2022-02-26 20:22:34 +00:00
|
|
|
# Constantine
|
|
|
|
# Copyright (c) 2018-2019 Status Research & Development GmbH
|
|
|
|
# Copyright (c) 2020-Present Mamy André-Ratsimbazafy
|
|
|
|
# Licensed and distributed under either of
|
|
|
|
# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT).
|
|
|
|
# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0).
|
|
|
|
# at your option. This file may not be copied, modified, or distributed except according to those terms.
|
|
|
|
|
|
|
|
import
|
|
|
|
# Internals
|
2023-01-26 23:42:12 +00:00
|
|
|
../constantine/[
|
2023-10-06 07:58:20 +00:00
|
|
|
ethereum_bls_signatures_parallel,
|
2023-01-26 23:42:12 +00:00
|
|
|
ethereum_eip2333_bls12381_key_derivation],
|
|
|
|
../constantine/math/arithmetic,
|
2023-10-06 07:58:20 +00:00
|
|
|
../constantine/threadpool/threadpool,
|
|
|
|
# Std
|
|
|
|
std/[os, cpuinfo],
|
2022-02-26 20:22:34 +00:00
|
|
|
# Helpers
|
|
|
|
../helpers/prng_unsafe,
|
|
|
|
./bench_blueprint
|
|
|
|
|
2023-10-06 07:58:20 +00:00
|
|
|
proc separator*() = separator(180)
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
proc report(op, curve: string, startTime, stopTime: MonoTime, startClk, stopClk: int64, iters: int) =
|
|
|
|
let ns = inNanoseconds((stopTime-startTime) div iters)
|
|
|
|
let throughput = 1e9 / float64(ns)
|
|
|
|
when SupportsGetTicks:
|
2023-10-06 07:58:20 +00:00
|
|
|
echo &"{op:<88} {curve:<15} {throughput:>15.3f} ops/s {ns:>9} ns/op {(stopClk - startClk) div iters:>9} CPU cycles (approx)"
|
2022-02-26 20:22:34 +00:00
|
|
|
else:
|
2023-10-06 07:58:20 +00:00
|
|
|
echo &"{op:<8} {curve:<15} {throughput:>15.3f} ops/s {ns:>9} ns/op"
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
template bench(op: string, curve: string, iters: int, body: untyped): untyped =
|
|
|
|
measure(iters, startTime, stopTime, startClk, stopClk, body)
|
|
|
|
report(op, curve, startTime, stopTime, startClk, stopClk, iters)
|
|
|
|
|
2023-01-26 23:42:12 +00:00
|
|
|
proc demoKeyGen(): tuple[seckey: SecretKey, pubkey: PublicKey] =
|
|
|
|
# Don't do this at home, this is for benchmarking purposes
|
|
|
|
# The RNG is NOT cryptographically secure
|
2023-04-18 20:02:23 +00:00
|
|
|
# The API for keygen is not ready in ethereum_bls_signatures
|
2023-01-26 23:42:12 +00:00
|
|
|
let ikm = rng.random_byte_seq(32)
|
|
|
|
doAssert cast[ptr BigInt[255]](result.seckey.addr)[].derive_master_secretKey(ikm)
|
2023-08-13 13:08:04 +00:00
|
|
|
result.pubkey.derive_pubkey(result.seckey)
|
2023-01-26 23:42:12 +00:00
|
|
|
|
|
|
|
proc benchDeserPubkey*(iters: int) =
|
|
|
|
let (sk, pk) = demoKeyGen()
|
|
|
|
var pk_comp{.noInit.}: array[48, byte]
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
# Serialize compressed
|
2023-08-13 13:08:04 +00:00
|
|
|
let status = pk_comp.serialize_pubkey_compressed(pk)
|
|
|
|
doAssert status == cttCodecEcc_Success
