add bench for secp256k1 and improve doc of ARM fpAdd assembly

mratsim · Jan 9, 2025 · 30ab5f6 · 30ab5f6
1 parent 8c00b9c
commit 30ab5f6
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 5 deletions.
diff --git a/benchmarks/bench_summary_secp256k1.nim b/benchmarks/bench_summary_secp256k1.nim
@@ -0,0 +1,50 @@
+# Constantine
+# Copyright (c) 2018-2019    Status Research & Development GmbH
+# Copyright (c) 2020-Present Mamy André-Ratsimbazafy
+# Licensed and distributed under either of
+#   * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT).
+#   * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0).
+# at your option. This file may not be copied, modified, or distributed except according to those terms.
+
+import ./bench_summary_template
+
+# ############################################################
+#
+#            Benchmark of Pallas and Vesta curves
+#
+# ############################################################
+
+
+const Iters = 5000
+const AvailableCurves = [
+  Secp256k1
+]
+
+
+proc main() =
+  separator()
+  staticFor i, 0, AvailableCurves.len:
+    const curve = AvailableCurves[i]
+
+    mulBench(Fr[curve], Iters)
+    sqrBench(Fr[curve], Iters)
+    separator()
+    mulBench(Fp[curve], Iters)
+    sqrBench(Fp[curve], Iters)
+    invBench(Fp[curve], Iters)
+    sqrtBench(Fp[curve], Iters)
+    separator()
+    addBench(EC_ShortW_Prj[Fp[curve], G1], Iters)
+    mixedAddBench(EC_ShortW_Prj[Fp[curve], G1], Iters)
+    doublingBench(EC_ShortW_Prj[Fp[curve], G1], Iters)
+    separator()
+    addBench(EC_ShortW_Jac[Fp[curve], G1], Iters)
+    mixedAddBench(EC_ShortW_Jac[Fp[curve], G1], Iters)
+    doublingBench(EC_ShortW_Jac[Fp[curve], G1], Iters)
+    separator()
+    scalarMulBench(EC_ShortW_Prj[Fp[curve], G1], Iters)
+    scalarMulBench(EC_ShortW_Jac[Fp[curve], G1], Iters)
+    separator()
+
+main()
+notes()
diff --git a/constantine.nimble b/constantine.nimble
@@ -686,6 +686,7 @@ const benchDesc = [
   "bench_summary_bn254_nogami",
   "bench_summary_bn254_snarks",
   "bench_summary_pasta",
+  "bench_summary_secp256k1",
   "bench_poly1305",
   "bench_h_sha256",
   "bench_h_keccak",
@@ -1120,6 +1121,11 @@ task bench_summary_bn254_snarks, "Run summary benchmarks for BN254-Snarks - CC c
 task bench_summary_pasta, "Run summary benchmarks for the Pasta curves - CC compiler":
   runBench("bench_summary_pasta")
 
+# --
+
+task bench_summary_secp256k1, "Run summary benchmarks for Secp256k1 - CC compiler":
+  runBench("bench_summary_secp256k1")
+
 # Hashes
 # ------------------------------------------
 

diff --git a/constantine/math/arithmetic/assembly/limbs_asm_modular_arm64.nim b/constantine/math/arithmetic/assembly/limbs_asm_modular_arm64.nim
@@ -97,8 +97,8 @@ macro addmod_gen[N: static int](r_PIR: var Limbs[N], a_PIR, b_PIR, M_PIR: Limbs[
       ctx.str u[i], r[i]
   else:
     # Addition can overflow u256, u384, ...
-    let carryReg = b.reuseRegister()
-    ctx.adc carryReg, xzr, xzr
+    let overflowedLimbs = b.reuseRegister()
+    ctx.adc overflowedLimbs, xzr, xzr
 
     # v = u - M
     for i in 0 ..< N:
@@ -111,9 +111,10 @@ macro addmod_gen[N: static int](r_PIR: var Limbs[N], a_PIR, b_PIR, M_PIR: Limbs[
       if i+2 < N:
         ctx.ldr v[i+2], M[i+2]
 
-    # If it underflows here, it means that it was
-    # smaller than the modulus and we don't need `v`
-    ctx.sbcs xzr, carryReg, xzr
+    # 1. if `overflowedLimbs`, underflowedModulus >= 0
+    # 2. if a >= M, underflowedModulus >= 0
+    # if underflowedModulus >= 0: a-M else: a
+    ctx.sbcs xzr, overflowedLimbs, xzr
 
     # if carry clear u < M, so pick u
     for i in 0 ..< N: