verify-beacon
=============
This is for computing and verifying the [randomness beacon][beacon] used in the
[Powers of Tau][ceremony] and Sapling MPC ceremonies, using hardware
acceleration if available.
The beacon is computed using 2^42 iterations of SHA-256.
The files `powersoftau.txt` and `sapling.txt` each contain 1025 hashes (1024
sequential pairs), allowing the beacon to be verified more quickly in parallel.
Two hardware-accelerated implementations are available, along with a
non-accelerated fallback. Currently, [Intel SHA extensions][intel] (e.g. AMD
Ryzen) and ARMv8 cryptographic extensions are supported.
Usage
-----
*Important:* binaries _must_ be compiled with `RUSTFLAGS='-C
target-cpu=native'` to enable hardware-acceleration.
* `cargo run --release --bin compute > pairs.txt`
* `cargo run --release --bin verify < pairs.txt`
Benchmarks
----------
The time taken is around 130 cycles per iteration on AMD Ryzen, which is ~1h45m
to verify on on 24 cores running at 3.8GHz.
[beacon]: https://lists.z.cash.foundation/pipermail/zapps-wg/2018/000267.html
[ceremony]: https://z.cash.foundation/blog/powers-of-tau/
[intel]: https://en.wikipedia.org/wiki/Intel_SHA_extensions