madars
commented
7 years ago Whoops, pushed a commit with suboptimal variable names. Will re-PR shortly.
Closed madars closed 7 years ago
madars
commented
7 years ago Whoops, pushed a commit with suboptimal variable names. Will re-PR shortly.
In [GM17] proof system the proving key contains elements of the form t^i gamma^2 G (0 <= i <=d ); these elements were previously computing by performing d sequential exponentiations (i.e. d sequential calls to G1::operator*). This commit changes this computation to use batch exponentiation instead.
Performance impact: the generator runtime, reported by
profile_r1cs_se_ppzksnark 1000000 10(i.e. million R1CS constraints and 10 inputs) on a system with i7-4770 Haswell CPU, decreases from ~358s to ~100s.