive(Clone)]
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
struct PLONKConfig {
a: Column<Advice>,
b: Column<Advice>,
c: Column<Advice>,
sa: Column<Fixed>,
sb: Column<Fixed>,
sc: Column<Fixed>,
sm: Column<Fixed>,
Update tests
2021-02-18 23:24:21 -08:00
perm: Permutation,
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
}
Migrate to ff traits The `Field` trait in this crate is now `FieldExt: ff::PrimeField`.
2020-11-12 16:08:08 -08:00
trait StandardCS<FF: FieldExt> {
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
fn raw_multiply<F>(
&self,
layouter: &mut impl Layouter<FF>,
f: F,
) -> Result<(Cell, Cell, Cell), Error>
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
where
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
F: FnMut() -> Result<(FF, FF, FF), Error>;
fn raw_add<F>(
&self,
layouter: &mut impl Layouter<FF>,
f: F,
) -> Result<(Cell, Cell, Cell), Error>
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
where
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
F: FnMut() -> Result<(FF, FF, FF), Error>;
fn copy(&self, layouter: &mut impl Layouter<FF>, a: Cell, b: Cell) -> Result<(), Error>;
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
}
Update test to pass multiple ConcreteCircuits
2021-01-20 05:48:51 -08:00
#[derive(Clone)]
Migrate to ff traits The `Field` trait in this crate is now `FieldExt: ff::PrimeField`.
2020-11-12 16:08:08 -08:00
struct MyCircuit<F: FieldExt> {
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
a: Option<F>,
k: u32,
}
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
struct StandardPLONK<F: FieldExt> {
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
config: PLONKConfig,
_marker: PhantomData<F>,
}
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
impl<FF: FieldExt> StandardPLONK<FF> {
fn new(config: PLONKConfig) -> Self {
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
StandardPLONK {
config,
_marker: PhantomData,
}
}
}
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
impl<FF: FieldExt> StandardCS<FF> for StandardPLONK<FF> {
fn raw_multiply<F>(
&self,
layouter: &mut impl Layouter<FF>,
mut f: F,
) -> Result<(Cell, Cell, Cell), Error>
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
where
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
F: FnMut() -> Result<(FF, FF, FF), Error>,
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
{
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
layouter.assign_region(
|| "raw_multiply",
|mut region| {
let mut value = None;
let lhs = region.assign_advice(
|| "lhs",
self.config.a,
0,
|| {
value = Some(f()?);
Ok(value.ok_or(Error::SynthesisError)?.0)
},
)?;
let rhs = region.assign_advice(
|| "rhs",
self.config.b,
0,
|| Ok(value.ok_or(Error::SynthesisError)?.1),
)?;
let out = region.assign_advice(
|| "out",
self.config.c,
0,
|| Ok(value.ok_or(Error::SynthesisError)?.2),
)?;
region.assign_fixed(|| "a", self.config.sa, 0, || Ok(FF::zero()))?;
region.assign_fixed(|| "b", self.config.sb, 0, || Ok(FF::zero()))?;
region.assign_fixed(|| "c", self.config.sc, 0, || Ok(FF::one()))?;
region.assign_fixed(|| "a * b", self.config.sm, 0, || Ok(FF::one()))?;
Ok((lhs, rhs, out))
Add annotations to Region::{assign_advice, assign_fixed} This enables circuits to annotate individual cells with variable names or similar protocol-specific metadata.
