Switch to Montgomery representation

examples/rust/arkworks-icicle-conversions/src/main.rs

@@ -2,14 +2,14 @@ use clap::Parser;
 use std::ops::Mul;
 use std::time::Instant;
 
-use ark_bn254::{Fq, Fr, G1Affine as ArkAffine, G1Projective as ArkProjective};
+use ark_bn254::{Fq, Fr, G1Affine as ArkAffine, G1Projective as ArkJacobian};
 use ark_ec::{AffineRepr, CurveGroup, VariableBaseMSM};
-use ark_ff::{BigInteger, PrimeField};
+use ark_ff::PrimeField;
 
 use icicle_bn254::curve::{G1Affine as IcicleAffine, G1Projective as IcicleProjective, ScalarField as IcicleScalar};
 use icicle_core::{
     msm::{msm, MSMConfig},
-    traits::{FieldImpl, MontgomeryConvertible},
+    traits::FieldImpl,
 };
 use icicle_runtime::{
     memory::{DeviceVec, HostSlice},
@@ -58,7 +58,7 @@ fn incremental_ark_affine_points(size: usize) -> Vec<ArkAffine> {
         .collect()
 }
 
-fn incremental_ark_projective_points(size: usize) -> Vec<ArkProjective> {
+fn incremental_ark_projective_points(size: usize) -> Vec<ArkJacobian> {
     (1..=size)
         .map(|i| ArkAffine::generator().mul(&Fr::from(i as u64)))
         .collect()
@@ -67,28 +67,45 @@ fn incremental_ark_projective_points(size: usize) -> Vec<ArkProjective> {
 //============================================================================================//
 //========================= Convert single field element ark<->ICICLE ========================//
 //============================================================================================//
+
+// Since both arkworks and ICICLE use montgomery format, we simply copy the underlying data
+// Note: We can also transmute and avoid the copy entirely (unsafe)
+
 fn from_ark<T, I>(ark: &T) -> I
 where
     T: PrimeField,
     I: FieldImpl,
 {
-    let mut ark_bytes = Vec::with_capacity(T::BigInt::NUM_LIMBS * 8 * T::extension_degree() as usize);
-    for base_elem in ark.to_base_prime_field_elements() {
-        ark_bytes.extend_from_slice(
-            &base_elem
-                .into_bigint()
-                .to_bytes_le(),
-        );
-    }
-    I::from_bytes_le(&ark_bytes)
+    // Ensure the size of the output type matches the input representation
+    assert_eq!(
+        std::mem::size_of::<T>(),
+        std::mem::size_of::<I>(),
+        "Size mismatch between input and output types"
+    );
+
+    // Transmute the element and copy as is
+    let raw_bytes: &[u8] =
+        unsafe { std::slice::from_raw_parts(ark as *const T as *const u8, std::mem::size_of::<T>()) };
+    I::from_bytes_le(raw_bytes)
 }
 
 fn to_ark<T, I>(icicle: &I) -> T
 where
     T: PrimeField,
     I: FieldImpl,
 {
-    T::from_random_bytes(&icicle.to_bytes_le()).unwrap()
+    unsafe {
+        // Ensure sizes match between `I` and `T`
+        assert_eq!(
+            std::mem::size_of::<I>(),
+            std::mem::size_of::<T>(),
+            "Size mismatch between source and target field elements"
+        );
+
+        // Transmute the element and copy as is
+        let raw_icicle_bytes = icicle as *const I as *const T;
+        std::ptr::read(raw_icicle_bytes)
+    }
 }
 
 //============================================================================================//
@@ -99,23 +116,20 @@ where
 fn transmute_ark_to_icicle_scalars<T, I>(ark_scalars: &mut [T]) -> &mut [I]
 where
     T: PrimeField,
-    I: FieldImpl + MontgomeryConvertible,
+    I: FieldImpl,
 {
     // SAFETY: Reinterpreting Arkworks field elements as Icicle-specific scalars
+    // NOTE: both are assumed to be in Montgomery form
     let icicle_scalars = unsafe { &mut *(ark_scalars as *mut _ as *mut [I]) };
-
-    let icicle_host_slice = HostSlice::from_mut_slice(&mut icicle_scalars[..]);
-
-    // Convert from Montgomery representation using the Icicle type's conversion method
-    I::from_mont(icicle_host_slice, &IcicleStream::default());
-
     icicle_scalars
 }
 
