fix inneficiency: execution trace was committed by power of 2 (i.e. the padding opti of the packed pcs was missing)

Author: TomWambsgans

README.md

@@ -46,7 +46,7 @@ RUSTFLAGS='-C target-cpu=native' cargo run --release -- recursion
 ### XMSS aggregation
 
 ```console
-RUSTFLAGS='-C target-cpu=native' cargo run --release -- xmss --n-signatures 800
+RUSTFLAGS='-C target-cpu=native' cargo run --release -- xmss --n-signatures 990
 ```
 
 [Trivial encoding](docs/XMSS_trivial_encoding.pdf) (for now).

crates/lean_prover/src/prove_execution.rs

@@ -33,6 +33,7 @@ pub fn prove_execution(
     let mut exec_summary = String::new();
     let ExecutionTrace {
         full_trace,
+        n_cycles,
         n_poseidons_16,
         n_poseidons_24,
         poseidons_16,      // padded with empty poseidons
@@ -67,8 +68,7 @@ pub fn prove_execution(
     let log_memory = log2_strict_usize(memory.len());
     let log_public_memory = log2_strict_usize(public_memory.len());
 
-    let n_cycles = full_trace[0].len();
-    let log_n_cycles = log2_strict_usize(n_cycles);
+    let log_n_cycles = log2_ceil_usize(n_cycles);
     assert!(full_trace.iter().all(|col| col.len() == 1 << log_n_cycles));
 
     let log_n_p16 = log2_ceil_usize(n_poseidons_16).max(LOG_MIN_POSEIDONS_16);
@@ -115,7 +115,7 @@ pub fn prove_execution(
     let mut prover_state = build_prover_state::<EF>();
     prover_state.add_base_scalars(
         &[
-            log_n_cycles,
+            n_cycles,
             n_poseidons_16,
             n_compressions_16,
             n_poseidons_24,
@@ -215,7 +215,7 @@ pub fn prove_execution(
     // Grand Product for consistency with precompiles
     let grand_product_challenge_global = prover_state.sample();
     let fingerprint_challenge = prover_state.sample();
-    let mut exec_column_for_grand_product = vec![grand_product_challenge_global; n_cycles];
+    let mut exec_column_for_grand_product = vec![grand_product_challenge_global; 1 << log_n_cycles];
     for pos_16 in &poseidons_16 {
         let Some(cycle) = pos_16.cycle else {
             break;
@@ -326,7 +326,7 @@ pub fn prove_execution(
 
     let corrected_prod_exec = grand_product_exec_res
         / grand_product_challenge_global.exp_u64(
-            (n_cycles
+            ((1 << log_n_cycles)
                 - n_poseidons_16
                 - n_poseidons_24
                 - dot_products.len()
@@ -1152,6 +1152,7 @@ pub fn prove_execution(
         dot_product_computation_column_statements,
     ]
     .concat();
+
     let global_statements_base = packed_pcs_global_statements_for_prover(
         &base_pols,
         &base_dims,

crates/lean_prover/src/verify_execution.rs

@@ -34,7 +34,7 @@ pub fn verify_execution(
     let dot_product_table = AirTable::<EF, _>::new(DotProductAir);
 
     let [
-        log_n_cycles,
+        n_cycles,
         n_poseidons_16,
         n_compressions_16,
         n_poseidons_24,
@@ -50,29 +50,22 @@ pub fn verify_execution(
         .try_into()
         .unwrap();
 
-    if log_n_cycles > 32
-        || n_poseidons_16 > 1 << 32
-        || n_compressions_16
-            > n_poseidons_16
-                .next_power_of_two()
-                .max(1 << LOG_MIN_POSEIDONS_16)
-        || n_poseidons_24 > 1 << 32
-        || n_dot_products > 1 << 32
-        || n_rows_table_dot_products > 1 << 32
-        || private_memory_len > 1 << 32
+    if n_compressions_16
+        > n_poseidons_16
+            .next_power_of_two()
+            .max(1 << LOG_MIN_POSEIDONS_16)
         || n_vm_multilinear_evals > 1 << 10
     {
-        // To avoid "DOS" attack
         return Err(ProofError::InvalidProof);
     }
-    let n_cycles = 1 << log_n_cycles;
 
     let public_memory = build_public_memory(public_input);
 
     let log_public_memory = log2_strict_usize(public_memory.len());
     let log_memory = log2_ceil_usize(public_memory.len() + private_memory_len);
     let log_n_p16 = log2_ceil_usize(n_poseidons_16).max(LOG_MIN_POSEIDONS_16);
     let log_n_p24 = log2_ceil_usize(n_poseidons_24).max(LOG_MIN_POSEIDONS_24);
+    let log_n_cycles = log2_ceil_usize(n_cycles);
 
