Wrap SetupParameters in Arc to fix memory issue

2pc-mpc/Cargo.toml

@@ -9,7 +9,7 @@ itertools = { workspace = true }
 thiserror = { workspace = true }
 crypto-bigint = { workspace = true, features = ["serde"], default-features = false }
 merlin = { workspace = true, default-features = false }
-serde = { workspace = true, features = ["derive"] }
+serde = { workspace = true, features = ["derive", "rc"] }
 serde_json = { workspace = true, default-features = false, features = ["alloc"] }
 group = { path = "../group" }
 proof = { path = "../proof" }

2pc-mpc/src/decentralized_party/dkg.rs

@@ -36,6 +36,7 @@ use group::{
 use mpc::{AsynchronousRoundResult, AsynchronouslyAdvanceable, WeightedThresholdAccessStructure};
 use serde::{Deserialize, Serialize};
 use std::collections::{HashMap, HashSet};
+use std::sync::Arc;
 
 use crate::BaseProtocolContext;
 pub use public_output::PublicOutput;
@@ -126,6 +127,8 @@ pub enum Message {
 }
 
 /// The Public Input of the DKG party.
+/// Note: SetupParameters are wrapped in Arc to avoid expensive deep clones
+/// since they contain large accelerator tables (~8MB each).
 #[derive(Clone, Debug, PartialEq, Eq, Serialize)]
 pub struct PublicInput {
     class_groups_public_input: class_groups::dkg::PublicInput<
@@ -134,9 +137,9 @@ pub struct PublicInput {
         NON_FUNDAMENTAL_DISCRIMINANT_LIMBS,
         group::PublicParameters<Scalar>,
     >,
-    ristretto_setup_parameters: RistrettoSetupParameters,
-    curve25519_setup_parameters: Curve25519SetupParameters,
-    secp256r1_setup_parameters: Secp256r1SetupParameters,
+    ristretto_setup_parameters: Arc<RistrettoSetupParameters>,
+    curve25519_setup_parameters: Arc<Curve25519SetupParameters>,
+    secp256r1_setup_parameters: Arc<Secp256r1SetupParameters>,
 }
 
 impl PublicInput {
@@ -150,23 +153,26 @@ impl PublicInput {
             ); MAX_PRIMES],
         >,
     ) -> crate::Result<Self> {
-        let ristretto_setup_parameters =
+        let ristretto_setup_parameters = Arc::new(
             RistrettoSetupParameters::derive_from_plaintext_parameters::<ristretto::Scalar>(
                 ristretto::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
-        let curve25519_setup_parameters =
+        let curve25519_setup_parameters = Arc::new(
             Curve25519SetupParameters::derive_from_plaintext_parameters::<curve25519::Scalar>(
                 group::curve25519::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
-        let secp256r1_setup_parameters =
+        let secp256r1_setup_parameters = Arc::new(
             Secp256r1SetupParameters::derive_from_plaintext_parameters::<secp256r1::Scalar>(
                 secp256r1::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
         let class_groups_public_input =
             class_groups::dkg::PublicInput::new::<secp256k1::GroupElement>(

2pc-mpc/src/decentralized_party/reconfiguration.rs

@@ -37,6 +37,7 @@ use mpc::{AsynchronousRoundResult, AsynchronouslyAdvanceable, WeightedThresholdA
 pub use public_output::PublicOutput;
 use serde::{Deserialize, Serialize};
 use std::collections::{HashMap, HashSet};
+use std::sync::Arc;
 