+// Copying to device-memory since it is faster for ICICLE backend to access
+
 fn ark_to_icicle_scalars_async<T, I>(ark_scalars: &[T], stream: &IcicleStream) -> DeviceVec<I>
 where
     T: PrimeField,
-    I: FieldImpl + MontgomeryConvertible,
+    I: FieldImpl,
 {
     // SAFETY: Reinterpreting Arkworks field elements as Icicle-specific scalars
     let icicle_scalars = unsafe { &*(ark_scalars as *const _ as *const [I]) };
@@ -128,17 +142,19 @@ where
         .copy_from_host_async(&icicle_host_slice, &stream)
         .unwrap();
 
-    // Convert from Montgomery representation using the Icicle type's conversion method
-    I::from_mont(&mut icicle_scalars, &stream);
     icicle_scalars
 }
 
 fn ark_to_icicle_scalars<T, I>(ark_scalars: &[T]) -> DeviceVec<I>
 where
     T: PrimeField,
-    I: FieldImpl + MontgomeryConvertible,
+    I: FieldImpl,
 {
-    ark_to_icicle_scalars_async(ark_scalars, &IcicleStream::default()) // default stream is sync
+    let icicle_scalars = ark_to_icicle_scalars_async(ark_scalars, &IcicleStream::default());
+    IcicleStream::default()
+        .synchronize()
+        .unwrap();
+    icicle_scalars
 }
 
 // Note that you can also do the following but it's slower and we prefer the result in device memory
@@ -169,7 +185,7 @@ fn ark_to_icicle_affine_points(ark_affine: &[ArkAffine]) -> Vec<IcicleAffine> {
         .collect()
 }
 
-fn ark_to_icicle_projective_points(ark_projective: &[ArkProjective]) -> Vec<IcicleProjective> {
+fn ark_to_icicle_projective_points(ark_projective: &[ArkJacobian]) -> Vec<IcicleProjective> {
     ark_projective
         .par_iter()
         .map(|ark| {
@@ -192,7 +208,7 @@ fn icicle_to_ark_affine_points(icicle_projective: &[IcicleAffine]) -> Vec<ArkAff
         .collect()
 }
 
-fn icicle_to_ark_projective_points(icicle_projective: &[IcicleProjective]) -> Vec<ArkProjective> {
+fn icicle_to_ark_projective_points(icicle_projective: &[IcicleProjective]) -> Vec<ArkJacobian> {
     icicle_projective
         .par_iter()
         .map(|icicle| {
@@ -203,7 +219,7 @@ fn icicle_to_ark_projective_points(icicle_projective: &[IcicleProjective]) -> Ve
             // conversion between projective used in icicle and Jacobian used in arkworks
             let proj_x = proj_x * proj_z;
             let proj_y = proj_y * proj_z * proj_z;
-            ArkProjective::new_unchecked(proj_x, proj_y, proj_z)
+            ArkJacobian::new_unchecked(proj_x, proj_y, proj_z)
         })
         .collect()
 }
@@ -217,7 +233,7 @@ fn main() {
         "Randomizing {} scalars, affine and ark projective (actually Jacobian) points",
         args.size
     );
-    let ark_scalars = random_ark_scalars(args.size);
+    let ark_scalars = random_ark_scalars::<Fr /*=scalar field*/>(args.size);
     let ark_projective_points = incremental_ark_projective_points(args.size);
     let ark_affine_points = incremental_ark_affine_points(args.size);
 
@@ -272,7 +288,7 @@ fn main() {
     //================================ Part 5: compute MSM  ======================================//
     //============================================================================================//
     let start = Instant::now();
-    let ark_msm_result = ArkProjective::msm(&ark_affine_points, &ark_scalars).unwrap();
+    let ark_msm_result = ArkJacobian::msm(&ark_affine_points, &ark_scalars).unwrap();
     let duration = start.elapsed();
     println!("Time taken for Ark MSM: {:?}", duration);
 
