Batch all (#89)

- use sumcheck to batch open PCS - split Prod and witness into two batches - benchmark code
2026-01-11 00:21:28 +01:00 · 2022-10-13 23:21:30 -04:00
parent baaa06b07b
commit 719f595758
56 changed files with 1354 additions and 2515 deletions
--- a/subroutines/benches/iop_bench.rs
+++ b/subroutines/benches/iop_bench.rs
@@ -0,0 +1,270 @@
+use arithmetic::{identity_permutation_mle, VPAuxInfo, VirtualPolynomial};
+use ark_bls12_381::{Bls12_381, Fr};
+use ark_poly::{DenseMultilinearExtension, MultilinearExtension};
+use ark_std::test_rng;
+use std::{marker::PhantomData, rc::Rc, time::Instant};
+use subroutines::{
+    pcs::{prelude::MultilinearKzgPCS, PolynomialCommitmentScheme},
+    poly_iop::prelude::{
+        PermutationCheck, PolyIOP, PolyIOPErrors, ProductCheck, SumCheck, ZeroCheck,
+    },
+};
+
+type KZG = MultilinearKzgPCS<Bls12_381>;
+
+fn main() -> Result<(), PolyIOPErrors> {
+    bench_permutation_check()?;
+    println!("\n\n");
+    bench_sum_check()?;
+    println!("\n\n");
+    bench_prod_check()?;
+    println!("\n\n");
+    bench_zero_check()
+}
+
+fn bench_sum_check() -> Result<(), PolyIOPErrors> {
+    let mut rng = test_rng();
+    for degree in 2..4 {
+        for nv in 4..25 {
+            let repetition = if nv < 10 {
+                100
+            } else if nv < 20 {
+                50
+            } else {
+                10
+            };
+
+            let (poly, asserted_sum) =
+                VirtualPolynomial::rand(nv, (degree, degree + 1), 2, &mut rng)?;
+            let poly_info = poly.aux_info.clone();
+            let proof = {
+                let start = Instant::now();
+                for _ in 0..repetition {
+                    let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
+                    let _proof = <PolyIOP<Fr> as SumCheck<Fr>>::prove(&poly, &mut transcript)?;
+                }
+
+                println!(
+                    "sum check proving time for {} variables and {} degree: {} ns",
+                    nv,
+                    degree,
+                    start.elapsed().as_nanos() / repetition as u128
+                );
+                let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
+                <PolyIOP<Fr> as SumCheck<Fr>>::prove(&poly, &mut transcript)?
+            };
+
+            {
+                let start = Instant::now();
+
+                for _ in 0..repetition {
+                    let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
+                    let _subclaim = <PolyIOP<Fr> as SumCheck<Fr>>::verify(
+                        asserted_sum,
+                        &proof,
+                        &poly_info,
+                        &mut transcript,
+                    )?;
+                }
+                println!(
+                    "sum check verification time for {} variables and {} degree: {} ns",
+                    nv,
+                    degree,
+                    start.elapsed().as_nanos() / repetition as u128
+                );
+            }
+
+            println!("====================================");
+        }
+    }
+    Ok(())
+}
+
+fn bench_zero_check() -> Result<(), PolyIOPErrors> {
+    let mut rng = test_rng();
+    for degree in 2..4 {
+        for nv in 4..20 {
+            let repetition = if nv < 10 {
+                100
+            } else if nv < 20 {
+                50
+            } else {
+                10
+            };
+
+            let poly = VirtualPolynomial::rand_zero(nv, (degree, degree + 1), 2, &mut rng)?;
+            let poly_info = poly.aux_info.clone();
+            let proof = {
+                let start = Instant::now();
+                let mut transcript = <PolyIOP<Fr> as ZeroCheck<Fr>>::init_transcript();
+                transcript.append_message(b"testing", b"initializing transcript for testing")?;
+                let proof = <PolyIOP<Fr> as ZeroCheck<Fr>>::prove(&poly, &mut transcript)?;
+
+                println!(
