arnaucube
/
circomlib
mirror of https://github.com/arnaucube/circomlib.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
129 Commits
7 Branches
7 Tags
11 MiB
Tree: b2ac4daaa7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b2ac4daaa7'
${ noResults }
circomlib/src/poseidon.js

121 lines
3.6 KiB
Raw Normal View History

Blake to Blake2b and use of native big num
4 years ago
pedersen working
4 years ago
Poseidon
5 years ago
pre 0.5 all working
4 years ago
Blake to Blake2b and use of native big num
4 years ago
pedersen working
4 years ago
Blake to Blake2b and use of native big num
4 years ago
Poseidon
5 years ago
update poseidon with blake2b
4 years ago
pedersen working
4 years ago
Poseidon
5 years ago
Blake to Blake2b and use of native big num
4 years ago
Poseidon
5 years ago
pedersen working
4 years ago
Poseidon
5 years ago
Blake to Blake2b and use of native big num
4 years ago
Poseidon
5 years ago
Blake to Blake2b and use of native big num
4 years ago
Poseidon
5 years ago
Poseidon for t=3
4 years ago
Poseidon
5 years ago
Adapted circuits to the construction fase refactorization
4 years ago
Poseidon
5 years ago
Allow full poseidnon fix handle enable in the sigposeidon
4 years ago
Poseidon
5 years ago
Blake to Blake2b and use of native big num
4 years ago
Poseidon
5 years ago
pedersen working
4 years ago
Poseidon
5 years ago
  1. const Scalar = require("ffjavascript").Scalar;
  2. const blake2b = require("blake2b");
  3. const assert = require("assert");
  4. const ZqField = require("ffjavascript").ZqField;
  5. const utils = require("ffjavascript").utils;
  7. const F = new ZqField(Scalar.fromString("21888242871839275222246405745257275088548364400416034343698204186575808495617"));
  8. exports.F = F;
  10. const SEED = "poseidon";
  11. const NROUNDSF = 8;
  12. const NROUNDSP = 57;
  13. const T = 6;
  15. function getPseudoRandom(seed, n) {
  16. const res = [];
  17. let input = Buffer.from(seed);
  18. let h = blake2b(32).update(input).digest();
  19. while (res.length<n) {
  20. const n = F.normalize(utils.leBuff2int(Buffer.from(h)));
  21. res.push(n);
  22. h = blake2b(32).update(h).digest();
  23. }
  25. return res;
  26. }
  28. function allDifferent(v) {
  29. for (let i=0; i<v.length; i++) {
  30. if (F.isZero(v[i])) return false;
  31. for (let j=i+1; j<v.length; j++) {
  32. if (F.eq(v[i],v[j])) return false;
  33. }
  34. }
  35. return true;
  36. }
  38. exports.getMatrix = (t, seed, nRounds) => {
  39. if (typeof seed === "undefined") seed = SEED;
  40. if (typeof nRounds === "undefined") nRounds = NROUNDSF + NROUNDSP;
  41. if (typeof t === "undefined") t = T;
  42. assert(t<=6); // Force the same matrix for all.
  43. t=6;
  44. let nonce = "0000";
  45. let cmatrix = getPseudoRandom(seed+"_matrix_"+nonce, t*2);
  46. while (!allDifferent(cmatrix)) {
  47. nonce = (Number(nonce)+1)+"";
  48. while(nonce.length<4) nonce = "0"+nonce;
  49. cmatrix = getPseudoRandom(seed+"_matrix_"+nonce, t*2);
  50. }
  52. const M = new Array(t);
  53. for (let i=0; i<t; i++) {
  54. M[i] = new Array(t);
  55. for (let j=0; j<t; j++) {
  56. M[i][j] = F.normalize(F.inv(F.sub(cmatrix[i], cmatrix[t+j])));
  57. }
  58. }
  59. return M;
  60. };
  62. exports.getConstants = (t, seed, nRounds) => {
  63. if (typeof seed === "undefined") seed = SEED;
  64. if (typeof nRounds === "undefined") nRounds = NROUNDSF + NROUNDSP;
  65. if (typeof t === "undefined") t = T;
  66. const cts = getPseudoRandom(seed+"_constants", nRounds);
  67. return cts;
  68. };
  70. function ark(state, c) {
  71. for (let j=0; j<state.length; j++ ) {
  72. state[j] = F.add(state[j], c);
  73. }
  74. }
  76. function sigma(a) {
  77. return F.mul(a, F.square(F.square(a,a)));
  78. }
  80. function mix(state, M) {
  81. const newState = new Array(state.length);
  82. for (let i=0; i<state.length; i++) {
  83. newState[i] = F.zero;
  84. for (let j=0; j<state.length; j++) {
  85. newState[i] = F.add(newState[i], F.mul(M[i][j], state[j]) );
  86. }
  87. }
  88. for (let i=0; i<state.length; i++) state[i] = newState[i];
  89. }
  91. exports.createHash = (t, nRoundsF, nRoundsP, seed) => {
  93. if (typeof seed === "undefined") seed = SEED;
  94. if (typeof nRoundsF === "undefined") nRoundsF = NROUNDSF;
  95. if (typeof nRoundsP === "undefined") nRoundsP = NROUNDSP;
  96. if (typeof t === "undefined") t = T;
  98. assert(nRoundsF % 2 == 0);
  99. const C = exports.getConstants(t, seed, nRoundsF + nRoundsP);
  100. const M = exports.getMatrix(t, seed, nRoundsF + nRoundsP);
  101. return function(inputs) {
  102. let state = [];
  103. assert(inputs.length <= t);
  104. assert(inputs.length > 0);
  105. for (let i=0; i<inputs.length; i++) state[i] = F.e(inputs[i]);
  106. for (let i=inputs.length; i<t; i++) state[i] = F.zero;
  108. for (let i=0; i< nRoundsF + nRoundsP; i++) {
  109. ark(state, C[i]);
  110. if ((i<nRoundsF/2) || (i >= nRoundsF/2 + nRoundsP)) {
  111. for (let j=0; j<t; j++) state[j] = sigma(state[j]);
  112. } else {
  113. state[0] = sigma(state[0]);
  114. }
  115. mix(state, M);
  116. }
  117. return F.normalize(state[0]);
  118. };
  119. };