@@ -317,7 +333,7 @@ fn main() {
 
     let start = Instant::now();
     msm(
-        &icicle_scalars_dev,
+        &icicle_scalars_dev, // or HostSlice::from_slice(&_icicle_transumated_scalars)
         &d_icicle_affine_points,
         &MSMConfig::default(),
         HostSlice::from_mut_slice(&mut icicle_msm_result),

icicle/CMakeLists.txt

@@ -123,6 +123,11 @@ if (HASH)
   setup_hash_target()
 endif()
 
+option(BARRET "Use Barret representation" OFF)
+if(BARRET)
+  add_compile_definitions(BARRET)
+endif()
+
 if (CPU_BACKEND)
   add_subdirectory(backend/cpu)
 endif()

icicle/backend/cpu/src/curve/cpu_msm.hpp

@@ -451,9 +451,13 @@ void Msm<A, P>::phase1_bucket_accumulator(const scalar_t* scalars, const A* base
     bool negate_p_and_s = scalar.get_scalar_digit(scalar_t::NBITS - 1, 1) > 0;
     if (negate_p_and_s) { scalar = scalar_t::neg(scalar); }
     for (int j = 0; j < m_precompute_factor; j++) {
-      // Handle required preprocess of base P
+      // Handle required preprocess of base P according to the version of Field/Ec adder (accepting Barret / Montgomery)
       A base =
+#ifdef BARRET
         m_are_points_mont ? A::from_montgomery(bases[m_precompute_factor * i + j]) : bases[m_precompute_factor * i + j];
+#else
+        m_are_points_mont ? bases[m_precompute_factor * i + j] : A::to_montgomery(bases[m_precompute_factor * i + j]);
+#endif
       if (base == A::zero()) { continue; }
       if (negate_p_and_s) { base = A::neg(base); }
 
@@ -780,12 +784,23 @@ eIcicleError cpu_msm_precompute_bases(
   const unsigned int shift = c * ((num_bms_no_precomp - 1) / precompute_factor + 1);
   for (int i = 0; i < nof_bases; i++) {
     output_bases[precompute_factor * i] = input_bases[i];
-    P point = P::from_affine(is_mont ? A::from_montgomery(input_bases[i]) : input_bases[i]);
+    // Handle required preprocess of base P according to the version of Field/Ec adder (accepting Barret / Montgomery)
+    P point =
+#ifdef BARRET
+      P::from_affine(is_mont ? A::from_montgomery(input_bases[i]) : input_bases[i]);
+#else
+      P::from_affine(is_mont ? input_bases[i] : A::to_montgomery(input_bases[i]));
+#endif
     for (int j = 1; j < precompute_factor; j++) {
       for (int k = 0; k < shift; k++) {
         point = P::dbl(point);
       }
-      output_bases[precompute_factor * i + j] = is_mont ? A::to_montgomery(P::to_affine(point)) : P::to_affine(point);
+      output_bases[precompute_factor * i + j] =
+#ifdef BARRET
+        is_mont ? A::to_montgomery(P::to_affine(point)) : P::to_affine(point);
+#else
+        is_mont ? P::to_affine(point) : A::from_montgomery(P::to_affine(point));
+#endif
     }
   }
   return eIcicleError::SUCCESS;

icicle/include/icicle/curves/params/bls12_377.h

@@ -25,6 +25,11 @@ namespace bls12_377 {
     static constexpr point_field_t weierstrass_b = {0x00000001, 0x00000000, 0x00000000, 0x00000000,
                                                     0x00000000, 0x00000000, 0x00000000, 0x00000000,
                                                     0x00000000, 0x00000000, 0x00000000, 0x00000000};
+    static constexpr bool is_b_u32 = true;
+    static constexpr bool is_b_neg = false;
+    // static constexpr point_field_t weierstrass_3b = {0x00000003, 0x00000000, 0x00000000, 0x00000000,
+    //                                                  0x00000000, 0x00000000, 0x00000000, 0x00000000,
+    //                                                  0x00000000, 0x00000000, 0x00000000, 0x00000000};
   }; // G1
 
   struct G2 {
@@ -47,6 +52,15 @@ namespace bls12_377 {
                                                           0x3c6bf800, 0x129207b6, 0xcd5fd889, 0xdc7b4f91,
                                                           0x7460c589, 0x43bd0373, 0xdb0fd6f3, 0x010222f6};
 
