Fix big proof
This commit is contained in:
parent
fefe0f4220
commit
467e30f727
@ -6100,40 +6100,44 @@ async function groth16Prove(zkeyFileName, witnessFileName, logger) {
|
||||
if (logger) logger.debug("Building ABC");
|
||||
const [buffA_T, buffB_T, buffC_T] = await buldABC1(curve, zkey, buffWitness, buffCoeffs, logger);
|
||||
|
||||
if (logger) logger.debug("Reading A Points");
|
||||
const buffBasesA = await readSection$1(fdZKey, sectionsZKey, 5);
|
||||
if (logger) logger.debug("Reading B1 Points");
|
||||
const buffBasesB1 = await readSection$1(fdZKey, sectionsZKey, 6);
|
||||
if (logger) logger.debug("Reading B2 Points");
|
||||
const buffBasesB2 = await readSection$1(fdZKey, sectionsZKey, 7);
|
||||
if (logger) logger.debug("Reading C Points");
|
||||
const buffBasesC = await readSection$1(fdZKey, sectionsZKey, 8);
|
||||
if (logger) logger.debug("Reading H Points");
|
||||
const buffBasesH = await readSection$1(fdZKey, sectionsZKey, 9);
|
||||
|
||||
const inc = power == Fr.s ? curve.Fr.shift : curve.Fr.w[power+1];
|
||||
|
||||
const buffA = await Fr.ifft(buffA_T, "", "", logger, "FFT_A");
|
||||
const buffA = await Fr.ifft(buffA_T, "", "", logger, "IFFT_A");
|
||||
const buffAodd = await Fr.batchApplyKey(buffA, Fr.e(1), inc);
|
||||
const buffAodd_T = await Fr.fft(buffAodd, "", "", logger, "IFFT_A");
|
||||
const buffAodd_T = await Fr.fft(buffAodd, "", "", logger, "FFT_A");
|
||||
|
||||
const buffB = await Fr.ifft(buffB_T, "", "", logger, "FFT_B");
|
||||
const buffB = await Fr.ifft(buffB_T, "", "", logger, "IFFT_B");
|
||||
const buffBodd = await Fr.batchApplyKey(buffB, Fr.e(1), inc);
|
||||
const buffBodd_T = await Fr.fft(buffBodd, "", "", logger, "IFFT_B");
|
||||
const buffBodd_T = await Fr.fft(buffBodd, "", "", logger, "FFT_B");
|
||||
|
||||
const buffC = await Fr.ifft(buffC_T, "", "", logger, "FFT_C");
|
||||
const buffC = await Fr.ifft(buffC_T, "", "", logger, "IFFT_C");
|
||||
const buffCodd = await Fr.batchApplyKey(buffC, Fr.e(1), inc);
|
||||
const buffCodd_T = await Fr.fft(buffCodd, "", "", logger, "IFFT_C");
|
||||
const buffCodd_T = await Fr.fft(buffCodd, "", "", logger, "FFT_C");
|
||||
|
||||
const buffPodd_T = await joinABC(curve, zkey, buffAodd_T, buffBodd_T, buffCodd_T);
|
||||
if (logger) logger.debug("Join ABC");
|
||||
const buffPodd_T = await joinABC(curve, zkey, buffAodd_T, buffBodd_T, buffCodd_T, logger);
|
||||
|
||||
let proof = {};
|
||||
|
||||
proof.pi_a = await curve.G1.multiExpAffine(buffBasesA, buffWitness);
|
||||
let pib1 = await curve.G1.multiExpAffine(buffBasesB1, buffWitness);
|
||||
proof.pi_b = await curve.G2.multiExpAffine(buffBasesB2, buffWitness);
|
||||
proof.pi_c = await curve.G1.multiExpAffine(buffBasesC, buffWitness.slice((zkey.nPublic+1)*curve.Fr.n8));
|
||||
const resH = await curve.G1.multiExpAffine(buffBasesH, buffPodd_T);
|
||||
if (logger) logger.debug("Reading A Points");
|
||||
const buffBasesA = await readSection$1(fdZKey, sectionsZKey, 5);
|
||||
proof.pi_a = await curve.G1.multiExpAffine(buffBasesA, buffWitness, logger, "multiexp A");
|
||||
|
||||
if (logger) logger.debug("Reading B1 Points");
|
||||
const buffBasesB1 = await readSection$1(fdZKey, sectionsZKey, 6);
|
||||
let pib1 = await curve.G1.multiExpAffine(buffBasesB1, buffWitness, logger, "multiexp B1");
|
||||
|
||||
if (logger) logger.debug("Reading B2 Points");
|
||||