     if !(MIN_LOG_MEMORY_SIZE..=MAX_LOG_MEMORY_SIZE).contains(&log_memory) {
         return Err(ProofError::InvalidProof);
@@ -149,7 +142,7 @@ pub fn verify_execution(
 
     let corrected_prod_exec = grand_product_exec_res
         / grand_product_challenge_global.exp_u64(
-            (n_cycles
+            (n_cycles.next_power_of_two()
                 - n_poseidons_16
                 - n_poseidons_24
                 - n_dot_products

crates/lean_prover/witness_generation/src/execution_trace.rs

@@ -15,6 +15,7 @@ use utils::{ToUsize, transposed_par_iter_mut};
 #[derive(Debug)]
 pub struct ExecutionTrace {
     pub full_trace: [Vec<F>; N_TOTAL_COLUMNS],
+    pub n_cycles: usize, // before padding with the repeated final instruction
     pub n_poseidons_16: usize,
     pub n_poseidons_24: usize,
     pub n_compressions_16: usize,
@@ -46,9 +47,8 @@ pub fn get_execution_trace(
 
     let n_cycles = execution_result.pcs.len();
     let memory = &execution_result.memory;
-    let log_n_cycles_rounded_up = n_cycles.next_power_of_two().ilog2() as usize;
     let mut trace: [Vec<F>; N_TOTAL_COLUMNS] =
-        array::from_fn(|_| F::zero_vec(1 << log_n_cycles_rounded_up));
+        array::from_fn(|_| F::zero_vec(n_cycles.next_power_of_two()));
 
     transposed_par_iter_mut(&mut trace)
         .zip(execution_result.pcs.par_iter())
@@ -138,6 +138,7 @@ pub fn get_execution_trace(
 
     ExecutionTrace {
         full_trace: trace,
+        n_cycles,
         n_poseidons_16,
         n_poseidons_24,
         n_compressions_16,

crates/lookup/src/product_gkr.rs

@@ -53,9 +53,6 @@ where
     } else {
         MleRef::Extension(final_layer).into()
     };
-    if final_layer.n_vars() > MIN_VARS_FOR_PACKING && !final_layer.is_packed() {
-        tracing::warn!("GKR product not packed despite being large enough for packing");
-    }
 
     let mut layers = vec![final_layer];
     loop {

crates/packed_pcs/src/lib.rs

@@ -391,8 +391,15 @@ pub fn packed_pcs_global_statements_for_prover<
                         all_chunk_evals.push(sub_value);
                     });
 
-                // deduce the first sub_value, if it's not public
-                if dim.log_public_data_size.is_none() {
+                let initial_missing_vars = statement.point.0.len() - chunks[0].n_vars;
+                let initial_offset_in_original_booleans = to_big_endian_bits(
+                    chunks[0].offset_in_original >> chunks[0].n_vars,
+                    initial_missing_vars,
+                );
+                if initial_booleans.len() < initial_offset_in_original_booleans.len() // if the statement only concern the first chunk, no need to send more data
+                    && dim.log_public_data_size.is_none()
+                // if the first value is public, no need to recompute it
+                {
                     let retrieved_eval = compute_multilinear_value_from_chunks(
                         &chunks[1..],
                         &all_chunk_evals,
@@ -611,6 +618,7 @@ mod tests {
             (754, F::from_usize(4), None),
             (1023, F::from_usize(7), None),
             (2025, F::from_usize(15), None),
+            (600, F::from_usize(100), None),
         ];
         let mut public_data = BTreeMap::new();
         let mut polynomials = Vec::new();
@@ -646,6 +654,10 @@ mod tests {
             });
             statements_per_polynomial.push(statements);
         }
+        statements_per_polynomial
+            .last_mut()
+            .unwrap()
+            .push(Evaluation::new(vec![EF::ONE; 10], EF::from_usize(100)));
 
         let mut prover_state = build_prover_state();
         precompute_dft_twiddles::<F>(1 << 24);

docs/benchmark_graphs/main.py

@@ -176,6 +176,7 @@ def create_duration_graph(data, target=None, target_label=None, title="", y_lege
             ('2025-10-13', 234, None),
             ('2025-10-18', 255, 465),
             ('2025-10-27', 314, 555),
+            ('2025-11-02', 350, 555),
         ],
         target=1000,
         target_label="Target (1000 XMSS/s)",