2021-01-22 08:57:38 -08:00
},
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
)
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
}
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
fn raw_add<F>(
&self,
layouter: &mut impl Layouter<FF>,
mut f: F,
) -> Result<(Cell, Cell, Cell), Error>
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
where
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
F: FnMut() -> Result<(FF, FF, FF), Error>,
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
{
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
layouter.assign_region(
|| "raw_add",
|mut region| {
let mut value = None;
let lhs = region.assign_advice(
|| "lhs",
self.config.a,
0,
|| {
value = Some(f()?);
Ok(value.ok_or(Error::SynthesisError)?.0)
},
)?;
let rhs = region.assign_advice(
|| "rhs",
self.config.b,
0,
|| Ok(value.ok_or(Error::SynthesisError)?.1),
)?;
let out = region.assign_advice(
|| "out",
self.config.c,
0,
|| Ok(value.ok_or(Error::SynthesisError)?.2),
)?;
region.assign_fixed(|| "a", self.config.sa, 0, || Ok(FF::one()))?;
region.assign_fixed(|| "b", self.config.sb, 0, || Ok(FF::one()))?;
region.assign_fixed(|| "c", self.config.sc, 0, || Ok(FF::one()))?;
region.assign_fixed(|| "a * b", self.config.sm, 0, || Ok(FF::zero()))?;
Ok((lhs, rhs, out))
Add annotations to Region::{assign_advice, assign_fixed} This enables circuits to annotate individual cells with variable names or similar protocol-specific metadata.
2021-01-22 08:57:38 -08:00
},
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
)
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
}
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
fn copy(
&self,
layouter: &mut impl Layouter<FF>,
left: Cell,
right: Cell,
) -> Result<(), Error> {
layouter.assign_region(
|| "copy",
|mut region| region.constrain_equal(&self.config.perm, left, right),
Update tests
2021-02-18 23:24:21 -08:00
)
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
}
}
Migrate to ff traits The `Field` trait in this crate is now `FieldExt: ff::PrimeField`.
2020-11-12 16:08:08 -08:00
impl<F: FieldExt> Circuit<F> for MyCircuit<F> {
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
type Config = PLONKConfig;
fn configure(meta: &mut ConstraintSystem<F>) -> PLONKConfig {
let a = meta.advice_column();
let b = meta.advice_column();
let c = meta.advice_column();
Use Column<Any> in Permutation::Argument
2021-02-17 05:13:25 -08:00
let perm = meta.permutation(&[a.into(), b.into(), c.into()]);
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
let sm = meta.fixed_column();
let sa = meta.fixed_column();
let sb = meta.fixed_column();
let sc = meta.fixed_column();
Add name field to ConstraintSystem::create_gate The name has type `&'static str`, as gates apply to every row and thus do not require any runtime information to name.
2021-01-22 11:46:06 -08:00
meta.create_gate("Combined add-mult", |meta| {
Require Rotation instead of i32 for relative rows in circuits. Co-authored-by: str4d <thestr4d@gmail.com>
2020-12-23 08:45:16 -08:00
let a = meta.query_advice(a, Rotation::cur());
let b = meta.query_advice(b, Rotation::cur());
let c = meta.query_advice(c, Rotation::cur());
let sa = meta.query_fixed(sa, Rotation::cur());
let sb = meta.query_fixed(sb, Rotation::cur());
let sc = meta.query_fixed(sc, Rotation::cur());
let sm = meta.query_fixed(sm, Rotation::cur());
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
Allow multiple polynomial constraints per gate This enables a gate such as ECC complete addition to define its constraints in terms of a common set of queried columns.
2021-05-27 06:44:02 -07:00
vec![a.clone() * sa + b.clone() * sb + a * b * sm + (c * sc * (-F::one()))]
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
});
PLONKConfig {
a,
b,
c,
sa,
sb,
sc,
sm,
perm,
}
}
fn synthesize(
&self,
cs: &mut impl Assignment<F>,
config: PLONKConfig,
) -> Result<(), Error> {
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
let mut layouter = SingleChipLayouter::new(cs)?;
let cs = StandardPLONK::new(config);
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
for _ in 0..(1 << (self.k - 1)) {
let mut a_squared = None;
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
let (a0, _, c0) = cs.raw_multiply(&mut layouter, || {
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
a_squared = self.a.map(|a| a.square());
Ok((
self.a.ok_or(Error::SynthesisError)?,
self.a.ok_or(Error::SynthesisError)?,
a_squared.ok_or(Error::SynthesisError)?,
))
})?;
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
let (a1, b1, _) = cs.raw_add(&mut layouter, || {
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
let fin = a_squared.and_then(|a2| self.a.map(|a| a + a2));
Ok((
self.a.ok_or(Error::SynthesisError)?,
a_squared.ok_or(Error::SynthesisError)?,
fin.ok_or(Error::SynthesisError)?,
))
})?;
Migrate PLONK-gate-using circuits to use SingleChipLayouter These were all early examples that used the Circuit trait without any layouter, which is incompatible with upcoming changes. The minimal change to the PinnedVerificationKey is because the lookup table is being allocated at the top of its columns instead of in-place.
