From 1e9845afcfe1183860d75793a3a953b1c6cf6301 Mon Sep 17 00:00:00 2001
From: Daniel Lubarov <daniel@lubarov.com>
Date: Tue, 27 Jul 2021 12:44:10 -0700
Subject: [PATCH 1/2] nits

---
 src/gates/exponentiation.rs | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/gates/exponentiation.rs b/src/gates/exponentiation.rs
index b7d699f6..2d18a8e6 100644
--- a/src/gates/exponentiation.rs
+++ b/src/gates/exponentiation.rs
@@ -68,21 +68,22 @@ impl<F: Extendable<D>, const D: usize> Gate<F, D> for ExponentiationGate<F, D> {
 
         let mut constraints = Vec::new();
 
-        let power_bits_reversed = &power_bits.iter().cloned().rev().collect::<Vec<_>>()[..];
-        let computed_power = reduce_with_powers(power_bits_reversed, F::Extension::TWO);
+        let computed_power = reduce_with_powers(&power_bits, F::Extension::TWO);
         constraints.push(power - computed_power);
 
         for i in 0..self.num_power_bits {
-            let current_intermediate_value = if i == 0 {
+            let prev_intermediate_value = if i == 0 {
                 F::Extension::ONE
             } else {
-                intermediate_values[i - 1] * intermediate_values[i - 1]
+                intermediate_values[i - 1].square()
             };
 
-            let cur_bit = power_bits[i];
+            // power_bits is in LE order, but we accumulate in BE order.
+            let cur_bit = power_bits[self.num_power_bits - i - 1];
+
             let not_cur_bit = F::Extension::ONE - cur_bit;
             let computed_intermediate_value =
-                current_intermediate_value * (cur_bit * base + not_cur_bit);
+                prev_intermediate_value * (cur_bit * base + not_cur_bit);
             constraints.push(computed_intermediate_value - intermediate_values[i]);
         }
 
@@ -136,7 +137,7 @@ impl<F: Extendable<D>, const D: usize> SimpleGenerator<F> for ExponentiationGene
     fn dependencies(&self) -> Vec<Target> {
         let local_target = |input| Target::wire(self.gate_index, input);
 
-        let mut deps = Vec::new();
+        let mut deps = Vec::with_capacity(self.gate.num_power_bits + 2);
         deps.push(local_target(self.gate.wires_base()));
         deps.push(local_target(self.gate.wires_power()));
         for i in 0..self.gate.num_power_bits {
@@ -230,7 +231,6 @@ mod tests {
                 power_bits.push(cur_power % 2);
                 cur_power /= 2;
             }
-            power_bits = power_bits.iter().cloned().rev().collect::<Vec<_>>();
 
             let num_power_bits = power_bits.len();
 

From 54626be7ceec4788e7d143e3bcea18886c143ec0 Mon Sep 17 00:00:00 2001
From: Daniel Lubarov <daniel@lubarov.com>
Date: Tue, 27 Jul 2021 12:48:52 -0700
Subject: [PATCH 2/2] comment

---
 src/gates/exponentiation.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/gates/exponentiation.rs b/src/gates/exponentiation.rs
index 2d18a8e6..d1e6cdf0 100644
--- a/src/gates/exponentiation.rs
+++ b/src/gates/exponentiation.rs
@@ -38,6 +38,7 @@ impl<F: Extendable<D>, const D: usize> ExponentiationGate<F, D> {
         1
     }
 
+    /// The `i`th bit of the exponent, in little-endian order.
     pub fn wires_power_bit(&self, i: usize) -> usize {
         debug_assert!(i < self.num_power_bits);
         2 + i