const buffBasesB2 = await readSection$1(fdZKey, sectionsZKey, 7);
|
||||
proof.pi_b = await curve.G2.multiExpAffine(buffBasesB2, buffWitness, logger, "multiexp B2");
|
||||
|
||||
if (logger) logger.debug("Reading C Points");
|
||||
const buffBasesC = await readSection$1(fdZKey, sectionsZKey, 8);
|
||||
proof.pi_c = await curve.G1.multiExpAffine(buffBasesC, buffWitness.slice((zkey.nPublic+1)*curve.Fr.n8), logger, "multiexp C");
|
||||
|
||||
if (logger) logger.debug("Reading H Points");
|
||||
const buffBasesH = await readSection$1(fdZKey, sectionsZKey, 9);
|
||||
const resH = await curve.G1.multiExpAffine(buffBasesH, buffPodd_T, logger, "multiexp H");
|
||||
|
||||
const r = curve.Fr.random();
|
||||
const s = curve.Fr.random();
|
||||
@ -6221,29 +6225,23 @@ async function buldABC1(curve, zkey, witness, coeffs, logger) {
|
||||
}
|
||||
|
||||
|
||||
async function joinABC(curve, zkey, a, b, c) {
|
||||
const concurrency = curve.tm.concurrency;
|
||||
async function joinABC(curve, zkey, a, b, c, logger) {
|
||||
const MAX_CHUNK_SIZE = 1 << 22;
|
||||
|
||||
const n8 = curve.Fr.n8;
|
||||
const nElements = Math.floor(a.byteLength / curve.Fr.n8);
|
||||
const elementsPerChunk = Math.floor(nElements/concurrency);
|
||||
|
||||
const promises = [];
|
||||
|
||||
for (let i=0; i<concurrency; i++) {
|
||||
let n;
|
||||
if (i< concurrency-1) {
|
||||
n = elementsPerChunk;
|
||||
} else {
|
||||
n = nElements - i*elementsPerChunk;
|
||||
}
|
||||
if (n==0) continue;
|
||||
for (let i=0; i<nElements; i += MAX_CHUNK_SIZE) {
|
||||
if (logger) logger.debug(`JoinABC: ${i}/${nElements}`);
|
||||
const n= Math.min(nElements - i, MAX_CHUNK_SIZE);
|
||||
|
||||
const task = [];
|
||||
|
||||
const aChunk = a.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const bChunk = b.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const cChunk = c.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const aChunk = a.slice(i*n8, (i + n)*n8 );
|
||||
const bChunk = b.slice(i*n8, (i + n)*n8 );
|
||||
const cChunk = c.slice(i*n8, (i + n)*n8 );
|
||||
|
||||
task.push({cmd: "ALLOCSET", var: 0, buff: aChunk});
|
||||
task.push({cmd: "ALLOCSET", var: 1, buff: bChunk});
|
||||
|
@ -1588,40 +1588,44 @@ async function groth16Prove(zkeyFileName, witnessFileName, logger) {
|
||||
if (logger) logger.debug("Building ABC");
|
||||
const [buffA_T, buffB_T, buffC_T] = await buldABC1(curve, zkey, buffWitness, buffCoeffs, logger);
|
||||
|
||||
if (logger) logger.debug("Reading A Points");
|
||||
const buffBasesA = await readSection(fdZKey, sectionsZKey, 5);
|
||||
if (logger) logger.debug("Reading B1 Points");
|
||||
const buffBasesB1 = await readSection(fdZKey, sectionsZKey, 6);
|
||||
if (logger) logger.debug("Reading B2 Points");
|
||||
const buffBasesB2 = await readSection(fdZKey, sectionsZKey, 7);
|
||||
if (logger) logger.debug("Reading C Points");
|
||||
const buffBasesC = await readSection(fdZKey, sectionsZKey, 8);
|
||||
if (logger) logger.debug("Reading H Points");
|
||||
const buffBasesH = await readSection(fdZKey, sectionsZKey, 9);
|
||||
|
||||
const inc = power == Fr.s ? curve.Fr.shift : curve.Fr.w[power+1];
|
||||
|
||||
const buffA = await Fr.ifft(buffA_T, "", "", logger, "FFT_A");
|
||||
const buffA = await Fr.ifft(buffA_T, "", "", logger, "IFFT_A");
|
||||
const buffAodd = await Fr.batchApplyKey(buffA, Fr.e(1), inc);
|
||||