+    static constexpr point_field_t weierstrass_b_mont_g2_im = {0xe2663d60, 0xaa1bd183, 0x8998c2dc, 0xd5628c5f,
+                                                               0x69d8c583, 0x6bd9c3dc, 0xe648e0b0, 0x4a7ad7c6,
+                                                               0x518eb47f, 0x68317e83, 0x69cb5e0f, 0x009617f3};
+
+    static constexpr bool is_b_u32_g2_re = true;
+    static constexpr bool is_b_neg_g2_re = false;
+    static constexpr bool is_b_u32_g2_im = false;
+    static constexpr bool is_b_neg_g2_im = false;
+
     static constexpr g2_point_field_t gen_x = {g2_gen_x_re, g2_gen_x_im};
     static constexpr g2_point_field_t gen_y = {g2_gen_y_re, g2_gen_y_im};
     static constexpr g2_point_field_t weierstrass_b = {weierstrass_b_g2_re, weierstrass_b_g2_im};

icicle/include/icicle/curves/params/bls12_381.h

@@ -25,6 +25,8 @@ namespace bls12_381 {
     static constexpr point_field_t weierstrass_b = {0x00000004, 0x00000000, 0x00000000, 0x00000000,
                                                     0x00000000, 0x00000000, 0x00000000, 0x00000000,
                                                     0x00000000, 0x00000000, 0x00000000, 0x00000000};
+    static constexpr bool is_b_u32 = true;
+    static constexpr bool is_b_neg = false;
   };
 
   struct G2 {
@@ -48,6 +50,11 @@ namespace bls12_381 {
                                                           0x00000000, 0x00000000, 0x00000000, 0x00000000,
                                                           0x00000000, 0x00000000, 0x00000000, 0x00000000};
 
+    static constexpr bool is_b_u32_g2_re = true;
+    static constexpr bool is_b_neg_g2_re = false;
+    static constexpr bool is_b_u32_g2_im = true;
+    static constexpr bool is_b_neg_g2_im = false;
+
     static constexpr g2_point_field_t gen_x = {g2_gen_x_re, g2_gen_x_im};
     static constexpr g2_point_field_t gen_y = {g2_gen_y_re, g2_gen_y_im};
     static constexpr g2_point_field_t weierstrass_b = {weierstrass_b_g2_re, weierstrass_b_g2_im};

icicle/include/icicle/curves/params/bn254.h

@@ -24,6 +24,8 @@ namespace bn254 {
                                             0x00000000, 0x00000000, 0x00000000, 0x00000000};
     static constexpr point_field_t weierstrass_b = {0x00000003, 0x00000000, 0x00000000, 0x00000000,
                                                     0x00000000, 0x00000000, 0x00000000, 0x00000000};
+    static constexpr bool is_b_u32 = true;
+    static constexpr bool is_b_neg = false;
   }; // G1
 
   struct G2 {
@@ -40,6 +42,16 @@ namespace bn254 {
     static constexpr point_field_t weierstrass_b_g2_im = {0x85c315d2, 0xe4a2bd06, 0xe52d1852, 0xa74fa084,
                                                           0xeed8fdf4, 0xcd2cafad, 0x3af0fed4, 0x009713b0};
 
