From 3fa2518d95241ddd5ac8969b621128d459078cdc Mon Sep 17 00:00:00 2001 From: ludamad Date: Wed, 6 Dec 2023 20:14:08 +0000 Subject: [PATCH 01/20] feat: goblin bench --- barretenberg/cpp/CMakePresets.json | 5 +++ .../scripts/collect_profile_information.sh | 3 +- .../benchmark/honk_bench/CMakeLists.txt | 2 + .../cpp/src/barretenberg/flavor/flavor.hpp | 8 ++-- .../flavor/goblin_ultra_recursive.hpp | 14 +++---- .../goblin/full_goblin_composer.test.cpp | 4 +- .../src/barretenberg/goblin/mock_circuits.hpp | 26 ++++++++++++- barretenberg/cpp/src/barretenberg/srs/io.hpp | 3 +- .../goblin/full_goblin_recursion.test.cpp | 39 +------------------ .../honk/verifier/goblin_verifier.test.cpp | 5 ++- .../verifier/ultra_recursive_verifier.cpp | 4 +- .../verifier/ultra_recursive_verifier.hpp | 7 ++-- 12 files changed, 56 insertions(+), 64 deletions(-) diff --git a/barretenberg/cpp/CMakePresets.json b/barretenberg/cpp/CMakePresets.json index b87e10709b6..c458e9eee87 100644 --- a/barretenberg/cpp/CMakePresets.json +++ b/barretenberg/cpp/CMakePresets.json @@ -369,6 +369,11 @@ "jobs": 0, "targets": ["barretenberg.wasm"] }, + { + "name": "xray", + "configurePreset": "xray", + "inherits": "default" + }, { "name": "xray-verbose", "configurePreset": "xray-verbose", diff --git a/barretenberg/cpp/scripts/collect_profile_information.sh b/barretenberg/cpp/scripts/collect_profile_information.sh index df932c086bc..238d5ed03a1 100755 --- a/barretenberg/cpp/scripts/collect_profile_information.sh +++ b/barretenberg/cpp/scripts/collect_profile_information.sh @@ -42,11 +42,12 @@ function shorten_cpp_names() { ' } + # | shorten_cpp_names \ + # Process benchmark file. llvm-xray-16 stack xray-log.$EXECUTABLE.* \ --instr_map=./bin/$EXECUTABLE --stack-format=flame --aggregate-threads --aggregation-type=time --all-stacks \ | node ../scripts/llvm_xray_stack_flame_corrector.js \ - | shorten_cpp_names \ | ../scripts/flamegraph.pl --width 1200 --fontsize 10 \ > xray.svg echo "Profiling complete, now you can do e.g. 'scp mainframe:`readlink -f xray.svg` .' on a local terminal and open the SVG in a browser." diff --git a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt index 1de8756be42..d31efae1e84 100644 --- a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt @@ -1,6 +1,7 @@ # Each source represents a separate benchmark suite set(BENCHMARK_SOURCES standard_plonk.bench.cpp + goblin.bench.cpp ultra_honk.bench.cpp ultra_honk_rounds.bench.cpp ultra_plonk.bench.cpp @@ -13,6 +14,7 @@ set(LINKED_LIBRARIES stdlib_sha256 stdlib_keccak stdlib_merkle_tree + stdlib_recursion benchmark::benchmark ) diff --git a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp index d2b16d473cf..b39a8c9f53b 100644 --- a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp @@ -254,7 +254,7 @@ class Ultra; class ECCVM; class GoblinUltra; template class UltraRecursive_; -template class GoblinUltraRecursive_; +class GoblinUltraRecursive; } // namespace proof_system::honk::flavor // Forward declare plonk flavors @@ -284,14 +284,12 @@ concept IsUltraFlavor = IsAnyOf concept IsGoblinFlavor = IsAnyOf, - honk::flavor::GoblinUltraRecursive_>; + honk::flavor::GoblinUltraRecursive>; template concept IsRecursiveFlavor = IsAnyOf, honk::flavor::UltraRecursive_, - honk::flavor::GoblinUltraRecursive_, - honk::flavor::GoblinUltraRecursive_>; + honk::flavor::GoblinUltraRecursive>; template concept IsGrumpkinFlavor = IsAnyOf; diff --git a/barretenberg/cpp/src/barretenberg/flavor/goblin_ultra_recursive.hpp b/barretenberg/cpp/src/barretenberg/flavor/goblin_ultra_recursive.hpp index fb6e0751361..f1c6f9aaa90 100644 --- a/barretenberg/cpp/src/barretenberg/flavor/goblin_ultra_recursive.hpp +++ b/barretenberg/cpp/src/barretenberg/flavor/goblin_ultra_recursive.hpp @@ -38,14 +38,14 @@ namespace proof_system::honk::flavor { * * @tparam BuilderType Determines the arithmetization of the verifier circuit defined based on this flavor. */ -template class GoblinUltraRecursive_ { +class GoblinUltraRecursive { public: - using CircuitBuilder = BuilderType; // Determines arithmetization of circuit instantiated with this flavor + using CircuitBuilder = GoblinUltraCircuitBuilder; using Curve = plonk::stdlib::bn254; - using GroupElement = typename Curve::Element; - using Commitment = typename Curve::Element; - using CommitmentHandle = typename Curve::Element; - using FF = typename Curve::ScalarField; + using GroupElement = Curve::Element; + using FF = Curve::ScalarField; + using Commitment = Curve::Element; + using CommitmentHandle = Curve::Element; using NativeVerificationKey = flavor::GoblinUltra::VerificationKey; // Note(luke): Eventually this may not be needed at all @@ -78,7 +78,6 @@ template class GoblinUltraRecursive_ { using SumcheckTupleOfTuplesOfUnivariates = decltype(create_sumcheck_tuple_of_tuples_of_univariates()); using TupleOfArraysOfValues = decltype(create_tuple_of_arrays_of_values()); - public: /** * @brief A field element for each entity of the flavor. These entities represent the prover polynomials evaluated * at one point. @@ -87,7 +86,6 @@ template class GoblinUltraRecursive_ { public: using Base = GoblinUltra::AllEntities; using Base::Base; - AllValues(std::array _data_in) { this->_data = _data_in; } }; /** * @brief The verification key is responsible for storing the the commitments to the precomputed (non-witnessk) diff --git a/barretenberg/cpp/src/barretenberg/goblin/full_goblin_composer.test.cpp b/barretenberg/cpp/src/barretenberg/goblin/full_goblin_composer.test.cpp index 7503307881a..1a88e7881e1 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/full_goblin_composer.test.cpp +++ b/barretenberg/cpp/src/barretenberg/goblin/full_goblin_composer.test.cpp @@ -47,14 +47,14 @@ TEST_F(FullGoblinComposerTests, SimpleCircuit) { barretenberg::Goblin goblin; GoblinUltraBuilder initial_circuit{ goblin.op_queue }; - GoblinTestingUtils::construct_simple_initial_circuit(initial_circuit); + GoblinMockCircuits::construct_simple_initial_circuit(initial_circuit); KernelInput kernel_input = goblin.accumulate(initial_circuit); // Construct a series of simple Goblin circuits; generate and verify their proofs size_t NUM_CIRCUITS = 2; for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { GoblinUltraBuilder circuit_builder{ goblin.op_queue }; - GoblinTestingUtils::construct_arithmetic_circuit(circuit_builder); + GoblinMockCircuits::construct_arithmetic_circuit(circuit_builder); kernel_input = goblin.accumulate(circuit_builder); } diff --git a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp index cb12bb08c37..637a905381f 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp +++ b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp @@ -5,11 +5,12 @@ #include "barretenberg/proof_system/circuit_builder/eccvm/eccvm_circuit_builder.hpp" #include "barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" +#include "barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.hpp" #include "barretenberg/translator_vm/goblin_translator_composer.hpp" #include "barretenberg/ultra_honk/ultra_composer.hpp" namespace barretenberg { -class GoblinTestingUtils { +class GoblinMockCircuits { public: using Curve = curve::BN254; using FF = Curve::ScalarField; @@ -19,6 +20,9 @@ class GoblinTestingUtils { using OpQueue = proof_system::ECCOpQueue; using GoblinUltraBuilder = proof_system::GoblinUltraCircuitBuilder; using Flavor = proof_system::honk::flavor::GoblinUltra; + using RecursiveFlavor = proof_system::honk::flavor::GoblinUltraRecursive; + using RecursiveVerifier = proof_system::plonk::stdlib::recursion::honk::GoblinRecursiveVerifier; + using KernelInput = Goblin::AccumulationOutput; static constexpr size_t NUM_OP_QUEUE_COLUMNS = Flavor::NUM_WIRES; static void construct_arithmetic_circuit(GoblinUltraBuilder& builder) @@ -97,5 +101,25 @@ class GoblinTestingUtils { construct_arithmetic_circuit(builder); } + + /** + * @brief Construct a mock kernel circuit + * @details This circuit contains (1) some basic/arbitrary arithmetic gates, (2) a genuine recursive verification of + * the proof provided as input. It does not contain any other real kernel logic. + * + * @param builder + * @param kernel_input A proof to be recursively verified and the corresponding native verification key + */ + static void construct_mock_kernel_circuit(GoblinUltraBuilder& builder, KernelInput& kernel_input) + { + // Generic operations e.g. state updates (just arith gates for now) + GoblinMockCircuits::construct_arithmetic_circuit(builder); + + // Execute recursive aggregation of previous kernel proof + RecursiveVerifier verifier{ &builder, kernel_input.verification_key }; + // TODO(https://github.com/AztecProtocol/barretenberg/issues/801): Aggregation + auto pairing_points = verifier.verify_proof(kernel_input.proof); // app function proof + pairing_points = verifier.verify_proof(kernel_input.proof); // previous kernel proof + } }; } // namespace barretenberg \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/srs/io.hpp b/barretenberg/cpp/src/barretenberg/srs/io.hpp index 99f97e88775..fcc63cc6a68 100644 --- a/barretenberg/cpp/src/barretenberg/srs/io.hpp +++ b/barretenberg/cpp/src/barretenberg/srs/io.hpp @@ -316,7 +316,8 @@ template class IO { degree, ". Is your srs large enough? Either run bootstrap.sh to download the transcript.dat " "files to `srs_db/ignition/`, or you might need to download extra transcript.dat files " - "by editing `srs_db/download_ignition.sh` (but be careful, as this suggests you've " + "by editing `srs_db/download_ignition.sh` or in the case of grumpkin points, use " + "grumpkin_srs_gen (but be careful, as this suggests you've " "just changed a circuit to exceed a new 'power of two' boundary).")); } } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/goblin/full_goblin_recursion.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/goblin/full_goblin_recursion.test.cpp index 51d9f1943cb..b632f4a01d8 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/goblin/full_goblin_recursion.