* Port of AVX2 MDS impl
* Bugfixes
* Inline ASM to the rescue
* remove debug printsln + minor formatting
* Work around NEON intrinsic bug without inline ASM
* Minor error in doc
* Daniel comments
* More Daniel comments
Co-authored-by: Jakub Nabaglo <jakub@mirprotocol.org>
* Simplify and refactor GMiMC benchmark.
* Refactor/combine GMiMC and Rescue hash benchmarks.
* Remove old Rescue bench; rename GMiMC bench.
* Add from_canonical_u128 for fields.
* Initial version of Poseidon.
* Partial implementation of fast Poseidon.
* Complete (but broken) implementation of fast partial rounds.
* Fix index calculation.
* Add basic tests.
* Fix constants; fix bugs in fast partial round calculation.
* Rename main functions.
* Add test vectors.
* Use x^7 for s-box monomial.
* Fix s-box application in fast version.
* Make WIDTH a parameter.
* Working version with both widths.
* Updated the constants so they use x^3; added test vectors.
* Expand bench_hash to cover both widths and report relative slowdown.
* Remove references to MaybeUninit.
* First draft of refactoring the two Poseidon widths.
* Tidy up use of conversion to/from raw data.
* Add some comments.
* Refactor tests.
* Apply cargo fmt changes.
* Have `Field`s implement `PoseidonInterface` (#209)
* Have `Field`s implement `PoseidonInterface`
Rather than having a sort of "dummy struct" implement `PoseidonInterface` with the field as a generic param. I think this seems more natural and type-safe.
The type safety does come at a price -- it would be harder to do dynamic things such as taking `WIDTH` as a command line option -- but I think that's alright.
* Fix missed conflicts.
* cargo fmt fixes.
* Fix to accommodate changes in latest nightly.
Co-authored-by: Hamish Ivey-Law <426294+unzvfu@users.noreply.github.com>
Co-authored-by: Hamish Ivey-Law <hamish@ivey-law.name>
* Sanity check number of rounds.
Co-authored-by: Daniel Lubarov <daniel@lubarov.com>
No functional changes here. The biggest change was moving certain files into new directories like `plonk` and `iop` (for things like `Challenger` that could be used in STARKs or other IOPs). I also split a few files, renames, etc, but again nothing functional, so I don't think a careful review is necessary (just a sanity check).
* Tree of scopes
This is an extension of the context concept.
Earlier I was planning to store a simple stack of contexts, but I ended up storing the whole history, in a tree structure. This gives us more control over the output, i.e. we can print the gate count of a parent scope before those of its child scopes, which seems more user-friendly.
Sample gate count output:
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] 27829 gates to root
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] | 2373 gates to evaluate the vanishing polynomial at our challenge point, zeta.
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] | | 1284 gates to evaluate gate constraints
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] | 25312 gates to verify FRI proof
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] | | 650 gates to verify 0'th FRI query
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] | | | 96 gates to check FRI initial proof
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] | | | 65 gates to compute x from its index
[2021-07-19T18:09:24Z INFO plonky2::circuit_builder] | | | 233 gates to combine initial oracles
...
Sample copy constraint failure:
Error: Copy constraint 'root > verify FRI proof > verify 0'th FRI query > check FRI initial proof > verify 0'th initial Merkle proof > check Merkle root: 0-th hash element' between wire 12 of gate #2550 [...] and wire 0 of gate #0 [...] is not satisfied. Got values of 6861386743364621393 and 0 respectively.
* No min
* info -> debug
* Move to its own file
This is mostly copy/pasted from plonky1, although there are some differences. E.g. in plonky2 virtual targets are not routable, so they're no longer added as partitions.
... and other minor refactoring.
`bench_recursion` will be the default bin run by `cargo run`; the otheres can be selected with the `--bin` flag.
We could probably delete some of the other binaries later. E.g. `field_search` might not be useful any more. `bench_fft` should maybe be converted to a benchmark (although there are some pros and cons, e.g. the bench framework has a minimum number of runs, and isn't helpful in testing multi-core performance).
