Crates.io 0.5.0 release

.github/workflows/ci.yaml

@@ -12,6 +12,11 @@ jobs:
         with:
           # Remove default `-D warnings`.
           rustflags: ""
+      - name: Setup rust
+        run: |
+          rustup set profile minimal
+          rustup toolchain install nightly-2023-08-23
+          rustup default nightly-2023-08-23
       - run: cargo build --verbose
       - run: cargo test --verbose --all
 

Cargo.toml

@@ -2,16 +2,19 @@
 name = "rescue_poseidon"
 description = "Sponge construction based Algebraic Hash Functions"
 keywords = ["poseidon", "rescue", "sponge"]
-license = "MIT OR Apache-2.0"
-version = "0.4.1"
+version = "0.5.0"
 authors = ["Sait Imamoglu <si@matterlabs.dev>"]
 edition = "2021"
+license = "MIT OR Apache-2.0"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
+derivative = "2"
 
-franklin_crypto = {package = "franklin-crypto", features = ["plonk"], version = "=0.1.0" }
+typemap_rev = "0.3"
+lazy_static = "1.4"
+franklin_crypto = {package = "franklin-crypto", features = ["plonk"], version = "=0.2.0" }
 num-bigint = "0.3"
 num-integer = "0.1"
 num-iter = "0.1"
@@ -24,9 +27,10 @@ addchain = "0.2"
 smallvec = "1.9"
 blake2 = "0.10"
 rayon = {version = "1.5", optional = true}
-lazy_static = {version = "1.4", optional = true}
+# lazy_static = {version = "1.4", optional = true}
 futures = {version = "0.3", features = ["executor", "thread-pool"], optional = true}
 arrayvec = "0.7"
+log = "0.4.19"
 
 [dev-dependencies]
 # reference poseidon does not uses specialization so some tests will fail.
@@ -49,7 +53,7 @@ hex = "0.4"
 [features]
 default = []
 rayon = ["dep:rayon"]
-futures = ["dep:lazy_static", "dep:futures"]
+futures = ["dep:futures"]
 
 [[bench]]
 name = "benches"

rust-toolchain

@@ -0,0 +1 @@
+nightly-2024-05-07

src/circuit/mod.rs

@@ -1,7 +1,8 @@
 pub(crate) mod sponge;
 pub(crate) mod poseidon;
+pub mod poseidon2;
 pub(crate) mod rescue;
 pub(crate) mod rescue_prime;
 mod sbox;
 mod matrix;
 #[cfg(test)]

src/circuit/poseidon2.rs

@@ -0,0 +1,117 @@
+use super::sbox::sbox;
+use super::sponge::circuit_generic_hash_num;
+use super::matrix::{matrix_vector_product, mul_by_sparse_matrix};
+use crate::{DomainStrategy, poseidon::params::PoseidonParams};
+use crate::poseidon2::Poseidon2Params;
+use crate::traits::{HashFamily, HashParams};
+use franklin_crypto::bellman::plonk::better_better_cs::cs::ConstraintSystem;
+use franklin_crypto::bellman::{Field, SynthesisError};
+use franklin_crypto::{
+    bellman::Engine,
+    plonk::circuit::{allocated_num::Num, linear_combination::LinearCombination},
+};
+
+/// Receives inputs whose length `known` prior(fixed-length).
+/// Also uses custom domain strategy which basically sets value of capacity element to
+/// length of input and applies a padding rule which makes input size equals to multiple of
+/// rate parameter.
+/// Uses pre-defined state-width=3 and rate=2.
+pub fn circuit_poseidon2_hash<E: Engine, CS: ConstraintSystem<E>, const L: usize>(
+    cs: &mut CS,
+    input: &[Num<E>; L],
+    domain_strategy: Option<DomainStrategy>,
+) -> Result<[Num<E>; 2], SynthesisError> {
+    const WIDTH: usize = 3;
+    const RATE: usize = 2;
+    let params = Poseidon2Params::<E, RATE, WIDTH>::default();
+    circuit_generic_hash_num(cs, input, &params, domain_strategy)
+}
+
+pub fn circuit_poseidon2_round_function<
+    E: Engine,
+    CS: ConstraintSystem<E>,
+    const RATE: usize,
+    const WIDTH: usize,
+>(
+    cs: &mut CS,
+    params: &Poseidon2Params<E, RATE, WIDTH>,
+    state: &mut [LinearCombination<E>; WIDTH],
+) -> Result<(), SynthesisError> {
+    assert!(params.number_of_full_rounds() % 2 == 0);
+
+    let half_of_full_rounds = params.number_of_full_rounds() / 2;
+
+    // Linear layer at beginning
+    matrix_vector_product(&params.mds_external_matrix, state)?;
+
+    // first full rounds
+    for round in 0..half_of_full_rounds {
+        let round_constants = &params.round_constants[round];
+
+        // add round constatnts
+        for (s, c) in state.iter_mut().zip(round_constants.iter()) {
+            s.add_assign_constant(*c);
+        }
+        // non linear sbox
+        sbox(
+            cs,
+            params.alpha(),
+            state,
+            Some(0..WIDTH),
+            params.custom_gate(),
+        )?;
+
+        // mul state by mds
+        matrix_vector_product(&params.mds_external_matrix, state)?;
+    }
+
+    let mut diag_internal_matrix_decreased = params.diag_internal_matrix.clone();
+    for coeff in diag_internal_matrix_decreased.iter_mut() {
+        coeff.sub_assign(&E::Fr::one());
+    }
+
+    for round in half_of_full_rounds..(params.partial_rounds + half_of_full_rounds) {
+        // add round constatnt
+        let round_constant = params.round_constants[round][0];
+        state[0].add_assign_constant(round_constant);
+
+        // non linear sbox
+        sbox(cs, params.alpha(), state, Some(0..1), params.custom_gate())?;
+
+        // mul state by internal matrix
+        let mut sum = state[0].clone();
+        for s in state.iter().skip(1) {
+            sum.add_assign(s);
+        }
+
+        for (s, coeff) in state.iter_mut().zip(diag_internal_matrix_decreased.iter()) {
+            s.scale(coeff);
+            s.add_assign(&sum);
+        }
+    }
+
+    // second full round
+    for round in (params.number_of_partial_rounds() + half_of_full_rounds)
+        ..(params.number_of_partial_rounds() + params.number_of_full_rounds())
+    {
+        let round_constants = &params.round_constants[round];
+
+        // add round constatnts
+        for (s, c) in state.iter_mut().zip(round_constants.iter()) {
+            s.add_assign_constant(*c);
+        }
+        // non linear sbox
+        sbox(
+            cs,
+            params.alpha(),
+            state,
+            Some(0..WIDTH),
+            params.custom_gate(),
+        )?;
+
+        // mul state by mds
+        matrix_vector_product(&params.mds_external_matrix, state)?;
+    }
+
+    Ok(())
+}

