Implement more efficient decomposition in G2 for GLV

AleoNet / snarkVM

A Virtual Machine for Zero-Knowledge Executions

https://snarkvm.org

Apache License 2.0

1.08k stars 1.5k forks source link

Implement more efficient decomposition in G2 for GLV #1145

Open jules opened 2 years ago

jules commented 2 years ago

    Something that we might want to follow up on is that for G2 there exists an even more efficient decomposition relying on the GLS endomorphism (https://eprint.iacr.org/2008/194)

_Originally posted by @Pratyush in https://github.com/AleoHQ/snarkVM/pull/1084#discussion_r987115395_

howardwu commented 2 years ago

I think we may have implemented this in PR https://github.com/AleoHQ/snarkVM/pull/1084.

Could @julesdesmit or @Pratyush confirm this? (feel free to close this issue if so)

howardwu commented 2 years ago

On a related note, do we want to open a Github issue regarding the MSM optimization? @Pratyush

Pratyush commented 2 years ago

We haven't implemented the more efficient GLS optimization in G2. However it's also less impactful for us since we don't do many G2 muls.