This work addresses the long-standing challenge of constructing binary linear codes whose rate and relative minimum distance both asymptotically achieve the Gilbert–Varshamov (GV) bound, while ensuring *both* the code and its dual are linear-time encodable. We propose a novel construction based on the Replicated Multi-level Accumulate (RMA) framework, which combines modulo-2 prefix sums (accumulation) and adjacent-coordinate differencing (discrete differentiation) in a carefully orchestrated manner, augmented by a random coordinate permutation to enhance pseudorandomness. Crucially, the mutual invertibility of accumulation and differencing ensures structural symmetry and performance balance between the code and its dual. Theoretical analysis proves that the resulting code family attains the GV bound in both rate and relative distance, and its dual simultaneously achieves the GV bound as well; moreover, both the code and its dual admit *O(n)*-time encoding. To our knowledge, this is the first explicit family of binary linear codes achieving linear encoding complexity, two-sided asymptotic optimality (code and dual), and efficient constructibility—making it particularly suitable for applications such as fast matrix-vector multiplication in secure computation.

We initiate the study of what we term ``fast good codes'' with ``fast good duals.'' Specifically, we consider the task of constructing a binary linear code $C leq mathcal{F}_2^n$ such that both it and its dual $C^perp :={x in mathcal{F}_2^n:forall c in C, langle x,c angle=0}$ are asymptotically good (in fact, have rate-distance tradeoff approaching the GV bound), and are encodable in $O(n)$ time. While we believe such codes should find applications more broadly, as motivation we describe how such codes can be used the secure computation task of encrypted matrix-vector product, as studied by Behhamouda et al (CCS 2025, to appear). Our main contribution is a construction of such a fast good code with fast good dual. Our construction is inspired by the repeat multiple accumulate (RMA) codes of Divsalar, Jin and McEliece (Allerton, 1998). To create the rate 1/2 code, after repeating each message coordinate, we perform accumulation steps -- where first a uniform coordinate permutation is applied, and afterwards the prefix-sum mod 2 is applied -- which are alternated with discrete derivative steps -- where again a uniform coordinate permutation is applied, and afterwards the previous two coordinates are summed mod 2. Importantly, these two operations are inverse of each other. In particular, the dual of the code is very similar, with the accumulation and discrete derivative steps reversed. Our analysis is inspired by a prior analysis of RMA codes due to Ravazzi and Fagnani (IEEE Trans. Info. Theory, 2009). The main idea is to bound the input-output weight-enumerator function: the expected number of messages of a given weight that are encoded into a codeword of a given weight. We face new challenges in controlling the behaviour of the discrete derivative matrix (which can significantly drop the weight of a vector), which we overcome by careful case analysis.