Remove stack_hints and analyzer overhead (BitVM#204)

Co-authored-by: Lukas <[email protected]>

Cargo.toml

@@ -68,4 +68,4 @@ ark-r1cs-std = { git = "https://github.com/arkworks-rs/r1cs-std/" }
 ark-crypto-primitives = { git = "https://github.com/arkworks-rs/crypto-primitives/" }
 ark-relations = { git = "https://github.com/arkworks-rs/snark/" }
 ark-snark = { git = "https://github.com/arkworks-rs/snark/" }
-ark-groth16 = { git = "https://github.com/arkworks-rs/groth16" }
+ark-groth16 = { git = "https://github.com/arkworks-rs/groth16" }

bitvm/src/bigint/inv.rs

@@ -252,13 +252,11 @@ impl<const N_BITS: u32, const LIMB_SIZE: u32> BigIntImpl<N_BITS, LIMB_SIZE> {
             for i in 0..=Self::N_BITS {
                 { Self::N_BITS - i } OP_EQUAL OP_TOALTSTACK
             }
-            { script! {
-                for i in 0..=Self::N_BITS {
-                    OP_FROMALTSTACK OP_IF
-                        { Self::push_u32_le(&inv_list[i as usize].to_u32_digits()) }
-                    OP_ENDIF
-                }
-            }.add_stack_hint(0, 9).add_altstack_hint(-(Self::N_BITS as i32) - 1, -(Self::N_BITS as i32) - 1)}
+            for i in 0..=Self::N_BITS {
+                OP_FROMALTSTACK OP_IF
+                    { Self::push_u32_le(&inv_list[i as usize].to_u32_digits()) }
+                OP_ENDIF
+            }
         }
     }
 }
@@ -368,7 +366,7 @@ mod test {
     use crate::bigint::inv::{limb_div3_carry, limb_shr1_carry};
     use crate::bigint::{U254, U64};
     use crate::treepp::*;
-    
+
     use core::ops::{Div, Shr};
     use num_bigint::{BigUint, RandomBits};
     use rand::{Rng, SeedableRng};
@@ -499,8 +497,6 @@ mod test {
                 { U64::equalverify(1, 0) }
                 OP_TRUE
             };
-            let stack = script.clone().analyze_stack();
-            assert!(stack.is_valid_final_state_without_inputs());
             run(script);
         }
     }

bitvm/src/bigint/std.rs

@@ -171,7 +171,6 @@ impl<const N_BITS: u32, const LIMB_SIZE: u32> BigIntImpl<N_BITS, LIMB_SIZE> {
                 OP_1SUB OP_PICK
             }
         }
-        .add_stack_hint(-(Self::N_LIMBS as i32), Self::N_LIMBS as i32)
     }
 
     pub fn roll(mut a: u32) -> Script {

bitvm/src/bn254/fp254impl.rs

@@ -201,31 +201,29 @@ pub trait Fp254Impl {
                 OP_NIP
                 OP_DUP
 
-                { script! {
-                    // ⋯ C₈⁻ C₈⁻
-                    OP_IF
-                        OP_FROMALTSTACK
-                        OP_DROP
-                    OP_ENDIF
+                // ⋯ C₈⁻ C₈⁻
+                OP_IF
+                    OP_FROMALTSTACK
+                    OP_DROP
+                OP_ENDIF
 
