use 35 rounds for poseidon hash, update poseidon constants from sage script for 35 rounds
This commit is contained in:
poma
parent
47f33f2275
commit
afb4eff954
@ -43,10 +43,9 @@ template Poseidon(nInputs) {
|
||||
// Using recommended parameters from whitepaper https://eprint.iacr.org/2019/458.pdf (table 2, table 8)
|
||||
// Generated by https://extgit.iaik.tugraz.at/krypto/hadeshash/-/blob/master/code/calc_round_numbers.py
|
||||
// And rounded up to nearest integer that divides by t
|
||||
var N_ROUNDS_P[8] = [56, 57, 56, 60, 60, 63, 64, 63];
|
||||
var t = nInputs + 1;
|
||||
var nRoundsF = 8;
|
||||
var nRoundsP = N_ROUNDS_P[t - 2];
|
||||
var nRoundsP = 35;
|
||||
var C[t*(nRoundsF + nRoundsP)] = POSEIDON_C(t);
|
||||
var M[t][t] = POSEIDON_M(t);
|
||||
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -15,32 +15,32 @@ const { C, M } = unstringifyBigInts(require("./poseidon_constants.json"));
|
||||
// Generated by https://extgit.iaik.tugraz.at/krypto/hadeshash/-/blob/master/code/calc_round_numbers.py
|
||||
// And rounded up to nearest integer that divides by t
|
||||
const N_ROUNDS_F = 8;
|
||||
const N_ROUNDS_P = [56, 57, 56, 60, 60, 63, 64, 63];
|
||||
const N_ROUNDS_P = 35;
|
||||
|
||||
const pow5 = a => F.mul(a, F.square(F.square(a, a)));
|
||||
|
||||
function poseidon(inputs) {
|
||||
assert(inputs.length > 0);
|
||||
assert(inputs.length < N_ROUNDS_P.length - 1);
|
||||
assert(inputs.length < 5);
|
||||
|
||||
const t = inputs.length + 1;
|
||||
const nRoundsF = N_ROUNDS_F;
|
||||
const nRoundsP = N_ROUNDS_P[t - 2];
|
||||
const nRoundsP = N_ROUNDS_P;
|
||||
|
||||
let state = [...inputs.map(a => bigInt(a)), F.zero];
|
||||
for (let r = 0; r < nRoundsF + nRoundsP; r++) {
|
||||
state = state.map((a, i) => F.add(a, C[t - 2][r * t + i]));
|
||||
|
||||
state = state.map((a, i) => F.add(a, bigInt(C[t - 2][r * t + i])));
|
||||
|
||||
if (r < nRoundsF / 2 || r >= nRoundsF / 2 + nRoundsP) {
|
||||
state = state.map(a => pow5(a));
|
||||
} else {
|
||||
state[0] = pow5(state[0]);
|
||||
}
|
||||
|
||||
|
||||
// no matrix multiplication in the last round
|
||||
if (r < nRoundsF + nRoundsP - 1) {
|
||||
state = state.map((_, i) =>
|
||||
state.reduce((acc, a, j) => F.add(acc, F.mul(M[t - 2][j][i], a)), F.zero)
|
||||
state.reduce((acc, a, j) => F.add(acc, F.mul(bigInt(M[t - 2][j][i]), a)), F.zero)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -9,9 +9,12 @@ const Web3Utils = require("web3-utils");
|
||||
const { C:K, M } = unstringifyBigInts(require("./poseidon_constants.json"));
|
||||
|
||||
const N_ROUNDS_F = 8;
|
||||
const N_ROUNDS_P = [56, 57, 56, 60, 60, 63, 64, 63];
|
||||
const N_ROUNDS_P = 35;
|
||||
|
||||
function toHex256(a) {
|
||||
if (typeof a === "string" && a.startsWith("0x")) {
|
||||
return a;
|
||||
}
|
||||
let S = a.toString(16);
|
||||
while (S.length < 64) S="0"+S;
|
||||
return "0x" + S;
|
||||
@ -19,10 +22,10 @@ function toHex256(a) {
|
||||
|
||||