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/goblin/full_goblin_recursion.test.cpp @@ -24,43 +24,8 @@ class GoblinRecursionTests : public ::testing::Test { using Curve = curve::BN254; using FF = Curve::ScalarField; - using Fbase = Curve::BaseField; - using Point = Curve::AffineElement; - using CommitmentKey = pcs::CommitmentKey; - using OpQueue = proof_system::ECCOpQueue; using GoblinUltraBuilder = proof_system::GoblinUltraCircuitBuilder; - using ECCVMFlavor = flavor::ECCVM; - using ECCVMBuilder = proof_system::ECCVMCircuitBuilder; - using ECCVMComposer = ECCVMComposer_; - using TranslatorFlavor = flavor::GoblinTranslator; - using TranslatorBuilder = proof_system::GoblinTranslatorCircuitBuilder; - using TranslatorComposer = GoblinTranslatorComposer; - using TranslatorConsistencyData = barretenberg::TranslationEvaluations; - using Proof = proof_system::plonk::proof; - using NativeVerificationKey = flavor::GoblinUltra::VerificationKey; - using RecursiveFlavor = flavor::GoblinUltraRecursive_; - using RecursiveVerifier = proof_system::plonk::stdlib::recursion::honk::UltraRecursiveVerifier_; using KernelInput = Goblin::AccumulationOutput; - - /** - * @brief Construct a mock kernel circuit - * @details This circuit contains (1) some basic/arbitrary arithmetic gates, (2) a genuine recursive verification of - * the proof provided as input. It does not contain any other real kernel logic. - * - * @param builder - * @param kernel_input A proof to be recursively verified and the corresponding native verification key - */ - static void construct_mock_kernel_circuit(GoblinUltraBuilder& builder, KernelInput& kernel_input) - { - // Generic operations e.g. state updates (just arith gates for now) - GoblinTestingUtils::construct_arithmetic_circuit(builder); - - // Execute recursive aggregation of previous kernel proof - RecursiveVerifier verifier{ &builder, kernel_input.verification_key }; - // TODO(https://github.com/AztecProtocol/barretenberg/issues/801): Aggregation - auto pairing_points = verifier.verify_proof(kernel_input.proof); // app function proof - pairing_points = verifier.verify_proof(kernel_input.proof); // previous kernel proof - } }; /** @@ -73,7 +38,7 @@ TEST_F(GoblinRecursionTests, Pseudo) // Construct an initial circuit; its proof will be recursively verified by the first kernel GoblinUltraBuilder initial_circuit{ goblin.op_queue }; - GoblinTestingUtils::construct_simple_initial_circuit(initial_circuit); + GoblinMockCircuits::construct_simple_initial_circuit(initial_circuit); KernelInput kernel_input = goblin.accumulate(initial_circuit); // Construct a series of simple Goblin circuits; generate and verify their proofs @@ -81,7 +46,7 @@ TEST_F(GoblinRecursionTests, Pseudo) for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { // Construct a circuit with logic resembling that of the "kernel circuit" GoblinUltraBuilder circuit_builder{ goblin.op_queue }; - construct_mock_kernel_circuit(circuit_builder, kernel_input); + GoblinMockCircuits::construct_mock_kernel_circuit(circuit_builder, kernel_input); // Construct proof of the current kernel circuit to be recursively verified by the next one kernel_input = goblin.accumulate(circuit_builder); diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp index 8130ff26e85..b3cb34414ab 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp @@ -33,7 +33,7 @@ template class GoblinRecursiveVerifierTest : public testi using InnerFF = InnerFlavor::FF; // Types for recursive verifier circuit - using RecursiveFlavor = ::proof_system::honk::flavor::GoblinUltraRecursive_; + using RecursiveFlavor = ::proof_system::honk::flavor::GoblinUltraRecursive; using RecursiveVerifier = UltraRecursiveVerifier_; using OuterBuilder = BuilderType; using VerificationKey = typename RecursiveVerifier::VerificationKey; @@ -254,7 +254,8 @@ template class GoblinRecursiveVerifierTest : public testi }; // Run the recursive verifier tests with conventional Ultra builder and Goblin builder -using BuilderTypes = testing::Types; +// TODO(AD) de-templatize +using BuilderTypes = testing::Types; TYPED_TEST_SUITE(GoblinRecursiveVerifierTest, BuilderTypes); diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.cpp index 6c303d15e25..8088fbe7792 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.cpp @@ -120,7 +120,5 @@ std::array UltraRecursiveVerifier_::ve template class UltraRecursiveVerifier_>; template class UltraRecursiveVerifier_>; -template class UltraRecursiveVerifier_>; -template class UltraRecursiveVerifier_>; - +template class UltraRecursiveVerifier_; } // namespace proof_system::plonk::stdlib::recursion::honk diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.hpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.hpp index 62803746d5d..8fb6ed47c7f 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.hpp @@ -41,9 +41,8 @@ template class UltraRecursiveVerifier_ { // Instance declarations for Ultra and Goblin-Ultra verifier circuits with both conventional Ultra and Goblin-Ultra // arithmetization. extern template class UltraRecursiveVerifier_>; +using UltraRecursiveVerifier = UltraRecursiveVerifier_; extern template class UltraRecursiveVerifier_>; -extern template class UltraRecursiveVerifier_>; -extern template class UltraRecursiveVerifier_< - proof_system::honk::flavor::GoblinUltraRecursive_>; - +extern template class UltraRecursiveVerifier_; +using GoblinRecursiveVerifier = UltraRecursiveVerifier_; } // namespace proof_system::plonk::stdlib::recursion::honk From 21df710336514e37a220e8eab260e76a7b13dd3a Mon Sep 17 00:00:00 2001 From: codygunton Date: Wed, 13 Dec 2023 22:16:32 +0000 Subject: [PATCH 02/20] Benchmark goblin --- .../benchmark/honk_bench/goblin.bench.cpp | 49 +++++++++++++++++++ .../goblin/full_goblin_recursion.test.cpp | 2 +- .../src/barretenberg/goblin/mock_circuits.hpp | 2 + .../honk/verifier/merge_verifier.test.cpp | 2 +- .../ultra_honk/ultra_verifier.hpp | 2 + 5 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp diff --git a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp new file mode 100644 index 00000000000..cbb958ea8ef --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp @@ -0,0 +1,49 @@ + +#include + +#include "barretenberg/benchmark/honk_bench/benchmark_utilities.hpp" +#include "barretenberg/goblin/goblin.hpp" +#include "barretenberg/goblin/mock_circuits.hpp" +#include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" +#include "barretenberg/ultra_honk/ultra_composer.hpp" + +using namespace benchmark; +using namespace barretenberg; +using namespace proof_system; + +namespace { +void goblin_recursion(State& state) noexcept +{ + barretenberg::srs::init_crs_factory("../srs_db/ignition"); + barretenberg::srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); + + Goblin goblin; + + // Construct an initial circuit; its proof will be recursively verified by the first kernel + GoblinUltraCircuitBuilder initial_circuit{ goblin.op_queue }; + GoblinMockCircuits::construct_simple_initial_circuit(initial_circuit); + Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); + + for (auto _ : state) { + // Construct a series of simple Goblin circuits; generate and verify their proofs + size_t NUM_CIRCUITS = 2; + for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { + // Construct a circuit with logic resembling that of the "kernel circuit" + GoblinUltraCircuitBuilder circuit_builder{ goblin.op_queue }; + GoblinMockCircuits::construct_mock_kernel_circuit(circuit_builder, kernel_input); + + // Construct proof of the current kernel circuit to be recursively verified by the next one + kernel_input = goblin.accumulate(circuit_builder); + } + + Goblin::Proof proof = goblin.prove(); + // Verify the final ultra proof + honk::GoblinUltraVerifier ultra_verifier{ kernel_input.verification_key }; + ultra_verifier.verify_proof(kernel_input.proof); + // Verify the goblin proof (eccvm, translator, merge) + goblin.verify(proof); + } +} +} // namespace + +BENCHMARK(goblin_recursion)->Unit(kMillisecond); \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/goblin/full_goblin_recursion.test.cpp b/barretenberg/cpp/src/barretenberg/goblin/full_goblin_recursion.test.cpp index b07da6e80ff..cf5cb15c4f6 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/full_goblin_recursion.test.cpp +++ b/barretenberg/cpp/src/barretenberg/goblin/full_goblin_recursion.test.cpp @@ -53,7 +53,7 @@ TEST_F(GoblinRecursionTests, Pseudo) Goblin::Proof proof = goblin.prove(); // Verify the final ultra proof - UltraVerifier ultra_verifier{ kernel_input.verification_key }; + GoblinUltraVerifier ultra_verifier{ kernel_input.verification_key }; bool ultra_verified = ultra_verifier.verify_proof(kernel_input.proof); // Verify the goblin proof (eccvm, translator, merge) bool verified = goblin.verify(proof); diff --git a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp index 54026ef0a3c..6bf960fd7bc 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp +++ b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp @@ -1,7 +1,9 @@ #include "barretenberg/commitment_schemes/commitment_key.hpp" #include "barretenberg/flavor/goblin_ultra.hpp" +#include "barretenberg/goblin/goblin.hpp" #include "barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp" #include "barretenberg/srs/global_crs.hpp" +#include "barretenberg/stdlib/recursion/honk/verifier/ultra_recursive_verifier.hpp" namespace barretenberg { class GoblinMockCircuits { diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/merge_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/merge_verifier.test.cpp index 39b981c4b6a..765759e1722 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/merge_verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/merge_verifier.test.cpp @@ -45,7 +45,7 @@ class RecursiveMergeVerifierTest : public testing::Test { auto op_queue = std::make_shared(); InnerBuilder sample_circuit{ op_queue }; - GoblinTestingUtils::construct_simple_initial_circuit(sample_circuit); + GoblinMockCircuits::construct_simple_initial_circuit(sample_circuit); // Generate a proof over the inner circuit InnerComposer inner_composer; diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.hpp index 8197e46a941..a805b4fc645 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.hpp @@ -16,6 +16,7 @@ template class UltraVerifier_ { public: explicit UltraVerifier_(const std::shared_ptr& transcript, const std::shared_ptr& verifier_key = nullptr); + explicit UltraVerifier_(const std::shared_ptr& verifier_key); UltraVerifier_(UltraVerifier_&& other); @@ -34,5 +35,6 @@ extern template class UltraVerifier_; extern template class UltraVerifier_; using UltraVerifier = UltraVerifier_; +using GoblinUltraVerifier = UltraVerifier_; } // namespace proof_system::honk From 73100cbf6e945c18bd18877cc596dfbdaac9377b Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 14 Dec 2023 19:31:26 +0000 Subject: [PATCH 03/20] Bench goblin components --- .../cpp/scripts/collect_heap_information.sh | 2 +- .../scripts/collect_profile_information.sh | 2 +- .../benchmark/honk_bench/goblin.bench.cpp | 100 ++++++++++++++++-- .../src/barretenberg/eccvm/eccvm_prover.hpp | 22 ++-- .../cpp/src/barretenberg/goblin/goblin.hpp | 31 ++++-- .../goblin_translator_prover.hpp | 10 +- .../barretenberg/ultra_honk/merge_prover.hpp | 2 +- 7 files changed, 133 insertions(+), 36 deletions(-) diff --git a/barretenberg/cpp/scripts/collect_heap_information.sh b/barretenberg/cpp/scripts/collect_heap_information.sh index a1b6bee078e..5d31fff5c8f 100755 --- a/barretenberg/cpp/scripts/collect_heap_information.sh +++ b/barretenberg/cpp/scripts/collect_heap_information.sh @@ -3,7 +3,7 @@ set -eu PRESET=gperftools ONLY_PROCESS=${1:-} -EXECUTABLE=${2:-ultra_honk_rounds_bench} +EXECUTABLE=${2:-goblin_bench} # Move above script dir. cd $(dirname $0)/.. diff --git a/barretenberg/cpp/scripts/collect_profile_information.sh b/barretenberg/cpp/scripts/collect_profile_information.sh index b216a05a307..2892cbc9fff 100755 --- a/barretenberg/cpp/scripts/collect_profile_information.sh +++ b/barretenberg/cpp/scripts/collect_profile_information.sh @@ -6,7 +6,7 @@ PRESET=${1:-xray} # pass "" to