diff --git a/field/goldilocks.go b/field/goldilocks.go
index a48271d..4f4511c 100644
--- a/field/goldilocks.go
+++ b/field/goldilocks.go
@@ -1,9 +1,14 @@
 package field
 
 import (
+	"fmt"
+	"math/big"
+
 	"github.com/consensys/gnark-crypto/ecc"
 	"github.com/consensys/gnark-crypto/field/goldilocks"
+	"github.com/consensys/gnark/backend/hint"
 	"github.com/consensys/gnark/frontend"
+	"github.com/consensys/gnark/std/math/bits"
 	"github.com/consensys/gnark/std/math/emulated"
 )
 
@@ -38,6 +43,7 @@ var NEG_ONE_F = NewFieldConst(EmulatedField{}.Modulus().Uint64() - 1)
 var GOLDILOCKS_MULTIPLICATIVE_GROUP_GENERATOR = goldilocks.NewElement(7)
 var GOLDILOCKS_TWO_ADICITY = uint64(32)
 var GOLDILOCKS_POWER_OF_TWO_GENERATOR = goldilocks.NewElement(1753635133440165772)
+var GOLDILOCKS_MODULUS = EmulatedField{}.Modulus()
 
 func GoldilocksPrimitiveRootOfUnity(nLog uint64) goldilocks.Element {
 	if nLog > GOLDILOCKS_TWO_ADICITY {
@@ -81,3 +87,107 @@ func IsZero(api frontend.API, fieldAPI *emulated.Field[emulated.Goldilocks], x F
 	return isZero
 
 }
+
+func init() {
+	// register hints
+	hint.Register(GoldilocksMulAddHint)
+}
+
+func GoldilocksRangeCheck(api frontend.API, x frontend.Variable) {
+	// Goldilocks' modulus is 2^64 - 2^32 + 1,
+	// which is "1111111111111111111111111111111100000000000000000000000000000001' in big endian binary
+	// This function will first verify that x is at most 64 bits wide.
+	// Then it checks that if the bits[0:31] (in big-endian) are all 1, then bits[32:64] are all zero
+
+	// First decompose x into 64 bits.  The bits will be in little-endian order.
+	bits, err := api.Compiler().NewHint(bits.NBits, 64, x)
+	if err != nil {
+		panic(err)
+	}
+
+	// Those bits should compose back to x
+	reconstructedX := frontend.Variable(0)
+	c := uint64(1)
+	for i := 0; i < 64; i++ {
+		reconstructedX = api.Add(reconstructedX, api.Mul(bits[i], c))
+		c = c << 1
+		api.AssertIsBoolean(bits[i])
+	}
+	api.AssertIsEqual(x, reconstructedX)
+
+	mostSigBits32Sum := frontend.Variable(0)
+	for i := 32; i < 64; i++ {
+		mostSigBits32Sum = api.Add(mostSigBits32Sum, bits[i])
+	}
+
+	leastSigBits32Sum := frontend.Variable(0)
+	for i := 0; i < 32; i++ {
+		leastSigBits32Sum = api.Add(leastSigBits32Sum, bits[i])
+	}
+
+	// If mostSigBits32Sum < 32, then we know that x < (2^63 + ... + 2^32 + 0 * 2^31 + ... + 0 * 2^0), which equals to 2^64 - 2^32
+	// So in that case, we don't need to do any more checks.
+	// If mostSigBits32Sum == 32, then we need to check that x == 2^64 - 2^32 (max GL value)
+	shouldCheck := api.IsZero(api.Sub(mostSigBits32Sum, 32))
+	api.AssertIsEqual(
+		api.Select(
+			shouldCheck,
+			leastSigBits32Sum,
+			frontend.Variable(0),
+		),
+		frontend.Variable(0),
+	)
+}
+
+// Calculates operands[0] * operands[1] + operands[2]
+// This function assumes that all operands are within goldilocks, and will panic otherwise
+// It will ensure that the result is within goldilocks
+func GoldilocksMulAdd(api frontend.API, operand1, operand2, operand3 frontend.Variable) frontend.Variable {
+	result, err := api.Compiler().NewHint(GoldilocksMulAddHint, 2, operand1, operand2, operand3)
+	if err != nil {
+		panic(err)
+	}
+
+	quotient := result[0]
+	remainder := result[1]
+
+	// Verify the calculated value
+	lhs := api.Mul(operand1, operand2)
+	lhs = api.Add(lhs, operand3)
+	rhs := api.Add(api.Mul(quotient, GOLDILOCKS_MODULUS), remainder)
+	api.AssertIsEqual(lhs, rhs)
+
+	GoldilocksRangeCheck(api, quotient)
+	GoldilocksRangeCheck(api, remainder)
+
+	return remainder
+}
+
+func GoldilocksMulAddHint(_ *big.Int, inputs []*big.Int, results []*big.Int) error {
+	if len(inputs) != 3 {
+		return fmt.Errorf("GoldilocksMulAddHint expects 3 input operands")
+	}
+
+	for _, operand := range inputs {
+		if operand.Cmp(GOLDILOCKS_MODULUS) >= 0 {
+			return fmt.Errorf("%s is not in the field", operand.String())
+		}
+	}
+
+	product := new(big.Int).Mul(inputs[0], inputs[1])
+	sum := new(big.Int).Add(product, inputs[2])
+	quotient := new(big.Int).Div(sum, GOLDILOCKS_MODULUS)
+	remainder := new(big.Int).Rem(sum, GOLDILOCKS_MODULUS)
+
+	results[0] = quotient
+	results[1] = remainder
+
+	return nil
+}
+
+func GoldilocksReduce(api frontend.API, x frontend.Variable) frontend.Variable {
+	// Use gnark's emulated field library.
+	fieldAPI := NewFieldAPI(api)
+	element := fieldAPI.NewElement(x)
+	return fieldAPI.Reduce(element).Limbs[0]
+}
diff --git a/field/goldilocks_test.go b/field/goldilocks_test.go
new file mode 100644
index 0000000..8e1673d
--- /dev/null
+++ b/field/goldilocks_test.go
@@ -0,0 +1,72 @@
+package field
+
+import (
+	"math/big"
+	"testing"
+
+	"github.com/consensys/gnark-crypto/ecc"
+	"github.com/consensys/gnark/backend"
+	"github.com/consensys/gnark/frontend"
+	"github.com/consensys/gnark/test"
+)
+
+type TestGoldilocksRangeCheckCircuit struct {
+	X frontend.Variable
+}
+
+func (c *TestGoldilocksRangeCheckCircuit) Define(api frontend.API) error {
+	GoldilocksRangeCheck(api, c.X)
+	return nil
+}
+func TestGoldilocksRangeCheck(t *testing.T) {
+	assert := test.NewAssert(t)
+
+	var circuit, witness TestGoldilocksRangeCheckCircuit
+
+	witness.X = 1
+	assert.ProverSucceeded(&circuit, &witness, test.WithCurves(ecc.BN254), test.WithBackends(backend.GROTH16), test.NoSerialization())
+
+	witness.X = 0
+	assert.ProverSucceeded(&circuit, &witness, test.WithCurves(ecc.BN254), test.WithBackends(backend.GROTH16), test.NoSerialization())
+
+	witness.X = EmulatedField{}.Modulus()
+	assert.ProverFailed(&circuit, &witness, test.WithCurves(ecc.BN254), test.WithBackends(backend.GROTH16), test.NoSerialization())
+
+	one := big.NewInt(1)
+	maxValidVal := new(big.Int).Sub(EmulatedField{}.Modulus(), one)
+	witness.X = maxValidVal
+	assert.ProverSucceeded(&circuit, &witness, test.WithCurves(ecc.BN254), test.WithBackends(backend.GROTH16))
+}
+
+type TestGoldilocksMulAddCircuit struct {
+	X, Y, Z        frontend.Variable
+	ExpectedResult frontend.Variable
+}
+
+func (c *TestGoldilocksMulAddCircuit) Define(api frontend.API) error {
+	calculateValue := GoldilocksMulAdd(api, c.X, c.Y, c.Z)
+	api.AssertIsEqual(calculateValue, c.ExpectedResult)
+
+	return nil
+}
+
+func TestGoldilocksMulAdd(t *testing.T) {
+	assert := test.NewAssert(t)
+
+	var circuit, witness TestGoldilocksMulAddCircuit
+
+	witness.X = 1
+	witness.Y = 2
+	witness.Z = 3
+	witness.ExpectedResult = 5
+	assert.ProverSucceeded(&circuit, &witness, test.WithCurves(ecc.BN254), test.WithBackends(backend.GROTH16), test.NoFuzzing())
+
+	bigOperand := new(big.Int).SetUint64(9223372036854775808)
+	expectedValue, _ := new(big.Int).SetString("18446744068340842500", 10)
+
+	witness.X = bigOperand
+	witness.Y = bigOperand
+	witness.Z = 3
+	witness.ExpectedResult = expectedValue
+	assert.ProverSucceeded(&circuit, &witness, test.WithCurves(ecc.BN254), test.WithBackends(backend.GROTH16), test.NoFuzzing())
+}
diff --git a/field/quadratic_extension.go b/field/quadratic_extension.go
index 8eeb0f0..852176e 100644
--- a/field/quadratic_extension.go
+++ b/field/quadratic_extension.go
@@ -97,6 +97,10 @@ func (c *QuadraticExtensionAPI) ScalarMulExtension(a QuadraticExtension, scalar
 	return QuadraticExtension{c.fieldAPI.Mul(a[0], scalar), c.fieldAPI.Mul(a[1], scalar)}
 }
 