+                    "zero check proving time for {} variables and {} degree: {} ns",
+                    nv,
+                    degree,
+                    start.elapsed().as_nanos() / repetition as u128
+                );
+                proof
+            };
+
+            {
+                let start = Instant::now();
+                let mut transcript = <PolyIOP<Fr> as ZeroCheck<Fr>>::init_transcript();
+                transcript.append_message(b"testing", b"initializing transcript for testing")?;
+                let _zero_subclaim =
+                    <PolyIOP<Fr> as ZeroCheck<Fr>>::verify(&proof, &poly_info, &mut transcript)?;
+                println!(
+                    "zero check verification time for {} variables and {} degree: {} ns",
+                    nv,
+                    degree,
+                    start.elapsed().as_nanos() / repetition as u128
+                );
+            }
+
+            println!("====================================");
+        }
+    }
+    Ok(())
+}
+
+fn bench_permutation_check() -> Result<(), PolyIOPErrors> {
+    let mut rng = test_rng();
+
+    for nv in 4..20 {
+        let srs = KZG::gen_srs_for_testing(&mut rng, nv + 1)?;
+        let (pcs_param, _) = KZG::trim(&srs, None, Some(nv + 1))?;
+
+        let repetition = if nv < 10 {
+            100
+        } else if nv < 20 {
+            50
+        } else {
+            10
+        };
+
+        let w = Rc::new(DenseMultilinearExtension::rand(nv, &mut rng));
+
+        // s_perm is the identity map
+        let s_perm = identity_permutation_mle(nv);
+
+        let proof = {
+            let start = Instant::now();
+            let mut transcript =
+                <PolyIOP<Fr> as PermutationCheck<Bls12_381, KZG>>::init_transcript();
+            transcript.append_message(b"testing", b"initializing transcript for testing")?;
+
+            let (proof, _q_x) = <PolyIOP<Fr> as PermutationCheck<Bls12_381, KZG>>::prove(
+                &pcs_param,
+                &w,
+                &w,
+                &s_perm,
+                &mut transcript,
+            )?;
+
+            println!(
+                "permutation check proving time for {} variables: {} ns",
+                nv,
+                start.elapsed().as_nanos() / repetition as u128
+            );
+            proof
+        };
+
+        {
+            let poly_info = VPAuxInfo {
+                max_degree: 2,
+                num_variables: nv,
+                phantom: PhantomData::default(),
+            };
+
+            let start = Instant::now();
+            let mut transcript =
+                <PolyIOP<Fr> as PermutationCheck<Bls12_381, KZG>>::init_transcript();
+            transcript.append_message(b"testing", b"initializing transcript for testing")?;
+            let _perm_check_sum_claim = <PolyIOP<Fr> as PermutationCheck<Bls12_381, KZG>>::verify(
+                &proof,
+                &poly_info,
+                &mut transcript,
+            )?;
+            println!(
+                "permutation check verification time for {} variables: {} ns",
+                nv,
+                start.elapsed().as_nanos() / repetition as u128
+            );
+        }
+
+        println!("====================================");
+    }
+
+    Ok(())
+}
+
+fn bench_prod_check() -> Result<(), PolyIOPErrors> {
+    let mut rng = test_rng();
+
+    for nv in 4..20 {
+        let srs = KZG::gen_srs_for_testing(&mut rng, nv + 1)?;
+        let (pcs_param, _) = KZG::trim(&srs, None, Some(nv + 1))?;
+
+        let repetition = if nv < 10 {
+            100
+        } else if nv < 20 {
+            50
+        } else {
+            10
+        };
+
+        let f: DenseMultilinearExtension<Fr> = DenseMultilinearExtension::rand(nv, &mut rng);
+        let mut g = f.clone();
+        g.evaluations.reverse();
+        let f = Rc::new(f);
+        let g = Rc::new(g);
+
+        let proof = {
+            let start = Instant::now();
+            let mut transcript = <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::init_transcript();
