* Working "faster" inverse algo, using u128s.
* Faster inverse_2exp for large exp.
* More inverse tests.
* Make f, g u64.
* Comments.
* Unroll first two iterations.
* Fix bug and re-unroll first two iterations.
* Simplify loop.
* Refactoring and documentation.
* Clean up testing.
* Move inverse code to inversion.rs; use in GoldilocksField.
* Bench quartic Goldilocks extension too.
* cargo fmt
* Add more documentation.
* Address Jakub's comments.
* Refactor GMiMC code
Adds a sub-trait of `Field` called `GMiMCInterface`, which is similar to `PoseidonInterface`.
This lets us have different fields with different GMiMC constants in a type-safe way.
* Remove `Interface`
* Const generic for width
- Split it into two files, one for general `Field` tests and one for `PrimeField` tests.
- Replace most uses of `BigUint` in tests with `u64`. These uses were only applicable for `PrimeField`s, which are 64-bit fields anyway. This lets us delete the `BigUInt` conversion methods.
- Simplify `test_inputs`, which was originally written for large prime fields. Now that it's only used for 64-bit fields, I think interesting inputs are just the smallest and largest elements, and those close to 2^32 etc.
* Move some Field members to a Field64 subtrait
I.e. move anything specific to 64-bit fields.
Also, relatedly,
- Tweak a bunch of prover code to require `Field64`, since 64-bit stuff is used in a couple places, like the FRI proof-of-work
- Remove `bits()`, which was unused and assumed a 64-bit field
- Rename a couple methods to reflect that they're u64 variants
There are no functional changes.
* Field64 -> PrimeField
* Remove `exp_u32`, `kth_root_u32`
* PrimeField: PrimeField
* Move `to_canonical_biguint` as well
* Add back from_noncanonical_u128
No functional changes here. The biggest change was moving certain files into new directories like `plonk` and `iop` (for things like `Challenger` that could be used in STARKs or other IOPs). I also split a few files, renames, etc, but again nothing functional, so I don't think a careful review is necessary (just a sanity check).
* Use built-in `reverse_bits`; remove duplicate `reverse_index_bits`.
* Reduce precomputation time/space complexity from quadratic to linear.
* Several working cache-friendly FFTs.
* Fix to allow FFT of constant polynomial.
* Simplify FFT strategy choice.
* Add PrimeField and CHARACTERISTIC properties to Fields.
* Add faster method for inverse of 2^m.
* Pre-compute some of the roots; tidy up loop iteration.
* Precomputation for both FFT variants.
* Refactor precomputation; add optional parameters; rename some things.
* Unrolled version with zero tail.
* Iterative version of Unrolled precomputation.
* Test zero tail algo.
* Restore default degree.
* Address comments from @dlubarov and @wborgeaud.
... and other minor refactoring.
`bench_recursion` will be the default bin run by `cargo run`; the otheres can be selected with the `--bin` flag.
We could probably delete some of the other binaries later. E.g. `field_search` might not be useful any more. `bench_fft` should maybe be converted to a benchmark (although there are some pros and cons, e.g. the bench framework has a minimum number of runs, and isn't helpful in testing multi-core performance).
