Use fft on calculateH polynomial multiplication

For a circuit arround 22500 constraints: - before: the proof was generated aprox in `80 seconds` - now: the proof is generated aprox in `16 seconds`
2026-02-08 11:56:39 +01:00 · 2020-04-21 15:38:50 +02:00
parent fb3bbedde5
commit 9b93bad028
3 changed files with 79 additions and 17 deletions
--- a/prover/ifft.go
+++ b/prover/ifft.go
@@ -48,7 +48,7 @@ func (roots rootsT) setRoots(n int) {
 	}
 }

-func fft(roots rootsT, pall []*ff.Element, bits, offset, step int) []*ff.Element {
+func fftroots(roots rootsT, pall []*ff.Element, bits, offset, step int) []*ff.Element {
 	n := 1 << bits
 	if n == 1 {
 		return []*ff.Element{pall[offset]}
@@ -60,19 +60,18 @@ func fft(roots rootsT, pall []*ff.Element, bits, offset, step int) []*ff.Element
 	}

 	ndiv2 := n >> 1
-	p1 := fft(roots, pall, bits-1, offset, step*2)
-	p2 := fft(roots, pall, bits-1, offset+step, step*2)
+	p1 := fftroots(roots, pall, bits-1, offset, step*2)
+	p2 := fftroots(roots, pall, bits-1, offset+step, step*2)

 	out := make([]*ff.Element, n)
 	for i := 0; i < ndiv2; i++ {
-		// fmt.Println(i, len(roots.roots))
 		out[i] = ff.NewElement().Add(p1[i], ff.NewElement().Mul(roots.roots[bits][i], p2[i]))
 		out[i+ndiv2] = ff.NewElement().Sub(p1[i], ff.NewElement().Mul(roots.roots[bits][i], p2[i]))
 	}
 	return out
 }

-func ifft(p []*ff.Element) []*ff.Element {
+func fft(p []*ff.Element) []*ff.Element {
 	if len(p) <= 1 {
 		return p
 	}
@@ -81,7 +80,14 @@ func ifft(p []*ff.Element) []*ff.Element {
 	roots.setRoots(int(bits))
 	m := 1 << int(bits)
 	ep := extend(p, m)
-	res := fft(roots, ep, int(bits), 0, 1)
+	res := fftroots(roots, ep, int(bits), 0, 1)
+	return res
+}
+
+func ifft(p []*ff.Element) []*ff.Element {
+	res := fft(p)
+	bits := math.Log2(float64(len(p)-1)) + 1
+	m := 1 << int(bits)

 	twoinvm := ff.NewElement().SetBigInt(fInv(fMul(big.NewInt(1), big.NewInt(int64(m)))))