You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

277 lines
9.1 KiB

1 year ago
1 year ago
2 years ago
1 year ago
  1. // Copyright (c) 2023 Espresso Systems (espressosys.com)
  2. // This file is part of the HyperPlonk library.
  3. // You should have received a copy of the MIT License
  4. // along with the HyperPlonk library. If not, see <https://mit-license.org/>.
  5. use arithmetic::{identity_permutation_mles, VPAuxInfo, VirtualPolynomial};
  6. use ark_bls12_381::{Bls12_381, Fr};
  7. use ark_poly::{DenseMultilinearExtension, MultilinearExtension};
  8. use ark_std::test_rng;
  9. use std::{marker::PhantomData, sync::Arc, time::Instant};
  10. use subroutines::{
  11. pcs::{prelude::MultilinearKzgPCS, PolynomialCommitmentScheme},
  12. poly_iop::prelude::{
  13. PermutationCheck, PolyIOP, PolyIOPErrors, ProductCheck, SumCheck, ZeroCheck,
  14. },
  15. };
  16. type KZG = MultilinearKzgPCS<Bls12_381>;
  17. fn main() -> Result<(), PolyIOPErrors> {
  18. bench_permutation_check()?;
  19. println!("\n\n");
  20. bench_sum_check()?;
  21. println!("\n\n");
  22. bench_prod_check()?;
  23. println!("\n\n");
  24. bench_zero_check()
  25. }
  26. fn bench_sum_check() -> Result<(), PolyIOPErrors> {
  27. let mut rng = test_rng();
  28. for degree in 2..4 {
  29. for nv in 4..25 {
  30. let repetition = if nv < 10 {
  31. 100
  32. } else if nv < 20 {
  33. 50
  34. } else {
  35. 10
  36. };
  37. let (poly, asserted_sum) =
  38. VirtualPolynomial::rand(nv, (degree, degree + 1), 2, &mut rng)?;
  39. let poly_info = poly.aux_info.clone();
  40. let proof = {
  41. let start = Instant::now();
  42. for _ in 0..repetition {
  43. let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
  44. let _proof = <PolyIOP<Fr> as SumCheck<Fr>>::prove(&poly, &mut transcript)?;
  45. }
  46. println!(
  47. "sum check proving time for {} variables and {} degree: {} ns",
  48. nv,
  49. degree,
  50. start.elapsed().as_nanos() / repetition as u128
  51. );
  52. let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
  53. <PolyIOP<Fr> as SumCheck<Fr>>::prove(&poly, &mut transcript)?
  54. };
  55. {
  56. let start = Instant::now();
  57. for _ in 0..repetition {
  58. let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
  59. let _subclaim = <PolyIOP<Fr> as SumCheck<Fr>>::verify(
  60. asserted_sum,
  61. &proof,
  62. &poly_info,
  63. &mut transcript,
  64. )?;
  65. }
  66. println!(
  67. "sum check verification time for {} variables and {} degree: {} ns",
  68. nv,
  69. degree,
  70. start.elapsed().as_nanos() / repetition as u128
  71. );
  72. }
  73. println!("====================================");
  74. }
  75. }
  76. Ok(())
  77. }
  78. fn bench_zero_check() -> Result<(), PolyIOPErrors> {
  79. let mut rng = test_rng();
  80. for degree in 2..4 {
  81. for nv in 4..20 {
  82. let repetition = if nv < 10 {
  83. 100
  84. } else if nv < 20 {
  85. 50
  86. } else {
  87. 10
  88. };
  89. let poly = VirtualPolynomial::rand_zero(nv, (degree, degree + 1), 2, &mut rng)?;
  90. let poly_info = poly.aux_info.clone();
  91. let proof = {
  92. let start = Instant::now();
  93. let mut transcript = <PolyIOP<Fr> as ZeroCheck<Fr>>::init_transcript();
  94. transcript.append_message(b"testing", b"initializing transcript for testing")?;
  95. let proof = <PolyIOP<Fr> as ZeroCheck<Fr>>::prove(&poly, &mut transcript)?;
  96. println!(
  97. "zero check proving time for {} variables and {} degree: {} ns",
  98. nv,
  99. degree,
  100. start.elapsed().as_nanos() / repetition as u128
  101. );
  102. proof
  103. };
  104. {
  105. let start = Instant::now();
  106. let mut transcript = <PolyIOP<Fr> as ZeroCheck<Fr>>::init_transcript();
  107. transcript.append_message(b"testing", b"initializing transcript for testing")?;
  108. let _zero_subclaim =
  109. <PolyIOP<Fr> as ZeroCheck<Fr>>::verify(&proof, &poly_info, &mut transcript)?;
  110. println!(
  111. "zero check verification time for {} variables and {} degree: {} ns",
  112. nv,
  113. degree,
  114. start.elapsed().as_nanos() / repetition as u128
