Skip to content

perf: implement bounded scalar multiplication for GLV scalar mul #937

New issue
New issue
Open
Open
perf: implement bounded scalar multiplication for GLV scalar mul#937
Labels
P2: MediumIssue priority: mediumconsolidatestrengthen an existing featureperfzk-evm
@ivokub

Description

@ivokub
ivokub
opened on Nov 28, 2023

This looks great! I looked into WideScalarMul for instance size 2 and I didn't neither come with a nice algorithm given the algorithms we use in ScalarMul and ScalarMulBase. For 2-chains GLV, indeed I don't think it would save constraints because the loop size there is bounded by lambda the (fixed) endomorphism eigenvalue size. Maybe for later we can try the approach of using GLV only if the scalar is uniformly random in Fr and using the bounded scalar approach if the scalar are of a particular form e.g. smaller than half lambda. But this not crucial for now and it needs benchmarking to confirm.

Originally posted by @yelhousni in #934 (review)

Metadata

Metadata

Assignees

No one assigned

    Labels

    P2: MediumIssue priority: mediumconsolidatestrengthen an existing featureperfzk-evm

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions