d0s3t3ch/wownero
1
0
Fork 0
mirror of https://git.wownero.com/wownero/wownero.git synced 2024-08-15 01:03:23 +00:00
Code Issues Projects Releases Wiki Activity

Bulletproofs: verification speedup

Browse source
This commit is contained in:
Sarang Noether 2020-04-14 20:31:30 -04:00
parent 7c74e1919e
commit 4ed60b626a
6 changed files with 36 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

20
src/ringct/bulletproofs.cc
View file

@ -905,7 +905,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
rct::key m_y0 = rct::zero(), y1 = rct::zero();
int proof_data_index = 0;
rct::keyV w_cache;
rct::keyV proof8_V, proof8_L, proof8_R;
std::vector<ge_p3> proof8_V, proof8_L, proof8_R;
for (const Bulletproof *p: proofs)
{
const Bulletproof &proof = *p;
@ -918,13 +918,17 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
const rct::key weight_z = rct::skGen();
// pre-multiply some points by 8
proof8_V.resize(proof.V.size()); for (size_t i = 0; i < proof.V.size(); ++i) proof8_V[i] = rct::scalarmult8(proof.V[i]);
proof8_L.resize(proof.L.size()); for (size_t i = 0; i < proof.L.size(); ++i) proof8_L[i] = rct::scalarmult8(proof.L[i]);
proof8_R.resize(proof.R.size()); for (size_t i = 0; i < proof.R.size(); ++i) proof8_R[i] = rct::scalarmult8(proof.R[i]);
rct::key proof8_T1 = rct::scalarmult8(proof.T1);
rct::key proof8_T2 = rct::scalarmult8(proof.T2);
rct::key proof8_S = rct::scalarmult8(proof.S);
rct::key proof8_A = rct::scalarmult8(proof.A);
proof8_V.resize(proof.V.size()); for (size_t i = 0; i < proof.V.size(); ++i) rct::scalarmult8(proof8_V[i], proof.V[i]);
proof8_L.resize(proof.L.size()); for (size_t i = 0; i < proof.L.size(); ++i) rct::scalarmult8(proof8_L[i], proof.L[i]);
proof8_R.resize(proof.R.size()); for (size_t i = 0; i < proof.R.size(); ++i) rct::scalarmult8(proof8_R[i], proof.R[i]);
ge_p3 proof8_T1;
ge_p3 proof8_T2;
ge_p3 proof8_S;
ge_p3 proof8_A;
rct::scalarmult8(proof8_T1, proof.T1);
rct::scalarmult8(proof8_T2, proof.T2);
rct::scalarmult8(proof8_S, proof.S);
rct::scalarmult8(proof8_A, proof.A);
PERF_TIMER_START_BP(VERIFY_line_61);
sc_mulsub(m_y0.bytes, proof.taux.bytes, weight_y.bytes, m_y0.bytes);

12
src/ringct/rctOps.cpp
View file

@ -408,6 +408,18 @@ namespace rct {
return res;
}
//Computes 8P without byte conversion
void scalarmult8(ge_p3 &res, const key &P)
{
ge_p3 p3;
CHECK_AND_ASSERT_THROW_MES_L1(ge_frombytes_vartime(&p3, P.bytes) == 0, "ge_frombytes_vartime failed at "+boost::lexical_cast<std::string>(__LINE__));
ge_p2 p2;
ge_p3_to_p2(&p2, &p3);
ge_p1p1 p1;
ge_mul8(&p1, &p2);
ge_p1p1_to_p3(&res, &p1);
}
//Computes lA where l is the curve order
bool isInMainSubgroup(const key & A) {
ge_p3 p3;

1
src/ringct/rctOps.h
View file

@ -124,6 +124,7 @@ namespace rct {
key scalarmultH(const key & a);
// multiplies a point by 8
key scalarmult8(const key & P);
void scalarmult8(ge_p3 &res, const key & P);
// checks a is in the main subgroup (ie, not a small one)
bool isInMainSubgroup(const key & a);

2
tests/performance_tests/crypto_ops.h
View file

@ -48,6 +48,7 @@ enum test_op
op_scalarmultKey,
op_scalarmultH,
op_scalarmult8,
op_scalarmult8_p3,
op_ge_dsm_precomp,
op_ge_double_scalarmult_base_vartime,
op_ge_double_scalarmult_precomp_vartime,
@ -105,6 +106,7 @@ public:
case op_scalarmultKey: rct::scalarmultKey(point0, scalar0); break;
case op_scalarmultH: rct::scalarmultH(scalar0); break;
case op_scalarmult8: rct::scalarmult8(point0); break;
case op_scalarmult8_p3: rct::scalarmult8(p3_0,point0); break;
case op_ge_dsm_precomp: ge_dsm_precomp(dsmp, &p3_0); break;
case op_ge_double_scalarmult_base_vartime: ge_double_scalarmult_base_vartime(&tmp_p2, scalar0.bytes, &p3_0, scalar1.bytes); break;
case op_ge_double_scalarmult_precomp_vartime: ge_double_scalarmult_precomp_vartime(&tmp_p2, scalar0.bytes, &p3_0, scalar1.bytes, precomp0); break;

1
tests/performance_tests/main.cpp
View file

@ -254,6 +254,7 @@ int main(int argc, char** argv)
TEST_PERFORMANCE1(filter, p, test_crypto_ops, op_scalarmultKey);
TEST_PERFORMANCE1(filter, p, test_crypto_ops, op_scalarmultH);
TEST_PERFORMANCE1(filter, p, test_crypto_ops, op_scalarmult8);
TEST_PERFORMANCE1(filter, p, test_crypto_ops, op_scalarmult8_p3);
TEST_PERFORMANCE1(filter, p, test_crypto_ops, op_ge_dsm_precomp);
TEST_PERFORMANCE1(filter, p, test_crypto_ops, op_ge_double_scalarmult_base_vartime);
TEST_PERFORMANCE1(filter, p, test_crypto_ops, op_ge_double_scalarmult_precomp_vartime);

8
tests/unit_tests/ringct.cpp
View file

@ -1077,8 +1077,16 @@ TEST(ringct, H)
TEST(ringct, mul8)
{
ge_p3 p3;
rct::key key;
ASSERT_EQ(rct::scalarmult8(rct::identity()), rct::identity());
rct::scalarmult8(p3,rct::identity());
ge_p3_tobytes(key.bytes, &p3);
ASSERT_EQ(key, rct::identity());
ASSERT_EQ(rct::scalarmult8(rct::H), rct::scalarmultKey(rct::H, rct::EIGHT));
rct::scalarmult8(p3,rct::H);
ge_p3_tobytes(key.bytes, &p3);
ASSERT_EQ(key, rct::scalarmultKey(rct::H, rct::EIGHT));
ASSERT_EQ(rct::scalarmultKey(rct::scalarmultKey(rct::H, rct::INV_EIGHT), rct::EIGHT), rct::H);
}