+func (c *QuadraticExtensionAPI) VarToQE(a frontend.Variable) QuadraticExtension {
+	return c.FieldToQE(c.fieldAPI.NewElement(a))
+}
+
 func (c *QuadraticExtensionAPI) FieldToQE(a F) QuadraticExtension {
 	return QuadraticExtension{a, ZERO_F}
 }
diff --git a/poseidon/poseidon.go b/poseidon/poseidon.go
index 283b2bf..9179802 100644
--- a/poseidon/poseidon.go
+++ b/poseidon/poseidon.go
@@ -11,7 +11,7 @@ const MAX_WIDTH = 12
 const SPONGE_WIDTH = 12
 const SPONGE_RATE = 8
 
-type PoseidonState = [SPONGE_WIDTH]field.F
+type PoseidonState = [SPONGE_WIDTH]frontend.Variable
 type PoseidonStateExtension = [SPONGE_WIDTH]field.QuadraticExtension
 type PoseidonHashOut = [4]field.F
 
@@ -25,20 +25,25 @@ func NewPoseidonChip(api frontend.API, fieldAPI field.FieldAPI, qeAPI *field.Qua
 	return &PoseidonChip{api: api, fieldAPI: fieldAPI, qeAPI: qeAPI}
 }
 
+// The permutation function.
+// The input state MUST have all it's elements be within Goldilocks field (e.g. this function will not reduce the input elements).
+// The returned state's elements will all be within Goldilocks field.
 func (c *PoseidonChip) Poseidon(input PoseidonState) PoseidonState {
 	state := input
 	roundCounter := 0
-	state = c.FullRounds(state, &roundCounter)
-	state = c.PartialRounds(state, &roundCounter)
-	state = c.FullRounds(state, &roundCounter)
+	state = c.fullRounds(state, &roundCounter)
+	state = c.partialRounds(state, &roundCounter)
+	state = c.fullRounds(state, &roundCounter)
 	return state
 }
 
-func (c *PoseidonChip) HashNToMNoPad(input []field.F, nbOutputs int) []field.F {
+// The input elements MUST have all it's elements be within Goldilocks field.
+// The returned slice's elements will all be within Goldilocks field.
+func (c *PoseidonChip) HashNToMNoPad(input []frontend.Variable, nbOutputs int) []frontend.Variable {
 	var state PoseidonState
 
 	for i := 0; i < SPONGE_WIDTH; i++ {
-		state[i] = field.ZERO_F
+		state[i] = frontend.Variable(0)
 	}
 
 	for i := 0; i < len(input); i += SPONGE_RATE {
@@ -50,7 +55,7 @@ func (c *PoseidonChip) HashNToMNoPad(input []field.F, nbOutputs int) []field.F {
 		state = c.Poseidon(state)
 	}
 
-	var outputs []field.F
+	var outputs []frontend.Variable
 
 	for {
 		for i := 0; i < SPONGE_RATE; i++ {
@@ -63,9 +68,21 @@ func (c *PoseidonChip) HashNToMNoPad(input []field.F, nbOutputs int) []field.F {
 	}
 }
 
+// The input elements can be outside of the Goldilocks field.
+// The returned slice's elements will all be within Goldilocks field.
 func (c *PoseidonChip) HashNoPad(input []field.F) PoseidonHashOut {
 	var hash PoseidonHashOut
-	copy(hash[:], c.HashNToMNoPad(input, 4))
+	inputVars := []frontend.Variable{}
+
+	for i := 0; i < len(input); i++ {
+		inputVars = append(inputVars, c.fieldAPI.Reduce(input[i]).Limbs[0])
+	}
+
+	outputVars := c.HashNToMNoPad(inputVars, 4)
+	for i := 0; i < 4; i++ {
+		hash[i] = c.fieldAPI.NewElement(outputVars[i])
+	}
+
 	return hash
 }
 
@@ -73,24 +90,24 @@ func (c *PoseidonChip) ToVec(hash PoseidonHashOut) []field.F {
 	return hash[:]
 }
 
-func (c *PoseidonChip) FullRounds(state PoseidonState, roundCounter *int) PoseidonState {
+func (c *PoseidonChip) fullRounds(state PoseidonState, roundCounter *int) PoseidonState {
 	for i := 0; i < HALF_N_FULL_ROUNDS; i++ {
-		state = c.ConstantLayer(state, roundCounter)
-		state = c.SBoxLayer(state)
-		state = c.MdsLayer(state)
+		state = c.constantLayer(state, roundCounter)
+		state = c.sBoxLayer(state)
+		state = c.mdsLayer(state)
 		*roundCounter += 1
 	}
 	return state
 }
 
-func (c *PoseidonChip) PartialRounds(state PoseidonState, roundCounter *int) PoseidonState {
-	state = c.PartialFirstConstantLayer(state)
-	state = c.MdsPartialLayerInit(state)
+func (c *PoseidonChip) partialRounds(state PoseidonState, roundCounter *int) PoseidonState {
+	state = c.partialFirstConstantLayer(state)
+	state = c.mdsPartialLayerInit(state)
 
 	for i := 0; i < N_PARTIAL_ROUNDS; i++ {
-		state[0] = c.SBoxMonomial(state[0])
-		state[0] = c.fieldAPI.Add(state[0], FAST_PARTIAL_ROUND_CONSTANTS[i])
-		state = c.MdsPartialLayerFast(state, i)
+		state[0] = c.sBoxMonomial(state[0])
+		state[0] = field.GoldilocksMulAdd(c.api, frontend.Variable(1), state[0], FAST_PARTIAL_ROUND_CONSTANTS[i])
+		state = c.mdsPartialLayerFast(state, i)
 	}
 
 	*roundCounter += N_PARTIAL_ROUNDS
@@ -98,11 +115,11 @@ func (c *PoseidonChip) PartialRounds(state PoseidonState, roundCounter *int) Pos
 	return state
 }
 
-func (c *PoseidonChip) ConstantLayer(state PoseidonState, roundCounter *int) PoseidonState {
+func (c *PoseidonChip) constantLayer(state PoseidonState, roundCounter *int) PoseidonState {
 	for i := 0; i < 12; i++ {
 		if i < SPONGE_WIDTH {
 			roundConstant := ALL_ROUND_CONSTANTS[i+SPONGE_WIDTH*(*roundCounter)]
-			state[i] = c.fieldAPI.Add(state[i], roundConstant)
+			state[i] = field.GoldilocksMulAdd(c.api, frontend.Variable(1), state[i], roundConstant)
 		}
 	}
 	return state
@@ -111,18 +128,18 @@ func (c *PoseidonChip) ConstantLayer(state PoseidonState, roundCounter *int) Pos
 func (c *PoseidonChip) ConstantLayerExtension(state PoseidonStateExtension, roundCounter *int) PoseidonStateExtension {
 	for i := 0; i < 12; i++ {
 		if i < SPONGE_WIDTH {
-			roundConstant := c.qeAPI.FieldToQE(ALL_ROUND_CONSTANTS[i+SPONGE_WIDTH*(*roundCounter)])
+			roundConstant := c.qeAPI.VarToQE(ALL_ROUND_CONSTANTS[i+SPONGE_WIDTH*(*roundCounter)])
 			state[i] = c.qeAPI.AddExtension(state[i], roundConstant)
 		}
 	}
 	return state
 }
 
-func (c *PoseidonChip) SBoxMonomial(x field.F) field.F {
-	x2 := c.fieldAPI.Mul(x, x)
-	x4 := c.fieldAPI.Mul(x2, x2)
-	x3 := c.fieldAPI.Mul(x, x2)
-	return c.fieldAPI.Mul(x3, x4)
+func (c *PoseidonChip) sBoxMonomial(x frontend.Variable) frontend.Variable {
+	x2 := field.GoldilocksMulAdd(c.api, x, x, frontend.Variable(0))
+	x4 := field.GoldilocksMulAdd(c.api, x2, x2, frontend.Variable(0))
+	x6 := field.GoldilocksMulAdd(c.api, x4, x2, frontend.Variable(0))
+	return field.GoldilocksMulAdd(c.api, x6, x, frontend.Variable(0))
 }
 
 func (c *PoseidonChip) SBoxMonomialExtension(x field.QuadraticExtension) field.QuadraticExtension {
@@ -132,10 +149,10 @@ func (c *PoseidonChip) SBoxMonomialExtension(x field.QuadraticExtension) field.Q
 	return c.qeAPI.MulExtension(x3, x4)
 }
 