run and 1 to reuse old results ONLY_PROCESS=${2:-} # pass the executable name from build/bin -EXECUTABLE=${3:-ultra_honk_rounds_bench} +EXECUTABLE=${3:-goblin_bench} # by default run the executable, but we can provide an alt command e.g. use taskset and benchmark flags COMMAND=${4:-./bin/$EXECUTABLE} diff --git a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp index cbb958ea8ef..9ddd8f368b3 100644 --- a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp +++ b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp @@ -24,6 +24,7 @@ void goblin_recursion(State& state) noexcept GoblinMockCircuits::construct_simple_initial_circuit(initial_circuit); Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); + Goblin::Proof proof; for (auto _ : state) { // Construct a series of simple Goblin circuits; generate and verify their proofs size_t NUM_CIRCUITS = 2; @@ -36,14 +37,101 @@ void goblin_recursion(State& state) noexcept kernel_input = goblin.accumulate(circuit_builder); } - Goblin::Proof proof = goblin.prove(); + proof = goblin.prove(); // Verify the final ultra proof - honk::GoblinUltraVerifier ultra_verifier{ kernel_input.verification_key }; - ultra_verifier.verify_proof(kernel_input.proof); - // Verify the goblin proof (eccvm, translator, merge) - goblin.verify(proof); } + honk::GoblinUltraVerifier ultra_verifier{ kernel_input.verification_key }; + ultra_verifier.verify_proof(kernel_input.proof); + // Verify the goblin proof (eccvm, translator, merge) + goblin.verify(proof); } + +void goblin_accumulate(State& state) noexcept +{ + barretenberg::srs::init_crs_factory("../srs_db/ignition"); + barretenberg::srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); + + Goblin goblin; + + // Construct an initial circuit; its proof will be recursively verified by the first kernel + GoblinUltraCircuitBuilder initial_circuit{ goblin.op_queue }; + GoblinMockCircuits::construct_simple_initial_circuit(initial_circuit); + Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); + + // Construct a series of simple Goblin circuits; generate and verify their proofs + size_t NUM_CIRCUITS = 2; + for (auto _ : state) { + for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { + // Construct a circuit with logic resembling that of the "kernel circuit" + GoblinUltraCircuitBuilder circuit_builder{ goblin.op_queue }; + GoblinMockCircuits::construct_mock_kernel_circuit(circuit_builder, kernel_input); + + // Construct proof of the current kernel circuit to be recursively verified by the next one + kernel_input = goblin.accumulate(circuit_builder); + } + } +} + +void goblin_eccvm_prove(State& state) noexcept +{ + barretenberg::srs::init_crs_factory("../srs_db/ignition"); + barretenberg::srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); + + Goblin goblin; + + // Construct an initial circuit; its proof will be recursively verified by the first kernel + GoblinUltraCircuitBuilder initial_circuit{ goblin.op_queue }; + GoblinMockCircuits::construct_simple_initial_circuit(initial_circuit); + Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); + + // Construct a series of simple Goblin circuits; generate and verify their proofs + size_t NUM_CIRCUITS = 2; + for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { + // Construct a circuit with logic resembling that of the "kernel circuit" + GoblinUltraCircuitBuilder circuit_builder{ goblin.op_queue }; + GoblinMockCircuits::construct_mock_kernel_circuit(circuit_builder, kernel_input); + + // Construct proof of the current kernel circuit to be recursively verified by the next one + kernel_input = goblin.accumulate(circuit_builder); + } + + for (auto _ : state) { + goblin.prove_eccvm(); + } +} + +void goblin_translator_prove(State& state) noexcept +{ + barretenberg::srs::init_crs_factory("../srs_db/ignition"); + barretenberg::srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); + + Goblin goblin; + + // Construct an initial circuit; its proof will be recursively verified by the first kernel + GoblinUltraCircuitBuilder initial_circuit{ goblin.op_queue }; + GoblinMockCircuits::construct_simple_initial_circuit(initial_circuit); + Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); + + // Construct a series of simple Goblin circuits; generate and verify their proofs + size_t NUM_CIRCUITS = 2; + for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { + // Construct a circuit with logic resembling that of the "kernel circuit" + GoblinUltraCircuitBuilder circuit_builder{ goblin.op_queue }; + GoblinMockCircuits::construct_mock_kernel_circuit(circuit_builder, kernel_input); + + // Construct proof of the current kernel circuit to be recursively verified by the next one + kernel_input = goblin.accumulate(circuit_builder); + } + + goblin.prove_eccvm(); + for (auto _ : state) { + goblin.prove_translator(); + } +} + } // namespace -BENCHMARK(goblin_recursion)->Unit(kMillisecond); \ No newline at end of file +BENCHMARK(goblin_recursion)->Unit(kMillisecond); +BENCHMARK(goblin_accumulate)->Unit(kMillisecond); +BENCHMARK(goblin_eccvm_prove)->Unit(kMillisecond); +BENCHMARK(goblin_translator_prove)->Unit(kMillisecond); \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp index af6f4ec457f..cc278c72daa 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp +++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp @@ -30,17 +30,17 @@ template class ECCVMProver_ { const std::shared_ptr& commitment_key, const std::shared_ptr& transcript = std::make_shared()); - void execute_preamble_round(); - void execute_wire_commitments_round(); - void execute_log_derivative_commitments_round(); - void execute_grand_product_computation_round(); - void execute_relation_check_rounds(); - void execute_univariatization_round(); - void execute_pcs_evaluation_round(); - void execute_shplonk_batched_quotient_round(); - void execute_shplonk_partial_evaluation_round(); - void execute_final_pcs_round(); - void execute_transcript_consistency_univariate_opening_round(); + BBERG_PROFILE void execute_preamble_round(); + BBERG_PROFILE void execute_wire_commitments_round(); + BBERG_PROFILE void execute_log_derivative_commitments_round(); + BBERG_PROFILE void execute_grand_product_computation_round(); + BBERG_PROFILE void execute_relation_check_rounds(); + BBERG_PROFILE void execute_univariatization_round(); + BBERG_PROFILE void execute_pcs_evaluation_round(); + BBERG_PROFILE void execute_shplonk_batched_quotient_round(); + BBERG_PROFILE void execute_shplonk_partial_evaluation_round(); + BBERG_PROFILE void execute_final_pcs_round(); + BBERG_PROFILE void execute_transcript_consistency_univariate_opening_round(); plonk::proof& export_proof(); plonk::proof& construct_proof(); diff --git a/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp b/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp index 3c2588288df..f69c15c3947 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp +++ b/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp @@ -41,6 +41,7 @@ class Goblin { using ECCVMFlavor = proof_system::honk::flavor::ECCVM; using ECCVMBuilder = proof_system::ECCVMCircuitBuilder; using ECCVMComposer = proof_system::honk::ECCVMComposer; + using ECCVMProver = proof_system::honk::ECCVMProver_; using TranslatorBuilder = proof_system::GoblinTranslatorCircuitBuilder; using TranslatorComposer = proof_system::honk::GoblinTranslatorComposer; using RecursiveMergeVerifier = @@ -50,6 +51,7 @@ class Goblin { std::shared_ptr op_queue = std::make_shared(); HonkProof merge_proof; + Proof goblin_proof; // on the first call to accumulate there is no merge proof to verify bool merge_proof_exists{ false }; @@ -59,6 +61,7 @@ class Goblin { std::unique_ptr eccvm_builder; std::unique_ptr translator_builder; std::unique_ptr eccvm_composer; + std::unique_ptr eccvm_prover; std::unique_ptr translator_composer; public: @@ -92,25 +95,31 @@ class Goblin { return { ultra_proof, instance->verification_key }; }; - Proof prove() + void prove_eccvm() { - Proof proof; - - proof.merge_proof = std::move(merge_proof); + goblin_proof.merge_proof = std::move(merge_proof); eccvm_builder = std::make_unique(op_queue); eccvm_composer = std::make_unique(); - auto eccvm_prover = eccvm_composer->create_prover(*eccvm_builder); - proof.eccvm_proof = eccvm_prover.construct_proof(); - proof.translation_evaluations = eccvm_prover.translation_evaluations; + eccvm_prover = std::make_unique(eccvm_composer->create_prover(*eccvm_builder)); + goblin_proof.eccvm_proof = eccvm_prover->construct_proof(); + goblin_proof.translation_evaluations = eccvm_prover->translation_evaluations; + }; + void prove_translator() + { translator_builder = std::make_unique( - eccvm_prover.translation_batching_challenge_v, eccvm_prover.evaluation_challenge_x, op_queue); + eccvm_prover->translation_batching_challenge_v, eccvm_prover->evaluation_challenge_x, op_queue); translator_composer = std::make_unique(); - auto translator_prover = translator_composer->create_prover(*translator_builder, eccvm_prover.transcript); - proof.translator_proof = translator_prover.construct_proof(); + auto translator_prover = translator_composer->create_prover(*translator_builder, eccvm_prover->transcript); + goblin_proof.translator_proof = translator_prover.construct_proof(); + }; - return proof; + Proof prove() + { + prove_eccvm(); + prove_translator(); + return goblin_proof; }; bool verify(const Proof& proof) diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/goblin_translator_prover.hpp b/barretenberg/cpp/src/barretenberg/translator_vm/goblin_translator_prover.hpp index 99bf48c490d..4aa8299272b 100644 --- a/barretenberg/cpp/src/barretenberg/translator_vm/goblin_translator_prover.hpp +++ b/barretenberg/cpp/src/barretenberg/translator_vm/goblin_translator_prover.hpp @@ -30,11 +30,11 @@ class GoblinTranslatorProver { const std::shared_ptr& commitment_key, const std::shared_ptr& transcript = std::make_shared()); - void execute_preamble_round(); - void execute_wire_and_sorted_constraints_commitments_round(); - void execute_grand_product_computation_round(); - void execute_relation_check_rounds(); - void execute_zeromorph_rounds(); + BBERG_PROFILE void execute_preamble_round(); + BBERG_PROFILE void execute_wire_and_sorted_constraints_commitments_round(); + BBERG_PROFILE void execute_grand_product_computation_round(); + BBERG_PROFILE void execute_relation_check_rounds(); + BBERG_PROFILE void execute_zeromorph_rounds(); plonk::proof& export_proof(); plonk::proof& construct_proof(); diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp index 77318490bba..c0f823d88b7 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp @@ -33,7 +33,7 @@ template class MergeProver_ { explicit MergeProver_(const std::shared_ptr&, const std::shared_ptr&, const std::shared_ptr& transcript = std::make_shared()); - plonk::proof& construct_proof(); + BBERG_PROFILE plonk::proof& construct_proof(); private: plonk::proof proof; From f87a7f8ef0456652734f17340b8bfe7513f24635 Mon Sep 17 00:00:00 2001 From: codygunton Date: Mon, 18 Dec 2023 05:01:52 +0000 Subject: [PATCH 04/20] Bencmark over ranges --- .../benchmark/honk_bench/goblin.bench.cpp | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp index 9ddd8f368b3..366f2ab6a24 100644 --- a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp +++ b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/goblin.bench.cpp @@ -12,7 +12,7 @@ using namespace barretenberg; using namespace proof_system; namespace { -void goblin_recursion(State& state) noexcept +void goblin_full(State& state) noexcept { barretenberg::srs::init_crs_factory("../srs_db/ignition"); barretenberg::srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); @@ -27,7 +27,7 @@ void goblin_recursion(State& state) noexcept Goblin::Proof proof; for (auto _ : state) { // Construct a series of simple Goblin circuits; generate and verify their proofs - size_t NUM_CIRCUITS = 2; + size_t NUM_CIRCUITS = 1 << static_cast(state.range(0)); for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { // Construct a circuit with logic resembling that of the "kernel circuit" GoblinUltraCircuitBuilder circuit_builder{ goblin.op_queue }; @@ -59,7 +59,7 @@ void goblin_accumulate(State& state) noexcept Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); // Construct a series of simple Goblin circuits; generate and verify their proofs - size_t NUM_CIRCUITS = 2; + size_t NUM_CIRCUITS = 1 << static_cast(state.range(0)); for (auto _ : state) { for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { // Construct a circuit with logic resembling that of the "kernel circuit" @@ -85,7 +85,7 @@ void goblin_eccvm_prove(State& state) noexcept Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); // Construct a series of simple Goblin circuits; generate and verify their proofs - size_t NUM_CIRCUITS = 2; + size_t NUM_CIRCUITS = 1 << static_cast(state.range(0)); for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { // Construct a circuit with logic resembling that of the "kernel circuit" GoblinUltraCircuitBuilder circuit_builder{ goblin.op_queue }; @@ -113,7 +113,7 @@ void goblin_translator_prove(State& state) noexcept Goblin::AccumulationOutput kernel_input = goblin.accumulate(initial_circuit); // Construct a series of simple Goblin circuits; generate and verify their proofs - size_t NUM_CIRCUITS = 2; + size_t NUM_CIRCUITS = 1 << static_cast(state.range(0)); for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) { // Construct a circuit with logic resembling that of the "kernel circuit" GoblinUltraCircuitBuilder circuit_builder{ goblin.op_queue }; @@ -131,7 +131,7 @@ void goblin_translator_prove(State& state) noexcept } // namespace -BENCHMARK(goblin_recursion)->Unit(kMillisecond); -BENCHMARK(goblin_accumulate)->Unit(kMillisecond); -BENCHMARK(goblin_eccvm_prove)->Unit(kMillisecond); -BENCHMARK(goblin_translator_prove)->Unit(kMillisecond); \ No newline at end of file +BENCHMARK(goblin_full)->Unit(kMillisecond)->DenseRange(0, 7); +BENCHMARK(goblin_accumulate)->Unit(kMillisecond)->DenseRange(0, 7); +BENCHMARK(goblin_eccvm_prove)->Unit(kMillisecond)->DenseRange(0, 7); +BENCHMARK(goblin_translator_prove)->Unit(kMillisecond)->DenseRange(0, 7); \ No newline at end of file From a9418fa1e426b9f5043469c6f77d227727373783 Mon Sep 17 00:00:00 2001 From: codygunton Date: Mon, 18 Dec 2023 05:04:22 +0000 Subject: [PATCH 05/20] Hack around non-Goblinized ops. --- .../zeromorph/zeromorph.hpp | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp index 80a8c3e4508..bc5f408b59f 100644 --- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp +++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp @@ -680,20 +680,22 @@ template class ZeroMorphVerifier_ { auto [x_challenge, z_challenge] = challenges_to_field_elements(transcript->get_challenges("ZM:x", "ZM:z")); // Compute commitment C_{\zeta_x} - auto C_zeta_x = compute_C_zeta_x(C_q, C_q_k, y_challenge, x_challenge); + // WORKTODO: Make sure only Goblinized operations are available. + [[maybe_unused]] auto C_zeta_x = compute_C_zeta_x(C_q, C_q_k, y_challenge, x_challenge); // Compute commitment C_{Z_x} - Commitment C_Z_x = compute_C_Z_x(unshifted_commitments, - to_be_shifted_commitments, - C_q_k, - rho, - batched_evaluation, - x_challenge, - multivariate_challenge, - concatenation_group_commitments); + [[maybe_unused]] Commitment C_Z_x = compute_C_Z_x(unshifted_commitments, + to_be_shifted_commitments, + C_q_k, + rho, + batched_evaluation, + x_challenge, + multivariate_challenge, + concatenation_group_commitments); // Compute commitment C_{\zeta,Z} - auto C_zeta_Z = C_zeta_x + C_Z_x * z_challenge; + // auto C_zeta_Z = C_zeta_x + C_Z_x * z_challenge; + [[maybe_unused]] Commitment C_zeta_Z; // Receive proof commitment \pi auto C_pi = transcript->template receive_from_prover("ZM:PI"); @@ -703,7 +705,9 @@ template class ZeroMorphVerifier_ { // e(C_{\zeta,Z}, [1]_2) = e(pi, [X - x]_2). This can be rearranged (e.g. see the plonk paper) as // e(C_{\zeta,Z} - x*pi, [1]_2) * e(-pi, [X]_2) = 1, or // e(P_0, [1]_2) * e(P_1, [X]_2) = 1 - auto P0 = C_zeta_Z + C_pi * x_challenge; + // auto P0 = C_zeta_Z + C_pi * x_challenge; + Commitment P0; + auto P1 = -C_pi; return { P0, P1 }; From 2a74dc248861bfc64b3f37c83f9fe3d85f2cfe4a Mon Sep 17 00:00:00 2001 From: codygunton Date: Mon, 18 Dec 2023 05:04:33 +0000 Subject: [PATCH 06/20] Add benchmarks --- barretenberg/cpp/goblin_benchs | 210 +++++++++++++++++++++++++++++++++ 1 file changed, 210 insertions(+) create mode 100644 barretenberg/cpp/goblin_benchs diff --git a/barretenberg/cpp/goblin_benchs b/barretenberg/cpp/goblin_benchs new file mode 100644 index 00000000000..eb4ac7fae49 --- /dev/null +++ b/barretenberg/cpp/goblin_benchs @@ -0,0 +1,210 @@ +% taskset -c 0-15 ./bin/goblin_bench --benchmark_filter=full 31s ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe +2023-12-16T04:39:50+00:00 +Running ./bin/goblin_bench +Run on (128 X 1770 MHz CPU s) +CPU Caches: + L1 Data 32 KiB (x64) + L1 Instruction 32 KiB (x64) + L2 Unified 512 KiB (x64) + L3 Unified 32768 KiB (x8) +Load Average: 4.59, 2.66, 2.28 +-------------------------------------------------------- +Benchmark Time CPU Iterations +-------------------------------------------------------- +goblin_full/0 6630 ms 5653 ms 1 +goblin_full/1 12547 ms 11201 ms 1 +goblin_full/2 25051 ms 22983 ms 1 +goblin_full/3 51488 ms 47478 ms 1 +goblin_full/4 106254 ms 99088 ms 1 +goblin_full/5 220602 ms 206708 ms 1 +goblin_full/6 459707 ms 431571 ms 1 +goblin_full/7 958580 ms 902146 ms 1 + +% taskset -c 0-15 ./bin/goblin_bench --benchmark_filter=eccvm_prove 29m 36s ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe +2023-12-18T03:36:49+00:00 +Running ./bin/goblin_bench +Run on (128 X 1990.79 MHz CPU s) +CPU Caches: + L1 Data 32 KiB (x64) + L1 Instruction 32 KiB (x64) + L2 Unified 512 KiB (x64) + L3 Unified 32768 KiB (x8) +Load Average: 2.06, 2.48, 3.50 +--------------------------------------------------------------- +Benchmark Time CPU Iterations +--------------------------------------------------------------- +goblin_eccvm_prove/0 4956 ms 4775 ms 1 +goblin_eccvm_prove/1 10098 ms 9713 ms 1 +goblin_eccvm_prove/2 20815 ms 20262 ms 1 +goblin_eccvm_prove/3 43392 ms 42473 ms 1 +goblin_eccvm_prove/4 90599 ms 89088 ms 1 +goblin_eccvm_prove/5 189833 ms 187159 ms 1 +goblin_eccvm_prove/6 396758 ms 391906 ms 1 +goblin_eccvm_prove/7 830932 ms 821706 ms 1 + +% ./bin/goblin_bench --benchmark_filter=translator_prove ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe +2023-12-18T02:59:46+00:00 +Running ./bin/goblin_bench +Run on (128 X 1500.45 MHz CPU s) +CPU Caches: + L1 Data 32 KiB (x64) + L1 Instruction 32 KiB (x64) + L2 Unified 512 KiB (x64) + L3 Unified 32768 KiB (x8) +Load Average: 4.78, 3.96, 3.75 +-------------------------------------------------------------------- +Benchmark Time CPU Iterations +-------------------------------------------------------------------- +goblin_translator_prove/0 688 ms 541 ms 1 +goblin_translator_prove/1 635 ms 516 ms 1 +goblin_translator_prove/2 684 ms 553 ms 1 +goblin_translator_prove/3 913 ms 754 ms 1 +goblin_translator_prove/4 1383 ms 1085 ms 1 +goblin_translator_prove/5 2384 ms 1865 ms 1 +goblin_translator_prove/6 4550 ms 3224 ms 1 +goblin_translator_prove/7 8890 ms 6262 ms 1 + +% taskset -c 0-15 ./bin/goblin_bench --benchmark_filter=full 31s ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe +2023-12-16T04:39:50+00:00 +Running ./bin/goblin_bench +Run on (128 X 1770 MHz CPU s) +CPU Caches: + L1 Data 32 KiB (x64) + L1 Instruction 32 KiB (x64) + L2 Unified 512 KiB (x64) + L3 Unified 32768 KiB (x8) +Load Average: 4.59, 2.66, 2.28 +-------------------------------------------------------- +Benchmark Time CPU Iterations +-------------------------------------------------------- +raw ops in queue: 168 +ultra ops in queue: 336 +ECCVM num_gates: 2919 +ECCVM subgroup size: 4096 +Translator num gates: 337 +Translator circuit size: 32768 +goblin_full/0 6630 ms 5653 ms 1 +raw ops in queue: 363 +ultra ops in queue: 726 +ECCVM num_gates: 6240 +ECCVM subgroup size: 8192 +Translator num gates: 727 +Translator circuit size: 32768 +goblin_full/1 12547 ms 11201 ms 1 +raw ops in queue: 753 +ultra ops in queue: 1506 +ECCVM num_gates: 12882 +ECCVM subgroup size: 16384 +Translator num gates: 1507 +Translator circuit size: 32768 +goblin_full/2 25051 ms 22983 ms 1 +raw ops in queue: 1533 +ultra ops in queue: 3066 +ECCVM num_gates: 26166 +ECCVM subgroup size: 32768 +Translator num gates: 3067 +Translator circuit size: 65536 +sumcheck failed +goblin_full/3 51488 ms 47478 ms 1 +raw ops in queue: 3093 +ultra ops in queue: 6186 +ECCVM num_gates: 52734 +ECCVM subgroup size: 65536 +Translator num gates: 6187 +Translator circuit size: 131072 +sumcheck failed +goblin_full/4 106254 ms 99088 ms 1 +raw ops in queue: 6213 +ultra ops in queue: 12426 +ECCVM num_gates: 105870 +ECCVM subgroup size: 131072 +Translator num gates: 12427 +Translator circuit size: 262144 +sumcheck failed +goblin_full/5 220602 ms 206708 ms 1 +raw ops in queue: 12453 +ultra ops in queue: 24906 +ECCVM num_gates: 212142 +ECCVM subgroup size: 262144 +Translator num gates: 24907 +Translator circuit size: 524288 +sumcheck failed +goblin_full/6 459707 ms 431571 ms 1 +raw ops in queue: 24933 +ultra ops in queue: 49866 +ECCVM num_gates: 424686 +ECCVM subgroup size: 524288 +Translator num gates: 49867 +Translator circuit size: 1048576 +sumcheck failed +goblin_full/7 958580 ms 902146 ms 1 + + + + + + + + + + + + + + + + + + + + + + +-------------------------------------------------------- +Benchmark Time CPU Iterations +-------------------------------------------------------- +goblin_full/0 6630 ms 5653 ms 1 +goblin_full/1 12547 ms 11201 ms 1 +goblin_full/2 25051 ms 22983 ms 1 +goblin_full/3 51488 ms 47478 ms 1 +goblin_full/4 106254 ms 99088 ms 1 +goblin_full/5 220602 ms 206708 ms 1 +goblin_full/6 459707 ms 431571 ms 1 +goblin_full/7 958580 ms 902146 ms 1 + +-------------------------------------------------------------- +Benchmark Time CPU Iterations +-------------------------------------------------------------- +goblin_accumulate/0 829 ms 518 