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
var pk2{.noInit.}: PublicKey
|
|
|
|
|
|
|
|
bench("Pubkey deserialization (full checks)", "BLS12_381 G1", iters):
|
2023-04-18 20:02:23 +00:00
|
|
|
let status = pk2.deserialize_pubkey_compressed(pk_comp)
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
proc benchDeserPubkeyUnchecked*(iters: int) =
|
2023-01-26 23:42:12 +00:00
|
|
|
let (sk, pk) = demoKeyGen()
|
|
|
|
var pk_comp{.noInit.}: array[48, byte]
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
# Serialize compressed
|
2023-08-13 13:08:04 +00:00
|
|
|
let status = pk_comp.serialize_pubkey_compressed(pk)
|
|
|
|
doAssert status == cttCodecEcc_Success
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
var pk2{.noInit.}: PublicKey
|
|
|
|
|
|
|
|
bench("Pubkey deserialization (skip checks)", "BLS12_381 G1", iters):
|
2023-04-18 20:02:23 +00:00
|
|
|
let status = pk2.deserialize_pubkey_compressed_unchecked(pk_comp)
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
proc benchDeserSig*(iters: int) =
|
2023-01-26 23:42:12 +00:00
|
|
|
let (sk, pk) = demoKeyGen()
|
2022-02-26 20:22:34 +00:00
|
|
|
const msg = "abcdef0123456789"
|
|
|
|
|
|
|
|
var
|
|
|
|
sig_comp{.noInit.}: array[96, byte]
|
|
|
|
sig {.noInit.}: Signature
|
|
|
|
|
2023-08-13 13:08:04 +00:00
|
|
|
sig.sign(sk, msg)
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
# Serialize compressed
|
2023-08-13 13:08:04 +00:00
|
|
|
let status = sig_comp.serialize_signature_compressed(sig)
|
|
|
|
doAssert status == cttCodecEcc_Success
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
var sig2{.noInit.}: Signature
|
|
|
|
|
|
|
|
bench("Signature deserialization (full checks)", "BLS12_381 G2", iters):
|
|
|
|
let status = sig2.deserialize_signature_compressed(sig_comp)
|
|
|
|
|
|
|
|
proc benchDeserSigUnchecked*(iters: int) =
|
2023-01-26 23:42:12 +00:00
|
|
|
let (sk, pk) = demoKeyGen()
|
2022-02-26 20:22:34 +00:00
|
|
|
const msg = "abcdef0123456789"
|
|
|
|
|
|
|
|
var
|
|
|
|
sig_comp{.noInit.}: array[96, byte]
|
|
|
|
sig {.noInit.}: Signature
|
|
|
|
|
2023-08-13 13:08:04 +00:00
|
|
|
sig.sign(sk, msg)
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
# Serialize compressed
|
2023-08-13 13:08:04 +00:00
|
|
|
let status = sig_comp.serialize_signature_compressed(sig)
|
|
|
|
doAssert status == cttCodecEcc_Success
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
var sig2{.noInit.}: Signature
|
|
|
|
|
|
|
|
bench("Signature deserialization (skip checks)", "BLS12_381 G2", iters):
|
|
|
|
let status = sig2.deserialize_signature_compressed_unchecked(sig_comp)
|
|
|
|
|
|
|
|
proc benchSign*(iters: int) =
|
2023-01-26 23:42:12 +00:00
|
|
|
let (sk, pk) = demoKeyGen()
|
2022-02-26 20:22:34 +00:00
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
|
|
|
var sig: Signature
|
|
|
|
|
|
|
|
bench("BLS signature", "BLS12_381 G2", iters):
|