-func (c *PoseidonChip) SBoxLayer(state PoseidonState) PoseidonState {
+func (c *PoseidonChip) sBoxLayer(state PoseidonState) PoseidonState {
 	for i := 0; i < 12; i++ {
 		if i < SPONGE_WIDTH {
-			state[i] = c.SBoxMonomial(state[i])
+			state[i] = c.sBoxMonomial(state[i])
 		}
 	}
 	return state
@@ -150,7 +167,7 @@ func (c *PoseidonChip) SBoxLayerExtension(state PoseidonStateExtension) Poseidon
 	return state
 }
 
-func (c *PoseidonChip) MdsRowShf(r int, v [SPONGE_WIDTH]frontend.Variable) frontend.Variable {
+func (c *PoseidonChip) mdsRowShf(r int, v [SPONGE_WIDTH]frontend.Variable) frontend.Variable {
 	res := ZERO_VAR
 
 	for i := 0; i < 12; i++ {
@@ -169,35 +186,32 @@ func (c *PoseidonChip) MdsRowShfExtension(r int, v [SPONGE_WIDTH]field.Quadratic
 
 	for i := 0; i < 12; i++ {
 		if i < SPONGE_WIDTH {
-			matrixVal := c.qeAPI.FieldToQE(MDS_MATRIX_CIRC[i])
+			matrixVal := c.qeAPI.VarToQE(MDS_MATRIX_CIRC[i])
 			res1 := c.qeAPI.MulExtension(v[(i+r)%SPONGE_WIDTH], matrixVal)
 			res = c.qeAPI.AddExtension(res, res1)
 		}
 	}
 
-	matrixVal := c.qeAPI.FieldToQE(MDS_MATRIX_DIAG[r])
+	matrixVal := c.qeAPI.VarToQE(MDS_MATRIX_DIAG[r])
 	res = c.qeAPI.AddExtension(res, c.qeAPI.MulExtension(v[r], matrixVal))
 	return res
 }
 
-func (c *PoseidonChip) MdsLayer(state_ PoseidonState) PoseidonState {
+func (c *PoseidonChip) mdsLayer(state_ PoseidonState) PoseidonState {
 	var result PoseidonState
 	for i := 0; i < SPONGE_WIDTH; i++ {
-		result[i] = field.ZERO_F
+		result[i] = frontend.Variable(0)
 	}
 
 	var state [SPONGE_WIDTH]frontend.Variable
 	for i := 0; i < SPONGE_WIDTH; i++ {
-		reducedState := c.fieldAPI.Reduce(state_[i])
-		//state[i] = c.api.FromBinary(c.fieldAPI.ToBits(reducedState)...)
-		state[i] = reducedState.Limbs[0]
+		state[i] = field.GoldilocksReduce(c.api, state_[i])
 	}
 
 	for r := 0; r < 12; r++ {
 		if r < SPONGE_WIDTH {
-			sum := c.MdsRowShf(r, state)
-			bits := c.api.ToBinary(sum)
-			result[r] = c.fieldAPI.FromBits(bits...)
+			sum := c.mdsRowShf(r, state)
+			result[r] = field.GoldilocksReduce(c.api, sum)
 		}
 	}
 
@@ -217,10 +231,10 @@ func (c *PoseidonChip) MdsLayerExtension(state_ PoseidonStateExtension) Poseidon
 	return result
 }
 
-func (c *PoseidonChip) PartialFirstConstantLayer(state PoseidonState) PoseidonState {
+func (c *PoseidonChip) partialFirstConstantLayer(state PoseidonState) PoseidonState {
 	for i := 0; i < 12; i++ {
 		if i < SPONGE_WIDTH {
-			state[i] = c.fieldAPI.Add(state[i], FAST_PARTIAL_FIRST_ROUND_CONSTANT[i])
+			state[i] = field.GoldilocksMulAdd(c.api, frontend.Variable(1), state[i], FAST_PARTIAL_FIRST_ROUND_CONSTANT[i])
 		}
 	}
 	return state
@@ -229,16 +243,16 @@ func (c *PoseidonChip) PartialFirstConstantLayer(state PoseidonState) PoseidonSt
 func (c *PoseidonChip) PartialFirstConstantLayerExtension(state PoseidonStateExtension) PoseidonStateExtension {
 	for i := 0; i < 12; i++ {
 		if i < SPONGE_WIDTH {
-			state[i] = c.qeAPI.AddExtension(state[i], c.qeAPI.FieldToQE(FAST_PARTIAL_FIRST_ROUND_CONSTANT[i]))
+			state[i] = c.qeAPI.AddExtension(state[i], c.qeAPI.VarToQE((FAST_PARTIAL_FIRST_ROUND_CONSTANT[i])))
 		}
 	}
 	return state
 }
 
-func (c *PoseidonChip) MdsPartialLayerInit(state PoseidonState) PoseidonState {
+func (c *PoseidonChip) mdsPartialLayerInit(state PoseidonState) PoseidonState {
 	var result PoseidonState
 	for i := 0; i < 12; i++ {
-		result[i] = field.ZERO_F
+		result[i] = frontend.Variable(0)
 	}
 
 	result[0] = state[0]
@@ -248,7 +262,7 @@ func (c *PoseidonChip) MdsPartialLayerInit(state PoseidonState) PoseidonState {
 			for d := 1; d < 12; d++ {
 				if d < SPONGE_WIDTH {
 					t := FAST_PARTIAL_ROUND_INITIAL_MATRIX[r-1][d-1]
-					result[d] = c.fieldAPI.Add(result[d], c.fieldAPI.Mul(state[r], t))
+					result[d] = field.GoldilocksMulAdd(c.api, state[r], t, result[d])
 				}
 			}
 		}
@@ -269,7 +283,7 @@ func (c *PoseidonChip) MdsPartialLayerInitExtension(state PoseidonStateExtension
 		if r < SPONGE_WIDTH {
 			for d := 1; d < 12; d++ {
 				if d < SPONGE_WIDTH {
-					t := c.qeAPI.FieldToQE(FAST_PARTIAL_ROUND_INITIAL_MATRIX[r-1][d-1])
+					t := c.qeAPI.VarToQE(FAST_PARTIAL_ROUND_INITIAL_MATRIX[r-1][d-1])
 					result[d] = c.qeAPI.AddExtension(result[d], c.qeAPI.MulExtension(state[r], t))
 				}
 			}
@@ -279,28 +293,23 @@ func (c *PoseidonChip) MdsPartialLayerInitExtension(state PoseidonStateExtension
 	return result
 }
 
-func (c *PoseidonChip) MdsPartialLayerFast(state PoseidonState, r int) PoseidonState {
+func (c *PoseidonChip) mdsPartialLayerFast(state PoseidonState, r int) PoseidonState {
 	dSum := ZERO_VAR
 	for i := 1; i < 12; i++ {
 		if i < SPONGE_WIDTH {
 			t := FAST_PARTIAL_ROUND_W_HATS_VARS[r][i-1]
-			reducedState := c.fieldAPI.Reduce(state[i])
-			//si := c.api.FromBinary(c.fieldAPI.ToBits(reducedState)...)
-			si := reducedState.Limbs[0]
-			dSum = c.api.Add(dSum, c.api.Mul(si, t))
+			reducedState := field.GoldilocksReduce(c.api, state[i])
+			dSum = c.api.Add(dSum, c.api.Mul(reducedState, t))
 		}
 	}
 
-	reducedState := c.fieldAPI.Reduce(state[0])
-	//s0 := c.api.FromBinary(c.fieldAPI.ToBits(reducedState)...)
-	s0 := reducedState.Limbs[0]
+	s0 := field.GoldilocksReduce(c.api, state[0])
 	dSum = c.api.Add(dSum, c.api.Mul(s0, MDS0TO0_VAR))
-	d := c.fieldAPI.FromBits(c.api.ToBinary(dSum)...)
-	//d := c.fieldAPI.NewElement(dSum)
+	d := field.GoldilocksReduce(c.api, dSum)
 
 	var result PoseidonState
 	for i := 0; i < SPONGE_WIDTH; i++ {
-		result[i] = field.ZERO_F
+		result[i] = frontend.Variable(0)
 	}
 
 	result[0] = d
@@ -308,7 +317,7 @@ func (c *PoseidonChip) MdsPartialLayerFast(state PoseidonState, r int) PoseidonS
 	for i := 1; i < 12; i++ {
 		if i < SPONGE_WIDTH {
 			t := FAST_PARTIAL_ROUND_VS[r][i-1]
-			result[i] = c.fieldAPI.Add(state[i], c.fieldAPI.Mul(state[0], t))
+			result[i] = field.GoldilocksMulAdd(c.api, state[0], t, state[i])
 		}
 	}
 