+                OP_FROMALTSTACK
+                // ⋯ (B₈+C₇⁺)+A₈ C₈⁻ | ((B₇+C₆⁺)+A₇)-(C₆⁻+M₇)
+                // ⋯ ((B₈+C₇⁺)+A₈)-(C₇⁻+M₈) C₈⁻ | (B₈+C₇⁺)+A₈
+                for _ in 0..Self::N_LIMBS-1 {
+                    OP_FROMALTSTACK  OP_DROP
                     OP_FROMALTSTACK
-                    // ⋯ (B₈+C₇⁺)+A₈ C₈⁻ | ((B₇+C₆⁺)+A₇)-(C₆⁻+M₇)
-                    // ⋯ ((B₈+C₇⁺)+A₈)-(C₇⁻+M₈) C₈⁻ | (B₈+C₇⁺)+A₈
-                    for _ in 0..Self::N_LIMBS-1 {
-                        OP_FROMALTSTACK  OP_DROP
-                        OP_FROMALTSTACK
-                    }
-                    // ⋯ (B₈+C₇⁺)+A₈ (B₇+C₆⁺)+A₇ ... (B₂+C₁⁺)+A₂ (B₁+C₀⁺)+A₁ A₀+B₀ C₈⁻
-                    // ⋯ ((B₈+C₇⁺)+A₈)-(C₇⁻+M₈) ... (A₀+B₀)-M₀ C₈⁻ | A₀+B₀
-                    { Self::N_LIMBS }
-                    OP_ROLL
-                    OP_NOTIF
-                        OP_FROMALTSTACK
-                        OP_DROP
-                    OP_ENDIF
-                    // ⋯ (B₈+C₇⁺)+A₈ (B₇+C₆⁺)+A₇ ... (B₁+C₀⁺)+A₁ A₀+B₀
-                    // ⋯ ((B₈+C₇⁺)+A₈)-(C₇⁻+M₈) ... (A₀+B₀)-M₀
-                }.add_stack_hint(-2, Self::N_LIMBS as i32 - 2).add_altstack_hint(-2 * Self::N_LIMBS as i32, -2 * Self::N_LIMBS as i32)}
+                }
+                // ⋯ (B₈+C₇⁺)+A₈ (B₇+C₆⁺)+A₇ ... (B₂+C₁⁺)+A₂ (B₁+C₀⁺)+A₁ A₀+B₀ C₈⁻
+                // ⋯ ((B₈+C₇⁺)+A₈)-(C₇⁻+M₈) ... (A₀+B₀)-M₀ C₈⁻ | A₀+B₀
+                { Self::N_LIMBS }
+                OP_ROLL
+                OP_NOTIF
+                    OP_FROMALTSTACK
+                    OP_DROP
+                OP_ENDIF
+                // ⋯ (B₈+C₇⁺)+A₈ (B₇+C₆⁺)+A₇ ... (B₁+C₀⁺)+A₁ A₀+B₀
+                // ⋯ ((B₈+C₇⁺)+A₈)-(C₇⁻+M₈) ... (A₀+B₀)-M₀
             }
         });
         script! {
@@ -368,28 +366,26 @@ pub trait Fp254Impl {
                 // ⋯ C₈⁻ | (A₈-(B₈+C₇⁻))+(C₇⁺+M)₈ A₈-(B₈+C₇⁻)
                 OP_DUP
                 // ⋯ C₈⁻ C₈⁻
-                { script! {
-                    OP_NOTIF
-                        OP_FROMALTSTACK
-                        OP_DROP
-                    OP_ENDIF
+                OP_NOTIF
+                    OP_FROMALTSTACK
+                    OP_DROP
+                OP_ENDIF
 