ms 2 +goblin_accumulate/1 1693 ms 1048 ms 1 +goblin_accumulate/2 3470 ms 2281 ms 1 +goblin_accumulate/3 6968 ms 4625 ms 1 +goblin_accumulate/4 14035 ms 9312 ms 1 +goblin_accumulate/5 28191 ms 18620 ms 1 +goblin_accumulate/6 57001 ms 37471 ms 1 +goblin_accumulate/7 115491 ms 75549 ms 1 + +--------------------------------------------------------------- +Benchmark Time CPU Iterations +--------------------------------------------------------------- +goblin_eccvm_prove/0 4956 ms 4775 ms 1 +goblin_eccvm_prove/1 10098 ms 9713 ms 1 +goblin_eccvm_prove/2 20815 ms 20262 ms 1 +goblin_eccvm_prove/3 43392 ms 42473 ms 1 +goblin_eccvm_prove/4 90599 ms 89088 ms 1 +goblin_eccvm_prove/5 189833 ms 187159 ms 1 +goblin_eccvm_prove/6 396758 ms 391906 ms 1 +goblin_eccvm_prove/7 830932 ms 821706 ms 1 + +-------------------------------------------------------------------- +Benchmark Time CPU Iterations +-------------------------------------------------------------------- +goblin_translator_prove/0 688 ms 541 ms 1 +goblin_translator_prove/1 635 ms 516 ms 1 +goblin_translator_prove/2 684 ms 553 ms 1 +goblin_translator_prove/3 913 ms 754 ms 1 +goblin_translator_prove/4 1383 ms 1085 ms 1 +goblin_translator_prove/5 2384 ms 1865 ms 1 +goblin_translator_prove/6 4550 ms 3224 ms 1 +goblin_translator_prove/7 8890 ms 6262 ms 1 + From 98459f2212b07eecc45b5e9625cf0762557ca130 Mon Sep 17 00:00:00 2001 From: ledwards2225 Date: Tue, 19 Dec 2023 16:50:09 +0000 Subject: [PATCH 07/20] goblinize the final ecc ops in ZM --- .../zeromorph/zeromorph.hpp | 24 +++++++++++++++++-- .../honk/verifier/goblin_verifier.test.cpp | 1 + 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp index 034bf007d20..ebb5ade5e71 100644 --- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp +++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp @@ -3,6 +3,7 @@ #include "barretenberg/common/ref_vector.hpp" #include "barretenberg/common/zip_view.hpp" #include "barretenberg/polynomials/polynomial.hpp" +#include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" #include "barretenberg/transcript/transcript.hpp" namespace proof_system::honk::pcs::zeromorph { @@ -692,7 +693,16 @@ template class ZeroMorphVerifier_ { concatenation_group_commitments); // Compute commitment C_{\zeta,Z} - auto C_zeta_Z = C_zeta_x + C_Z_x * z_challenge; + Commitment C_zeta_Z; + if constexpr (Curve::is_stdlib_type) { + // Express operation as a batch_mul in order to use Goblinization if available + auto builder = rho.get_context(); + std::vector scalars = { FF(builder, 1), z_challenge }; + std::vector points = { C_zeta_x, C_Z_x }; + C_zeta_Z = Commitment::batch_mul(points, scalars); + } else { + C_zeta_Z = C_zeta_x + C_Z_x * z_challenge; + } // Receive proof commitment \pi auto C_pi = transcript->template receive_from_prover("ZM:PI"); @@ -702,7 +712,17 @@ template class ZeroMorphVerifier_ { // e(C_{\zeta,Z}, [1]_2) = e(pi, [X - x]_2). This can be rearranged (e.g. see the plonk paper) as // e(C_{\zeta,Z} - x*pi, [1]_2) * e(-pi, [X]_2) = 1, or // e(P_0, [1]_2) * e(P_1, [X]_2) = 1 - auto P0 = C_zeta_Z + C_pi * x_challenge; + Commitment P0; + if constexpr (Curve::is_stdlib_type) { + // Express operation as a batch_mul in order to use Goblinization if available + auto builder = rho.get_context(); + std::vector scalars = { FF(builder, 1), x_challenge }; + std::vector points = { C_zeta_Z, C_pi }; + P0 = Commitment::batch_mul(points, scalars); + } else { + P0 = C_zeta_Z + C_pi * x_challenge; + } + auto P1 = -C_pi; return { P0, P1 }; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp index 8130ff26e85..22e82dc4824 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp @@ -187,6 +187,7 @@ template class GoblinRecursiveVerifierTest : public testi OuterBuilder outer_circuit; RecursiveVerifier verifier{ &outer_circuit, instance->verification_key }; auto pairing_points = verifier.verify_proof(inner_proof); + info("Recursive Verifier: num gates = ", outer_circuit.num_gates); // Check for a failure flag in the recursive verifier circuit EXPECT_EQ(outer_circuit.failed(), false) << outer_circuit.err(); From 9fb94d14d08cc2f3e8151902f4bb645bcea68169 Mon Sep 17 00:00:00 2001 From: codygunton Date: Tue, 19 Dec 2023 19:51:01 +0000 Subject: [PATCH 08/20] Add ECCVM benchmarking --- .../benchmark/honk_bench/CMakeLists.txt | 2 + .../benchmark/honk_bench/eccvm.bench.cpp | 73 +++++++++++++++++++ 2 files changed, 75 insertions(+) create mode 100644 barretenberg/cpp/src/barretenberg/benchmark/honk_bench/eccvm.bench.cpp diff --git a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt index d31efae1e84..8984bc7b0ff 100644 --- a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/CMakeLists.txt @@ -2,6 +2,7 @@ set(BENCHMARK_SOURCES standard_plonk.bench.cpp goblin.bench.cpp + eccvm.bench.cpp ultra_honk.bench.cpp ultra_honk_rounds.bench.cpp ultra_plonk.bench.cpp @@ -11,6 +12,7 @@ set(BENCHMARK_SOURCES # Required libraries for benchmark suites set(LINKED_LIBRARIES ultra_honk + eccvm stdlib_sha256 stdlib_keccak stdlib_merkle_tree diff --git a/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/eccvm.bench.cpp b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/eccvm.bench.cpp new file mode 100644 index 00000000000..d27bd0d06b4 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/benchmark/honk_bench/eccvm.bench.cpp @@ -0,0 +1,73 @@ +#include + +#include "barretenberg/benchmark/honk_bench/benchmark_utilities.hpp" +#include "barretenberg/eccvm/eccvm_composer.hpp" +#include "barretenberg/proof_system/circuit_builder/eccvm/eccvm_circuit_builder.hpp" + +using namespace benchmark; +using namespace proof_system; + +using Flavor = honk::flavor::ECCVM; +using Builder = ECCVMCircuitBuilder; +using Composer = honk::ECCVMComposer; + +namespace { + +Builder generate_trace(size_t target_num_gates) +{ + Builder builder; + using G1 = typename Flavor::CycleGroup; + using Fr = typename G1::Fr; + + auto generators = G1::derive_generators("test generators", 2); + + typename G1::element a = generators[0]; + typename G1::element b = generators[1]; + Fr x = Fr::random_element(); + Fr y = Fr::random_element(); + + typename G1::element expected_1 = (a * x) + a + a + (b * y) + (b * x) + (b * x); + + // Each loop adds 163 gates. Note: builder.get_num_gates() is very expensive here (bug?) and it's actually painful + // to use a `while` loop + size_t num_iterations = target_num_gates / 163; + for (size_t _ = 0; _ < num_iterations; _++) { + builder.add_accumulate(a); + builder.mul_accumulate(a, x); + builder.mul_accumulate(b, x); + builder.mul_accumulate(b, y); + builder.add_accumulate(a); + builder.mul_accumulate(b, x); + builder.eq_and_reset(expected_1); + } + return builder; +} + +void eccvm_generate_prover(State& state) noexcept +{ + barretenberg::srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); + + size_t target_num_gates = 1 << static_cast(state.range(0)); + for (auto _ : state) { + Builder builder = generate_trace(target_num_gates); + Composer composer; + auto prover = composer.create_prover(builder); + }; +} + +void eccvm_prove(State& state) noexcept +{ + barretenberg::srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); + + size_t target_num_gates = 1 << static_cast(state.range(0)); + Builder builder = generate_trace(target_num_gates); + Composer composer; + auto prover = composer.create_prover(builder); + for (auto _ : state) { + auto proof = prover.construct_proof(); + }; +} + +BENCHMARK(eccvm_generate_prover)->Unit(kMillisecond)->DenseRange(10, 20); +BENCHMARK(eccvm_prove)->Unit(kMillisecond)->DenseRange(10, 20); +} // namespace \ No newline at end of file From 680e45e465ab3b05fcc90cf9010b672c7dcbc176 Mon Sep 17 00:00:00 2001 From: ledwards2225 <98505400+ledwards2225@users.noreply.github.com> Date: Wed, 20 Dec 2023 07:49:02 -0700 Subject: [PATCH 09/20] remove unneeded include --- .../src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp | 1 - 1 file changed, 1 deletion(-) diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp index ebb5ade5e71..0339e7fff1d 100644 --- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp +++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp @@ -3,7 +3,6 @@ #include "barretenberg/common/ref_vector.hpp" #include "barretenberg/common/zip_view.hpp" #include "barretenberg/polynomials/polynomial.hpp" -#include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" #include "barretenberg/transcript/transcript.hpp" namespace proof_system::honk::pcs::zeromorph { From 67735107bb3e2298d0fdfe43bba3e709d71ead12 Mon Sep 17 00:00:00 2001 From: codygunton Date: Wed, 3 Jan 2024 20:32:51 +0000 Subject: [PATCH 10/20] Constraint biggroup re Goblin --- .../stdlib/primitives/biggroup/biggroup.hpp | 45 ++++--- .../primitives/biggroup/biggroup.test.cpp | 11 +- .../primitives/biggroup/biggroup_bn254.hpp | 2 + .../primitives/biggroup/biggroup_impl.hpp | 125 +++++++++++------- .../circuit_builders/circuit_builders.hpp | 3 + 5 files changed, 115 insertions(+), 71 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp index ee2a04f956a..f413ce25523 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp @@ -2,18 +2,21 @@ #include "../bigfield/bigfield.hpp" #include "../byte_array/byte_array.hpp" -#include "../field/field.hpp" -#include "barretenberg/ecc/curves/bn254/g1.hpp" - #include "../circuit_builders/circuit_builders_fwd.hpp" +#include "../field/field.hpp" #include "../memory/rom_table.hpp" #include "../memory/twin_rom_table.hpp" #include "barretenberg/ecc/curves/bn254/g1.hpp" #include "barretenberg/ecc/curves/secp256k1/secp256k1.hpp" #include "barretenberg/ecc/curves/secp256r1/secp256r1.hpp" -namespace proof_system::plonk { -namespace stdlib { +// TODO(https://github.com/AztecProtocol/barretenberg/issues/707) If using a a circuit builder with Goblin, which is +// designed to have efficient barretenberg::g1 operations, a developer might accidentally write inefficient circuits +// using biggroup functions that do not use the OpQueue. We use this concept to prevent compilation of such functions. +template +concept IsNotGoblinInefficiencyTrap = !