@@ -317,11 +326,11 @@ func (c *PoseidonChip) MdsPartialLayerFast(state PoseidonState, r int) PoseidonS
 
 func (c *PoseidonChip) MdsPartialLayerFastExtension(state PoseidonStateExtension, r int) PoseidonStateExtension {
 	s0 := state[0]
-	mds0to0 := c.qeAPI.FieldToQE(MDS0TO0)
+	mds0to0 := c.qeAPI.VarToQE(MDS0TO0)
 	d := c.qeAPI.MulExtension(s0, mds0to0)
 	for i := 1; i < 12; i++ {
 		if i < SPONGE_WIDTH {
-			t := c.qeAPI.FieldToQE(FAST_PARTIAL_ROUND_W_HATS[r][i-1])
+			t := c.qeAPI.VarToQE(FAST_PARTIAL_ROUND_W_HATS[r][i-1])
 			d = c.qeAPI.AddExtension(d, c.qeAPI.MulExtension(state[i], t))
 		}
 	}
@@ -330,7 +339,7 @@ func (c *PoseidonChip) MdsPartialLayerFastExtension(state PoseidonStateExtension
 	result[0] = d
 	for i := 1; i < 12; i++ {
 		if i < SPONGE_WIDTH {
-			t := c.qeAPI.FieldToQE(FAST_PARTIAL_ROUND_VS[r][i-1])
+			t := c.qeAPI.VarToQE(FAST_PARTIAL_ROUND_VS[r][i-1])
 			result[i] = c.qeAPI.AddExtension(c.qeAPI.MulExtension(state[0], t), state[i])
 		}
 	}
diff --git a/poseidon/poseidon_bn128.go b/poseidon/poseidon_bn128.go
index a386caa..a939604 100644
--- a/poseidon/poseidon_bn128.go
+++ b/poseidon/poseidon_bn128.go
@@ -20,6 +20,8 @@ type PoseidonBN128Chip struct {
 type PoseidonBN128State = [spongeWidth]frontend.Variable
 type PoseidonBN128HashOut = frontend.Variable
 
+// This implementation is based on the following implementation:
+// https://github.com/iden3/go-iden3-crypto/blob/e5cf066b8be3da9a3df9544c65818df189fdbebe/poseidon/poseidon.go
 func NewPoseidonBN128Chip(api frontend.API, fieldAPI field.FieldAPI) *PoseidonBN128Chip {
 	return &PoseidonBN128Chip{api: api, fieldAPI: fieldAPI}
 }
diff --git a/poseidon/poseidon_constants.go b/poseidon/poseidon_constants.go
index 3d6dc87..f80dc45 100644
--- a/poseidon/poseidon_constants.go
+++ b/poseidon/poseidon_constants.go
@@ -2,421 +2,420 @@ package poseidon
 
 import (
 	"github.com/consensys/gnark/frontend"
-	"github.com/succinctlabs/gnark-plonky2-verifier/field"
 )
 