const buffAodd_T = await Fr.fft(buffAodd, "", "", logger, "IFFT_A");
|
||||
const buffAodd_T = await Fr.fft(buffAodd, "", "", logger, "FFT_A");
|
||||
|
||||
const buffB = await Fr.ifft(buffB_T, "", "", logger, "FFT_B");
|
||||
const buffB = await Fr.ifft(buffB_T, "", "", logger, "IFFT_B");
|
||||
const buffBodd = await Fr.batchApplyKey(buffB, Fr.e(1), inc);
|
||||
const buffBodd_T = await Fr.fft(buffBodd, "", "", logger, "IFFT_B");
|
||||
const buffBodd_T = await Fr.fft(buffBodd, "", "", logger, "FFT_B");
|
||||
|
||||
const buffC = await Fr.ifft(buffC_T, "", "", logger, "FFT_C");
|
||||
const buffC = await Fr.ifft(buffC_T, "", "", logger, "IFFT_C");
|
||||
const buffCodd = await Fr.batchApplyKey(buffC, Fr.e(1), inc);
|
||||
const buffCodd_T = await Fr.fft(buffCodd, "", "", logger, "IFFT_C");
|
||||
const buffCodd_T = await Fr.fft(buffCodd, "", "", logger, "FFT_C");
|
||||
|
||||
const buffPodd_T = await joinABC(curve, zkey, buffAodd_T, buffBodd_T, buffCodd_T);
|
||||
if (logger) logger.debug("Join ABC");
|
||||
const buffPodd_T = await joinABC(curve, zkey, buffAodd_T, buffBodd_T, buffCodd_T, logger);
|
||||
|
||||
let proof = {};
|
||||
|
||||
proof.pi_a = await curve.G1.multiExpAffine(buffBasesA, buffWitness);
|
||||
let pib1 = await curve.G1.multiExpAffine(buffBasesB1, buffWitness);
|
||||
proof.pi_b = await curve.G2.multiExpAffine(buffBasesB2, buffWitness);
|
||||
proof.pi_c = await curve.G1.multiExpAffine(buffBasesC, buffWitness.slice((zkey.nPublic+1)*curve.Fr.n8));
|
||||
const resH = await curve.G1.multiExpAffine(buffBasesH, buffPodd_T);
|
||||
if (logger) logger.debug("Reading A Points");
|
||||
const buffBasesA = await readSection(fdZKey, sectionsZKey, 5);
|
||||
proof.pi_a = await curve.G1.multiExpAffine(buffBasesA, buffWitness, logger, "multiexp A");
|
||||
|
||||
if (logger) logger.debug("Reading B1 Points");
|
||||
const buffBasesB1 = await readSection(fdZKey, sectionsZKey, 6);
|
||||
let pib1 = await curve.G1.multiExpAffine(buffBasesB1, buffWitness, logger, "multiexp B1");
|
||||
|
||||
if (logger) logger.debug("Reading B2 Points");
|
||||
const buffBasesB2 = await readSection(fdZKey, sectionsZKey, 7);
|
||||
proof.pi_b = await curve.G2.multiExpAffine(buffBasesB2, buffWitness, logger, "multiexp B2");
|
||||
|
||||
if (logger) logger.debug("Reading C Points");
|
||||
const buffBasesC = await readSection(fdZKey, sectionsZKey, 8);
|
||||
proof.pi_c = await curve.G1.multiExpAffine(buffBasesC, buffWitness.slice((zkey.nPublic+1)*curve.Fr.n8), logger, "multiexp C");
|
||||
|
||||
if (logger) logger.debug("Reading H Points");
|
||||
const buffBasesH = await readSection(fdZKey, sectionsZKey, 9);
|
||||
const resH = await curve.G1.multiExpAffine(buffBasesH, buffPodd_T, logger, "multiexp H");
|
||||
|
||||
const r = curve.Fr.random();
|
||||
const s = curve.Fr.random();
|
||||
@ -1709,29 +1713,23 @@ async function buldABC1(curve, zkey, witness, coeffs, logger) {
|
||||
}
|
||||
|
||||
|
||||
async function joinABC(curve, zkey, a, b, c) {
|
||||
const concurrency = curve.tm.concurrency;
|
||||
async function joinABC(curve, zkey, a, b, c, logger) {
|
||||
const MAX_CHUNK_SIZE = 1 << 22;
|
||||
|
||||
const n8 = curve.Fr.n8;
|
||||
const nElements = Math.floor(a.byteLength / curve.Fr.n8);
|
||||
const elementsPerChunk = Math.floor(nElements/concurrency);
|
||||
|
||||
const promises = [];
|
||||
|
||||