+    static constexpr point_field_t weierstrass_b_mont_g2_re = {0x117071f8, 0xbb90ed1c, 0x7b5ec718, 0x14682c41,
+                                                               0xbb53b8dd, 0x3efe858b, 0xc92f89a9, 0x2edc811a};
+    static constexpr point_field_t weierstrass_b_mont_g2_im = {0xfbc67f71, 0x19ecc463, 0xee31876b, 0x01cadc30,
+                                                               0x6c5b4ca2, 0x1693ee7e, 0x4376a62a, 0x206e678f};
+
+    static constexpr bool is_b_u32_g2_re = false;
+    static constexpr bool is_b_neg_g2_re = false;
+    static constexpr bool is_b_u32_g2_im = false;
+    static constexpr bool is_b_neg_g2_im = false;
+
     static constexpr g2_point_field_t gen_x = {g2_gen_x_re, g2_gen_x_im};
     static constexpr g2_point_field_t gen_y = {g2_gen_y_re, g2_gen_y_im};
     static constexpr g2_point_field_t weierstrass_b = {weierstrass_b_g2_re, weierstrass_b_g2_im};

icicle/include/icicle/curves/params/bw6_761.h

@@ -26,9 +26,16 @@ namespace bw6_761 {
                                             0x71b5b806, 0xc5b8fa17, 0xaf7e0dba, 0x265909f1, 0xa2e573a3, 0x1a7348d2,
                                             0x884c9ec6, 0x0f952589, 0x45cc2a42, 0xe6fd637b, 0x0a6fc574, 0x0058b84e};
     static constexpr point_field_t weierstrass_b = {
-      0x0000008a, 0xf49d0000, 0x70000082, 0xe6913e68, 0xeaf0a437, 0x160cf8ae, 0x5667a8f8, 0x98a116c2,
-      0x73ebff2e, 0x71dcd3dc, 0x12f9fd90, 0x8689c8ed, 0x25b42304, 0x03cebaff, 0xe584e919, 0x707ba638,
-      0x8087be41, 0x528275ef, 0x81d14688, 0xb926186a, 0x04faff3e, 0xd187c940, 0xfb83ce0a, 0x0122e824};
+      0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
+      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
+      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000};
+    // static constexpr point_field_t weierstrass_b = {
+    //   0x0000008a, 0xf49d0000, 0x70000082, 0xe6913e68, 0xeaf0a437, 0x160cf8ae, 0x5667a8f8, 0x98a116c2,
+    //   0x73ebff2e, 0x71dcd3dc, 0x12f9fd90, 0x8689c8ed, 0x25b42304, 0x03cebaff, 0xe584e919, 0x707ba638,
+    //   0x8087be41, 0x528275ef, 0x81d14688, 0xb926186a, 0x04faff3e, 0xd187c940, 0xfb83ce0a, 0x0122e824};
+
+    static constexpr bool is_b_u32 = true;
+    static constexpr bool is_b_neg = true;
   };
 
   struct G2 {
@@ -44,5 +51,8 @@ namespace bw6_761 {
       0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
       0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
       0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000};
+
+    static constexpr bool is_b_u32 = true;
+    static constexpr bool is_b_neg = false;
   };
 } // namespace bw6_761

icicle/include/icicle/curves/params/grumpkin.h

@@ -16,7 +16,11 @@ namespace grumpkin {
     static constexpr point_field_t gen_y = {0x823f272c, 0x833fc48d, 0xf1181294, 0x2d270d45,
                                             0x6a45d63,  0xcf135e75, 0x00000002, 0x00000000};
 
-    static constexpr point_field_t weierstrass_b = {0xeffffff0, 0x43e1f593, 0x79b97091, 0x2833e848,
-                                                    0x8181585d, 0xb85045b6, 0xe131a029, 0x30644e72};
+    // static constexpr point_field_t weierstrass_b = {0xeffffff0, 0x43e1f593, 0x79b97091, 0x2833e848,
+    //                                                 0x8181585d, 0xb85045b6, 0xe131a029, 0x30644e72};
+    static constexpr point_field_t weierstrass_b = {0x00000011, 0x00000000, 0x00000000, 0x00000000,
+                                                    0x00000000, 0x00000000, 0x00000000, 0x00000000};
+    static constexpr bool is_b_u32 = true;
+    static constexpr bool is_b_neg = true;
   }; // G1
 } // namespace grumpkin