ZKP16 Hardware Acceleration of ZKP

Simba142023-11-06 14:12

ZKP学习笔记

ZK-Learning MOOC课程笔记

Lecture 16: Hardware Acceleration of ZKP (Guest Lecturer: Kelly Olson)

  • The What and Why of Hardware Acceleration

    • Hardware acceleration is the use of dedicated hardware to accelerate an operation so that it runs faster and/or more efficiently.
    • Hardware acceleration can involve optimizing functions and code to use existing hardware (COTS) or it may involve the development of new hardware designed for a specific task.
      • COTS (commercially available off-the-shelf) hardware includes CPUs, GPUs, and FPGAS
      • Custom hardware is often referred to as an ASIC
    • Examples

  • Hardware acceleration for crytpo

  • Why HW acceleration for ZKP

    • ZK (and non-ZK) proof generation has high overheads relative to native computation

  • Goals of HW acceleration for ZKP

    • Throughput: increase the number of operations per system
    • Cost: reduce the cost of operation e.g. Bitcoin mining rigs are designed to reduce capital expenses ($/hash) and operational expenses (watts/hash)
    • Latency: reduce the time of an individual operation e.g. 2kBridges may want to reduce the proof generation time for faster finality

  • Key Computational Primitives of ZKP

    • Each proof system, and associated implementation will have slightly different computational requirements.

    • Across a variety of proof systems these are three of the most computationally expensive operations

      • Multiscalar Multiplication (MSM)

        • A 'dot product' of elliptic curve points and scalars

        • Easily paralledizable

        • Optimization

          • When performing a MSM off of the host device, the scalars and sometimes points must be moved to the accelerator. The available communication bandwidth limits the maximum possible performance of the accelerator.
      • Number Theoretic Transformation (NTT)
        • Common algorithms like Cooley-Tukey reduce complexity from O ( N 2 ) O(N^2) O(N2) to O ( N I o g N ) O(NIogN) O(NIogN)
        • Not Easily paralledizable
        • Furthermore, these elements must be kept in memory to be operated on, imposing high memory requirements
      • Arithmetic Hashes (e.g., Poseidon)

    • SNARK V.S. STARK

      • The MSM, NTT and Hashes take 2/3 or more time in the proving system

    • Foundational Primitive: Finite Field Arithmetic (especially ModMul)

  • Hardware Resources Required

    • Determining Computational Cost

    • Selecting the Right Hardware

      • Given that these workload are driven predominately by modular multiplication, we should look for platforms can perform a large number of multiplications, quickly and cheaply
      • Estimated HW performance can be evaluated by looking at # of hardware multipliers, size of hardware multipliers, and speed/frequency of each instruction
      • Examples

    • Two Key Components to HW Acceleration

      • 'HW friendly' Algorithm
      • Efficient Implementation

  • Limits of Acceleration

    • Acceleration Pitfalls

    • Production Examples: Filecoin

  • Current Status of Hardware Acceleration

  • Future Directions for Hardware Acceleration

相关推荐
丝斯20116 小时前
AI学习笔记整理(42)——NLP之大规模预训练模型Transformer
人工智能·笔记·学习
凉、介8 小时前
深入 QEMU Guest Agent:虚拟机内外通信的隐形纽带
c语言·笔记·学习·嵌入式·虚拟化
njsgcs8 小时前
SIMA2 论文阅读 Google 任务设定器、智能体、奖励模型
人工智能·笔记
云半S一9 小时前
pytest的学习过程
经验分享·笔记·学习·pytest
AI视觉网奇9 小时前
ue5.7 配置 audio2face
笔记·ue5
崎岖Qiu12 小时前
【OS笔记35】:文件系统的使用、实现与管理
笔记·操作系统·存储管理·文件系统·os
曦月逸霜12 小时前
离散数学-学习笔记(持续更新中~)
笔记·学习·离散数学
hunter145012 小时前
windows server AD域与CA部署证书
笔记
im_AMBER12 小时前
Leetcode 101 对链表进行插入排序
数据结构·笔记·学习·算法·leetcode·排序算法
laplace012313 小时前
# 第四章|智能体经典范式构建 —— 学习笔记(详细版)
笔记·学习
热门推荐
01GitHub 镜像站点02Labelme从安装到标注:零基础完整指南03安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)04Linux下V2Ray安装配置指南05Claude Code 2.1.2 升级报错?别折腾了,一行命令搞定06网站改了域名,如何查找?072025-04-03 Latex学习1——本地配置Latex + VScode环境08【踩坑笔记】50系显卡适配的 PyTorch 安装09KGG转MP3工具|非KGM文件|解密音频10jdk21下载、安装(Windows、Linux、macOS)