for (let i=0; i<concurrency; i++) {
|
||||
let n;
|
||||
if (i< concurrency-1) {
|
||||
n = elementsPerChunk;
|
||||
} else {
|
||||
n = nElements - i*elementsPerChunk;
|
||||
}
|
||||
if (n==0) continue;
|
||||
for (let i=0; i<nElements; i += MAX_CHUNK_SIZE) {
|
||||
if (logger) logger.debug(`JoinABC: ${i}/${nElements}`);
|
||||
const n= Math.min(nElements - i, MAX_CHUNK_SIZE);
|
||||
|
||||
const task = [];
|
||||
|
||||
const aChunk = a.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const bChunk = b.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const cChunk = c.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const aChunk = a.slice(i*n8, (i + n)*n8 );
|
||||
const bChunk = b.slice(i*n8, (i + n)*n8 );
|
||||
const cChunk = c.slice(i*n8, (i + n)*n8 );
|
||||
|
||||
task.push({cmd: "ALLOCSET", var: 0, buff: aChunk});
|
||||
task.push({cmd: "ALLOCSET", var: 1, buff: bChunk});
|
||||
|
File diff suppressed because one or more lines are too long
2
build/snarkjs.min.js
vendored
2
build/snarkjs.min.js
vendored
File diff suppressed because one or more lines are too long
@ -38,40 +38,44 @@ export default async function groth16Prove(zkeyFileName, witnessFileName, logger
|
||||
if (logger) logger.debug("Building ABC");
|
||||
const [buffA_T, buffB_T, buffC_T] = await buldABC1(curve, zkey, buffWitness, buffCoeffs, logger);
|
||||
|
||||
if (logger) logger.debug("Reading A Points");
|
||||
const buffBasesA = await binFileUtils.readSection(fdZKey, sectionsZKey, 5);
|
||||
if (logger) logger.debug("Reading B1 Points");
|
||||
const buffBasesB1 = await binFileUtils.readSection(fdZKey, sectionsZKey, 6);
|
||||
if (logger) logger.debug("Reading B2 Points");
|
||||
const buffBasesB2 = await binFileUtils.readSection(fdZKey, sectionsZKey, 7);
|
||||
if (logger) logger.debug("Reading C Points");
|
||||
const buffBasesC = await binFileUtils.readSection(fdZKey, sectionsZKey, 8);
|
||||
if (logger) logger.debug("Reading H Points");
|
||||
const buffBasesH = await binFileUtils.readSection(fdZKey, sectionsZKey, 9);
|
||||
|
||||
const inc = power == Fr.s ? curve.Fr.shift : curve.Fr.w[power+1];
|
||||
|
||||
const buffA = await Fr.ifft(buffA_T, "", "", logger, "FFT_A");
|
||||
const buffA = await Fr.ifft(buffA_T, "", "", logger, "IFFT_A");
|
||||
const buffAodd = await Fr.batchApplyKey(buffA, Fr.e(1), inc);
|
||||
const buffAodd_T = await Fr.fft(buffAodd, "", "", logger, "IFFT_A");
|
||||
const buffAodd_T = await Fr.fft(buffAodd, "", "", logger, "FFT_A");
|
||||
|
||||
const buffB = await Fr.ifft(buffB_T, "", "", logger, "FFT_B");
|
||||
const buffB = await Fr.ifft(buffB_T, "", "", logger, "IFFT_B");
|
||||
const buffBodd = await Fr.batchApplyKey(buffB, Fr.e(1), inc);
|
||||
const buffBodd_T = await Fr.fft(buffBodd, "", "", logger, "IFFT_B");
|
||||
const buffBodd_T = await Fr.fft(buffBodd, "", "", logger, "FFT_B");
|
||||
|
||||
const buffC = await Fr.ifft(buffC_T, "", "", logger, "FFT_C");
|
||||
const buffC = await Fr.ifft(buffC_T, "", "", logger, "IFFT_C");
|
||||
const buffCodd = await Fr.batchApplyKey(buffC, Fr.e(1), inc);
|
||||
const buffCodd_T = await Fr.fft(buffCodd, "", "", logger, "IFFT_C");
|
||||
const buffCodd_T = await Fr.fft(buffCodd, "", "", logger, "FFT_C");
|
||||
|
||||
const buffPodd_T = await joinABC(curve, zkey, buffAodd_T, buffBodd_T, buffCodd_T);
|
||||
if (logger) logger.debug("Join ABC");
|
||||
