mirror of
https://github.com/monero-project/monero.git
synced 2024-10-01 11:49:47 -04:00
bulletproofs: cut down on keyV allocations
This commit is contained in:
parent
37345921ec
commit
acb68dbaa9
@ -48,12 +48,12 @@ extern "C"
|
|||||||
|
|
||||||
//#define DEBUG_BP
|
//#define DEBUG_BP
|
||||||
|
|
||||||
#if 1
|
#if 0
|
||||||
#define PERF_TIMER_START_BP(x) PERF_TIMER_START_UNIT(x, 1000000)
|
#define PERF_TIMER_START_BP(x) PERF_TIMER_START_UNIT(x, 1000000)
|
||||||
#define PERF_TIMER_STOP_BP(x) PERF_TIMER_STOP(x)
|
#define PERF_TIMER_STOP_BP(x) PERF_TIMER_STOP(x)
|
||||||
#else
|
#else
|
||||||
#define PERF_TIMER_START_BP(x) ((void*)0)
|
#define PERF_TIMER_START_BP(x) ((void)0)
|
||||||
#define PERF_TIMER_STOP_BP(x) ((void*)0)
|
#define PERF_TIMER_STOP_BP(x) ((void)0)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define STRAUS_SIZE_LIMIT 232
|
#define STRAUS_SIZE_LIMIT 232
|
||||||
@ -439,35 +439,35 @@ static epee::span<const rct::key> slice(const rct::keyV &a, size_t start, size_t
|
|||||||
|
|
||||||
static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1)
|
static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1)
|
||||||
{
|
{
|
||||||
rct::keyV data;
|
rct::key data[3];
|
||||||
data.reserve(3);
|
data[0] = hash_cache;
|
||||||
data.push_back(hash_cache);
|
data[1] = mash0;
|
||||||
data.push_back(mash0);
|
data[2] = mash1;
|
||||||
data.push_back(mash1);
|
rct::hash_to_scalar(hash_cache, data, sizeof(data));
|
||||||
return hash_cache = rct::hash_to_scalar(data);
|
return hash_cache;
|
||||||
}
|
}
|
||||||
|
|
||||||
static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1, const rct::key &mash2)
|
static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1, const rct::key &mash2)
|
||||||
{
|
{
|
||||||
rct::keyV data;
|
rct::key data[4];
|
||||||
data.reserve(4);
|
data[0] = hash_cache;
|
||||||
data.push_back(hash_cache);
|
data[1] = mash0;
|
||||||
data.push_back(mash0);
|
data[2] = mash1;
|
||||||
data.push_back(mash1);
|
data[3] = mash2;
|
||||||
data.push_back(mash2);
|
rct::hash_to_scalar(hash_cache, data, sizeof(data));
|
||||||
return hash_cache = rct::hash_to_scalar(data);
|
return hash_cache;
|
||||||
}
|
}
|
||||||
|
|
||||||
static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1, const rct::key &mash2, const rct::key &mash3)
|
static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1, const rct::key &mash2, const rct::key &mash3)
|
||||||
{
|
{
|
||||||
rct::keyV data;
|
rct::key data[5];
|
||||||
data.reserve(5);
|
data[0] = hash_cache;
|
||||||
data.push_back(hash_cache);
|
data[1] = mash0;
|
||||||
data.push_back(mash0);
|
data[2] = mash1;
|
||||||
data.push_back(mash1);
|
data[3] = mash2;
|
||||||
data.push_back(mash2);
|
data[4] = mash3;
|
||||||
data.push_back(mash3);
|
rct::hash_to_scalar(hash_cache, data, sizeof(data));
|
||||||
return hash_cache = rct::hash_to_scalar(data);
|
return hash_cache;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Given a value v (0..2^N-1) and a mask gamma, construct a range proof */
|
/* Given a value v (0..2^N-1) and a mask gamma, construct a range proof */
|
||||||
@ -825,6 +825,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
|
|||||||
size_t inv_offset = 0;
|
size_t inv_offset = 0;
|
||||||
std::vector<rct::key> to_invert;
|
std::vector<rct::key> to_invert;
|
||||||
to_invert.reserve(11 * sizeof(proofs));
|
to_invert.reserve(11 * sizeof(proofs));
|
||||||
|
size_t max_logM = 0;
|
||||||
for (const Bulletproof *p: proofs)
|
for (const Bulletproof *p: proofs)
|
||||||
{
|
{
|
||||||
const Bulletproof &proof = *p;
|
const Bulletproof &proof = *p;
|
||||||
@ -861,6 +862,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