  115. );
  116. }
  117. println!("====================================");
  118. }
  119. }
  120. Ok(())
  121. }
  122. fn bench_permutation_check() -> Result<(), PolyIOPErrors> {
  123. let mut rng = test_rng();
  124. for nv in 4..20 {
  125. let srs = KZG::gen_srs_for_testing(&mut rng, nv + 1)?;
  126. let (pcs_param, _) = KZG::trim(&srs, None, Some(nv + 1))?;
  127. let repetition = if nv < 10 {
  128. 100
  129. } else if nv < 20 {
  130. 50
  131. } else {
  132. 10
  133. };
  134. let ws = vec![Arc::new(DenseMultilinearExtension::rand(nv, &mut rng))];
  135. // identity map
  136. let perms = identity_permutation_mles(nv, 1);
  137. let proof =
  138. {
  139. let start = Instant::now();
  140. let mut transcript =
  141. <PolyIOP<Fr> as PermutationCheck<Bls12_381, KZG>>::init_transcript();
  142. transcript.append_message(b"testing", b"initializing transcript for testing")?;
  143. let (proof, _q_x, _frac_poly) = <PolyIOP<Fr> as PermutationCheck<
  144. Bls12_381,
  145. KZG,
  146. >>::prove(
  147. &pcs_param, &ws, &ws, &perms, &mut transcript
  148. )?;
  149. println!(
  150. "permutation check proving time for {} variables: {} ns",
  151. nv,
  152. start.elapsed().as_nanos() / repetition as u128
  153. );
  154. proof
  155. };
  156. {
  157. let poly_info = VPAuxInfo {
  158. max_degree: 2,
  159. num_variables: nv,
  160. phantom: PhantomData::default(),
  161. };
  162. let start = Instant::now();
  163. let mut transcript =
  164. <PolyIOP<Fr> as PermutationCheck<Bls12_381, KZG>>::init_transcript();
  165. transcript.append_message(b"testing", b"initializing transcript for testing")?;
  166. let _perm_check_sum_claim = <PolyIOP<Fr> as PermutationCheck<Bls12_381, KZG>>::verify(
  167. &proof,
  168. &poly_info,
  169. &mut transcript,
  170. )?;
  171. println!(
  172. "permutation check verification time for {} variables: {} ns",
  173. nv,
  174. start.elapsed().as_nanos() / repetition as u128
  175. );
  176. }
  177. println!("====================================");
  178. }
  179. Ok(())
  180. }
  181. fn bench_prod_check() -> Result<(), PolyIOPErrors> {
  182. let mut rng = test_rng();
  183. for nv in 4..20 {
  184. let srs = KZG::gen_srs_for_testing(&mut rng, nv + 1)?;
  185. let (pcs_param, _) = KZG::trim(&srs, None, Some(nv + 1))?;
  186. let repetition = if nv < 10 {
  187. 100
  188. } else if nv < 20 {
  189. 50
  190. } else {
  191. 10
  192. };
  193. let f: DenseMultilinearExtension<Fr> = DenseMultilinearExtension::rand(nv, &mut rng);
  194. let mut g = f.clone();
  195. g.evaluations.reverse();
  196. let fs = vec![Arc::new(f)];
  197. let gs = vec![Arc::new(g)];
  198. let proof = {
  199. let start = Instant::now();
  200. let mut transcript = <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::init_transcript();
  201. transcript.append_message(b"testing", b"initializing transcript for testing")?;
  202. let (proof, _prod_x, _frac_poly) =
  203. <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::prove(
  204. &pcs_param,
  205. &fs,
  206. &gs,
  207. &mut transcript,
  208. )?;
  209. println!(
  210. "product check proving time for {} variables: {} ns",
  211. nv,
  212. start.elapsed().as_nanos() / repetition as u128
  213. );
  214. proof
  215. };
  216. {
  217. let poly_info = VPAuxInfo {
  218. max_degree: 2,
  219. num_variables: nv,
  220. phantom: PhantomData::default(),
  221. };
  222. let start = Instant::now();
  223. let mut transcript = <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::init_transcript();
  224. transcript.append_message(b"testing", b"initializing transcript for testing")?;
  225. let _perm_check_sum_claim = <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::verify(
  226. &proof,
  227. &poly_info,
  228. &mut transcript,
  229. )?;
  230. println!(
  231. "product check verification time for {} variables: {} ns",
  232. nv,
  233. start.elapsed().as_nanos() / repetition as u128
  234. );
  235. }
  236. println!("====================================");
  237. }
  238. Ok(())
  239. }