-var ALL_ROUND_CONSTANTS = []field.F{
-	field.NewFieldConst(0xb585f766f2144405),
-	field.NewFieldConst(0x7746a55f43921ad7),
-	field.NewFieldConst(0xb2fb0d31cee799b4),
-	field.NewFieldConst(0x0f6760a4803427d7),
-	field.NewFieldConst(0xe10d666650f4e012),
-	field.NewFieldConst(0x8cae14cb07d09bf1),
-	field.NewFieldConst(0xd438539c95f63e9f),
-	field.NewFieldConst(0xef781c7ce35b4c3d),
-	field.NewFieldConst(0xcdc4a239b0c44426),
-	field.NewFieldConst(0x277fa208bf337bff),
-	field.NewFieldConst(0xe17653a29da578a1),
-	field.NewFieldConst(0xc54302f225db2c76),
-	field.NewFieldConst(0x86287821f722c881),
-	field.NewFieldConst(0x59cd1a8a41c18e55),
-	field.NewFieldConst(0xc3b919ad495dc574),
-	field.NewFieldConst(0xa484c4c5ef6a0781),
-	field.NewFieldConst(0x308bbd23dc5416cc),
-	field.NewFieldConst(0x6e4a40c18f30c09c),
-	field.NewFieldConst(0x9a2eedb70d8f8cfa),
-	field.NewFieldConst(0xe360c6e0ae486f38),
-	field.NewFieldConst(0xd5c7718fbfc647fb),
-	field.NewFieldConst(0xc35eae071903ff0b),
-	field.NewFieldConst(0x849c2656969c4be7),
-	field.NewFieldConst(0xc0572c8c08cbbbad),
-	field.NewFieldConst(0xe9fa634a21de0082),
-	field.NewFieldConst(0xf56f6d48959a600d),
-	field.NewFieldConst(0xf7d713e806391165),
-	field.NewFieldConst(0x8297132b32825daf),
-	field.NewFieldConst(0xad6805e0e30b2c8a),
-	field.NewFieldConst(0xac51d9f5fcf8535e),
-	field.NewFieldConst(0x502ad7dc18c2ad87),
-	field.NewFieldConst(0x57a1550c110b3041),
-	field.NewFieldConst(0x66bbd30e6ce0e583),
-	field.NewFieldConst(0x0da2abef589d644e),
-	field.NewFieldConst(0xf061274fdb150d61),
-	field.NewFieldConst(0x28b8ec3ae9c29633),
-	field.NewFieldConst(0x92a756e67e2b9413),
-	field.NewFieldConst(0x70e741ebfee96586),
-	field.NewFieldConst(0x019d5ee2af82ec1c),
-	field.NewFieldConst(0x6f6f2ed772466352),
-	field.NewFieldConst(0x7cf416cfe7e14ca1),
-	field.NewFieldConst(0x61df517b86a46439),
-	field.NewFieldConst(0x85dc499b11d77b75),
-	field.NewFieldConst(0x4b959b48b9c10733),
-	field.NewFieldConst(0xe8be3e5da8043e57),
-	field.NewFieldConst(0xf5c0bc1de6da8699),
-	field.NewFieldConst(0x40b12cbf09ef74bf),
-	field.NewFieldConst(0xa637093ecb2ad631),
-	field.NewFieldConst(0x3cc3f892184df408),
-	field.NewFieldConst(0x2e479dc157bf31bb),
-	field.NewFieldConst(0x6f49de07a6234346),
-	field.NewFieldConst(0x213ce7bede378d7b),
-	field.NewFieldConst(0x5b0431345d4dea83),
-	field.NewFieldConst(0xa2de45780344d6a1),
-	field.NewFieldConst(0x7103aaf94a7bf308),
-	field.NewFieldConst(0x5326fc0d97279301),
-	field.NewFieldConst(0xa9ceb74fec024747),
-	field.NewFieldConst(0x27f8ec88bb21b1a3),
-	field.NewFieldConst(0xfceb4fda1ded0893),
-	field.NewFieldConst(0xfac6ff1346a41675),
-	field.NewFieldConst(0x7131aa45268d7d8c),
-	field.NewFieldConst(0x9351036095630f9f),
-	field.NewFieldConst(0xad535b24afc26bfb),
-	field.NewFieldConst(0x4627f5c6993e44be),
-	field.NewFieldConst(0x645cf794b8f1cc58),
-	field.NewFieldConst(0x241c70ed0af61617),
-	field.NewFieldConst(0xacb8e076647905f1),
-	field.NewFieldConst(0x3737e9db4c4f474d),
-	field.NewFieldConst(0xe7ea5e33e75fffb6),
-	field.NewFieldConst(0x90dee49fc9bfc23a),
-	field.NewFieldConst(0xd1b1edf76bc09c92),
-	field.NewFieldConst(0x0b65481ba645c602),
-	field.NewFieldConst(0x99ad1aab0814283b),
-	field.NewFieldConst(0x438a7c91d416ca4d),
-	field.NewFieldConst(0xb60de3bcc5ea751c),
-	field.NewFieldConst(0xc99cab6aef6f58bc),
-	field.NewFieldConst(0x69a5ed92a72ee4ff),
-	field.NewFieldConst(0x5e7b329c1ed4ad71),
-	field.NewFieldConst(0x5fc0ac0800144885),
-	field.NewFieldConst(0x32db829239774eca),
-	field.NewFieldConst(0x0ade699c5830f310),
-	field.NewFieldConst(0x7cc5583b10415f21),
-	field.NewFieldConst(0x85df9ed2e166d64f),
-	field.NewFieldConst(0x6604df4fee32bcb1),
-	field.NewFieldConst(0xeb84f608da56ef48),
-	field.NewFieldConst(0xda608834c40e603d),
-	field.NewFieldConst(0x8f97fe408061f183),
-	field.NewFieldConst(0xa93f485c96f37b89),
-	field.NewFieldConst(0x6704e8ee8f18d563),
-	field.NewFieldConst(0xcee3e9ac1e072119),
-	field.NewFieldConst(0x510d0e65e2b470c1),
-	field.NewFieldConst(0xf6323f486b9038f0),
-	field.NewFieldConst(0x0b508cdeffa5ceef),
-	field.NewFieldConst(0xf2417089e4fb3cbd),
-	field.NewFieldConst(0x60e75c2890d15730),
-	field.NewFieldConst(0xa6217d8bf660f29c),
-	field.NewFieldConst(0x7159cd30c3ac118e),
-	field.NewFieldConst(0x839b4e8fafead540),
-	field.NewFieldConst(0x0d3f3e5e82920adc),
-	field.NewFieldConst(0x8f7d83bddee7bba8),
-	field.NewFieldConst(0x780f2243ea071d06),
-	field.NewFieldConst(0xeb915845f3de1634),
-	field.NewFieldConst(0xd19e120d26b6f386),
-	field.NewFieldConst(0x016ee53a7e5fecc6),
-	field.NewFieldConst(0xcb5fd54e7933e477),
-	field.NewFieldConst(0xacb8417879fd449f),
-	field.NewFieldConst(0x9c22190be7f74732),
-	field.NewFieldConst(0x5d693c1ba3ba3621),
-	field.NewFieldConst(0xdcef0797c2b69ec7),
-	field.NewFieldConst(0x3d639263da827b13),
-	field.NewFieldConst(0xe273fd971bc8d0e7),
-	field.NewFieldConst(0x418f02702d227ed5),
-	field.NewFieldConst(0x8c25fda3b503038c),
-	field.NewFieldConst(0x2cbaed4daec8c07c),
-	field.NewFieldConst(0x5f58e6afcdd6ddc2),
-	field.NewFieldConst(0x284650ac5e1b0eba),
-	field.NewFieldConst(0x635b337ee819dab5),
-	field.NewFieldConst(0x9f9a036ed4f2d49f),
-	field.NewFieldConst(0xb93e260cae5c170e),
-	field.NewFieldConst(0xb0a7eae879ddb76d),
-	field.NewFieldConst(0xd0762cbc8ca6570c),
-	field.NewFieldConst(0x34c6efb812b04bf5),
-	field.NewFieldConst(0x40bf0ab5fa14c112),
-	field.NewFieldConst(0xb6b570fc7c5740d3),
-	field.NewFieldConst(0x5a27b9002de33454),
-	field.NewFieldConst(0xb1a5b165b6d2b2d2),
-	field.NewFieldConst(0x8722e0ace9d1be22),
-	field.NewFieldConst(0x788ee3b37e5680fb),
-	field.NewFieldConst(0x14a726661551e284),
-	field.NewFieldConst(0x98b7672f9ef3b419),
-	field.NewFieldConst(0xbb93ae776bb30e3a),
-	field.NewFieldConst(0x28fd3b046380f850),
-	field.NewFieldConst(0x30a4680593258387),
-	field.NewFieldConst(0x337dc00c61bd9ce1),
-	field.NewFieldConst(0xd5eca244c7a4ff1d),
-	field.NewFieldConst(0x7762638264d279bd),
-	field.NewFieldConst(0xc1e434bedeefd767),
-	field.NewFieldConst(0x0299351a53b8ec22),
-	field.NewFieldConst(0xb2d456e4ad251b80),
-	field.NewFieldConst(0x3e9ed1fda49cea0b),
-	field.NewFieldConst(0x2972a92ba450bed8),
-	field.NewFieldConst(0x20216dd77be493de),
-	field.NewFieldConst(0xadffe8cf28449ec6),
-	field.NewFieldConst(0x1c4dbb1c4c27d243),
-	field.NewFieldConst(0x15a16a8a8322d458),
-	field.NewFieldConst(0x388a128b7fd9a609),
-	field.NewFieldConst(0x2300e5d6baedf0fb),
-	field.NewFieldConst(0x2f63aa8647e15104),
-	field.NewFieldConst(0xf1c36ce86ecec269),
-	field.NewFieldConst(0x27181125183970c9),
-	field.NewFieldConst(0xe584029370dca96d),
-	field.NewFieldConst(0x4d9bbc3e02f1cfb2),
-	field.NewFieldConst(0xea35bc29692af6f8),
-	field.NewFieldConst(0x18e21b4beabb4137),
-	field.NewFieldConst(0x1e3b9fc625b554f4),
-	field.NewFieldConst(0x25d64362697828fd),
-	field.NewFieldConst(0x5a3f1bb1c53a9645),
-	field.NewFieldConst(0xdb7f023869fb8d38),
-	field.NewFieldConst(0xb462065911d4e1fc),
-	field.NewFieldConst(0x49c24ae4437d8030),
-	field.NewFieldConst(0xd793862c112b0566),