2021-06-21 11:51:32 -07:00
cs.copy(&mut layouter, a0, a1)?;
cs.copy(&mut layouter, b1, c0)?;
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
}
Ok(())
}
}
let empty_circuit: MyCircuit<Fp> = MyCircuit { a: None, k };
// Initialize the proving key
Refactor keygen to generate pk from vk.
2021-01-13 09:23:01 -08:00
let vk = keygen_vk(&params, &empty_circuit).expect("keygen_vk should not fail");
let pk = keygen_pk(&params, vk, &empty_circuit).expect("keygen_pk should not fail");
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
let prover_name = name.to_string() + "-prover";
let verifier_name = name.to_string() + "-verifier";
c.bench_function(&prover_name, |b| {
b.iter(|| {
let circuit: MyCircuit<Fp> = MyCircuit {
Migrate to ff traits The `Field` trait in this crate is now `FieldExt: ff::PrimeField`.
2020-11-12 16:08:08 -08:00
a: Some(Fp::rand()),
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
k,
};
// Create a proof
Remove unused Challenge trait.
2021-05-24 09:55:34 -07:00
let mut transcript = Blake2bWrite::<_, _, Challenge255<_>>::init(vec![]);
Update bench::plonk to work with multi-proof prover
2021-02-18 23:46:32 -08:00
create_proof(&params, &pk, &[circuit], &[&[]], &mut transcript)
Add aux information to metrics
2020-11-23 07:35:50 -08:00
.expect("proof generation should not fail")
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
});
});
let circuit: MyCircuit<Fp> = MyCircuit {
Migrate to ff traits The `Field` trait in this crate is now `FieldExt: ff::PrimeField`.
2020-11-12 16:08:08 -08:00
a: Some(Fp::rand()),
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
k,
};
// Create a proof
Remove unused Challenge trait.
2021-05-24 09:55:34 -07:00
let mut transcript = Blake2bWrite::<_, _, Challenge255<_>>::init(vec![]);
Update bench::plonk to work with multi-proof prover
2021-02-18 23:46:32 -08:00
create_proof(&params, &pk, &[circuit], &[&[]], &mut transcript)
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
.expect("proof generation should not fail");
Update the PLONK implementation to adapt to the new transcript API.
2020-12-23 12:03:31 -08:00
let proof = transcript.finalize();
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
c.bench_function(&verifier_name, |b| {
b.iter(|| {
let msm = params.empty_msm();
Remove unused Challenge trait.
2021-05-24 09:55:34 -07:00
let mut transcript = Blake2bRead::<_, _, Challenge255<_>>::init(&proof[..]);
Update bench::plonk to work with multi-proof prover
2021-02-18 23:46:32 -08:00
let guard = verify_proof(&params, pk.get_vk(), msm, &[&[]], &mut transcript).unwrap();
PLONK benchmarks.
2020-10-13 14:06:21 -07:00
let msm = guard.clone().use_challenges();
assert!(msm.eval());
});
});
}
fn criterion_benchmark(c: &mut Criterion) {
bench_with_k("plonk-k=8", 8, c);
bench_with_k("plonk-k=9", 9, c);
bench_with_k("plonk-k=10", 10, c);
bench_with_k("plonk-k=11", 11, c);
bench_with_k("plonk-k=12", 12, c);
bench_with_k("plonk-k=13", 13, c);
bench_with_k("plonk-k=14", 14, c);
bench_with_k("plonk-k=15", 15, c);
bench_with_k("plonk-k=16", 16, c);
}
criterion_group!(benches, criterion_benchmark);
criterion_main!(benches);