* Replace `CrandallQuarticField` with a more generic `QuarticExtension`
And likewise for `CrandallQuadraticField`.
There are a few parameters which we can't automatically derive (in const Rust), so I specified them in a `AutoExtendable` trait.
This would make it fairly easy to add extension fields for `GoldilocksField` and any future fields.
* Attempt to derive 2-adicity, see Hamish's feedback
* Simplify TWO_ADICITY based on chat with Hamish
* PR feedback
* Merge AutoExtendable into Extendable (#235)
- Split it into two files, one for general `Field` tests and one for `PrimeField` tests.
- Replace most uses of `BigUint` in tests with `u64`. These uses were only applicable for `PrimeField`s, which are 64-bit fields anyway. This lets us delete the `BigUInt` conversion methods.
- Simplify `test_inputs`, which was originally written for large prime fields. Now that it's only used for 64-bit fields, I think interesting inputs are just the smallest and largest elements, and those close to 2^32 etc.
* Move some Field members to a Field64 subtrait
I.e. move anything specific to 64-bit fields.
Also, relatedly,
- Tweak a bunch of prover code to require `Field64`, since 64-bit stuff is used in a couple places, like the FRI proof-of-work
- Remove `bits()`, which was unused and assumed a 64-bit field
- Rename a couple methods to reflect that they're u64 variants
There are no functional changes.
* Field64 -> PrimeField
* Remove `exp_u32`, `kth_root_u32`
* PrimeField: PrimeField
* Move `to_canonical_biguint` as well
* Add back from_noncanonical_u128
* Simplify and refactor GMiMC benchmark.
* Refactor/combine GMiMC and Rescue hash benchmarks.
* Remove old Rescue bench; rename GMiMC bench.
* Add from_canonical_u128 for fields.
* Initial version of Poseidon.
* Partial implementation of fast Poseidon.
* Complete (but broken) implementation of fast partial rounds.
* Fix index calculation.
* Add basic tests.
* Fix constants; fix bugs in fast partial round calculation.
* Rename main functions.
* Add test vectors.
* Use x^7 for s-box monomial.
* Fix s-box application in fast version.
* Make WIDTH a parameter.
* Working version with both widths.
* Updated the constants so they use x^3; added test vectors.
* Expand bench_hash to cover both widths and report relative slowdown.
* Remove references to MaybeUninit.
* First draft of refactoring the two Poseidon widths.
* Tidy up use of conversion to/from raw data.
* Add some comments.
* Refactor tests.
* Apply cargo fmt changes.
* Have `Field`s implement `PoseidonInterface` (#209)
* Have `Field`s implement `PoseidonInterface`
Rather than having a sort of "dummy struct" implement `PoseidonInterface` with the field as a generic param. I think this seems more natural and type-safe.
The type safety does come at a price -- it would be harder to do dynamic things such as taking `WIDTH` as a command line option -- but I think that's alright.
* Fix missed conflicts.
* cargo fmt fixes.
* Fix to accommodate changes in latest nightly.
Co-authored-by: Hamish Ivey-Law <426294+unzvfu@users.noreply.github.com>
Co-authored-by: Hamish Ivey-Law <hamish@ivey-law.name>
* Sanity check number of rounds.
Co-authored-by: Daniel Lubarov <daniel@lubarov.com>
* Field: Default
It's done for primitive types like `u64`, so seems conventional, and some code in mir-core expects it.
* HashOut::ZERO
* Default for HashOut
* fmt
* pub elements
* Debug
* rand_from_rng
No functional changes here. The biggest change was moving certain files into new directories like `plonk` and `iop` (for things like `Challenger` that could be used in STARKs or other IOPs). I also split a few files, renames, etc, but again nothing functional, so I don't think a careful review is necessary (just a sanity check).
Using `serde_cbor` for now. It's probably far from optimal, as we have many `Vec`s which I assume it will prefix with their lengths, but it's a nice and easy method for now.
* Use built-in `reverse_bits`; remove duplicate `reverse_index_bits`.
* Reduce precomputation time/space complexity from quadratic to linear.
* Several working cache-friendly FFTs.
* Fix to allow FFT of constant polynomial.
* Simplify FFT strategy choice.
* Add PrimeField and CHARACTERISTIC properties to Fields.
* Add faster method for inverse of 2^m.
* Pre-compute some of the roots; tidy up loop iteration.
* Precomputation for both FFT variants.
* Refactor precomputation; add optional parameters; rename some things.
* Unrolled version with zero tail.
* Iterative version of Unrolled precomputation.
* Test zero tail algo.
* Restore default degree.
* Address comments from @dlubarov and @wborgeaud.
* Draw challenge points from the extension field
* Now building
* Misc
* Default eval_unfiltered_base
* fmt
* A few field settings
* Add to Sage
* Display tweak
* eval_filtered_base
* Quartic in bench
* Missing methods
* Fix tests
* PR feedback