-	field.NewFieldConst(0xaadd1106730d8feb),
-	field.NewFieldConst(0xc43b6e0e97b0d568),
-	field.NewFieldConst(0xe29024c18ee6fca2),
-	field.NewFieldConst(0x5e50c27535b88c66),
-	field.NewFieldConst(0x10383f20a4ff9a87),
-	field.NewFieldConst(0x38e8ee9d71a45af8),
-	field.NewFieldConst(0xdd5118375bf1a9b9),
-	field.NewFieldConst(0x775005982d74d7f7),
-	field.NewFieldConst(0x86ab99b4dde6c8b0),
-	field.NewFieldConst(0xb1204f603f51c080),
-	field.NewFieldConst(0xef61ac8470250ecf),
-	field.NewFieldConst(0x1bbcd90f132c603f),
-	field.NewFieldConst(0x0cd1dabd964db557),
-	field.NewFieldConst(0x11a3ae5beb9d1ec9),
-	field.NewFieldConst(0xf755bfeea585d11d),
-	field.NewFieldConst(0xa3b83250268ea4d7),
-	field.NewFieldConst(0x516306f4927c93af),
-	field.NewFieldConst(0xddb4ac49c9efa1da),
-	field.NewFieldConst(0x64bb6dec369d4418),
-	field.NewFieldConst(0xf9cc95c22b4c1fcc),
-	field.NewFieldConst(0x08d37f755f4ae9f6),
-	field.NewFieldConst(0xeec49b613478675b),
-	field.NewFieldConst(0xf143933aed25e0b0),
-	field.NewFieldConst(0xe4c5dd8255dfc622),
-	field.NewFieldConst(0xe7ad7756f193198e),
-	field.NewFieldConst(0x92c2318b87fff9cb),
-	field.NewFieldConst(0x739c25f8fd73596d),
-	field.NewFieldConst(0x5636cac9f16dfed0),
-	field.NewFieldConst(0xdd8f909a938e0172),
-	field.NewFieldConst(0xc6401fe115063f5b),
-	field.NewFieldConst(0x8ad97b33f1ac1455),
-	field.NewFieldConst(0x0c49366bb25e8513),
-	field.NewFieldConst(0x0784d3d2f1698309),
-	field.NewFieldConst(0x530fb67ea1809a81),
-	field.NewFieldConst(0x410492299bb01f49),
-	field.NewFieldConst(0x139542347424b9ac),
-	field.NewFieldConst(0x9cb0bd5ea1a1115e),
-	field.NewFieldConst(0x02e3f615c38f49a1),
-	field.NewFieldConst(0x985d4f4a9c5291ef),
-	field.NewFieldConst(0x775b9feafdcd26e7),
-	field.NewFieldConst(0x304265a6384f0f2d),
-	field.NewFieldConst(0x593664c39773012c),
-	field.NewFieldConst(0x4f0a2e5fb028f2ce),
-	field.NewFieldConst(0xdd611f1000c17442),
-	field.NewFieldConst(0xd8185f9adfea4fd0),
-	field.NewFieldConst(0xef87139ca9a3ab1e),
-	field.NewFieldConst(0x3ba71336c34ee133),
-	field.NewFieldConst(0x7d3a455d56b70238),
-	field.NewFieldConst(0x660d32e130182684),
-	field.NewFieldConst(0x297a863f48cd1f43),
-	field.NewFieldConst(0x90e0a736a751ebb7),
-	field.NewFieldConst(0x549f80ce550c4fd3),
-	field.NewFieldConst(0x0f73b2922f38bd64),
-	field.NewFieldConst(0x16bf1f73fb7a9c3f),
-	field.NewFieldConst(0x6d1f5a59005bec17),
-	field.NewFieldConst(0x02ff876fa5ef97c4),
-	field.NewFieldConst(0xc5cb72a2a51159b0),
-	field.NewFieldConst(0x8470f39d2d5c900e),
-	field.NewFieldConst(0x25abb3f1d39fcb76),
-	field.NewFieldConst(0x23eb8cc9b372442f),
-	field.NewFieldConst(0xd687ba55c64f6364),
-	field.NewFieldConst(0xda8d9e90fd8ff158),
-	field.NewFieldConst(0xe3cbdc7d2fe45ea7),
-	field.NewFieldConst(0xb9a8c9b3aee52297),
-	field.NewFieldConst(0xc0d28a5c10960bd3),
-	field.NewFieldConst(0x45d7ac9b68f71a34),
-	field.NewFieldConst(0xeeb76e397069e804),
-	field.NewFieldConst(0x3d06c8bd1514e2d9),
-	field.NewFieldConst(0x9c9c98207cb10767),
-	field.NewFieldConst(0x65700b51aedfb5ef),
-	field.NewFieldConst(0x911f451539869408),
-	field.NewFieldConst(0x7ae6849fbc3a0ec6),
-	field.NewFieldConst(0x3bb340eba06afe7e),
-	field.NewFieldConst(0xb46e9d8b682ea65e),
-	field.NewFieldConst(0x8dcf22f9a3b34356),
-	field.NewFieldConst(0x77bdaeda586257a7),
-	field.NewFieldConst(0xf19e400a5104d20d),
-	field.NewFieldConst(0xc368a348e46d950f),
-	field.NewFieldConst(0x9ef1cd60e679f284),
-	field.NewFieldConst(0xe89cd854d5d01d33),
-	field.NewFieldConst(0x5cd377dc8bb882a2),
-	field.NewFieldConst(0xa7b0fb7883eee860),
-	field.NewFieldConst(0x7684403ec392950d),
-	field.NewFieldConst(0x5fa3f06f4fed3b52),
-	field.NewFieldConst(0x8df57ac11bc04831),
-	field.NewFieldConst(0x2db01efa1e1e1897),
-	field.NewFieldConst(0x54846de4aadb9ca2),
-	field.NewFieldConst(0xba6745385893c784),
-	field.NewFieldConst(0x541d496344d2c75b),
-	field.NewFieldConst(0xe909678474e687fe),
-	field.NewFieldConst(0xdfe89923f6c9c2ff),
-	field.NewFieldConst(0xece5a71e0cfedc75),
-	field.NewFieldConst(0x5ff98fd5d51fe610),
-	field.NewFieldConst(0x83e8941918964615),
-	field.NewFieldConst(0x5922040b47f150c1),
-	field.NewFieldConst(0xf97d750e3dd94521),
-	field.NewFieldConst(0x5080d4c2b86f56d7),
-	field.NewFieldConst(0xa7de115b56c78d70),
-	field.NewFieldConst(0x6a9242ac87538194),
-	field.NewFieldConst(0xf7856ef7f9173e44),
-	field.NewFieldConst(0x2265fc92feb0dc09),
-	field.NewFieldConst(0x17dfc8e4f7ba8a57),
-	field.NewFieldConst(0x9001a64209f21db8),
-	field.NewFieldConst(0x90004c1371b893c5),
-	field.NewFieldConst(0xb932b7cf752e5545),
-	field.NewFieldConst(0xa0b1df81b6fe59fc),
-	field.NewFieldConst(0x8ef1dd26770af2c2),
-	field.NewFieldConst(0x0541a4f9cfbeed35),
-	field.NewFieldConst(0x9e61106178bfc530),
-	field.NewFieldConst(0xb3767e80935d8af2),
-	field.NewFieldConst(0x0098d5782065af06),
-	field.NewFieldConst(0x31d191cd5c1466c7),
-	field.NewFieldConst(0x410fefafa319ac9d),
-	field.NewFieldConst(0xbdf8f242e316c4ab),
-	field.NewFieldConst(0x9e8cd55b57637ed0),
-	field.NewFieldConst(0xde122bebe9a39368),
-	field.NewFieldConst(0x4d001fd58f002526),
-	field.NewFieldConst(0xca6637000eb4a9f8),
-	field.NewFieldConst(0x2f2339d624f91f78),
-	field.NewFieldConst(0x6d1a7918c80df518),
-	field.NewFieldConst(0xdf9a4939342308e9),
-	field.NewFieldConst(0xebc2151ee6c8398c),
-	field.NewFieldConst(0x03cc2ba8a1116515),
-	field.NewFieldConst(0xd341d037e840cf83),
-	field.NewFieldConst(0x387cb5d25af4afcc),
-	field.NewFieldConst(0xbba2515f22909e87),
-	field.NewFieldConst(0x7248fe7705f38e47),
-	field.NewFieldConst(0x4d61e56a525d225a),
-	field.NewFieldConst(0x262e963c8da05d3d),
-	field.NewFieldConst(0x59e89b094d220ec2),
-	field.NewFieldConst(0x055d5b52b78b9c5e),
-	field.NewFieldConst(0x82b27eb33514ef99),
-	field.NewFieldConst(0xd30094ca96b7ce7b),
-	field.NewFieldConst(0xcf5cb381cd0a1535),
-	field.NewFieldConst(0xfeed4db6919e5a7c),
-	field.NewFieldConst(0x41703f53753be59f),
-	field.NewFieldConst(0x5eeea940fcde8b6f),
-	field.NewFieldConst(0x4cd1f1b175100206),
-	field.NewFieldConst(0x4a20358574454ec0),
-	field.NewFieldConst(0x1478d361dbbf9fac),
-	field.NewFieldConst(0x6f02dc07d141875c),
-	field.NewFieldConst(0x296a202ed8e556a2),
-	field.NewFieldConst(0x2afd67999bf32ee5),
-	field.NewFieldConst(0x7acfd96efa95491d),
-	field.NewFieldConst(0x6798ba0c0abb2c6d),
-	field.NewFieldConst(0x34c6f57b26c92122),
-	field.NewFieldConst(0x5736e1bad206b5de),
-	field.NewFieldConst(0x20057d2a0056521b),
-	field.NewFieldConst(0x3dea5bd5d0578bd7),
-	field.NewFieldConst(0x16e50d897d4634ac),
-	field.NewFieldConst(0x29bff3ecb9b7a6e3),
-	field.NewFieldConst(0x475cd3205a3bdcde),
-	field.NewFieldConst(0x18a42105c31b7e88),
-	field.NewFieldConst(0x023e7414af663068),
-	field.NewFieldConst(0x15147108121967d7),
-	field.NewFieldConst(0xe4a3dff1d7d6fef9),
-	field.NewFieldConst(0x01a8d1a588085737),
-	field.NewFieldConst(0x11b4c74eda62beef),
-	field.NewFieldConst(0xe587cc0d69a73346),
-	field.NewFieldConst(0x1ff7327017aa2a6e),
-	field.NewFieldConst(0x594e29c42473d06b),
-	field.NewFieldConst(0xf6f31db1899b12d5),