src/circuit/sponge.rs

@@ -1,6 +1,6 @@
 use crate::{
     common::domain_strategy::DomainStrategy,
-    traits::{HashFamily, HashParams},
+    traits::{HashFamily, HashParams}, poseidon2::Poseidon2Params,
 };
 use franklin_crypto::{
     bellman::plonk::better_better_cs::cs::ConstraintSystem, plonk::circuit::allocated_num::Num,
@@ -54,7 +54,7 @@
 pub struct CircuitGenericSponge<E: Engine, const RATE: usize, const WIDTH: usize> {
     state: [LinearCombination<E>; WIDTH],
     mode: SpongeMode<E, RATE>,
     domain_strategy: DomainStrategy,
 }
 
 impl<'a, E: Engine, const RATE: usize, const WIDTH: usize> CircuitGenericSponge<E, RATE, WIDTH> {
@@ -331,6 +331,13 @@
         HashFamily::RescuePrime => {
             super::rescue_prime::gadget_rescue_prime_round_function(cs, params, state)
         }
+        HashFamily::Poseidon2 => {
+            super::poseidon2::circuit_poseidon2_round_function(
+                cs, 
+                params.try_to_poseidon2_params().unwrap(), 
+                state
+            )
+        }
     }
 }
 
@@ -356,6 +363,13 @@
         HashFamily::RescuePrime => {
             super::rescue_prime::gadget_rescue_prime_round_function(cs, params, state)
         }
+        HashFamily::Poseidon2 => {
+            super::poseidon2::circuit_poseidon2_round_function(
+                cs, 
+                params.try_to_poseidon2_params().unwrap(), 
+                state
+            )
+        }
     };
 
     let _ = tmp?;

src/lib.rs

@@ -1,8 +1,11 @@
-mod circuit;
+#![feature(allocator_api)]
+
+pub mod circuit;
 #[allow(dead_code)]
 mod common;
 mod sponge;
 pub mod poseidon;
+pub mod poseidon2;
 pub mod rescue;
 pub mod rescue_prime;
 #[cfg(test)]
@@ -23,6 +26,7 @@ pub use rescue::{params::RescueParams, rescue_hash};
 pub use rescue_prime::{params::RescuePrimeParams, rescue_prime_hash};
 pub use common::domain_strategy::DomainStrategy;
 
+pub extern crate franklin_crypto;
 
 pub trait BigArraySerde<'de>: Sized {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>

src/poseidon2/mod.rs

@@ -0,0 +1,11 @@
+pub mod params;
+pub mod poseidon2;
+pub mod sponge;
+pub mod transcript;
+pub mod pow_runner;
+#[cfg(test)]
+mod tests;
+
+pub use self::sponge::*;
+pub use self::params::Poseidon2Params;
+pub use self::poseidon2::*;