(IsGoblinBuilder && std::same_as); + +namespace proof_system::plonk::stdlib { // ( ͡° ͜ʖ ͡°) template class element { @@ -154,14 +157,22 @@ template class element { * We can chain repeated point additions together, where we only require 2 non-native field multiplications per * point addition, instead of 3 **/ - static chain_add_accumulator chain_add_start(const element& p1, const element& p2); - static chain_add_accumulator chain_add(const element& p1, const chain_add_accumulator& accumulator); - static element chain_add_end(const chain_add_accumulator& accumulator); - - element montgomery_ladder(const element& other) const; - element montgomery_ladder(const chain_add_accumulator& accumulator); - element multiple_montgomery_ladder(const std::vector& to_add) const; - element quadruple_and_add(const std::vector& to_add) const; + static chain_add_accumulator chain_add_start(const element& p1, const element& p2) + requires(IsNotGoblinInefficiencyTrap); + static chain_add_accumulator chain_add(const element& p1, const chain_add_accumulator& accumulator) + requires(IsNotGoblinInefficiencyTrap); + static element chain_add_end(const chain_add_accumulator& accumulator) + requires(IsNotGoblinInefficiencyTrap); + + element montgomery_ladder(const element& other) const + requires(IsNotGoblinInefficiencyTrap); + element montgomery_ladder(const chain_add_accumulator& accumulator) + requires(IsNotGoblinInefficiencyTrap); + element multiple_montgomery_ladder(const std::vector& to_add) const + requires(IsNotGoblinInefficiencyTrap); + + element quadruple_and_add(const std::vector& to_add) const + requires(IsNotGoblinInefficiencyTrap); typename NativeGroup::affine_element get_value() const { @@ -179,6 +190,9 @@ template class element { static element batch_mul(const std::vector& points, const std::vector& scalars, const size_t max_num_bits = 0); + + // TODO(https://github.com/AztecProtocol/barretenberg/issues/707) max_num_bits is unused; could implement and use + // this to optimize other operations. static element goblin_batch_mul(const std::vector& points, const std::vector& scalars, const size_t max_num_bits = 0); @@ -196,6 +210,7 @@ template class element { // i.e. for the bn254 curve, the template param is `typename = void` // for any other curve, there is no template param template ::value>> + requires(IsNotGoblinBuilder) // TODO(https://github.com/AztecProtocol/barretenberg/issues/707) static element bn254_endo_batch_mul(const std::vector& big_points, const std::vector& big_scalars, const std::vector& small_points, @@ -203,6 +218,7 @@ template class element { const size_t max_num_small_bits); template ::value>> + requires(IsNotGoblinBuilder) // TODO(https://github.com/AztecProtocol/barretenberg/issues/707) static element bn254_endo_batch_mul_with_generator(const std::vector& big_points, const std::vector& big_scalars, const std::vector& small_points, @@ -889,8 +905,7 @@ inline std::ostream& operator<<(std::ostream& os, element const& v { return os << "{ " << v.x << " , " << v.y << " }"; } -} // namespace stdlib -} // namespace proof_system::plonk +} // namespace proof_system::plonk::stdlib #include "biggroup_batch_mul.hpp" #include "biggroup_bn254.hpp" diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp index 3e02c3cb6b0..c904755d51a 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp @@ -1,19 +1,14 @@ -#include "barretenberg/common/test.hpp" -#include - -#include "../bigfield/bigfield.hpp" #include "../biggroup/biggroup.hpp" +#include "../bigfield/bigfield.hpp" #include "../bool/bool.hpp" #include "../field/field.hpp" +#include "barretenberg/common/test.hpp" +#include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" - #include "barretenberg/stdlib/primitives/curves/bn254.hpp" #include "barretenberg/stdlib/primitives/curves/secp256k1.hpp" #include "barretenberg/stdlib/primitives/curves/secp256r1.hpp" -#include "barretenberg/numeric/random/engine.hpp" -#include - namespace test_stdlib_biggroup { namespace { auto& engine = numeric::random::get_debug_engine(); diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_bn254.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_bn254.hpp index 1384bc2813c..4f4c655e079 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_bn254.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_bn254.hpp @@ -22,6 +22,7 @@ namespace stdlib { **/ template template + requires(IsNotGoblinBuilder) element element::bn254_endo_batch_mul_with_generator( const std::vector& big_points, const std::vector& big_scalars, @@ -216,6 +217,7 @@ element element::bn254_endo_batch_mul_with_generator **/ template template + requires(IsNotGoblinBuilder) element element::bn254_endo_batch_mul(const std::vector& big_points, const std::vector& big_scalars, const std::vector& small_points, diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_impl.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_impl.hpp index a6503bf1285..aa4209fa486 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_impl.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_impl.hpp @@ -1,18 +1,11 @@ #pragma once -#include "barretenberg/numeric/uint256/uint256.hpp" -#include "barretenberg/numeric/uintx/uintx.hpp" -#include - -#include "../circuit_builders/circuit_builders.hpp" - #include "../bit_array/bit_array.hpp" -// #include "../field/field.hpp" +#include "../circuit_builders/circuit_builders.hpp" using namespace barretenberg; -namespace proof_system::plonk { -namespace stdlib { +namespace proof_system::plonk::stdlib { template element::element() @@ -63,6 +56,14 @@ element& element::operator=(element&& other) template element element::operator+(const element& other) const { + if constexpr (IsGoblinBuilder && std::same_as) { + // TODO(https://github.com/AztecProtocol/barretenberg/issues/707) Optimize + // Current gate count: 6398 + std::vector points{ *this, other }; + std::vector scalars{ 1, 1 }; + return goblin_batch_mul(points, scalars); + } + other.x.assert_is_not_equal(x); const Fq lambda = Fq::div_without_denominator_check({ other.y, -y }, (other.x - x)); const Fq x3 = lambda.sqradd({ -other.x, -x }); @@ -73,6 +74,13 @@ element element::operator+(const element& other) con template element element::operator-(const element& other) const { + if constexpr (IsGoblinBuilder && std::same_as) { + // TODO(https://github.com/AztecProtocol/barretenberg/issues/707) Optimize + std::vector points{ *this, other }; + std::vector scalars{ 1, -Fr(1) }; + return goblin_batch_mul(points, scalars); + } + other.x.assert_is_not_equal(x); const Fq lambda = Fq::div_without_denominator_check({ other.y, y }, (other.x - x)); const Fq x_3 = lambda.sqradd({ -other.x, -x }); @@ -95,9 +103,14 @@ element element::operator-(const element& other) con * @param other * @return std::array, 2> */ +// TODO(https://github.com/AztecProtocol/barretenberg/issues/657): This function is untested template std::array, 2> element::add_sub(const element& other) const { + if constexpr (IsGoblinBuilder && std::same_as) { + return { *this + other, *this - other }; + } + other.x.assert_is_not_equal(x); const Fq denominator = other.x - x; @@ -115,6 +128,7 @@ std::array, 2> element::add_sub(const elemen template element element::dbl() const { + Fq two_x = x + x; if constexpr (G::has_a) { Fq a(get_context(), uint256_t(G::curve_a)); @@ -150,6 +164,7 @@ template element element template typename element::chain_add_accumulator element::chain_add_start(const element& p1, const element& p2) + requires(IsNotGoblinInefficiencyTrap) { chain_add_accumulator output; output.x1_prev = p1.x; @@ -167,6 +182,7 @@ typename element::chain_add_accumulator element::cha template typename element::chain_add_accumulator element::chain_add(const element& p1, const chain_add_accumulator& acc) + requires(IsNotGoblinInefficiencyTrap) { // use `chain_add_start` to start an addition chain (i.e. if acc has a y-coordinate) if (acc.is_element) { @@ -210,6 +226,7 @@ typename element::chain_add_accumulator element::cha **/ template element element::chain_add_end(const chain_add_accumulator& acc) + requires(IsNotGoblinInefficiencyTrap) { if (acc.is_element) { return element(acc.x3_prev, acc.y3_prev); @@ -263,6 +280,7 @@ element element::chain_add_end(const chain_add_accum **/ template element element::montgomery_ladder(const element& other) const + requires(IsNotGoblinInefficiencyTrap) { other.x.assert_is_not_equal(x); const Fq lambda_1 = Fq::div_without_denominator_check({ other.y - y }, (other.x - x)); @@ -299,6 +317,7 @@ element element::montgomery_ladder(const element& ot **/ template element element::montgomery_ladder(const chain_add_accumulator& to_add) + requires(IsNotGoblinInefficiencyTrap) { if (to_add.is_element) { throw_or_abort("An accumulator expected"); @@ -342,6 +361,7 @@ element element::montgomery_ladder(const chain_add_a */ template element element::quadruple_and_add(const std::vector& to_add) const + requires(IsNotGoblinInefficiencyTrap) { const Fq two_x = x + x; Fq x_1; @@ -437,6 +457,7 @@ element element::quadruple_and_add(const std::vector template element element::multiple_montgomery_ladder( const std::vector& add) const + requires(IsNotGoblinInefficiencyTrap) { struct composite_y { std::vector mul_left; @@ -603,48 +624,50 @@ element element::batch_mul(const std::vector && std::same_as) { return goblin_batch_mul(points, scalars); - } + } else { - const size_t num_points = points.size(); - ASSERT(scalars.size() == num_points); - batch_lookup_table point_table(points); - const size_t num_rounds = (max_num_bits == 0) ? Fr::modulus.get_msb() + 1 : max_num_bits; + const size_t num_points = points.size(); + ASSERT(scalars.size() == num_points); + batch_lookup_table point_table(points); + const size_t num_rounds = (max_num_bits == 0) ? Fr::modulus.get_msb() + 1 : max_num_bits; - std::vector>> naf_entries; - for (size_t i = 0; i < num_points; ++i) { - naf_entries.emplace_back(compute_naf(scalars[i], max_num_bits)); - } - const auto offset_generators = compute_offset_generators(num_rounds); - element accumulator = - element::chain_add_end(element::chain_add(offset_generators.first, point_table.get_chain_initial_entry())); - - constexpr size_t num_rounds_per_iteration = 4; - size_t num_iterations = num_rounds / num_rounds_per_iteration; - num_iterations += ((num_iterations * num_rounds_per_iteration) == num_rounds) ? 0 : 1; - const size_t num_rounds_per_final_iteration = (num_rounds - 1) - ((num_iterations - 1) * num_rounds_per_iteration); - for (size_t i = 0; i < num_iterations; ++i) { - - std::vector> nafs(num_points); - std::vector to_add; - const size_t inner_num_rounds = - (i != num_iterations - 1) ? num_rounds_per_iteration : num_rounds_per_final_iteration; - for (size_t j = 0; j < inner_num_rounds; ++j) { - for (size_t k = 0; k < num_points; ++k) { - nafs[k] = (naf_entries[k][i * num_rounds_per_iteration + j + 1]); + std::vector>> naf_entries; + for (size_t i = 0; i < num_points; ++i) { + naf_entries.emplace_back(compute_naf(scalars[i], max_num_bits)); + } + const auto offset_generators = compute_offset_generators(num_rounds); + element accumulator = + element::chain_add_end(element::chain_add(offset_generators.first, point_table.get_chain_initial_entry())); + + constexpr size_t num_rounds_per_iteration = 4; + size_t num_iterations = num_rounds / num_rounds_per_iteration; + num_iterations += ((num_iterations * num_rounds_per_iteration) == num_rounds) ? 