some loop unrolling (in REDC particularly) seems to help a bit (about 20%)

Cargo.toml

@@ -8,9 +8,10 @@ authors = ["Balazs Komuves"]
 default-run = "testmain"
 
 [dependencies]
+unroll = ">= 0.1.5"
 
 [dev-dependencies]
-criterion = "0.3"
+criterion = ">= 0.8"
 
 [lib]
 bench = false

src/bn254/bigint.rs

@@ -11,6 +11,8 @@
 use std::fmt;
 use std::cmp::{Ordering,min};
 
+use unroll::unroll_for_loops;
+
 use crate::bn254::platform::*;
 
 //------------------------------------------------------------------------------
@@ -130,6 +132,7 @@ impl<const N: usize> BigInt<N> {
   }
 
   #[inline(always)]
+  #[unroll_for_loops]
   pub fn addCarry(big1: &BigInt<N>, big2: &BigInt<N>) -> (BigInt<N>, bool) {
     let mut c  : bool = false;  
     let mut zs : [u32; N] = [0; N];
@@ -143,6 +146,7 @@ impl<const N: usize> BigInt<N> {
   }
 
   #[inline(always)]
+  #[unroll_for_loops]
   pub fn subBorrow(big1: &BigInt<N>, big2: &BigInt<N>) -> (BigInt<N>, bool) {
     let mut c  : bool = false;  
     let mut zs : [u32; N] = [0; N];
@@ -178,6 +182,7 @@ impl<const N: usize> BigInt<N> {
   }
 
   #[inline]
+  #[unroll_for_loops]
   pub fn scaleAdd(scalar: u32, vector: &BigInt<N>, add: &BigInt<N>) -> (BigInt<N>, u32) {
     let mut c  : u32 = 0;
     let mut zs : [u32; N] = [0; N];
@@ -190,6 +195,7 @@ impl<const N: usize> BigInt<N> {
     (big, c)
   }
 
+  // #[unroll_for_loops]
   pub fn multiply<const M: usize>(big1: &BigInt<N>, big2: &BigInt<M>) -> BigInt<{N+M}> {
     let mut product : [u32; N+M] = [0; N+M];
     let mut state   : [u32; N]   = [0; N];

src/bn254/montgomery.rs

@@ -8,6 +8,8 @@
 
 use std::fmt;
 
+use unroll::unroll_for_loops;
+
 use crate::bn254::platform::*;
 use crate::bn254::bigint::*;
 use crate::bn254::constant::*;
@@ -122,6 +124,8 @@ impl Mont {
 
   // we can abuse the fact that we know the prime number `p`,
   // for which `p < 2^254` so we won't overflow in the 17th word
+  
+  #[unroll_for_loops]
   fn redc(input: BigInt<16>) -> Big {
 
     let mut T: [u32; 16] = BigInt::unwrap(input);