Fix setting node version in workflow

.github/workflows/main.yml

@@ -17,7 +17,7 @@ jobs:
     - name: Install Nodejs
       uses: actions/setup-node@v1
       with: 
-        go-version: 10.x
+        node-version: '10.x'
     - name: Install circom
       run: npm install -g circom
     - name: Install snarkjs

prover/arithmetic.go

@@ -4,46 +4,28 @@ import (
 	"bytes"
 	"math/big"
 
-	bn256 "github.com/ethereum/go-ethereum/crypto/bn256/cloudflare"
 	"github.com/iden3/go-circom-prover-verifier/types"
 	"github.com/iden3/go-iden3-crypto/ff"
 )
 
 func arrayOfZeroes(n int) []*big.Int {
-	r := make([]*big.Int, n)
+	var r []*big.Int
 	for i := 0; i < n; i++ {
-		r[i] = new(big.Int).SetInt64(0)
+		r = append(r, new(big.Int).SetInt64(0))
 	}
-	return r[:]
+	return r
 }
-
 func arrayOfZeroesE(n int) []*ff.Element {
-	r := make([]*ff.Element, n)
+	var r []*ff.Element
 	for i := 0; i < n; i++ {
-		r[i] = ff.NewElement()
+		r = append(r, ff.NewElement())
 	}
-	return r[:]
+	return r
-}
-
-func arrayOfZeroesG1(n int) []*bn256.G1 {
-	r := make([]*bn256.G1, n)
-	for i := 0; i < n; i++ {
-		r[i] = new(bn256.G1).ScalarBaseMult(big.NewInt(0))
-	}
-	return r[:]
-}
-
-func arrayOfZeroesG2(n int) []*bn256.G2 {
-	r := make([]*bn256.G2, n)
-	for i := 0; i < n; i++ {
-		r[i] = new(bn256.G2).ScalarBaseMult(big.NewInt(0))
-	}
-	return r[:]
 }
 
 func fAdd(a, b *big.Int) *big.Int {
 	ab := new(big.Int).Add(a, b)
-	return ab.Mod(ab, types.R)
+	return new(big.Int).Mod(ab, types.R)
 }
 
 func fSub(a, b *big.Int) *big.Int {
@@ -53,7 +35,7 @@ func fSub(a, b *big.Int) *big.Int {
 
 func fMul(a, b *big.Int) *big.Int {
 	ab := new(big.Int).Mul(a, b)
-	return ab.Mod(ab, types.R)
+	return new(big.Int).Mod(ab, types.R)
 }
 
 func fDiv(a, b *big.Int) *big.Int {
@@ -80,7 +62,7 @@ func fExp(base *big.Int, e *big.Int) *big.Int {
 			res = fMul(res, exp)
 		}
 		exp = fMul(exp, exp)
-		rem.Rsh(rem, 1)
+		rem = new(big.Int).Rsh(rem, 1)
 	}
 	return res
 }

prover/prover.go

@@ -4,11 +4,11 @@ import (
 	"crypto/rand"
 	"math"
 	"math/big"
-	"runtime"
 	"sync"
 
 	bn256 "github.com/ethereum/go-ethereum/crypto/bn256/cloudflare"
 	"github.com/iden3/go-circom-prover-verifier/types"
+	"github.com/iden3/go-iden3-crypto/ff"
 	"github.com/iden3/go-iden3-crypto/utils"
 )
 
@@ -68,76 +68,66 @@ func GenerateProof(pk *types.Pk, w types.Witness) (*types.Proof, []*big.Int, err
 		return nil, nil, err
 	}
 
-	// BEGIN PAR
+	proof.A = new(bn256.G1).ScalarBaseMult(big.NewInt(0))
-	numcpu := runtime.NumCPU()
+	proof.B = new(bn256.G2).ScalarBaseMult(big.NewInt(0))
+	proof.C = new(bn256.G1).ScalarBaseMult(big.NewInt(0))
+	proofBG1 := new(bn256.G1).ScalarBaseMult(big.NewInt(0))
 