2023-08-13 13:08:04 +00:00
|
|
|
sig.sign(sk, msg)
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
proc benchVerify*(iters: int) =
|
2023-01-26 23:42:12 +00:00
|
|
|
let (sk, pk) = demoKeyGen()
|
2022-02-26 20:22:34 +00:00
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
|
|
|
var sig: Signature
|
2023-08-13 13:08:04 +00:00
|
|
|
sig.sign(sk, msg)
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
bench("BLS verification", "BLS12_381", iters):
|
|
|
|
let valid = pk.verify(msg, sig)
|
|
|
|
|
2023-01-26 23:42:12 +00:00
|
|
|
proc benchFastAggregateVerify*(numKeys, iters: int) =
|
|
|
|
## Verification of N pubkeys signing 1 message
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
|
|
|
var validators = newSeq[PublicKey](numKeys)
|
|
|
|
var sigs = newSeq[Signature](numKeys)
|
|
|
|
var aggSig: Signature
|
|
|
|
|
|
|
|
for i in 0 ..< numKeys:
|
|
|
|
let (sk, pk) = demoKeyGen()
|
|
|
|
validators[i] = pk
|
2023-08-13 13:08:04 +00:00
|
|
|
sigs[i].sign(sk, msg)
|
2023-01-26 23:42:12 +00:00
|
|
|
|
2023-04-18 20:02:23 +00:00
|
|
|
aggSig.aggregate_signatures_unstable_api(sigs)
|
2023-01-26 23:42:12 +00:00
|
|
|
|
|
|
|
bench("BLS agg verif of 1 msg by " & $numKeys & " pubkeys", "BLS12_381", iters):
|
|
|
|
let valid = validators.fast_aggregate_verify(msg, aggSig)
|
|
|
|
|
|
|
|
proc benchVerifyMulti*(numSigs, iters: int) =
|
|
|
|
## Verification of N pubkeys signing for N messages
|
|
|
|
|
|
|
|
var triplets: seq[tuple[pubkey: PublicKey, msg: array[32, byte], sig: Signature]]
|
|
|
|
|
|
|
|
var hashedMsg: array[32, byte]
|
|
|
|
var sig: Signature
|
|
|
|
|
|
|
|
for i in 0 ..< numSigs:
|
|
|
|
let (sk, pk) = demoKeyGen()
|
|
|
|
sha256.hash(hashedMsg, "msg" & $i)
|
2023-08-13 13:08:04 +00:00
|
|
|
sig.sign(sk, hashedMsg)
|
2023-01-26 23:42:12 +00:00
|
|
|
triplets.add (pk, hashedMsg, sig)
|
|
|
|
|
|
|
|
bench("BLS verif of " & $numSigs & " msgs by "& $numSigs & " pubkeys", "BLS12_381", iters):
|
|
|
|
for i in 0 ..< triplets.len:
|
|
|
|
let ok = triplets[i].pubkey.verify(triplets[i].msg, triplets[i].sig)
|
|
|
|
doAssert ok == cttBLS_Success
|
|
|
|
|
|
|
|
proc benchVerifyBatched*(numSigs, iters: int) =
|
|
|
|
## Verification of N pubkeys signing for N messages
|
|
|
|
|
|
|
|
var
|
|
|
|
pubkeys: seq[PublicKey]
|
|
|
|
messages: seq[array[32, byte]]
|
|
|
|
signatures: seq[Signature]
|
|
|
|
|
|
|
|
var hashedMsg: array[32, byte]
|
|
|
|
var sig: Signature
|
|
|
|
|
|
|
|
for i in 0 ..< numSigs:
|
|
|
|
let (sk, pk) = demoKeyGen()
|
|
|
|
sha256.hash(hashedMsg, "msg" & $i)
|
2023-08-13 13:08:04 +00:00
|
|
|
sig.sign(sk, hashedMsg)
|
2023-01-26 23:42:12 +00:00
|
|
|
|
|
|
|
pubkeys.add pk
|
|
|
|
messages.add hashedMsg
|
|
|
|
signatures.add sig
|
|
|
|
|
|
|
|
let secureBlindingBytes = sha256.hash("Mr F was here")
|
|
|
|
|
|
|
|
bench("BLS serial batch verify of " & $numSigs & " msgs by "& $numSigs & " pubkeys (with blinding)", "BLS12_381", iters):