|
|||||||
size_t M;
|
size_t M;
|
||||||
for (pd.logM = 0; (M = 1<<pd.logM) <= maxM && M < proof.V.size(); ++pd.logM);
|
for (pd.logM = 0; (M = 1<<pd.logM) <= maxM && M < proof.V.size(); ++pd.logM);
|
||||||
CHECK_AND_ASSERT_MES(proof.L.size() == 6+pd.logM, false, "Proof is not the expected size");
|
CHECK_AND_ASSERT_MES(proof.L.size() == 6+pd.logM, false, "Proof is not the expected size");
|
||||||
|
max_logM = std::max(pd.logM, max_logM);
|
||||||
|
|
||||||
const size_t rounds = pd.logM+logN;
|
const size_t rounds = pd.logM+logN;
|
||||||
CHECK_AND_ASSERT_MES(rounds > 0, false, "Zero rounds");
|
CHECK_AND_ASSERT_MES(rounds > 0, false, "Zero rounds");
|
||||||
@ -888,7 +890,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
|
|||||||
rct::key tmp;
|
rct::key tmp;
|
||||||
|
|
||||||
std::vector<MultiexpData> multiexp_data;
|
std::vector<MultiexpData> multiexp_data;
|
||||||
multiexp_data.reserve(nV + (2 * (10/*logM*/ + logN) + 4) * proofs.size() + 2 * maxMN);
|
multiexp_data.reserve(nV + (2 * (max_logM + logN) + 4) * proofs.size() + 2 * maxMN);
|
||||||
multiexp_data.resize(2 * maxMN);
|
multiexp_data.resize(2 * maxMN);
|
||||||
|
|
||||||
PERF_TIMER_START_BP(VERIFY_line_24_25_invert);
|
PERF_TIMER_START_BP(VERIFY_line_24_25_invert);
|
||||||
@ -901,6 +903,8 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
|
|||||||
rct::keyV m_z4(maxMN, rct::zero()), m_z5(maxMN, rct::zero());
|
rct::keyV m_z4(maxMN, rct::zero()), m_z5(maxMN, rct::zero());
|
||||||
rct::key m_y0 = rct::zero(), y1 = rct::zero();
|
rct::key m_y0 = rct::zero(), y1 = rct::zero();
|
||||||
int proof_data_index = 0;
|
int proof_data_index = 0;
|
||||||
|
rct::keyV w_cache;
|
||||||
|
rct::keyV proof8_V, proof8_L, proof8_R;
|
||||||
for (const Bulletproof *p: proofs)
|
for (const Bulletproof *p: proofs)
|
||||||
{
|
{
|
||||||
const Bulletproof &proof = *p;
|
const Bulletproof &proof = *p;
|
||||||
@ -913,9 +917,9 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
|
|||||||
const rct::key weight_z = rct::skGen();
|
const rct::key weight_z = rct::skGen();
|
||||||
|
|
||||||
// pre-multiply some points by 8
|
// pre-multiply some points by 8
|
||||||
rct::keyV proof8_V = proof.V; for (rct::key &k: proof8_V) k = rct::scalarmult8(k);
|
proof8_V.resize(proof.V.size()); for (size_t i = 0; i < proof.V.size(); ++i) proof8_V[i] = rct::scalarmult8(proof.V[i]);
|
||||||
rct::keyV proof8_L = proof.L; for (rct::key &k: proof8_L) k = rct::scalarmult8(k);
|
proof8_L.resize(proof.L.size()); for (size_t i = 0; i < proof.L.size(); ++i) proof8_L[i] = rct::scalarmult8(proof.L[i]);
|
||||||
rct::keyV proof8_R = proof.R; for (rct::key &k: proof8_R) k = rct::scalarmult8(k);
|
proof8_R.resize(proof.R.size()); for (size_t i = 0; i < proof.R.size(); ++i) proof8_R[i] = rct::scalarmult8(proof.R[i]);
|
||||||
rct::key proof8_T1 = rct::scalarmult8(proof.T1);
|
rct::key proof8_T1 = rct::scalarmult8(proof.T1);
|
||||||
rct::key proof8_T2 = rct::scalarmult8(proof.T2);
|
rct::key proof8_T2 = rct::scalarmult8(proof.T2);
|
||||||
rct::key proof8_S = rct::scalarmult8(proof.S);
|
rct::key proof8_S = rct::scalarmult8(proof.S);
|
||||||
@ -976,7 +980,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs)
|
|||||||
|
|
||||||
// precalc
|
// precalc
|
||||||
PERF_TIMER_START_BP(VERIFY_line_24_25_precalc);
|
PERF_TIMER_START_BP(VERIFY_line_24_25_precalc);
|
||||||
rct::keyV w_cache(1<<rounds);
|
w_cache.resize(1<<rounds);
|
||||||
w_cache[0] = winv[0];
|
w_cache[0] = winv[0];
|
||||||
w_cache[1] = pd.w[0];
|
w_cache[1] = pd.w[0];
|
||||||
for (size_t j = 1; j < rounds; ++j)
|
for (size_t j = 1; j < rounds; ++j)
|
||||||
|
Loading…
Reference in New Issue
Block a user