diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_flavor.hpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_flavor.hpp index 3829e92e2a0..79b94239b9c 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_flavor.hpp @@ -667,7 +667,10 @@ class ECCVMFlavor { VerificationKey(const std::shared_ptr& proving_key) { - this->pcs_verification_key = std::make_shared(proving_key->circuit_size); + // IPA verification key requires one more point. + // TODO(https://github.com/AztecProtocol/barretenberg/issues/1025): make it so that PCSs inform the crs of + // how many points they need + this->pcs_verification_key = std::make_shared(proving_key->circuit_size + 1); this->circuit_size = proving_key->circuit_size; this->log_circuit_size = numeric::get_msb(this->circuit_size); this->num_public_inputs = proving_key->num_public_inputs; diff --git a/barretenberg/cpp/src/barretenberg/grumpkin_srs_gen/grumpkin_srs_gen.cpp b/barretenberg/cpp/src/barretenberg/grumpkin_srs_gen/grumpkin_srs_gen.cpp index df09826a132..bb5d7cf5d3c 100644 --- a/barretenberg/cpp/src/barretenberg/grumpkin_srs_gen/grumpkin_srs_gen.cpp +++ b/barretenberg/cpp/src/barretenberg/grumpkin_srs_gen/grumpkin_srs_gen.cpp @@ -3,6 +3,7 @@ #include #include "barretenberg/common/net.hpp" +#include "barretenberg/common/thread.hpp" #include "barretenberg/crypto/sha256/sha256.hpp" #include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp" #include "barretenberg/srs/io.hpp" @@ -36,40 +37,49 @@ int main(int argc, char** argv) std::vector srs(subgroup_size); - std::vector hash_input; - - for (size_t point_idx = 0; point_idx < subgroup_size; ++point_idx) { - bool rational_point_found = false; - size_t attempt = 0; - while (!rational_point_found) { - hash_input.clear(); - // We hash |BARRETENBERG_GRUMPKIN_IPA_CRS|POINT_INDEX_IN_LITTLE_ENDIAN|POINT_ATTEMPT_INDEX_IN_LITTLE_ENDIAN| - std::copy(protocol_name.begin(), protocol_name.end(), std::back_inserter(hash_input)); - uint64_t point_index_le_order = htonll(static_cast(point_idx)); - uint64_t point_attempt_le_order = htonll(static_cast(attempt)); - hash_input.insert(hash_input.end(), - reinterpret_cast(&point_index_le_order), - reinterpret_cast(&point_index_le_order) + sizeof(uint64_t)); - hash_input.insert(hash_input.end(), - reinterpret_cast(&point_attempt_le_order), - reinterpret_cast(&point_attempt_le_order) + sizeof(uint64_t)); - auto hash_result = crypto::sha256(hash_input); - uint256_t hash_result_uint(ntohll(*reinterpret_cast(hash_result.data())), - ntohll(*reinterpret_cast(hash_result.data() + sizeof(uint64_t))), - ntohll(*reinterpret_cast(hash_result.data() + 2 * sizeof(uint64_t))), - ntohll(*reinterpret_cast(hash_result.data() + 3 * sizeof(uint64_t)))); - // We try to get a point from the resulting hash - auto crs_element = grumpkin::g1::affine_element::from_compressed(hash_result_uint); - // If the points coordinates are (0,0) then the compressed representation didn't land on an actual point - // (happens half of the time) and we need to continue searching - if (!crs_element.x.is_zero() || !crs_element.y.is_zero()) { - rational_point_found = true; - srs.at(point_idx) = static_cast(crs_element); - break; +#ifndef NO_MULTITHREADING + std::mutex vector_access_mutex; +#endif + run_loop_in_parallel(subgroup_size, [&](size_t start, size_t end) { + std::vector hash_input; + for (size_t point_idx = start; point_idx < end; ++point_idx) { + bool rational_point_found = false; + size_t attempt = 0; + while (!rational_point_found) { + hash_input.clear(); + // We hash + // |BARRETENBERG_GRUMPKIN_IPA_CRS|POINT_INDEX_IN_LITTLE_ENDIAN|POINT_ATTEMPT_INDEX_IN_LITTLE_ENDIAN| + std::copy(protocol_name.begin(), protocol_name.end(), std::back_inserter(hash_input)); + uint64_t point_index_le_order = htonll(static_cast(point_idx)); + uint64_t point_attempt_le_order = htonll(static_cast(attempt)); + hash_input.insert(hash_input.end(), + reinterpret_cast(&point_index_le_order), + reinterpret_cast(&point_index_le_order) + sizeof(uint64_t)); + hash_input.insert(hash_input.end(), + reinterpret_cast(&point_attempt_le_order), + reinterpret_cast(&point_attempt_le_order) + sizeof(uint64_t)); + auto hash_result = crypto::sha256(hash_input); + uint256_t hash_result_uint( + ntohll(*reinterpret_cast(hash_result.data())), + ntohll(*reinterpret_cast(hash_result.data() + sizeof(uint64_t))), + ntohll(*reinterpret_cast(hash_result.data() + 2 * sizeof(uint64_t))), + ntohll(*reinterpret_cast(hash_result.data() + 3 * sizeof(uint64_t)))); + // We try to get a point from the resulting hash + auto crs_element = grumpkin::g1::affine_element::from_compressed(hash_result_uint); + // If the points coordinates are (0,0) then the compressed representation didn't land on an actual point + // (happens half of the time) and we need to continue searching + if (!crs_element.x.is_zero() || !crs_element.y.is_zero()) { + rational_point_found = true; + { + std::unique_lock lock(vector_access_mutex); + srs.at(point_idx) = static_cast(crs_element); + } + break; + } + attempt += 1; } - attempt += 1; } - } + }); bb::srs::Manifest manifest{ 0, 1, static_cast(subgroup_size), 0, static_cast(subgroup_size), 0, 0 };