+            transcript.append_message(b"testing", b"initializing transcript for testing")?;
+
+            let (proof, _prod_x) = <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::prove(
+                &pcs_param,
+                &f,
+                &g,
+                &mut transcript,
+            )?;
+
+            println!(
+                "product check proving time for {} variables: {} ns",
+                nv,
+                start.elapsed().as_nanos() / repetition as u128
+            );
+            proof
+        };
+
+        {
+            let poly_info = VPAuxInfo {
+                max_degree: 2,
+                num_variables: nv,
+                phantom: PhantomData::default(),
+            };
+
+            let start = Instant::now();
+            let mut transcript = <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::init_transcript();
+            transcript.append_message(b"testing", b"initializing transcript for testing")?;
+            let _perm_check_sum_claim = <PolyIOP<Fr> as ProductCheck<Bls12_381, KZG>>::verify(
+                &proof,
+                &poly_info,
+                &mut transcript,
+            )?;
+            println!(
+                "product check verification time for {} variables: {} ns",
+                nv,
+                start.elapsed().as_nanos() / repetition as u128
+            );
+        }
+
+        println!("====================================");
+    }
+
+    Ok(())
+}
--- a/subroutines/benches/pcs_bench.rs
+++ b/subroutines/benches/pcs_bench.rs
@@ -0,0 +1,85 @@
+use ark_bls12_381::{Bls12_381, Fr};
+use ark_ff::UniformRand;
+use ark_poly::{DenseMultilinearExtension, MultilinearExtension};
+use ark_std::{rc::Rc, test_rng};
+use std::time::Instant;
+use subroutines::pcs::{
+    prelude::{MultilinearKzgPCS, PCSError, PolynomialCommitmentScheme},
+    StructuredReferenceString,
+};
+
+fn main() -> Result<(), PCSError> {
+    bench_pcs()
+}
+
+fn bench_pcs() -> Result<(), PCSError> {
+    let mut rng = test_rng();
+
+    // normal polynomials
+    let uni_params = MultilinearKzgPCS::<Bls12_381>::gen_srs_for_testing(&mut rng, 24)?;
+
+    for nv in 4..25 {
+        let repetition = if nv < 10 {
+            10
+        } else if nv < 20 {
+            5
+        } else {
+            2
+        };
+
+        let poly = Rc::new(DenseMultilinearExtension::rand(nv, &mut rng));
+        let (ck, vk) = uni_params.trim(nv)?;
+
+        let point: Vec<_> = (0..nv).map(|_| Fr::rand(&mut rng)).collect();
+
+        // commit
+        let com = {
+            let start = Instant::now();
+            for _ in 0..repetition {
+                let _commit = MultilinearKzgPCS::commit(&ck, &poly)?;
+            }
+
+            println!(
+                "KZG commit for {} variables: {} ns",
+                nv,
+                start.elapsed().as_nanos() / repetition as u128
+            );
+
+            MultilinearKzgPCS::commit(&ck, &poly)?
+        };
+
+        // open
+        let (proof, value) = {
+            let start = Instant::now();
+            for _ in 0..repetition {
+                let _open = MultilinearKzgPCS::open(&ck, &poly, &point)?;
+            }
+
+            println!(
+                "KZG open for {} variables: {} ns",
+                nv,
+                start.elapsed().as_nanos() / repetition as u128
+            );
+            MultilinearKzgPCS::open(&ck, &poly, &point)?
+        };
+
+        // verify
+        {
+            let start = Instant::now();
+            for _ in 0..repetition {
+                assert!(MultilinearKzgPCS::verify(
+                    &vk, &com, &point, &value, &proof
+                )?);
+            }
+            println!(
+                "KZG verify for {} variables: {} ns",
+                nv,
+                start.elapsed().as_nanos() / repetition as u128
+            );
+        }
+
+        println!("====================================");
+    }
+
+    Ok(())
+}