 pub struct Party {}
 
@@ -76,6 +77,8 @@ pub enum Message {
 }
 
 /// The Public Input of the Reconfiguration party.
+/// Note: SetupParameters are wrapped in Arc to avoid expensive deep clones
+/// since they contain large accelerator tables (~8MB each).
 #[derive(Clone, Debug, PartialEq, Eq, Serialize)]
 pub struct PublicInput {
     class_groups_public_input: class_groups::reconfiguration::PublicInput<
@@ -96,21 +99,21 @@ pub struct PublicInput {
         CiphertextSpaceValue<NON_FUNDAMENTAL_DISCRIMINANT_LIMBS>,
     ristretto_public_key_share_first_part: ristretto::GroupElement,
     ristretto_public_key_share_second_part: ristretto::GroupElement,
-    ristretto_setup_parameters: RistrettoSetupParameters,
+    ristretto_setup_parameters: Arc<RistrettoSetupParameters>,
     curve25519_encryption_of_secret_key_share_first_part:
         CiphertextSpaceValue<NON_FUNDAMENTAL_DISCRIMINANT_LIMBS>,
     curve25519_encryption_of_secret_key_share_second_part:
         CiphertextSpaceValue<NON_FUNDAMENTAL_DISCRIMINANT_LIMBS>,
     curve25519_public_key_share_first_part: curve25519::GroupElement,
     curve25519_public_key_share_second_part: curve25519::GroupElement,
-    curve25519_setup_parameters: Curve25519SetupParameters,
+    curve25519_setup_parameters: Arc<Curve25519SetupParameters>,
     secp256r1_encryption_of_secret_key_share_first_part:
         CiphertextSpaceValue<NON_FUNDAMENTAL_DISCRIMINANT_LIMBS>,
     secp256r1_encryption_of_secret_key_share_second_part:
         CiphertextSpaceValue<NON_FUNDAMENTAL_DISCRIMINANT_LIMBS>,
     secp256r1_public_key_share_first_part: secp256r1::group_element::Value,
     secp256r1_public_key_share_second_part: secp256r1::group_element::Value,
-    secp256r1_setup_parameters: Secp256r1SetupParameters,
+    secp256r1_setup_parameters: Arc<Secp256r1SetupParameters>,
 }
 
 impl PublicInput {
@@ -139,23 +142,26 @@ impl PublicInput {
         >,
         public_output: PublicOutput,
     ) -> crate::Result<Self> {
-        let ristretto_setup_parameters =
+        let ristretto_setup_parameters = Arc::new(
             RistrettoSetupParameters::derive_from_plaintext_parameters::<ristretto::Scalar>(
                 ristretto::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
-        let curve25519_setup_parameters =
+        let curve25519_setup_parameters = Arc::new(
             Curve25519SetupParameters::derive_from_plaintext_parameters::<curve25519::Scalar>(
                 group::curve25519::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
-        let secp256r1_setup_parameters =
+        let secp256r1_setup_parameters = Arc::new(
             Secp256r1SetupParameters::derive_from_plaintext_parameters::<secp256r1::Scalar>(
                 secp256r1::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
         let secp256k1_decryption_key_share_public_parameters = public_output
             .secp256k1_decryption_key_share_public_parameters(current_access_structure)?;
@@ -233,23 +239,26 @@ impl PublicInput {
         current_tangible_party_id_to_upcoming: HashMap<PartyID, Option<PartyID>>,
         universal_public_output: decentralized_party::dkg::PublicOutput,
     ) -> crate::Result<Self> {
-        let ristretto_setup_parameters =
+        let ristretto_setup_parameters = Arc::new(
             RistrettoSetupParameters::derive_from_plaintext_parameters::<ristretto::Scalar>(
                 ristretto::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
-        let curve25519_setup_parameters =
+        let curve25519_setup_parameters = Arc::new(
             Curve25519SetupParameters::derive_from_plaintext_parameters::<curve25519::Scalar>(
                 group::curve25519::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
-        let secp256r1_setup_parameters =
+        let secp256r1_setup_parameters = Arc::new(
             Secp256r1SetupParameters::derive_from_plaintext_parameters::<secp256r1::Scalar>(
                 secp256r1::scalar::PublicParameters::default(),
                 DEFAULT_COMPUTATIONAL_SECURITY_PARAMETER,
-            )?;
+            )?,
+        );
 
         let secp256k1_decryption_key_share_public_parameters = universal_public_output
             .secp256k1_decryption_key_share_public_parameters(current_access_structure)?;
@@ -484,6 +493,7 @@ impl AsynchronouslyAdvanceable for Party {
 #[cfg(test)]
 pub(crate) mod tests {
     use super::*;
+    use std::sync::Arc;
     use crate::test_helpers::mock_decentralized_party_dkg;
     use class_groups::dkg::test_helpers::mock_dkg_output;
     use class_groups::publicly_verifiable_secret_sharing::chinese_remainder_theorem::construct_setup_parameters_per_crt_prime;
@@ -673,17 +683,17 @@ pub(crate) mod tests {
             ristretto_encryption_of_secret_key_share_second_part,
             ristretto_public_key_share_first_part,
             ristretto_public_key_share_second_part,
-            ristretto_setup_parameters,
+            ristretto_setup_parameters: Arc::new(ristretto_setup_parameters),
             curve25519_public_key_share_first_part,
             curve25519_public_key_share_second_part,
             curve25519_encryption_of_secret_key_share_first_part,
             curve25519_encryption_of_secret_key_share_second_part,
-            curve25519_setup_parameters,
+            curve25519_setup_parameters: Arc::new(curve25519_setup_parameters),
             secp256r1_encryption_of_secret_key_share_first_part,
             secp256r1_encryption_of_secret_key_share_second_part,
             secp256r1_public_key_share_first_part,
             secp256r1_public_key_share_second_part,
-            secp256r1_setup_parameters,
+            secp256r1_setup_parameters: Arc::new(secp256r1_setup_parameters),
         };
 