0 : 1; + const size_t num_rounds_per_final_iteration = + (num_rounds - 1) - ((num_iterations - 1) * num_rounds_per_iteration); + for (size_t i = 0; i < num_iterations; ++i) { + + std::vector> nafs(num_points); + std::vector to_add; + const size_t inner_num_rounds = + (i != num_iterations - 1) ? num_rounds_per_iteration : num_rounds_per_final_iteration; + for (size_t j = 0; j < inner_num_rounds; ++j) { + for (size_t k = 0; k < num_points; ++k) { + nafs[k] = (naf_entries[k][i * num_rounds_per_iteration + j + 1]); + } + to_add.emplace_back(point_table.get_chain_add_accumulator(nafs)); } - to_add.emplace_back(point_table.get_chain_add_accumulator(nafs)); + accumulator = accumulator.multiple_montgomery_ladder(to_add); } - accumulator = accumulator.multiple_montgomery_ladder(to_add); - } - for (size_t i = 0; i < num_points; ++i) { - element skew = accumulator - points[i]; - Fq out_x = accumulator.x.conditional_select(skew.x, naf_entries[i][num_rounds]); - Fq out_y = accumulator.y.conditional_select(skew.y, naf_entries[i][num_rounds]); - accumulator = element(out_x, out_y); - } - accumulator = accumulator - offset_generators.second; + for (size_t i = 0; i < num_points; ++i) { + element skew = accumulator - points[i]; + Fq out_x = accumulator.x.conditional_select(skew.x, naf_entries[i][num_rounds]); + Fq out_y = accumulator.y.conditional_select(skew.y, naf_entries[i][num_rounds]); + accumulator = element(out_x, out_y); + } + accumulator = accumulator - offset_generators.second; - return accumulator; + return accumulator; + } } /** @@ -678,6 +701,13 @@ element element::operator*(const Fr& scalar) const * specifics. * **/ + + if constexpr (IsGoblinBuilder && std::same_as) { + std::vector points{ *this }; + std::vector scalars{ scalar }; + return goblin_batch_mul(points, scalars); + } + constexpr uint64_t num_rounds = Fr::modulus.get_msb() + 1; std::vector> naf_entries = compute_naf(scalar); @@ -700,5 +730,4 @@ element element::operator*(const Fr& scalar) const return element(out_x, out_y) - element(offset_generators.second); } -} // namespace stdlib -} // namespace proof_system::plonk +} // namespace proof_system::plonk::stdlib diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp index d748baa72a8..045e1445d57 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp @@ -13,6 +13,9 @@ concept HasPlookup = template concept IsGoblinBuilder = proof_system::IsAnyOf; +template +concept IsNotGoblinBuilder = ! +IsGoblinBuilder; #define INSTANTIATE_STDLIB_METHOD(stdlib_method) \ template stdlib_method(proof_system::StandardCircuitBuilder); \ From f570cc9dae81e81467d9a9ad1a562c515c48aab7 Mon Sep 17 00:00:00 2001 From: codygunton Date: Wed, 3 Jan 2024 20:59:02 +0000 Subject: [PATCH 11/20] Fix compilation --- .../cpp/src/barretenberg/dsl/acir_proofs/acir_composer.cpp | 3 ++- barretenberg/cpp/src/barretenberg/goblin/goblin.hpp | 1 - 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/acir_composer.cpp b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/acir_composer.cpp index 2901784eefe..b8528e20637 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/acir_composer.cpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/acir_composer.cpp @@ -4,6 +4,7 @@ #include "barretenberg/dsl/acir_format/acir_format.hpp" #include "barretenberg/dsl/acir_format/recursion_constraint.hpp" #include "barretenberg/dsl/types.hpp" +#include "barretenberg/goblin/mock_circuits.hpp" #include "barretenberg/plonk/proof_system/proving_key/proving_key.hpp" #include "barretenberg/plonk/proof_system/proving_key/serialize.hpp" #include "barretenberg/plonk/proof_system/verification_key/sol_gen.hpp" @@ -92,7 +93,7 @@ void AcirComposer::create_goblin_circuit(acir_format::acir_format& constraint_sy acir_format::apply_wire_index_offset(goblin_builder_); // Add some arbitrary op gates to ensure the associated polynomials are non-zero - GoblinTestingUtils::construct_goblin_ecc_op_circuit(goblin_builder_); + GoblinMockCircuits::construct_goblin_ecc_op_circuit(goblin_builder_); } std::vector AcirComposer::create_goblin_proof() diff --git a/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp b/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp index ed60b847409..e718537cec4 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp +++ b/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp @@ -1,7 +1,6 @@ #pragma once #include "barretenberg/eccvm/eccvm_composer.hpp" -#include "barretenberg/goblin/mock_circuits.hpp" #include "barretenberg/proof_system/circuit_builder/eccvm/eccvm_circuit_builder.hpp" #include "barretenberg/proof_system/circuit_builder/goblin_translator_circuit_builder.hpp" #include "barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp" From 930543860e4ed0dbced9905de31ee910a1aa0666 Mon Sep 17 00:00:00 2001 From: codygunton Date: Wed, 3 Jan 2024 21:02:42 +0000 Subject: [PATCH 12/20] Remove log --- barretenberg/cpp/goblin_benchs | 210 --------------------------------- 1 file changed, 210 deletions(-) delete mode 100644 barretenberg/cpp/goblin_benchs diff --git a/barretenberg/cpp/goblin_benchs b/barretenberg/cpp/goblin_benchs deleted file mode 100644 index eb4ac7fae49..00000000000 --- a/barretenberg/cpp/goblin_benchs +++ /dev/null @@ -1,210 +0,0 @@ -% taskset -c 0-15 ./bin/goblin_bench --benchmark_filter=full 31s ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe -2023-12-16T04:39:50+00:00 -Running ./bin/goblin_bench -Run on (128 X 1770 MHz CPU s) -CPU Caches: - L1 Data 32 KiB (x64) - L1 Instruction 32 KiB (x64) - L2 Unified 512 KiB (x64) - L3 Unified 32768 KiB (x8) -Load Average: 4.59, 2.66, 2.28 --------------------------------------------------------- -Benchmark Time CPU Iterations --------------------------------------------------------- -goblin_full/0 6630 ms 5653 ms 1 -goblin_full/1 12547 ms 11201 ms 1 -goblin_full/2 25051 ms 22983 ms 1 -goblin_full/3 51488 ms 47478 ms 1 -goblin_full/4 106254 ms 99088 ms 1 -goblin_full/5 220602 ms 206708 ms 1 -goblin_full/6 459707 ms 431571 ms 1 -goblin_full/7 958580 ms 902146 ms 1 - -% taskset -c 0-15 ./bin/goblin_bench --benchmark_filter=eccvm_prove 29m 36s ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe -2023-12-18T03:36:49+00:00 -Running ./bin/goblin_bench -Run on (128 X 1990.79 MHz CPU s) -CPU Caches: - L1 Data 32 KiB (x64) - L1 Instruction 32 KiB (x64) - L2 Unified 512 KiB (x64) - L3 Unified 32768 KiB (x8) -Load Average: 2.06, 2.48, 3.50 ---------------------------------------------------------------- -Benchmark Time CPU Iterations ---------------------------------------------------------------- -goblin_eccvm_prove/0 4956 ms 4775 ms 1 -goblin_eccvm_prove/1 10098 ms 9713 ms 1 -goblin_eccvm_prove/2 20815 ms 20262 ms 1 -goblin_eccvm_prove/3 43392 ms 42473 ms 1 -goblin_eccvm_prove/4 90599 ms 89088 ms 1 -goblin_eccvm_prove/5 189833 ms 187159 ms 1 -goblin_eccvm_prove/6 396758 ms 391906 ms 1 -goblin_eccvm_prove/7 830932 ms 821706 ms 1 - -% ./bin/goblin_bench --benchmark_filter=translator_prove ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe -2023-12-18T02:59:46+00:00 -Running ./bin/goblin_bench -Run on (128 X 1500.45 MHz CPU s) -CPU Caches: - L1 Data 32 KiB (x64) - L1 Instruction 32 KiB (x64) - L2 Unified 512 KiB (x64) - L3 Unified 32768 KiB (x8) -Load Average: 4.78, 3.96, 3.75 --------------------------------------------------------------------- -Benchmark Time CPU Iterations --------------------------------------------------------------------- -goblin_translator_prove/0 688 ms 541 ms 1 -goblin_translator_prove/1 635 ms 516 ms 1 -goblin_translator_prove/2 684 ms 553 ms 1 -goblin_translator_prove/3 913 ms 754 ms 1 -goblin_translator_prove/4 1383 ms 1085 ms 1 -goblin_translator_prove/5 2384 ms 1865 ms 1 -goblin_translator_prove/6 4550 ms 3224 ms 1 -goblin_translator_prove/7 8890 ms 6262 ms 1 - -% taskset -c 0-15 ./bin/goblin_bench --benchmark_filter=full 31s ~/aztec-packages/barretenberg/cpp/build ad/feat/goblin-bench + mainframe -2023-12-16T04:39:50+00:00 -Running ./bin/goblin_bench -Run on (128 X 1770 MHz CPU s) -CPU Caches: - L1 Data 32 KiB (x64) - L1 Instruction 32 KiB (x64) - L2 Unified 512 KiB (x64) - L3 Unified 32768 KiB (x8) -Load Average: 4.59, 2.66, 2.28 --------------------------------------------------------- -Benchmark Time CPU Iterations --------------------------------------------------------- -raw ops in queue: 168 -ultra ops in queue: 336 -ECCVM num_gates: 2919 -ECCVM subgroup size: 4096 -Translator num gates: 337 -Translator circuit size: 32768 -goblin_full/0 6630 ms 5653 ms 1 -raw ops in queue: 363 -ultra ops in queue: 726 -ECCVM num_gates: 6240 -ECCVM subgroup size: 8192 -Translator num gates: 727 -Translator circuit size: 32768 -goblin_full/1 12547 ms 11201 ms 1 -raw ops in queue: 753 -ultra ops in queue: 1506 -ECCVM num_gates: 12882 -ECCVM subgroup size: 16384 -Translator num gates: 1507 -Translator circuit size: 32768 -goblin_full/2 25051 ms 22983 ms 1 -raw ops in queue: 1533 -ultra ops in queue: 3066 -ECCVM num_gates: 26166 -ECCVM subgroup size: 32768 -Translator num gates: 3067 -Translator circuit size: 65536 -sumcheck failed -goblin_full/3 51488 ms 47478 ms 1 -raw ops in queue: 3093 -ultra ops in queue: 6186 -ECCVM num_gates: 52734 -ECCVM subgroup size: 65536 -Translator num gates: 6187 -Translator circuit size: 131072 -sumcheck failed -goblin_full/4 106254 ms 99088 ms 1 -raw ops in queue: 6213 -ultra ops in queue: 12426 -ECCVM num_gates: 105870 -ECCVM subgroup size: 131072 -Translator num gates: 12427 -Translator circuit size: 262144 -sumcheck failed -goblin_full/5 220602 ms 206708 ms 1 -raw ops in queue: 12453 -ultra ops in queue: 24906 -ECCVM num_gates: 212142 -ECCVM subgroup size: 262144 -Translator num gates: 24907 -Translator circuit size: 524288 -sumcheck failed -goblin_full/6 459707 ms 431571 ms 1 -raw ops in queue: 24933 -ultra ops in queue: 49866 -ECCVM num_gates: 424686 -ECCVM subgroup size: 524288 -Translator num gates: 49867 -Translator circuit size: 1048576 -sumcheck failed -goblin_full/7 958580 ms 902146 ms 1 - - - - - - - - - - - - - - - - - - - - - - --------------------------------------------------------- -Benchmark Time CPU Iterations --------------------------------------------------------- -goblin_full/0 6630 ms 5653 ms 1 -goblin_full/1 12547 ms 11201 ms 1 -goblin_full/2 25051 ms 22983 ms 1 -goblin_full/3 51488 ms 47478 ms 1 -goblin_full/4 106254 ms 99088 ms 1 -goblin_full/5 220602 ms 206708 ms 1 -goblin_full/6 459707 ms 431571 ms 1 -goblin_full/7 958580 ms 902146 ms 1 - --------------------------------------------------------------- -Benchmark Time CPU Iterations --------------------------------------------------------------- -goblin_accumulate/0 829 ms 518 ms 2 -goblin_accumulate/1 1693 ms 1048 ms 1 -goblin_accumulate/2 3470 ms 2281 ms 1 -goblin_accumulate/3 6968 ms 4625 ms 1 -goblin_accumulate/4 14035 ms 9312 ms 1 -goblin_accumulate/5 28191 ms 18620 ms 1 -goblin_accumulate/6 57001 ms 37471 ms 1 -goblin_accumulate/7 115491 ms 75549 ms 1 - ---------------------------------------------------------------- -Benchmark Time CPU Iterations ---------------------------------------------------------------- -goblin_eccvm_prove/0 4956 ms 4775 ms 1 -goblin_eccvm_prove/1 10098 ms 9713 ms 1 -goblin_eccvm_prove/2 20815 ms 20262 ms 1 -goblin_eccvm_prove/3 43392 ms 42473 ms 1 -goblin_eccvm_prove/4 90599 ms 89088 ms 1 -goblin_eccvm_prove/5 189833 ms 187159 ms 1 -goblin_eccvm_prove/6 396758 ms 391906 ms 1 -goblin_eccvm_prove/7 830932 ms 821706 ms 1 - --------------------------------------------------------------------- -Benchmark Time CPU Iterations --------------------------------------------------------------------- -goblin_translator_prove/0 688 ms 541 ms 1 -goblin_translator_prove/1 635 ms 516 ms 1 -goblin_translator_prove/2 684 ms 553 ms 1 -goblin_translator_prove/3 913 ms 754 ms 1 -goblin_translator_prove/4 1383 ms 1085 ms 1 -goblin_translator_prove/5 2384 ms 1865 ms 1 -goblin_translator_prove/6 4550 ms 3224 ms 1 -goblin_translator_prove/7 8890 ms 6262 ms 1 - From 67237084c652e87883b5af03320d094fc15429ae Mon Sep 17 00:00:00 2001 From: codygunton Date: Wed, 3 Jan 2024 21:04:51 +0000 Subject: [PATCH 13/20] Revert script --- barretenberg/cpp/scripts/collect_profile_information.