+                OP_FROMALTSTACK
+                // ⋯ C₈⁻ A₈-(B₈+C₇⁻) | (A₇-(B₇+C₆⁻))+(C₆⁺+M₇)
+                // ⋯ C₈⁻ (A₈-(B₈+C₇⁻))+(C₇⁺+M₈) | (B₈+C₇⁻)+A₈
+                for _ in 0..Self::N_LIMBS-1 {
+                    OP_FROMALTSTACK  OP_DROP
+                    OP_FROMALTSTACK
+                }
+                // ⋯ C₈⁻ A₈-(B₈+C₇⁻) A₇-(B₇+C₆⁻) ... A₂-(B₂+C₁⁻) A₁-(B₁+C₀⁻) A₀+B₀
+                // ⋯ C₈⁻ (A₈-(B₈+C₇⁻))+(C₇⁺+M₈) ... (A₀+B₀)-M₀ | A₀+B₀
+                { Self::N_LIMBS }
+                OP_ROLL
+                OP_IF
                     OP_FROMALTSTACK
-                    // ⋯ C₈⁻ A₈-(B₈+C₇⁻) | (A₇-(B₇+C₆⁻))+(C₆⁺+M₇)
-                    // ⋯ C₈⁻ (A₈-(B₈+C₇⁻))+(C₇⁺+M₈) | (B₈+C₇⁻)+A₈
-                    for _ in 0..Self::N_LIMBS-1 {
-                        OP_FROMALTSTACK  OP_DROP
-                        OP_FROMALTSTACK
-                    }
-                    // ⋯ C₈⁻ A₈-(B₈+C₇⁻) A₇-(B₇+C₆⁻) ... A₂-(B₂+C₁⁻) A₁-(B₁+C₀⁻) A₀+B₀
-                    // ⋯ C₈⁻ (A₈-(B₈+C₇⁻))+(C₇⁺+M₈) ... (A₀+B₀)-M₀ | A₀+B₀
-                    { Self::N_LIMBS }
-                    OP_ROLL
-                    OP_IF
-                        OP_FROMALTSTACK
-                        OP_DROP
-                    OP_ENDIF
-                }.add_stack_hint(-2, Self::N_LIMBS as i32 - 2).add_altstack_hint(-2 * Self::N_LIMBS as i32, -2 * Self::N_LIMBS as i32)}
+                    OP_DROP
+                OP_ENDIF
                 // ⋯ A₈-(B₈+C₇⁻) A₇-(B₇+C₆⁻) ... A₁-(B₁+C₀⁻) A₀+B₀
                 // ⋯ (A₈-(B₈+C₇⁻))+(C₇⁺+M₈) ... (A₀-B₀)+M₀
             }
@@ -471,29 +467,27 @@ pub trait Fp254Impl {
             // ⋯ 2²⁹ C₈⁻ | (2⋅A₈+C₇⁺)-(C₇⁻+M₈)
             OP_NIP
             OP_DUP
-            { script! {
-                // ⋯ C₈⁻ C₈⁻
-                OP_IF
-                    OP_FROMALTSTACK
-                    OP_DROP
-                OP_ENDIF
+            // ⋯ C₈⁻ C₈⁻
+            OP_IF
+                OP_FROMALTSTACK
+                OP_DROP
+            OP_ENDIF
 
+            OP_FROMALTSTACK
+            // ⋯ 2⋅A₈+C₇⁺ C₈⁻ | (2⋅A₇+C₆⁺)-(C₆⁻+M₇)
+            // ⋯ (2⋅A₈+C₇⁺)-(C₇⁻+M₈) C₈⁻ | 2⋅A₈+C₇⁺
+            for _ in 0..Self::N_LIMBS-1 {
+                OP_FROMALTSTACK  OP_DROP
                 OP_FROMALTSTACK
-                // ⋯ 2⋅A₈+C₇⁺ C₈⁻ | (2⋅A₇+C₆⁺)-(C₆⁻+M₇)
-                // ⋯ (2⋅A₈+C₇⁺)-(C₇⁻+M₈) C₈⁻ | 2⋅A₈+C₇⁺
-                for _ in 0..Self::N_LIMBS-1 {
-                    OP_FROMALTSTACK  OP_DROP
-                    OP_FROMALTSTACK
-                }
-                // ⋯ 2⋅A₈+C₇⁺ 2⋅A₇+C₆⁺ ... 2⋅A₂+C₁⁺ 2⋅A₁+C₀⁺ 2⋅A₀ C₈⁻
-                // ⋯ (2⋅A₈+C₇⁺)-(C₇⁻+M₈) ... 2⋅A₀-M₀ C₈⁻ | 2⋅A₀
-                { Self::N_LIMBS }
-                OP_ROLL
-                OP_NOTIF
-                    OP_FROMALTSTACK
-                    OP_DROP
-                OP_ENDIF
-            }.add_stack_hint(-2, Self::N_LIMBS as i32 - 2).add_altstack_hint(-2 * Self::N_LIMBS as i32, -2 * Self::N_LIMBS as i32)}
+            }
+            // ⋯ 2⋅A₈+C₇⁺ 2⋅A₇+C₆⁺ ... 2⋅A₂+C₁⁺ 2⋅A₁+C₀⁺ 2⋅A₀ C₈⁻
+            // ⋯ (2⋅A₈+C₇⁺)-(C₇⁻+M₈) ... 2⋅A₀-M₀ C₈⁻ | 2⋅A₀
+            { Self::N_LIMBS }
+            OP_ROLL
+            OP_NOTIF
+                OP_FROMALTSTACK
+                OP_DROP
+            OP_ENDIF
             // ⋯ 2⋅A₈+C₇⁺ 2⋅A₇+C₆⁺ ... 2⋅A₁+C₀⁺ 2⋅A₀
             // ⋯ (2⋅A₈+C₇⁺)-(C₇⁻+M₈) ... 2⋅A₀-M₀
         }