-	field.NewFieldConst(0xc02ac5e47312d3ca),
-	field.NewFieldConst(0xe70201e960cb78b8),
-	field.NewFieldConst(0x6f90ff3b6a65f108),
-	field.NewFieldConst(0x42747a7245e7fa84),
-	field.NewFieldConst(0xd1f507e43ab749b2),
-	field.NewFieldConst(0x1c86d265f15750cd),
-	field.NewFieldConst(0x3996ce73dd832c1c),
-	field.NewFieldConst(0x8e7fba02983224bd),
-	field.NewFieldConst(0xba0dec7103255dd4),
-	field.NewFieldConst(0x9e9cbd781628fc5b),
-	field.NewFieldConst(0xdae8645996edd6a5),
-	field.NewFieldConst(0xdebe0853b1a1d378),
-	field.NewFieldConst(0xa49229d24d014343),
-	field.NewFieldConst(0x7be5b9ffda905e1c),
-	field.NewFieldConst(0xa3c95eaec244aa30),
-	field.NewFieldConst(0x0230bca8f4df0544),
-	field.NewFieldConst(0x4135c2bebfe148c6),
-	field.NewFieldConst(0x166fc0cc438a3c72),
-	field.NewFieldConst(0x3762b59a8ae83efa),
-	field.NewFieldConst(0xe8928a4c89114750),
-	field.NewFieldConst(0x2a440b51a4945ee5),
-	field.NewFieldConst(0x80cefd2b7d99ff83),
-	field.NewFieldConst(0xbb9879c6e61fd62a),
-	field.NewFieldConst(0x6e7c8f1a84265034),
-	field.NewFieldConst(0x164bb2de1bbeddc8),
-	field.NewFieldConst(0xf3c12fe54d5c653b),
-	field.NewFieldConst(0x40b9e922ed9771e2),
-	field.NewFieldConst(0x551f5b0fbe7b1840),
-	field.NewFieldConst(0x25032aa7c4cb1811),
-	field.NewFieldConst(0xaaed34074b164346),
-	field.NewFieldConst(0x8ffd96bbf9c9c81d),
-	field.NewFieldConst(0x70fc91eb5937085c),
-	field.NewFieldConst(0x7f795e2a5f915440),
-	field.NewFieldConst(0x4543d9df5476d3cb),
-	field.NewFieldConst(0xf172d73e004fc90d),
-	field.NewFieldConst(0xdfd1c4febcc81238),
-	field.NewFieldConst(0xbc8dfb627fe558fc),
+var ALL_ROUND_CONSTANTS = []frontend.Variable{
+	frontend.Variable(uint64(0xb585f766f2144405)),
+	frontend.Variable(uint64(0x7746a55f43921ad7)),
+	frontend.Variable(uint64(0xb2fb0d31cee799b4)),
+	frontend.Variable(uint64(0x0f6760a4803427d7)),
+	frontend.Variable(uint64(0xe10d666650f4e012)),
+	frontend.Variable(uint64(0x8cae14cb07d09bf1)),
+	frontend.Variable(uint64(0xd438539c95f63e9f)),
+	frontend.Variable(uint64(0xef781c7ce35b4c3d)),
+	frontend.Variable(uint64(0xcdc4a239b0c44426)),
+	frontend.Variable(uint64(0x277fa208bf337bff)),
+	frontend.Variable(uint64(0xe17653a29da578a1)),
+	frontend.Variable(uint64(0xc54302f225db2c76)),
+	frontend.Variable(uint64(0x86287821f722c881)),
+	frontend.Variable(uint64(0x59cd1a8a41c18e55)),
+	frontend.Variable(uint64(0xc3b919ad495dc574)),
+	frontend.Variable(uint64(0xa484c4c5ef6a0781)),
+	frontend.Variable(uint64(0x308bbd23dc5416cc)),
+	frontend.Variable(uint64(0x6e4a40c18f30c09c)),
+	frontend.Variable(uint64(0x9a2eedb70d8f8cfa)),
+	frontend.Variable(uint64(0xe360c6e0ae486f38)),
+	frontend.Variable(uint64(0xd5c7718fbfc647fb)),
+	frontend.Variable(uint64(0xc35eae071903ff0b)),
+	frontend.Variable(uint64(0x849c2656969c4be7)),
+	frontend.Variable(uint64(0xc0572c8c08cbbbad)),
+	frontend.Variable(uint64(0xe9fa634a21de0082)),
+	frontend.Variable(uint64(0xf56f6d48959a600d)),
+	frontend.Variable(uint64(0xf7d713e806391165)),
+	frontend.Variable(uint64(0x8297132b32825daf)),
+	frontend.Variable(uint64(0xad6805e0e30b2c8a)),
+	frontend.Variable(uint64(0xac51d9f5fcf8535e)),
+	frontend.Variable(uint64(0x502ad7dc18c2ad87)),
+	frontend.Variable(uint64(0x57a1550c110b3041)),
+	frontend.Variable(uint64(0x66bbd30e6ce0e583)),
+	frontend.Variable(uint64(0x0da2abef589d644e)),
+	frontend.Variable(uint64(0xf061274fdb150d61)),
+	frontend.Variable(uint64(0x28b8ec3ae9c29633)),
+	frontend.Variable(uint64(0x92a756e67e2b9413)),
+	frontend.Variable(uint64(0x70e741ebfee96586)),
+	frontend.Variable(uint64(0x019d5ee2af82ec1c)),
+	frontend.Variable(uint64(0x6f6f2ed772466352)),
+	frontend.Variable(uint64(0x7cf416cfe7e14ca1)),
+	frontend.Variable(uint64(0x61df517b86a46439)),
+	frontend.Variable(uint64(0x85dc499b11d77b75)),
+	frontend.Variable(uint64(0x4b959b48b9c10733)),
+	frontend.Variable(uint64(0xe8be3e5da8043e57)),
+	frontend.Variable(uint64(0xf5c0bc1de6da8699)),
+	frontend.Variable(uint64(0x40b12cbf09ef74bf)),
+	frontend.Variable(uint64(0xa637093ecb2ad631)),
+	frontend.Variable(uint64(0x3cc3f892184df408)),
+	frontend.Variable(uint64(0x2e479dc157bf31bb)),
+	frontend.Variable(uint64(0x6f49de07a6234346)),
+	frontend.Variable(uint64(0x213ce7bede378d7b)),
+	frontend.Variable(uint64(0x5b0431345d4dea83)),
+	frontend.Variable(uint64(0xa2de45780344d6a1)),
+	frontend.Variable(uint64(0x7103aaf94a7bf308)),
+	frontend.Variable(uint64(0x5326fc0d97279301)),
+	frontend.Variable(uint64(0xa9ceb74fec024747)),
+	frontend.Variable(uint64(0x27f8ec88bb21b1a3)),
+	frontend.Variable(uint64(0xfceb4fda1ded0893)),
+	frontend.Variable(uint64(0xfac6ff1346a41675)),
+	frontend.Variable(uint64(0x7131aa45268d7d8c)),
+	frontend.Variable(uint64(0x9351036095630f9f)),
+	frontend.Variable(uint64(0xad535b24afc26bfb)),
+	frontend.Variable(uint64(0x4627f5c6993e44be)),
+	frontend.Variable(uint64(0x645cf794b8f1cc58)),
+	frontend.Variable(uint64(0x241c70ed0af61617)),
+	frontend.Variable(uint64(0xacb8e076647905f1)),
+	frontend.Variable(uint64(0x3737e9db4c4f474d)),
+	frontend.Variable(uint64(0xe7ea5e33e75fffb6)),
+	frontend.Variable(uint64(0x90dee49fc9bfc23a)),
+	frontend.Variable(uint64(0xd1b1edf76bc09c92)),
+	frontend.Variable(uint64(0x0b65481ba645c602)),
+	frontend.Variable(uint64(0x99ad1aab0814283b)),
+	frontend.Variable(uint64(0x438a7c91d416ca4d)),
+	frontend.Variable(uint64(0xb60de3bcc5ea751c)),
+	frontend.Variable(uint64(0xc99cab6aef6f58bc)),
+	frontend.Variable(uint64(0x69a5ed92a72ee4ff)),
+	frontend.Variable(uint64(0x5e7b329c1ed4ad71)),
+	frontend.Variable(uint64(0x5fc0ac0800144885)),
+	frontend.Variable(uint64(0x32db829239774eca)),
+	frontend.Variable(uint64(0x0ade699c5830f310)),
+	frontend.Variable(uint64(0x7cc5583b10415f21)),
+	frontend.Variable(uint64(0x85df9ed2e166d64f)),
+	frontend.Variable(uint64(0x6604df4fee32bcb1)),
+	frontend.Variable(uint64(0xeb84f608da56ef48)),
+	frontend.Variable(uint64(0xda608834c40e603d)),
+	frontend.Variable(uint64(0x8f97fe408061f183)),
+	frontend.Variable(uint64(0xa93f485c96f37b89)),
+	frontend.Variable(uint64(0x6704e8ee8f18d563)),
+	frontend.Variable(uint64(0xcee3e9ac1e072119)),
+	frontend.Variable(uint64(0x510d0e65e2b470c1)),
+	frontend.Variable(uint64(0xf6323f486b9038f0)),
+	frontend.Variable(uint64(0x0b508cdeffa5ceef)),
+	frontend.Variable(uint64(0xf2417089e4fb3cbd)),
+	frontend.Variable(uint64(0x60e75c2890d15730)),
+	frontend.Variable(uint64(0xa6217d8bf660f29c)),
+	frontend.Variable(uint64(0x7159cd30c3ac118e)),
+	frontend.Variable(uint64(0x839b4e8fafead540)),
+	frontend.Variable(uint64(0x0d3f3e5e82920adc)),
+	frontend.Variable(uint64(0x8f7d83bddee7bba8)),
+	frontend.Variable(uint64(0x780f2243ea071d06)),
+	frontend.Variable(uint64(0xeb915845f3de1634)),
+	frontend.Variable(uint64(0xd19e120d26b6f386)),
+	frontend.Variable(uint64(0x016ee53a7e5fecc6)),
+	frontend.Variable(uint64(0xcb5fd54e7933e477)),
+	frontend.Variable(uint64(0xacb8417879fd449f)),
+	frontend.Variable(uint64(0x9c22190be7f74732)),
+	frontend.Variable(uint64(0x5d693c1ba3ba3621)),