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/barretenberg/cpp/scripts/collect_profile_information.sh b/barretenberg/cpp/scripts/collect_profile_information.sh index 2892cbc9fff..ebc0249392e 100755 --- a/barretenberg/cpp/scripts/collect_profile_information.sh +++ b/barretenberg/cpp/scripts/collect_profile_information.sh @@ -6,7 +6,7 @@ PRESET=${1:-xray} # pass "" to run and 1 to reuse old results ONLY_PROCESS=${2:-} # pass the executable name from build/bin -EXECUTABLE=${3:-goblin_bench} +EXECUTABLE=${3:-ultra_honk_rounds_bench} # by default run the executable, but we can provide an alt command e.g. use taskset and benchmark flags COMMAND=${4:-./bin/$EXECUTABLE} @@ -42,12 +42,11 @@ function shorten_cpp_names() { ' } - # | shorten_cpp_names \ - # Process benchmark file. llvm-xray-16 stack xray-log.$EXECUTABLE.* \ --instr_map=./bin/$EXECUTABLE --stack-format=flame --aggregate-threads --aggregation-type=time --all-stacks \ | node ../scripts/llvm_xray_stack_flame_corrector.js \ + | shorten_cpp_names \ | ../scripts/flamegraph.pl --width 1200 --fontsize 10 \ > xray.svg echo "Profiling complete, now you can do e.g. 'scp mainframe:`readlink -f xray.svg` .' on a local terminal and open the SVG in a browser." From 7fb23615fcde55ea064aacde36ddd3e2d39ba3f1 Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 4 Jan 2024 15:28:30 +0000 Subject: [PATCH 14/20] Revert script --- barretenberg/cpp/scripts/collect_heap_information.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/barretenberg/cpp/scripts/collect_heap_information.sh b/barretenberg/cpp/scripts/collect_heap_information.sh index 5d31fff5c8f..a1b6bee078e 100755 --- a/barretenberg/cpp/scripts/collect_heap_information.sh +++ b/barretenberg/cpp/scripts/collect_heap_information.sh @@ -3,7 +3,7 @@ set -eu PRESET=gperftools ONLY_PROCESS=${1:-} -EXECUTABLE=${2:-goblin_bench} +EXECUTABLE=${2:-ultra_honk_rounds_bench} # Move above script dir. cd $(dirname $0)/.. From 2ebb23bc40a65042dc9581f87490df687dfcea0d Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 4 Jan 2024 15:29:19 +0000 Subject: [PATCH 15/20] Revert ZM --- .../zeromorph/zeromorph.hpp | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp index 23378a16793..0339e7fff1d 100644 --- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp +++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp @@ -679,18 +679,17 @@ template class ZeroMorphVerifier_ { auto [x_challenge, z_challenge] = challenges_to_field_elements(transcript->get_challenges("ZM:x", "ZM:z")); // Compute commitment C_{\zeta_x} - // WORKTODO: Make sure only Goblinized operations are available. - [[maybe_unused]] auto C_zeta_x = compute_C_zeta_x(C_q, C_q_k, y_challenge, x_challenge); + auto C_zeta_x = compute_C_zeta_x(C_q, C_q_k, y_challenge, x_challenge); // Compute commitment C_{Z_x} - [[maybe_unused]] Commitment C_Z_x = compute_C_Z_x(unshifted_commitments, - to_be_shifted_commitments, - C_q_k, - rho, - batched_evaluation, - x_challenge, - multivariate_challenge, - concatenation_group_commitments); + Commitment C_Z_x = compute_C_Z_x(unshifted_commitments, + to_be_shifted_commitments, + C_q_k, + rho, + batched_evaluation, + x_challenge, + multivariate_challenge, + concatenation_group_commitments); // Compute commitment C_{\zeta,Z} Commitment C_zeta_Z; From 66e2481906dd875e1faeb4266854c989ffb9b3ed Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 4 Jan 2024 15:47:18 +0000 Subject: [PATCH 16/20] cleanup --- barretenberg/cpp/src/barretenberg/srs/io.hpp | 2 +- .../stdlib/recursion/honk/verifier/goblin_verifier.test.cpp | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/srs/io.hpp b/barretenberg/cpp/src/barretenberg/srs/io.hpp index fcc63cc6a68..7dff29f349e 100644 --- a/barretenberg/cpp/src/barretenberg/srs/io.hpp +++ b/barretenberg/cpp/src/barretenberg/srs/io.hpp @@ -317,7 +317,7 @@ template class IO { ". Is your srs large enough? Either run bootstrap.sh to download the transcript.dat " "files to `srs_db/ignition/`, or you might need to download extra transcript.dat files " "by editing `srs_db/download_ignition.sh` or in the case of grumpkin points, use " - "grumpkin_srs_gen (but be careful, as this suggests you've " + " `grumpkin_srs_gen` (but be careful, as this suggests you've " "just changed a circuit to exceed a new 'power of two' boundary).")); } } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp index f121deeb7db..ef0c98e5aea 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp @@ -255,7 +255,6 @@ template class GoblinRecursiveVerifierTest : public testi }; // Run the recursive verifier tests with conventional Ultra builder and Goblin builder -// TODO(AD) de-templatize using BuilderTypes = testing::Types; TYPED_TEST_SUITE(GoblinRecursiveVerifierTest, BuilderTypes); From 597769145ed448b45b9fbc6f31dbb4e81000de9b Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 4 Jan 2024 15:47:57 +0000 Subject: [PATCH 17/20] Revert circuits From 37166c4235b8b29efa24315492dc65e6265fe15a Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 4 Jan 2024 15:49:34 +0000 Subject: [PATCH 18/20] Revert circuits From 5d3ffc89edebf51491bcb7d406dde5c42d9da0c3 Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 4 Jan 2024 15:54:18 +0000 Subject: [PATCH 19/20] Revert circuits --- .../abis/private_circuit_public_inputs.hpp | 8 ++++---- circuits/cpp/src/aztec3/constants.hpp | 16 +++++++++------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/circuits/cpp/src/aztec3/circuits/abis/private_circuit_public_inputs.hpp b/circuits/cpp/src/aztec3/circuits/abis/private_circuit_public_inputs.hpp index 8ba64767668..c10e84c6d17 100644 --- a/circuits/cpp/src/aztec3/circuits/abis/private_circuit_public_inputs.hpp +++ b/circuits/cpp/src/aztec3/circuits/abis/private_circuit_public_inputs.hpp @@ -76,10 +76,10 @@ template class PrivateCircuitPublicInputs { { return call_context == other.call_context && args_hash == other.args_hash && return_values == other.return_values && read_requests == other.read_requests && - new_commitments == other.new_commitments && new_nullifiers == other.new_nullifiers && - nullified_commitments == other.nullified_commitments && private_call_stack == other.private_call_stack && - public_call_stack == other.public_call_stack && new_l2_to_l1_msgs == other.new_l2_to_l1_msgs && - encrypted_logs_hash == other.encrypted_logs_hash && + new_commitments == other.new_commitments && + new_nullifiers == other.new_nullifiers && nullified_commitments == other.nullified_commitments && + private_call_stack == other.private_call_stack && public_call_stack == other.public_call_stack && + new_l2_to_l1_msgs == other.new_l2_to_l1_msgs && encrypted_logs_hash == other.encrypted_logs_hash && unencrypted_logs_hash == other.unencrypted_logs_hash && encrypted_log_preimages_length == other.encrypted_log_preimages_length && unencrypted_log_preimages_length == other.unencrypted_log_preimages_length && diff --git a/circuits/cpp/src/aztec3/constants.hpp b/circuits/cpp/src/aztec3/constants.hpp index e0395aefe28..d2c444ac1b3 100644 --- a/circuits/cpp/src/aztec3/constants.hpp +++ b/circuits/cpp/src/aztec3/constants.hpp @@ -321,16 +321,18 @@ constexpr size_t CONTRACT_DEPLOYMENT_DATA_LENGTH = 6; // should change this constant as well as the offsets in private_call_stack_item.nr constexpr size_t PRIVATE_CIRCUIT_PUBLIC_INPUTS_LENGTH = CALL_CONTEXT_LENGTH + 1 // +1 for args_hash - + RETURN_VALUES_LENGTH + MAX_READ_REQUESTS_PER_CALL + MAX_NEW_COMMITMENTS_PER_CALL + - 2 * MAX_NEW_NULLIFIERS_PER_CALL + MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL + MAX_PUBLIC_CALL_STACK_LENGTH_PER_CALL + - MAX_NEW_L2_TO_L1_MSGS_PER_CALL + NUM_FIELDS_PER_SHA256 + NUM_FIELDS_PER_SHA256 + 2 // + 2 for logs preimage lengths - + BLOCK_HEADER_LENGTH + CONTRACT_DEPLOYMENT_DATA_LENGTH + 2; // + 2 for chain_id and version + + RETURN_VALUES_LENGTH + MAX_READ_REQUESTS_PER_CALL + + MAX_NEW_COMMITMENTS_PER_CALL + 2 * MAX_NEW_NULLIFIERS_PER_CALL + MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL + + MAX_PUBLIC_CALL_STACK_LENGTH_PER_CALL + MAX_NEW_L2_TO_L1_MSGS_PER_CALL + NUM_FIELDS_PER_SHA256 + + NUM_FIELDS_PER_SHA256 + 2 // + 2 for logs preimage lengths + + BLOCK_HEADER_LENGTH + CONTRACT_DEPLOYMENT_DATA_LENGTH + 2; // + 2 for chain_id and version constexpr size_t PRIVATE_CIRCUIT_PUBLIC_INPUTS_HASH_INPUT_LENGTH = 1 + 1 // call_context_hash + args_hash - + RETURN_VALUES_LENGTH + MAX_READ_REQUESTS_PER_CALL + MAX_NEW_COMMITMENTS_PER_CALL + - 2 * MAX_NEW_NULLIFIERS_PER_CALL + MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL + MAX_PUBLIC_CALL_STACK_LENGTH_PER_CALL + - MAX_NEW_L2_TO_L1_MSGS_PER_CALL + NUM_FIELDS_PER_SHA256 + NUM_FIELDS_PER_SHA256 + 2 // + 2 for logs preimage lengths + + RETURN_VALUES_LENGTH + MAX_READ_REQUESTS_PER_CALL + + MAX_NEW_COMMITMENTS_PER_CALL + 2 * MAX_NEW_NULLIFIERS_PER_CALL + MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL + + MAX_PUBLIC_CALL_STACK_LENGTH_PER_CALL + MAX_NEW_L2_TO_L1_MSGS_PER_CALL + NUM_FIELDS_PER_SHA256 + + NUM_FIELDS_PER_SHA256 + 2 // + 2 for logs preimage lengths + BLOCK_HEADER_LENGTH + 3; // + 3 for contract_deployment_data.hash(), chain_id, version constexpr size_t CONTRACT_STORAGE_UPDATE_REQUEST_LENGTH = 3; From 2258d2663be397cf8f92c5c2553a79b24cbcc4d2 Mon Sep 17 00:00:00 2001 From: codygunton Date: Thu, 4 Jan 2024 19:06:57 +0000 Subject: [PATCH 20/20] Flexible circuit size --- barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp index 563820e5a05..7bc3f7f3e6d 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp +++ b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp @@ -23,10 +23,10 @@ class GoblinMockCircuits { using KernelInput = Goblin::AccumulationOutput; static constexpr size_t NUM_OP_QUEUE_COLUMNS = Flavor::NUM_WIRES; - static void construct_arithmetic_circuit(GoblinUltraBuilder& builder) + static void construct_arithmetic_circuit(GoblinUltraBuilder& builder, size_t num_gates = 1) { // Add some arithmetic gates that utilize public inputs - for (size_t i = 0; i < 10; ++i) { + for (size_t i = 0; i < num_gates; ++i) { FF a = FF::random_element(); FF b = FF::random_element(); FF c = FF::random_element(); @@ -117,7 +117,7 @@ class GoblinMockCircuits { static void construct_mock_kernel_circuit(GoblinUltraBuilder& builder, KernelInput& kernel_input) { // Generic operations e.g. state updates (just arith gates for now) - GoblinMockCircuits::construct_arithmetic_circuit(builder); + GoblinMockCircuits::construct_arithmetic_circuit(builder, /*num_gates=*/1 << 4); // Execute recursive aggregation of previous kernel proof RecursiveVerifier verifier{ &builder, kernel_input.verification_key };