attestation META: reduce gas consumption

This issue affects everybody except Nick so I added all developers to the Assignees (except Nick)

Latest estimation from Tore on the gas consumption of elliptic math:

version without Pedersen Commtment: 15k gas and with pedersen commitment it will be 40k gas

[x] BN curve (and consequently, Pedersen Commit)
[ ] ~~Applying Barretts Reduction~~ Apply rejection sampling (see PR #87 and PR #88)
[ ] Optimising asn:INTEGER to byte32 converstion
[x] Reduce transaction size: by not inclduing the EC parameter or include in a condensed
[x] Reduce transaction size: by not including the signature in UseTicket. This is closed in PR #89.
[x] Reduce transaction size: reduce the size of proof by not repeating Pederson Commit. This is closed in PR #89.
[ ] Reduce transaction size: by including compressed EC point (@jot2re @JamesSmartCell said that this unlikely leads to gas reduction)

Nov 11 '20 05:11 SmartLayer

Quote @JamesSmartCell on the progress:

I'll continue the integration and then update when I have his new algorithm

Dec 24 '20 05:12 SmartLayer

Results from removing elements of the smart contract:

Only EC math (ie no decoding of any kind): 58,977 EC math plus forming the Challenge (concatenate, hash and modulo): 68,114 EC math, form challenge plus decode coordinates from hardcoded bytes: 141,494 EC math, form challenge, decode coordinates from DER decode: 208,118

Looks like the optimisation that will payback the most is the coordinate decode function, I'll take a look at that first, followed by optimising the DER decode.

Jan 03 '21 12:01 JamesSmartCell

Good news, after hand optimising the less efficient code I was able to bring the whole function operation down to 120,213 Gas.

There's still a couple of areas left that can be optimised as when I wrote them I wrote them to be generic, since we know what data is expected that can be optimised a bit further.

Jan 03 '21 22:01 JamesSmartCell

After further hand optimisation, 73,560 Gas.

This will be the final gas spend for this contract, with the 'biased' array hash (which is vulnerable). I will move onto the new implementation outlined by Tore.

Jan 04 '21 05:01 JamesSmartCell

After further hand optimisation, 73,560 Gas.

This will be the final gas spend for this contract, with the 'biased' array hash (which is vulnerable). I will move onto the new implementation outlined by Tore.

You mean this is reduced to 73.5 K? Marvelous!

EC math, form challenge, decode coordinates from DER decode: 208,118

Jan 04 '21 05:01 SmartLayer

Correct, full verification 73.5K, down from the 208,118

Jan 04 '21 05:01 JamesSmartCell

attestation attestation copied to clipboard

META: reduce gas consumption

attestation
attestation copied to clipboard