function createCode(nInputs) {
|
||||
|
||||
if (( nInputs<1) || (nInputs>8)) throw new Error("Invalid number of inputs. Must be 1<=nInputs<=8");
|
||||
if (( nInputs<1) || (nInputs>4)) throw new Error("Invalid number of inputs. Must be 1<=nInputs<=8");
|
||||
const t = nInputs + 1;
|
||||
const nRoundsF = N_ROUNDS_F;
|
||||
const nRoundsP = N_ROUNDS_P[t - 2];
|
||||
const nRoundsP = N_ROUNDS_P;
|
||||
|
||||
const C = new Contract();
|
||||
|
||||
|
||||
@ -23,7 +23,7 @@ describe("Poseidon Circuit test", function () {
|
||||
|
||||
it("Should check constrain of hash([1, 2])", async () => {
|
||||
const hash = poseidon([1, 2]);
|
||||
assert.equal("17117985411748610629288516079940078114952304104811071254131751175361957805920", hash.toString());
|
||||
assert.equal("0x11ad302b36a2d7e09653c8e90618f00c06cd0a7348e52cdf2ccced3c3abec679", "0x" + hash.toString(16));
|
||||
const w = await circuit2.calculateWitness({inputs: [1, 2]}, true);
|
||||
const res = w[circuit2.getSignalIdx("main.out")];
|
||||
assert.equal(res.toString(), hash.toString());
|
||||
@ -32,7 +32,7 @@ describe("Poseidon Circuit test", function () {
|
||||
|
||||
it("Should check constrain of hash([3, 4])", async () => {
|
||||
const hash = poseidon([3, 4]);
|
||||
assert.equal("21867347236198497199818917118739170715216974132230970409806500217655788551452", hash.toString());
|
||||
assert.equal("0x23939f0972e764d6e252060279aabaca8ec650ab30b17d2c13551bec2a66bcef", "0x" + hash.toString(16));
|
||||
const w = await circuit2.calculateWitness({inputs: [3, 4]});
|
||||
const res = w[circuit2.getSignalIdx("main.out")];
|
||||
assert.equal(res.toString(), hash.toString());
|
||||
@ -42,7 +42,7 @@ describe("Poseidon Circuit test", function () {
|
||||
|
||||
it("Should check constrain of hash([1, 2, 3, 4])", async () => {
|
||||
const hash = poseidon([1, 2, 3, 4]);
|
||||
assert.equal("10501812514110530158422365608831771203648472822841727510887411206067265790462", hash.toString());
|
||||
assert.equal("0x2e4fb80ce74868b0d33f4acb22071d8d8f8da7d30ebf972e6e4f72a64bb0633f", "0x" + hash.toString(16));
|
||||
const w = await circuit4.calculateWitness({inputs: [1, 2, 3, 4]});
|
||||
const res = w[circuit4.getSignalIdx("main.out")];
|
||||
assert.equal(res.toString(), hash.toString());
|
||||
@ -51,7 +51,7 @@ describe("Poseidon Circuit test", function () {
|
||||
|
||||
it("Should check constrain of hash([5, 6, 7, 8])", async () => {
|
||||
const hash = poseidon([5, 6, 7, 8]);
|
||||
assert.equal("20761996991478317428195238015626872345373101531750069996451149877836620406299", hash.toString());
|
||||
assert.equal("0x2a3fc67aa97766917ee06e927f35fd70f4655ad6c1f2e7bcd5c5c85aa3a8a974", "0x" + hash.toString(16));
|
||||
const w = await circuit4.calculateWitness({inputs: [5, 6, 7, 8]});
|
||||
const res = w[circuit4.getSignalIdx("main.out")];
|
||||
assert.equal(res.toString(), hash.toString());
|
||||
|
||||
Loading…
Reference in New Issue
Block a user