bitvm/src/hash/blake3.rs

@@ -326,7 +326,7 @@ pub fn blake3_var_length(num_bytes: usize) -> Script {
         }
     };
 
-    let script = script! {
+    script! {
         // Add the padding
         { push_to_stack(0, num_padding_bytes) }
 
@@ -396,9 +396,7 @@ pub fn blake3_var_length(num_bytes: usize) -> Script {
         for _ in 0..8 {
             u32_fromaltstack
         }
-    };
-
-    script.add_stack_hint(-(num_bytes as i32), 32i32 - num_bytes as i32)
+    }
 }
 
 /// Blake3 taking a 40-byte message and returning a 20-byte digest
@@ -439,7 +437,6 @@ pub fn blake3_160() -> Script {
             {u32_fromaltstack()}
         }
     }
-    .add_stack_hint(-40, -20)
 }
 
 pub fn blake3_160_var_length(num_bytes: usize) -> Script {
@@ -450,7 +447,6 @@ pub fn blake3_160_var_length(num_bytes: usize) -> Script {
             OP_2DROP
         }
     }
-    .add_stack_hint(-(num_bytes as i32), 20i32 - num_bytes as i32)
 }
 
 pub fn push_bytes_hex(hex: &str) -> Script {
@@ -553,8 +549,6 @@ mod tests {
             {blake3_hash_equalverify()}
             OP_TRUE
         };
-        let stack = script.clone().analyze_stack();
-        println!("stack: {:?}", stack);
         run(script);
     }
 

bitvm/src/u32/u32_and.rs

@@ -62,7 +62,7 @@ pub fn u8_and(i: u32) -> Script {
         OP_OVER
         OP_ADD
         OP_ADD
-    }.add_stack_hint(-(i as i32 + 256), -1)
+    }
 }
 
 /// Bitwise AND of a-th and b-th u32 elements from the top, keeps a-th element in the stack

bitvm/src/u32/u32_rrot.rs

@@ -213,7 +213,7 @@ pub fn u32_rrot(rot_num: usize) -> Script {
         OP_FROMALTSTACK
         OP_FROMALTSTACK
         {byte_reorder(offset)}
-    }.add_stack_hint(-4, 0)
+    }
 }
 
 #[cfg(test)]

bitvm/src/u32/u32_xor.rs

@@ -71,7 +71,7 @@ pub fn u8_xor(i: u32) -> Script {
         OP_OVER
         OP_ADD
         OP_ADD
-    }.add_stack_hint(-(i as i32 + 256), -1)
+    }
 }
 
 /// Bitwise XOR of a-th and b-th u32 elements from the top, keeps a-th element in the stack