OpenZKP
libtorsion
OpenZKP | libtorsion | |
---|---|---|
2 | 2 | |
622 | 23 | |
1.0% | - | |
0.0 | 0.0 | |
about 1 year ago | 10 months ago | |
Rust | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OpenZKP
-
Donald Knuth’s Algorithm D, its implementation in Hacker’s Delight and elsewhere
Here is my optimized in-place Rust implementation [1].
It is a very tricky algorithm to get right. There are many edge cases that only happen for ~2^-64 fractions of the input space, so hard to find even with fuzz-testing. Best strategy is to implement it for small limbs first, and fuzz that well.
[1] https://github.com/0xProject/OpenZKP/blob/master/algebra/u25...
-
A single issue with Rust that kills me every time with mathematics (rust repo issue 20671)
I've also hit this issue while writing code generic over prime fields by-reference. I ended up defining traits FieldLike and RefFieldLike and anotating all functions as
libtorsion
-
Mako – a full Bitcoin implementation in C
Most of the crypto is from my more general crypto library libtorsion: https://github.com/bcoin-org/libtorsion
I originally wanted to vendor my libtorsion code and link to it, but it felt clunky since libtorsion pulls in a ton of crypto that bitcoin doesn't need. Also, since I was focusing on just a few algorithms, it gave me the opportunity to optimize a lot of them (in particular, the ECC backend was optimized for secp256k1 whereas in libtorsion it supports all kinds of curves).
Because of all of this, there's probably some leftover comments. That comment isn't true anymore. rand.c is definitely used internally for libmako, just not libtorsion.
edit: fixed link.
-
Donald Knuth’s Algorithm D, its implementation in Hacker’s Delight and elsewhere
The 2-by-1 and 3-by-2 division functions described in the paper result in a very measurable speedup in my code. I think you're confusing those with the reciprocal calculation itself (which can be computed with a lookup table). I agree that part doesn't really lend itself to any significant performance benefit and is probably better calculated with a single hardware division instead.
I feel it necessary to point out that the 3-by-2 division actually has multiple benefits which are easy to miss:
1. The quotient loop can be skipped as I mentioned.
2. The "Add back" step is less likely to be triggered.
3. Since a 2-word remainder is computed with the division, you can skip 2 iterations on the multiply+subtract step.
My reimplementation of GMP documents both the 2-by-1 and 3-by-2 divisions pretty thoroughly[1][2].
[1] https://github.com/bcoin-org/libtorsion/blob/master/src/mpi....
[2] https://github.com/bcoin-org/libtorsion/blob/master/src/mpi....
What are some alternatives?
num-bigint - Big integer types for Rust
mako - Bitcoin node written in C
num - A collection of numeric types and traits for Rust.
nim-stint - Stack-based arbitrary-precision integers - Fast and portable with natural syntax for resource-restricted devices.
bcoin - Javascript bitcoin library for node.js and browsers
style - css for rust
btcd - An alternative full node bitcoin implementation written in Go (golang)
proc-macro-workshop - Learn to write Rust procedural macros [Rust Latam conference, Montevideo Uruguay, March 2019]
Mako - THIS IS NOT THE OFFICIAL REPO - PLEASE SUBMIT PRs ETC AT: http://github.com/sqlalchemy/mako
rfcs - RFCs for changes to Rust
gui - Bitcoin Core GUI staging repository