-	proofA := arrayOfZeroesG1(numcpu)
+	var wg sync.WaitGroup
-	proofB := arrayOfZeroesG2(numcpu)
+	wg.Add(4)
-	proofC := arrayOfZeroesG1(numcpu)
+	go func() {
-	proofBG1 := arrayOfZeroesG1(numcpu)
+		for i := 0; i < pk.NVars; i++ {
-	var wg1 sync.WaitGroup
+			proof.A = new(bn256.G1).Add(proof.A, new(bn256.G1).ScalarMult(pk.A[i], w[i]))
-	wg1.Add(numcpu)
-	for _cpu, _ranges := range ranges(pk.NVars, numcpu) {
-		// split 1
-		go func(cpu int, ranges [2]int) {
-			for i := ranges[0]; i < ranges[1]; i++ {
-				proofA[cpu].Add(proofA[cpu], new(bn256.G1).ScalarMult(pk.A[i], w[i]))
-				proofB[cpu].Add(proofB[cpu], new(bn256.G2).ScalarMult(pk.B2[i], w[i]))
-				proofBG1[cpu].Add(proofBG1[cpu], new(bn256.G1).ScalarMult(pk.B1[i], w[i]))
-				if i >= pk.NPublic+1 {
-					proofC[cpu].Add(proofC[cpu], new(bn256.G1).ScalarMult(pk.C[i], w[i]))
 		}
+		wg.Done()
+	}()
+	go func() {
+		for i := 0; i < pk.NVars; i++ {
+			proof.B = new(bn256.G2).Add(proof.B, new(bn256.G2).ScalarMult(pk.B2[i], w[i]))
 		}
-			wg1.Done()
+		wg.Done()
-		}(_cpu, _ranges)
+	}()
+	go func() {
+		for i := 0; i < pk.NVars; i++ {
+			proofBG1 = new(bn256.G1).Add(proofBG1, new(bn256.G1).ScalarMult(pk.B1[i], w[i]))
 		}
-	wg1.Wait()
+		wg.Done()
-	// join 1
+	}()
-	for cpu := 1; cpu < numcpu; cpu++ {
+	go func() {
-		proofA[0].Add(proofA[0], proofA[cpu])
+		for i := pk.NPublic + 1; i < pk.NVars; i++ {
-		proofB[0].Add(proofB[0], proofB[cpu])
+			proof.C = new(bn256.G1).Add(proof.C, new(bn256.G1).ScalarMult(pk.C[i], w[i]))
-		proofC[0].Add(proofC[0], proofC[cpu])
-		proofBG1[0].Add(proofBG1[0], proofBG1[cpu])
 		}
-	proof.A = proofA[0]
+		wg.Done()
-	proof.B = proofB[0]
+	}()
-	proof.C = proofC[0]
+	wg.Wait()
-	// END PAR
 
 	h := calculateH(pk, w)
 
-	proof.A.Add(proof.A, pk.VkAlpha1)
-	proof.A.Add(proof.A, new(bn256.G1).ScalarMult(pk.VkDelta1, r))
-
-	proof.B.Add(proof.B, pk.VkBeta2)
-	proof.B.Add(proof.B, new(bn256.G2).ScalarMult(pk.VkDelta2, s))
-
-	proofBG1[0].Add(proofBG1[0], pk.VkBeta1)
-	proofBG1[0].Add(proofBG1[0], new(bn256.G1).ScalarMult(pk.VkDelta1, s))
-
-	proofC = arrayOfZeroesG1(numcpu)
 	var wg2 sync.WaitGroup
-	wg2.Add(numcpu)
+	wg2.Add(2)
-	for _cpu, _ranges := range ranges(len(h), numcpu) {
+	go func() {
-		// split 2
+		proof.A = new(bn256.G1).Add(proof.A, pk.VkAlpha1)
-		go func(cpu int, ranges [2]int) {
+		proof.A = new(bn256.G1).Add(proof.A, new(bn256.G1).ScalarMult(pk.VkDelta1, r))
-			for i := ranges[0]; i < ranges[1]; i++ {
+
-				proofC[cpu].Add(proofC[cpu], new(bn256.G1).ScalarMult(pk.HExps[i], h[i]))
+		proof.B = new(bn256.G2).Add(proof.B, pk.VkBeta2)
+		proof.B = new(bn256.G2).Add(proof.B, new(bn256.G2).ScalarMult(pk.VkDelta2, s))
+
+		proofBG1 = new(bn256.G1).Add(proofBG1, pk.VkBeta1)
+		proofBG1 = new(bn256.G1).Add(proofBG1, new(bn256.G1).ScalarMult(pk.VkDelta1, s))
+		wg2.Done()
+	}()
+	go func() {
+		for i := 0; i < len(h); i++ {
+			proof.C = new(bn256.G1).Add(proof.C, new(bn256.G1).ScalarMult(pk.HExps[i], h[i]))
 		}
 		wg2.Done()
-		}(_cpu, _ranges)
+	}()
-	}
 	wg2.Wait()
-	// join 2
-	for cpu := 1; cpu < numcpu; cpu++ {
-		proofC[0].Add(proofC[0], proofC[cpu])
-	}
-	proof.C.Add(proof.C, proofC[0])
 
-	proof.C.Add(proof.C, new(bn256.G1).ScalarMult(proof.A, s))
+	proof.C = new(bn256.G1).Add(proof.C, new(bn256.G1).ScalarMult(proof.A, s))
-	proof.C.Add(proof.C, new(bn256.G1).ScalarMult(proofBG1[0], r))
+	proof.C = new(bn256.G1).Add(proof.C, new(bn256.G1).ScalarMult(proofBG1, r))
-	rsneg := new(big.Int).Mod(new(big.Int).Neg(new(big.Int).Mul(r, s)), types.R)
+	rsneg := new(big.Int).Mod(new(big.Int).Neg(new(big.Int).Mul(r, s)), types.R) // fAdd & fMul
-	proof.C.Add(proof.C, new(bn256.G1).ScalarMult(pk.VkDelta1, rsneg))
+	proof.C = new(bn256.G1).Add(proof.C, new(bn256.G1).ScalarMult(pk.VkDelta1, rsneg))
 
 	pubSignals := w[1 : pk.NPublic+1]
 
@@ -149,27 +139,14 @@ func calculateH(pk *types.Pk, w types.Witness) []*big.Int {
 	polAT := arrayOfZeroes(m)
 	polBT := arrayOfZeroes(m)
 
-	numcpu := runtime.NumCPU()
-
-	var wg1 sync.WaitGroup
-	wg1.Add(2)
-	go func() {
 	for i := 0; i < pk.NVars; i++ {
 		for j := range pk.PolsA[i] {
 			polAT[j] = fAdd(polAT[j], fMul(w[i], pk.PolsA[i][j]))
 		}
-		}
-		wg1.Done()
-	}()
-	go func() {
-		for i := 0; i < pk.NVars; i++ {
 		for j := range pk.PolsB[i] {
 			polBT[j] = fAdd(polBT[j], fMul(w[i], pk.PolsB[i][j]))
 		}
 	}
-		wg1.Done()
-	}()
-	wg1.Wait()
 	polATe := utils.BigIntArrayToElementArray(polAT)
 	polBTe := utils.BigIntArrayToElementArray(polBT)
 
@@ -179,49 +156,22 @@ func calculateH(pk *types.Pk, w types.Witness) []*big.Int {
 	r := int(math.Log2(float64(m))) + 1
 	roots := newRootsT()
 	roots.setRoots(r)
-
+	for i := 0; i < len(polASe); i++ {
-	var wg2 sync.WaitGroup
+		polASe[i] = ff.NewElement().Mul(polASe[i], roots.roots[r][i])
-	wg2.Add(numcpu)
+		polBSe[i] = ff.NewElement().Mul(polBSe[i], roots.roots[r][i])
-	for _cpu, _ranges := range ranges(len(polASe), numcpu) {
-		go func(cpu int, ranges [2]int) {
-			for i := ranges[0]; i < ranges[1]; i++ {
-				polASe[i].Mul(polASe[i], roots.roots[r][i])
-				polBSe[i].Mul(polBSe[i], roots.roots[r][i])
 	}
-			wg2.Done()
-		}(_cpu, _ranges)
-	}
-	wg2.Wait()
 
 	polATodd := fft(polASe)
 	polBTodd := fft(polBSe)
 
 	polABT := arrayOfZeroesE(len(polASe) * 2)
-	var wg3 sync.WaitGroup
+	for i := 0; i < len(polASe); i++ {
-	wg3.Add(numcpu)
+		polABT[2*i] = ff.NewElement().Mul(polATe[i], polBTe[i])
-	for _cpu, _ranges := range ranges(len(polASe), numcpu) {
+		polABT[2*i+1] = ff.NewElement().Mul(polATodd[i], polBTodd[i])
-		go func(cpu int, ranges [2]int) {
-			for i := ranges[0]; i < ranges[1]; i++ {
-				polABT[2*i].Mul(polATe[i], polBTe[i])
-				polABT[2*i+1].Mul(polATodd[i], polBTodd[i])
 	}
-			wg3.Done()
-		}(_cpu, _ranges)
-	}
-	wg3.Wait()
 
 	hSeFull := ifft(polABT)
 
 	hSe := hSeFull[m:]
 	return utils.ElementArrayToBigIntArray(hSe)
 }
-
-func ranges(n, parts int) [][2]int {
-	s := make([][2]int, parts)
-	p := float64(n) / float64(parts)
-	for i := 0; i < parts; i++ {
-		a, b := int(float64(i)*p), int(float64(i+1)*p)
-		s[i] = [2]int{a, b}
-	}
-	return s
-}