const buffPodd_T = await joinABC(curve, zkey, buffAodd_T, buffBodd_T, buffCodd_T, logger);
|
||||
|
||||
let proof = {};
|
||||
|
||||
proof.pi_a = await curve.G1.multiExpAffine(buffBasesA, buffWitness);
|
||||
let pib1 = await curve.G1.multiExpAffine(buffBasesB1, buffWitness);
|
||||
proof.pi_b = await curve.G2.multiExpAffine(buffBasesB2, buffWitness);
|
||||
proof.pi_c = await curve.G1.multiExpAffine(buffBasesC, buffWitness.slice((zkey.nPublic+1)*curve.Fr.n8));
|
||||
const resH = await curve.G1.multiExpAffine(buffBasesH, buffPodd_T);
|
||||
if (logger) logger.debug("Reading A Points");
|
||||
const buffBasesA = await binFileUtils.readSection(fdZKey, sectionsZKey, 5);
|
||||
proof.pi_a = await curve.G1.multiExpAffine(buffBasesA, buffWitness, logger, "multiexp A");
|
||||
|
||||
if (logger) logger.debug("Reading B1 Points");
|
||||
const buffBasesB1 = await binFileUtils.readSection(fdZKey, sectionsZKey, 6);
|
||||
let pib1 = await curve.G1.multiExpAffine(buffBasesB1, buffWitness, logger, "multiexp B1");
|
||||
|
||||
if (logger) logger.debug("Reading B2 Points");
|
||||
const buffBasesB2 = await binFileUtils.readSection(fdZKey, sectionsZKey, 7);
|
||||
proof.pi_b = await curve.G2.multiExpAffine(buffBasesB2, buffWitness, logger, "multiexp B2");
|
||||
|
||||
if (logger) logger.debug("Reading C Points");
|
||||
const buffBasesC = await binFileUtils.readSection(fdZKey, sectionsZKey, 8);
|
||||
proof.pi_c = await curve.G1.multiExpAffine(buffBasesC, buffWitness.slice((zkey.nPublic+1)*curve.Fr.n8), logger, "multiexp C");
|
||||
|
||||
if (logger) logger.debug("Reading H Points");
|
||||
const buffBasesH = await binFileUtils.readSection(fdZKey, sectionsZKey, 9);
|
||||
const resH = await curve.G1.multiExpAffine(buffBasesH, buffPodd_T, logger, "multiexp H");
|
||||
|
||||
const r = curve.Fr.random();
|
||||
const s = curve.Fr.random();
|
||||
@ -289,29 +293,23 @@ async function buldABC(curve, zkey, witness, coeffs, logger) {
|
||||
}
|
||||
|
||||
|
||||
async function joinABC(curve, zkey, a, b, c) {
|
||||
const concurrency = curve.tm.concurrency;
|
||||
async function joinABC(curve, zkey, a, b, c, logger) {
|
||||
const MAX_CHUNK_SIZE = 1 << 22;
|
||||
|
||||
const n8 = curve.Fr.n8;
|
||||
const nElements = Math.floor(a.byteLength / curve.Fr.n8);
|
||||
const elementsPerChunk = Math.floor(nElements/concurrency);
|
||||
|
||||
const promises = [];
|
||||
|
||||
for (let i=0; i<concurrency; i++) {
|
||||
let n;
|
||||
if (i< concurrency-1) {
|
||||
n = elementsPerChunk;
|
||||
} else {
|
||||
n = nElements - i*elementsPerChunk;
|
||||
}
|
||||
if (n==0) continue;
|
||||
for (let i=0; i<nElements; i += MAX_CHUNK_SIZE) {
|
||||
if (logger) logger.debug(`JoinABC: ${i}/${nElements}`);
|
||||
const n= Math.min(nElements - i, MAX_CHUNK_SIZE);
|
||||
|
||||
const task = [];
|
||||
|
||||
const aChunk = a.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const bChunk = b.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const cChunk = c.slice(i*elementsPerChunk*n8, (i*elementsPerChunk + n)*n8 );
|
||||
const aChunk = a.slice(i*n8, (i + n)*n8 );
|
||||
const bChunk = b.slice(i*n8, (i + n)*n8 );
|
||||
const cChunk = c.slice(i*n8, (i + n)*n8 );
|
||||
|
||||
task.push({cmd: "ALLOCSET", var: 0, buff: aChunk});
|
||||
task.push({cmd: "ALLOCSET", var: 1, buff: bChunk});
|
||||
|
Loading…
Reference in New Issue
Block a user