bench_ecmult: add benchmark for ecmult_const_xonly #1668

pull theStack wants to merge 1 commits into bitcoin-core:master from theStack:add-ecmult_const_xonly-benchmark changing 1 files +30 −0
  1. theStack commented at 0:41 am on March 27, 2025: contributor

    In the course of trying to understand the x-only ECDH benchmark results in the silent payments PR (https://github.com/bitcoin-core/secp256k1/pull/1519#discussion_r2006144436), I noticed that we don’t have a benchmark yet for ecmult_const_xonly, so I added one.

    Results on my machine:

    0$ ./build/bin/bench_ecmult
1Benchmark                     ,    Min(us)    ,    Avg(us)    ,    Max(us)
2
3ecmult_gen                    ,    12.3       ,    12.6       ,    13.2
4ecmult_const                  ,    27.2       ,    28.6       ,    30.9
5ecmult_const_xonly            ,    29.3       ,    30.4       ,    32.6
6
7...

    I was a bit surprised to see that the x-only variant is slower than the regular ecmult_const function, but on the other hand the former allows to skip pubkey deserialization (i.e. determining y with a square root calculation, which is rather expensive), so that has to be taken account for a fair comparison in use-cases like ECDH (see also benchmark commit in #1198). Having an isolated ecmult benchmark for it still seems to make sense, imho. Note that the teardown function is a bit hacky; since we don’t have the parity of the x-only point multiplication results, the full point multiplication ones are calculated and the x coordinates are compared, and bench_ecmult_teardown_helper isn’t used.

  2. bench_ecmult: add benchmark for ecmult_const_xonly cc712658a5
  3. stratospher commented at 5:43 pm on March 27, 2025: contributor

    oh interesting to see the result! I’m getting something similar on my machine too. Looks like ~54% of ecmult_const_xonly’s execution time is spent in ecmult_const (inside the ecmult_const_xonly).

    also I ran the benchmarks in https://github.com/bitcoin-core/secp256k1/pull/1198/commits/b62b7b72fa6e20eee796750bde47054a9d00258 -bench_ecdh was few microseconds slower/bench_ecdh_xonly was few microseconds faster. But when I remove secp256k1_ec_pubkey_parse from bench_ecdh, I’m seeing a similar performance trend in the ecdh, ecdh_xonly benchmark - bench_ecdh_xonly is a few microseconds slower/bench_ecdh is few microseconds faster.

    0Benchmark                     ,    Min(us)    ,    Avg(us)    ,    Max(us)
1
2ecdh                          ,    23.5       ,    24.1       ,    26.0    
3ecdh_xonly                    ,    25.0       ,    25.1       ,    25.2
  4. real-or-random commented at 1:39 pm on March 31, 2025: contributor
    @stratospher Just out of curiosity, how did you generate this nice graph?
  5. stratospher commented at 1:54 pm on March 31, 2025: contributor
    CLion has a 1 click option to generate flame graphs. 😊


theStack stratospher real-or-random

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-04-17 21:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me