Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ScalarMul in prime field is a heavy operation. #68

Open
supragya opened this issue May 3, 2022 · 1 comment
Open

ScalarMul in prime field is a heavy operation. #68

supragya opened this issue May 3, 2022 · 1 comment

Comments

@supragya
Copy link

supragya commented May 3, 2022

I analyzed the number of constraints each component presented. One that stuck out was ScalarMul. Is it always going to be heavy operation? or are there optimizations to make it simpler and less taxing on the full circuit at the end? If so, are these under active dev?

binadd1.circom:         non-linear constraints: 16
binadd2.circom:         non-linear constraints: 512
binaddirr.circom:       non-linear constraints: 112
binmul1.circom:         non-linear constraints: 15680
binmulfast1.circom:     non-linear constraints: 885
binmulfast51.circom:    non-linear constraints: 32
binmulfast51_1.circom:  non-linear constraints: 32
binmulfast51_2.circom:  non-linear constraints: 14
binmullessthan51.circom: non-linear constraints: 1
binsub1.circom:         non-linear constraints: 804
chunkedadd.circom:      non-linear constraints: 10
chunkedadd1.circom:     non-linear constraints: 10
chunkedmodulus.circom:  non-linear constraints: 651
chunkify1.circom:       non-linear constraints: 0
inversemodulo1.circom: error[T2046]: Typing error found
modinv.circom:          non-linear constraints: 193
modulus0.circom:        non-linear constraints: 1279
modulus1.circom:        non-linear constraints: 0
modulus2.circom:        non-linear constraints: 3170
modulusagainst2p.circom: non-linear constraints: 25
modulusq1.circom:       non-linear constraints: 0
modulusq2.circom:       non-linear constraints: 3641
point-addition51.circom: non-linear constraints: 3419
pointcompress.circom:   non-linear constraints: 866
scalarmul.circom:       non-linear constraints: 1745401
verify.circom:          non-linear constraints: 3600667
@rahulghangas
Copy link

Hi @supragya. thanks for reaching out. Yes, scalarmul is an expensive operation because we had to implement custom big integer arithmetic circuits. There is still room for improvement, but that will happen at some later date since we have other priorities right now. If you're keen to take this up on your end, we will be more than happy to give support in any capacity we can.

Ps - we have already reduced verification constraints by ~30% in #59, which will be merged soon

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rahulghangas @supragya