         reconfigures_internal_internal(

class-groups/Cargo.toml

@@ -21,7 +21,7 @@ maurer = { path = "../maurer", optional = true }
 rand = { workspace = true, default-features = false }
 rand_chacha = { workspace = true, default-features = false }
 rstest = { workspace = true, optional = true }
-serde = { workspace = true, features = ["derive"] }
+serde = { workspace = true, features = ["derive", "rc"] }
 sha3 = { workspace = true }
 thiserror = { workspace = true }
 itertools = { workspace = true }

class-groups/src/dkg.rs

@@ -2,6 +2,7 @@
 // SPDX-License-Identifier: CC-BY-NC-ND-4.0
 
 use std::collections::{HashMap, HashSet};
+use std::sync::Arc;
 
 use crypto_bigint::{Encoding, Int, Uint};
 use serde::{Deserialize, Serialize};
@@ -129,6 +130,8 @@ pub type ProveEqualityOfDiscreteLog<
 ); NUM_ENCRYPTION_OF_DECRYPTION_KEY_PRIMES];
 
 /// The Public Input of the Distributed Key Generation (DKG) party.
+/// Note: SetupParameters are wrapped in Arc to avoid expensive deep clones
+/// since they contain large accelerator tables (~8MB each).
 #[derive(Clone, Debug, PartialEq, Eq, Serialize)]
 pub struct PublicInput<
     const PLAINTEXT_SPACE_SCALAR_LIMBS: usize,
@@ -169,12 +172,14 @@ pub struct PublicInput<
 {
     plaintext_space_public_parameters: ScalarPublicParameters,
     computational_security_parameter: u32,
-    pub setup_parameters_per_crt_prime: [SecretKeyShareCRTPrimeSetupParameters; MAX_PRIMES],
-    pub setup_parameters: SetupParameters<
-        PLAINTEXT_SPACE_SCALAR_LIMBS,
-        FUNDAMENTAL_DISCRIMINANT_LIMBS,
-        NON_FUNDAMENTAL_DISCRIMINANT_LIMBS,
-        ScalarPublicParameters,
+    pub setup_parameters_per_crt_prime: Arc<[SecretKeyShareCRTPrimeSetupParameters; MAX_PRIMES]>,
+    pub setup_parameters: Arc<
+        SetupParameters<
+            PLAINTEXT_SPACE_SCALAR_LIMBS,
+            FUNDAMENTAL_DISCRIMINANT_LIMBS,
+            NON_FUNDAMENTAL_DISCRIMINANT_LIMBS,
+            ScalarPublicParameters,
+        >,
     >,
     encryption_key_values_and_proofs_per_crt_prime: HashMap<
         PartyID,
@@ -317,17 +322,18 @@ where
         }
 
         let setup_parameters_per_crt_prime =
-            construct_setup_parameters_per_crt_prime(computational_security_parameter)?;
+            Arc::new(construct_setup_parameters_per_crt_prime(computational_security_parameter)?);
 
         let n_factorial = factorial(access_structure.number_of_virtual_parties());
         let binomial_coefficients =
             compute_binomial_coefficients(access_structure.number_of_virtual_parties());
 
-        let setup_parameters =
+        let setup_parameters = Arc::new(
             SetupParameters::derive_from_plaintext_parameters::<GroupElement::Scalar>(
                 plaintext_space_public_parameters.clone(),
                 computational_security_parameter,
-            )?;
+            )?,
+        );
 
         Ok(Self {
             plaintext_space_public_parameters,

class-groups/src/dkg/fourth_round.rs

@@ -335,7 +335,7 @@ where
 
         let public_output = PublicOutput::new::<GroupElement>(
             access_structure,
-            public_input.setup_parameters_per_crt_prime.clone(),
+            (*public_input.setup_parameters_per_crt_prime).clone(),
             malicious_decryption_key_contribution_dealers.clone(),
             interpolation_subset,
             adjusted_lagrange_coefficients,

class-groups/src/dkg/party.rs

@@ -371,8 +371,8 @@ where
             Some(tangible_party_id),
             access_structure.clone(),
             access_structure.clone(),
-            public_input.setup_parameters.clone(),
-            public_input.setup_parameters_per_crt_prime.clone(),
+            (*public_input.setup_parameters).clone(),
+            (*public_input.setup_parameters_per_crt_prime).clone(),
             public_input
                 .encryption_key_values_and_proofs_per_crt_prime
                 .clone(),

class-groups/src/dkg/third_round.rs

@@ -353,7 +353,7 @@ where
             NON_FUNDAMENTAL_DISCRIMINANT_LIMBS,
             GroupElement,
         >::decrypt_secrets(
-            public_input.setup_parameters_per_crt_prime.clone(),
+            (*public_input.setup_parameters_per_crt_prime).clone(),
             SECRET_SHARE_CRT_COEFFICIENTS,
             SECRET_SHARE_CRT_PRIMES_PRODUCT,
             encryptions_of_shares_per_crt_prime

class-groups/src/reconfiguration.rs

@@ -2,6 +2,7 @@
 // SPDX-License-Identifier: CC-BY-NC-ND-4.0
 
 use std::collections::{HashMap, HashSet};
+use std::sync::Arc;
 
 use crypto_bigint::{Encoding, Int, Limb, Uint};
 use serde::{Deserialize, Serialize};
@@ -80,6 +81,8 @@ pub const RANDOMIZER_WITNESS_LIMBS: usize = find_closest_crypto_bigint_size(
 ) / Limb::BITS as usize;
 
 /// The Public Input of the Reconfiguration party.
+/// Note: SetupParameters are wrapped in Arc to avoid expensive deep clones
+/// since they contain large accelerator tables (~8MB each).
 #[derive(Clone, Debug, PartialEq, Eq, Serialize)]
 pub struct PublicInput<
     const PLAINTEXT_SPACE_SCALAR_LIMBS: usize,
@@ -120,12 +123,14 @@ pub struct PublicInput<
 {
     pub upcoming_access_structure: WeightedThresholdAccessStructure,
     pub plaintext_space_public_parameters: ScalarPublicParameters,
-    pub setup_parameters_per_crt_prime: [SecretKeyShareCRTPrimeSetupParameters; MAX_PRIMES],
-    pub setup_parameters: SetupParameters<
-        PLAINTEXT_SPACE_SCALAR_LIMBS,
-        FUNDAMENTAL_DISCRIMINANT_LIMBS,
-        NON_FUNDAMENTAL_DISCRIMINANT_LIMBS,
-        ScalarPublicParameters,
+    pub setup_parameters_per_crt_prime: Arc<[SecretKeyShareCRTPrimeSetupParameters; MAX_PRIMES]>,
+    pub setup_parameters: Arc<
+        SetupParameters<
+            PLAINTEXT_SPACE_SCALAR_LIMBS,
+            FUNDAMENTAL_DISCRIMINANT_LIMBS,
+            NON_FUNDAMENTAL_DISCRIMINANT_LIMBS,
+            ScalarPublicParameters,
+        >,
     >,
     pub computational_security_parameter: u32,
     pub current_encryption_key_values_and_proofs_per_crt_prime: HashMap<
@@ -367,14 +372,15 @@ where
             return Err(Error::InvalidParameters);
         }
 
-        let setup_parameters =
+        let setup_parameters = Arc::new(
             SetupParameters::derive_from_plaintext_parameters::<GroupElement::Scalar>(
                 plaintext_space_public_parameters.clone(),
                 computational_security_parameter,
-            )?;
+            )?,
+        );
 
         let setup_parameters_per_crt_prime =
-            construct_setup_parameters_per_crt_prime(computational_security_parameter)?;
+            Arc::new(construct_setup_parameters_per_crt_prime(computational_security_parameter)?);
 
         Ok(Self {
             plaintext_space_public_parameters,

class-groups/src/reconfiguration/party.rs

@@ -417,8 +417,8 @@ where
                 upcoming_party_id,
                 current_access_structure.clone(),
                 public_input.upcoming_access_structure.clone(),
-                public_input.setup_parameters.clone(),
-                public_input.setup_parameters_per_crt_prime.clone(),
+                (*public_input.setup_parameters).clone(),
+                (*public_input.setup_parameters_per_crt_prime).clone(),
                 public_input
                     .upcoming_encryption_key_values_and_proofs_per_crt_prime
                     .clone(),