|
|
|
|
let ok = batch_verify(pubkeys, messages, signatures, secureBlindingBytes)
|
|
|
|
doAssert ok == cttBLS_Success
|
|
|
|
|
2023-10-06 07:58:20 +00:00
|
|
|
proc benchVerifyBatchedParallel*(numSigs, iters: int) =
|
|
|
|
## Verification of N pubkeys signing for N messages
|
|
|
|
|
|
|
|
var
|
|
|
|
tp: Threadpool
|
|
|
|
pubkeys: seq[PublicKey]
|
|
|
|
messages: seq[array[32, byte]]
|
|
|
|
signatures: seq[Signature]
|
|
|
|
|
|
|
|
var hashedMsg: array[32, byte]
|
|
|
|
var sig: Signature
|
|
|
|
|
|
|
|
|
|
|
|
var numThreads: int
|
|
|
|
if existsEnv"CTT_NUM_THREADS":
|
|
|
|
numThreads = getEnv"CTT_NUM_THREADS".parseInt()
|
|
|
|
else:
|
|
|
|
numThreads = countProcessors()
|
|
|
|
tp = Threadpool.new(numThreads)
|
|
|
|
|
|
|
|
for i in 0 ..< numSigs:
|
|
|
|
let (sk, pk) = demoKeyGen()
|
|
|
|
sha256.hash(hashedMsg, "msg" & $i)
|
|
|
|
sig.sign(sk, hashedMsg)
|
|
|
|
|
|
|
|
pubkeys.add pk
|
|
|
|
messages.add hashedMsg
|
|
|
|
signatures.add sig
|
|
|
|
|
|
|
|
let secureBlindingBytes = sha256.hash("Mr F was here")
|
|
|
|
|
|
|
|
bench("BLS parallel batch verify (" & $tp.numThreads & " threads) of " & $numSigs & " msgs by "& $numSigs & " pubkeys (with blinding)", "BLS12_381", iters):
|
|
|
|
let ok = tp.batch_verify_parallel(pubkeys, messages, signatures, secureBlindingBytes)
|
|
|
|
doAssert ok == cttBLS_Success, "invalid status: " & $ok
|
|
|
|
|
|
|
|
tp.shutdown()
|
|
|
|
|
2022-02-26 20:22:34 +00:00
|
|
|
const Iters = 1000
|
|
|
|
|
|
|
|
proc main() =
|
|
|
|
separator()
|
|
|
|
benchDeserPubkey(Iters)
|
|
|
|
benchDeserPubkeyUnchecked(Iters)
|
|
|
|
benchDeserSig(Iters)
|
|
|
|
benchDeserSigUnchecked(Iters)
|
|
|
|
separator()
|
|
|
|
benchSign(Iters)
|
|
|
|
benchVerify(Iters)
|
|
|
|
separator()
|
2023-01-26 23:42:12 +00:00
|
|
|
benchFastAggregateVerify(numKeys = 128, iters = 10)
|
|
|
|
separator()
|
|
|
|
|
|
|
|
# Simulate Block verification (at most 6 signatures per block)
|
|
|
|
benchVerifyMulti(numSigs = 6, iters = 10)
|
|
|
|
benchVerifyBatched(numSigs = 6, iters = 10)
|
2023-10-06 07:58:20 +00:00
|
|
|
benchVerifyBatchedParallel(numSigs = 6, iters = 10)
|
2023-01-26 23:42:12 +00:00
|
|
|
separator()
|
|
|
|
|
|
|
|
# Simulate 10 blocks verification
|
|
|
|
benchVerifyMulti(numSigs = 60, iters = 10)
|
|
|
|
benchVerifyBatched(numSigs = 60, iters = 10)
|
2023-10-06 07:58:20 +00:00
|
|
|
benchVerifyBatchedParallel(numSigs = 60, iters = 10)
|
2023-01-26 23:42:12 +00:00
|
|
|
separator()
|
|
|
|
|
|
|
|
# Simulate 30 blocks verification
|
|
|
|
benchVerifyMulti(numSigs = 180, iters = 10)
|
|
|
|
benchVerifyBatched(numSigs = 180, iters = 10)
|
2023-10-06 07:58:20 +00:00
|
|
|
benchVerifyBatchedParallel(numSigs = 180, iters = 10)
|
2023-01-26 23:42:12 +00:00
|
|
|
separator()
|
2022-02-26 20:22:34 +00:00
|
|
|
|
|
|
|
main()
|
|
|
|
notes()
|