decommitment unfriendly layers fix critical bug & blake2s & keccak ve…

…rifier unfriendly hash function support

Cargo.toml

@@ -32,13 +32,15 @@ sha3 = "0.10.8"
 starknet-core = "0.11.1"
 starknet-crypto = "0.7.1"
 starknet-types-core = "0.1.5"
+crypto-bigint = "0.5.5"
 thiserror = "1.0.61"
 num-bigint = { version = "0.4.4", features = ["serde"] }
+blake2 = "0.10.6"
 
 cairovm_verifier_air = { path = "crates/air", default-features=false}
-cairovm_verifier_commitment = { path = "crates/commitment" }
-cairovm_verifier_fri = { path = "crates/fri" }
-cairovm_verifier_pow = { path = "crates/pow" }
+cairovm_verifier_commitment = { path = "crates/commitment", default-features=false}
+cairovm_verifier_fri = { path = "crates/fri",default-features=false}
+cairovm_verifier_pow = { path = "crates/pow", default-features=false}
 cairovm_verifier_stark = { path = "crates/stark", default-features=false}
-cairovm_verifier_transcript = { path = "crates/transcript" }
-cairovm_verifier_proof_parser = { path = "proof-parser" }
+cairovm_verifier_transcript = { path = "crates/transcript", default-features=false}
+cairovm_verifier_proof_parser = { path = "proof-parser", default-features=false}

crates/commitment/Cargo.toml

@@ -13,7 +13,15 @@ serde_with.workspace = true
 serde.workspace = true
 sha3.workspace = true
 starknet-core.workspace = true
+starknet-types-core.workspace = true
 starknet-crypto.workspace = true
 thiserror.workspace = true
+crypto-bigint.workspace = true
+blake2.workspace = true
 
-cairovm_verifier_transcript.workspace = true
+cairovm_verifier_transcript.workspace = true
+
+[features]
+default = ["keccak"]
+keccak = []
+blake2s = []

crates/commitment/src/table/decommit.rs

@@ -1,10 +1,16 @@
 use crate::vector::{decommit::vector_commitment_decommit, types::Query};
-use sha3::Digest;
-use sha3::Keccak256;
-use starknet_core::types::NonZeroFelt;
 use starknet_crypto::{poseidon_hash_many, Felt};
 use thiserror::Error;
 
+#[cfg(feature = "blake2s")]
+use blake2::Blake2s256;
+#[cfg(feature = "blake2s")]
+use blake2::Digest;
+#[cfg(feature = "keccak")]
+use sha3::Digest;
+#[cfg(feature = "keccak")]
+use sha3::Keccak256;
+
 use super::types::{Commitment, Decommitment, Witness};
 
 const MONTGOMERY_R: Felt =
@@ -63,17 +69,17 @@ fn generate_vector_queries(
             let slice = &values[(i * n_columns as usize)..((i + 1) * n_columns as usize)];
             let mut data = Vec::new();
             data.extend(slice.iter().flat_map(|x| x.to_bytes_be().to_vec()));
-            // keccak hash
+
+            #[cfg(feature = "keccak")]
             let mut hasher = Keccak256::new();
+            #[cfg(feature = "blake2s")]
+            let mut hasher = Blake2s256::new();
+
             hasher.update(&data);
-            Felt::from_bytes_be_slice(hasher.finalize().to_vec().as_slice()).floor_div(
-                &NonZeroFelt::from_felt_unchecked(Felt::from_hex_unchecked(
-                    "0x10000000000000000000000000000000000000000",
-                )),
-            )
+            Felt::from_bytes_be_slice(&hasher.finalize().to_vec().as_slice()[12..32])
         };
 
-        vector_queries.push(Query { index: queries[i], value: hash });
+        vector_queries.push(Query { index: queries[i], value: hash })
     }
 
     vector_queries

crates/commitment/src/vector/decommit.rs

@@ -1,6 +1,12 @@
-use super::types::{Commitment, Query, QueryWithDepth, Witness};
+#[cfg(feature = "blake2s")]
+use blake2::Digest;
+#[cfg(feature = "blake2s")]
+use blake2::Blake2s256;
+#[cfg(feature = "keccak")]
 use sha3::Digest;
+#[cfg(feature = "keccak")]
 use sha3::Keccak256;
+use super::types::{Commitment, Query, QueryWithDepth, Witness};
 use starknet_core::types::NonZeroFelt;
 use starknet_crypto::{poseidon_hash, Felt};
 use thiserror::Error;
@@ -102,20 +108,20 @@ pub fn compute_root_from_queries(
 
 fn hash_friendly_unfriendly(x: Felt, y: Felt, is_verifier_friendly: bool) -> Felt {
     if is_verifier_friendly {
-        // poseidon hash
         poseidon_hash(x, y)
     } else {
         // keccak hash
+        let mut hash_data = Vec::with_capacity(64);
+        hash_data.extend(&x.to_bytes_be());
+        hash_data.extend(&y.to_bytes_be());
+
+        #[cfg(feature = "keccak")]
         let mut hasher = Keccak256::new();
-        let mut hash_data = Vec::with_capacity(40);
-        hash_data.extend_from_slice(&x.to_bytes_be());
-        hash_data.extend_from_slice(&y.to_bytes_be());
+        #[cfg(feature = "blake2s")]
+        let mut hasher = Blake2s256::new();
+
         hasher.update(&hash_data);
-        Felt::from_bytes_be_slice(hasher.finalize().to_vec().as_slice()).floor_div(
-            &NonZeroFelt::from_felt_unchecked(Felt::from_hex_unchecked(
-                "0x10000000000000000000000000000000000000000",
-            )),
-        )
+        Felt::from_bytes_be_slice(&hasher.finalize().to_vec().as_slice()[12..32])
     }
 }
 

crates/pow/Cargo.toml

@@ -9,10 +9,17 @@ repository.workspace = true
 version.workspace = true
 
 [dependencies]
+bail-out.workspace = true
 serde.workspace = true
 sha3.workspace = true
 starknet-crypto.workspace = true
 starknet-types-core.workspace = true
 thiserror.workspace = true
+blake2.workspace = true
 
-cairovm_verifier_transcript.workspace = true
+cairovm_verifier_transcript.workspace = true
+
+[features]
+default = ["keccak"]
+keccak = []
+blake2s = []

crates/pow/src/pow.rs

@@ -1,8 +1,16 @@
+#[cfg(feature = "blake2s")]
+use blake2::Blake2s256;
+#[cfg(feature = "blake2s")]
+use blake2::Digest;
+#[cfg(feature = "keccak")]
+use sha3::Digest;
+#[cfg(feature = "keccak")]
+use sha3::Keccak256;
+
+use bail_out::assure;
 use cairovm_verifier_transcript::transcript::Transcript;
 use serde::{Deserialize, Serialize};
-use sha3::{Digest, Keccak256};
 use starknet_crypto::Felt;
-use starknet_types_core::felt::NonZeroFelt;
 
 use crate::config::Config;
 
@@ -27,7 +35,10 @@ pub fn verify_pow(digest: [u8; 32], n_bits: u8, nonce: u64) -> Result<(), Error>
     //      8 bytes            || 32 bytes || 1 byte
     // Total of 0x29 = 41 bytes.
 
+    #[cfg(feature = "keccak")]
     let mut hasher = Keccak256::new();
+    #[cfg(feature = "blake2s")]
+    let mut hasher = Blake2s256::new();
     let mut init_data = Vec::with_capacity(41);
     init_data.extend_from_slice(&MAGIC.to_be_bytes());
     init_data.extend_from_slice(&digest);
@@ -42,21 +53,20 @@ pub fn verify_pow(digest: [u8; 32], n_bits: u8, nonce: u64) -> Result<(), Error>
     //              32 bytes  || 8 bytes
     // Total of 0x28 = 40 bytes.
 
+    #[cfg(feature = "keccak")]
     let mut hasher = Keccak256::new();
+    #[cfg(feature = "blake2s")]
+    let mut hasher = Blake2s256::new();
     let mut hash_data = Vec::with_capacity(40);
     hash_data.extend_from_slice(&init_hash);
     hash_data.extend_from_slice(&nonce.to_be_bytes());
     hasher.update(&hash_data);
     let final_hash = hasher.finalize();
 
-    let work_limit = Felt::TWO.pow(128 - n_bits);
-    let (q, _r) = Felt::from_bytes_be_slice(final_hash.as_slice())
-        .div_rem(&NonZeroFelt::try_from(Felt::TWO.pow(128_u128)).unwrap());
-    if q >= work_limit {
-        Err(Error::ProofOfWorkFail)
-    } else {
-        Ok(())
-    }
+    assure!(
+        Felt::from_bytes_be_slice(&final_hash.as_slice()[0..16]) < Felt::TWO.pow(128 - n_bits),
+        Error::ProofOfWorkFail
+    )
 }
 
 use thiserror::Error;