diff --git a/halo2_proofs/Cargo.toml b/halo2_proofs/Cargo.toml index 38b001bce8..30992397db 100644 --- a/halo2_proofs/Cargo.toml +++ b/halo2_proofs/Cargo.toml @@ -27,6 +27,10 @@ rustdoc-args = ["--cfg", "docsrs", "--html-in-header", "katex-header.html"] name = "arithmetic" harness = false +[[bench]] +name = "commit_zk" +harness = false + [[bench]] name = "hashtocurve" harness = false @@ -53,6 +57,7 @@ rand_core = { version = "0.6", default-features = false } tracing = "0.1" blake2b_simd = "1" sha3 = "0.9.1" +rand_chacha = "0.3" # Developer tooling dependencies plotters = { version = "0.3.0", optional = true } diff --git a/halo2_proofs/benches/commit_zk.rs b/halo2_proofs/benches/commit_zk.rs new file mode 100644 index 0000000000..f1d2f70abf --- /dev/null +++ b/halo2_proofs/benches/commit_zk.rs @@ -0,0 +1,65 @@ +extern crate criterion; + +use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion}; +use group::ff::Field; +use halo2_proofs::*; +use halo2curves::pasta::pallas::Scalar; +use rand_chacha::rand_core::RngCore; +use rand_chacha::ChaCha20Rng; +use rand_core::SeedableRng; +use rayon::{current_num_threads, prelude::*}; + +fn rand_poly_serial(mut rng: ChaCha20Rng, domain: usize) -> Vec { + // Sample a random polynomial of degree n - 1 + let mut random_poly = vec![Scalar::zero(); 1 << domain]; + for coeff in random_poly.iter_mut() { + *coeff = Scalar::random(&mut rng); + } + + random_poly +} + +fn rand_poly_par(mut rng: ChaCha20Rng, domain: usize) -> Vec { + // Sample a random polynomial of degree n - 1 + let n_threads = current_num_threads(); + let n = 1usize << domain; + let n_chunks = n_threads + if n % n_threads != 0 { 1 } else { 0 }; + let mut rand_vec = vec![Scalar::zero(); n]; + + let mut thread_seeds: Vec = (0..n_chunks) + .into_iter() + .map(|_| { + let mut seed = [0u8; 32]; + rng.fill_bytes(&mut seed); + ChaCha20Rng::from_seed(seed) + }) + .collect(); + + thread_seeds + .par_iter_mut() + .zip_eq(rand_vec.par_chunks_mut(n / n_threads)) + .for_each(|(mut rng, chunk)| chunk.iter_mut().for_each(|v| *v = Scalar::random(&mut rng))); + + rand_vec +} + +fn bench_commit(c: &mut Criterion) { + let mut group = c.benchmark_group("Blinder_poly"); + let rand = ChaCha20Rng::from_seed([1u8; 32]); + for i in [ + 18usize, 19usize, 20usize, 21usize, 22usize, 23usize, 24usize, 25usize, + ] + .iter() + { + group.bench_with_input(BenchmarkId::new("serial", i), i, |b, i| { + b.iter(|| rand_poly_serial(rand.clone(), *i)) + }); + group.bench_with_input(BenchmarkId::new("parallel", i), i, |b, i| { + b.iter(|| rand_poly_par(rand.clone(), *i)) + }); + } + group.finish(); +} + +criterion_group!(benches, bench_commit); +criterion_main!(benches); diff --git a/halo2_proofs/src/plonk/vanishing/prover.rs b/halo2_proofs/src/plonk/vanishing/prover.rs index cc52273b59..1245f355de 100644 --- a/halo2_proofs/src/plonk/vanishing/prover.rs +++ b/halo2_proofs/src/plonk/vanishing/prover.rs @@ -1,8 +1,10 @@ use std::iter; -use ff::Field; +use ff::{Field, PrimeField}; use group::Curve; -use rand_core::RngCore; +use rand_chacha::ChaCha20Rng; +use rand_core::{RngCore, SeedableRng}; +use rayon::{current_num_threads, prelude::*}; use super::Argument; use crate::{ @@ -47,10 +49,31 @@ impl Argument { transcript: &mut T, ) -> Result, Error> { // Sample a random polynomial of degree n - 1 - let mut random_poly = domain.empty_coeff(); - for coeff in random_poly.iter_mut() { - *coeff = C::Scalar::random(&mut rng); - } + let n_threads = current_num_threads(); + let n = 1usize << domain.k() as usize; + let n_chunks = n_threads + if n % n_threads != 0 { 1 } else { 0 }; + let mut rand_vec = vec![C::Scalar::zero(); n]; + + let mut thread_seeds: Vec = (0..n_chunks) + .into_iter() + .map(|_| { + let mut seed = [0u8; 32]; + rng.fill_bytes(&mut seed); + ChaCha20Rng::from_seed(seed) + }) + .collect(); + + thread_seeds + .par_iter_mut() + .zip_eq(rand_vec.par_chunks_mut(n / n_threads)) + .for_each(|(mut rng, chunk)| { + chunk + .iter_mut() + .for_each(|v| *v = C::Scalar::random(&mut rng)) + }); + + let random_poly: Polynomial = domain.coeff_from_vec(rand_vec); + // Sample a random blinding factor let random_blind = Blind(C::Scalar::random(rng));