+	frontend.Variable(uint64(0xdcef0797c2b69ec7)),
+	frontend.Variable(uint64(0x3d639263da827b13)),
+	frontend.Variable(uint64(0xe273fd971bc8d0e7)),
+	frontend.Variable(uint64(0x418f02702d227ed5)),
+	frontend.Variable(uint64(0x8c25fda3b503038c)),
+	frontend.Variable(uint64(0x2cbaed4daec8c07c)),
+	frontend.Variable(uint64(0x5f58e6afcdd6ddc2)),
+	frontend.Variable(uint64(0x284650ac5e1b0eba)),
+	frontend.Variable(uint64(0x635b337ee819dab5)),
+	frontend.Variable(uint64(0x9f9a036ed4f2d49f)),
+	frontend.Variable(uint64(0xb93e260cae5c170e)),
+	frontend.Variable(uint64(0xb0a7eae879ddb76d)),
+	frontend.Variable(uint64(0xd0762cbc8ca6570c)),
+	frontend.Variable(uint64(0x34c6efb812b04bf5)),
+	frontend.Variable(uint64(0x40bf0ab5fa14c112)),
+	frontend.Variable(uint64(0xb6b570fc7c5740d3)),
+	frontend.Variable(uint64(0x5a27b9002de33454)),
+	frontend.Variable(uint64(0xb1a5b165b6d2b2d2)),
+	frontend.Variable(uint64(0x8722e0ace9d1be22)),
+	frontend.Variable(uint64(0x788ee3b37e5680fb)),
+	frontend.Variable(uint64(0x14a726661551e284)),
+	frontend.Variable(uint64(0x98b7672f9ef3b419)),
+	frontend.Variable(uint64(0xbb93ae776bb30e3a)),
+	frontend.Variable(uint64(0x28fd3b046380f850)),
+	frontend.Variable(uint64(0x30a4680593258387)),
+	frontend.Variable(uint64(0x337dc00c61bd9ce1)),
+	frontend.Variable(uint64(0xd5eca244c7a4ff1d)),
+	frontend.Variable(uint64(0x7762638264d279bd)),
+	frontend.Variable(uint64(0xc1e434bedeefd767)),
+	frontend.Variable(uint64(0x0299351a53b8ec22)),
+	frontend.Variable(uint64(0xb2d456e4ad251b80)),
+	frontend.Variable(uint64(0x3e9ed1fda49cea0b)),
+	frontend.Variable(uint64(0x2972a92ba450bed8)),
+	frontend.Variable(uint64(0x20216dd77be493de)),
+	frontend.Variable(uint64(0xadffe8cf28449ec6)),
+	frontend.Variable(uint64(0x1c4dbb1c4c27d243)),
+	frontend.Variable(uint64(0x15a16a8a8322d458)),
+	frontend.Variable(uint64(0x388a128b7fd9a609)),
+	frontend.Variable(uint64(0x2300e5d6baedf0fb)),
+	frontend.Variable(uint64(0x2f63aa8647e15104)),
+	frontend.Variable(uint64(0xf1c36ce86ecec269)),
+	frontend.Variable(uint64(0x27181125183970c9)),
+	frontend.Variable(uint64(0xe584029370dca96d)),
+	frontend.Variable(uint64(0x4d9bbc3e02f1cfb2)),
+	frontend.Variable(uint64(0xea35bc29692af6f8)),
+	frontend.Variable(uint64(0x18e21b4beabb4137)),
+	frontend.Variable(uint64(0x1e3b9fc625b554f4)),
+	frontend.Variable(uint64(0x25d64362697828fd)),
+	frontend.Variable(uint64(0x5a3f1bb1c53a9645)),
+	frontend.Variable(uint64(0xdb7f023869fb8d38)),
+	frontend.Variable(uint64(0xb462065911d4e1fc)),
+	frontend.Variable(uint64(0x49c24ae4437d8030)),
+	frontend.Variable(uint64(0xd793862c112b0566)),
+	frontend.Variable(uint64(0xaadd1106730d8feb)),
+	frontend.Variable(uint64(0xc43b6e0e97b0d568)),
+	frontend.Variable(uint64(0xe29024c18ee6fca2)),
+	frontend.Variable(uint64(0x5e50c27535b88c66)),
+	frontend.Variable(uint64(0x10383f20a4ff9a87)),
+	frontend.Variable(uint64(0x38e8ee9d71a45af8)),
+	frontend.Variable(uint64(0xdd5118375bf1a9b9)),
+	frontend.Variable(uint64(0x775005982d74d7f7)),
+	frontend.Variable(uint64(0x86ab99b4dde6c8b0)),
+	frontend.Variable(uint64(0xb1204f603f51c080)),
+	frontend.Variable(uint64(0xef61ac8470250ecf)),
+	frontend.Variable(uint64(0x1bbcd90f132c603f)),
+	frontend.Variable(uint64(0x0cd1dabd964db557)),
+	frontend.Variable(uint64(0x11a3ae5beb9d1ec9)),
+	frontend.Variable(uint64(0xf755bfeea585d11d)),
+	frontend.Variable(uint64(0xa3b83250268ea4d7)),
+	frontend.Variable(uint64(0x516306f4927c93af)),
+	frontend.Variable(uint64(0xddb4ac49c9efa1da)),
+	frontend.Variable(uint64(0x64bb6dec369d4418)),
+	frontend.Variable(uint64(0xf9cc95c22b4c1fcc)),
+	frontend.Variable(uint64(0x08d37f755f4ae9f6)),
+	frontend.Variable(uint64(0xeec49b613478675b)),
+	frontend.Variable(uint64(0xf143933aed25e0b0)),
+	frontend.Variable(uint64(0xe4c5dd8255dfc622)),
+	frontend.Variable(uint64(0xe7ad7756f193198e)),
+	frontend.Variable(uint64(0x92c2318b87fff9cb)),
+	frontend.Variable(uint64(0x739c25f8fd73596d)),
+	frontend.Variable(uint64(0x5636cac9f16dfed0)),
+	frontend.Variable(uint64(0xdd8f909a938e0172)),
+	frontend.Variable(uint64(0xc6401fe115063f5b)),
+	frontend.Variable(uint64(0x8ad97b33f1ac1455)),
+	frontend.Variable(uint64(0x0c49366bb25e8513)),
+	frontend.Variable(uint64(0x0784d3d2f1698309)),
+	frontend.Variable(uint64(0x530fb67ea1809a81)),
+	frontend.Variable(uint64(0x410492299bb01f49)),
+	frontend.Variable(uint64(0x139542347424b9ac)),
+	frontend.Variable(uint64(0x9cb0bd5ea1a1115e)),
+	frontend.Variable(uint64(0x02e3f615c38f49a1)),
+	frontend.Variable(uint64(0x985d4f4a9c5291ef)),
+	frontend.Variable(uint64(0x775b9feafdcd26e7)),
+	frontend.Variable(uint64(0x304265a6384f0f2d)),
+	frontend.Variable(uint64(0x593664c39773012c)),
+	frontend.Variable(uint64(0x4f0a2e5fb028f2ce)),
+	frontend.Variable(uint64(0xdd611f1000c17442)),
+	frontend.Variable(uint64(0xd8185f9adfea4fd0)),
+	frontend.Variable(uint64(0xef87139ca9a3ab1e)),
+	frontend.Variable(uint64(0x3ba71336c34ee133)),
+	frontend.Variable(uint64(0x7d3a455d56b70238)),
+	frontend.Variable(uint64(0x660d32e130182684)),
+	frontend.Variable(uint64(0x297a863f48cd1f43)),
+	frontend.Variable(uint64(0x90e0a736a751ebb7)),
+	frontend.Variable(uint64(0x549f80ce550c4fd3)),
+	frontend.Variable(uint64(0x0f73b2922f38bd64)),
+	frontend.Variable(uint64(0x16bf1f73fb7a9c3f)),
+	frontend.Variable(uint64(0x6d1f5a59005bec17)),
+	frontend.Variable(uint64(0x02ff876fa5ef97c4)),
+	frontend.Variable(uint64(0xc5cb72a2a51159b0)),
+	frontend.Variable(uint64(0x8470f39d2d5c900e)),
+	frontend.Variable(uint64(0x25abb3f1d39fcb76)),
+	frontend.Variable(uint64(0x23eb8cc9b372442f)),
+	frontend.Variable(uint64(0xd687ba55c64f6364)),
+	frontend.Variable(uint64(0xda8d9e90fd8ff158)),
+	frontend.Variable(uint64(0xe3cbdc7d2fe45ea7)),
+	frontend.Variable(uint64(0xb9a8c9b3aee52297)),
+	frontend.Variable(uint64(0xc0d28a5c10960bd3)),
+	frontend.Variable(uint64(0x45d7ac9b68f71a34)),
+	frontend.Variable(uint64(0xeeb76e397069e804)),
+	frontend.Variable(uint64(0x3d06c8bd1514e2d9)),
+	frontend.Variable(uint64(0x9c9c98207cb10767)),
+	frontend.Variable(uint64(0x65700b51aedfb5ef)),
+	frontend.Variable(uint64(0x911f451539869408)),
+	frontend.Variable(uint64(0x7ae6849fbc3a0ec6)),
+	frontend.Variable(uint64(0x3bb340eba06afe7e)),
+	frontend.Variable(uint64(0xb46e9d8b682ea65e)),
+	frontend.Variable(uint64(0x8dcf22f9a3b34356)),
+	frontend.Variable(uint64(0x77bdaeda586257a7)),
+	frontend.Variable(uint64(0xf19e400a5104d20d)),
+	frontend.Variable(uint64(0xc368a348e46d950f)),
+	frontend.Variable(uint64(0x9ef1cd60e679f284)),
+	frontend.Variable(uint64(0xe89cd854d5d01d33)),
+	frontend.Variable(uint64(0x5cd377dc8bb882a2)),
+	frontend.Variable(uint64(0xa7b0fb7883eee860)),
+	frontend.Variable(uint64(0x7684403ec392950d)),
+	frontend.Variable(uint64(0x5fa3f06f4fed3b52)),
+	frontend.Variable(uint64(0x8df57ac11bc04831)),
+	frontend.Variable(uint64(0x2db01efa1e1e1897)),
+	frontend.Variable(uint64(0x54846de4aadb9ca2)),
+	frontend.Variable(uint64(0xba6745385893c784)),
+	frontend.Variable(uint64(0x541d496344d2c75b)),
+	frontend.Variable(uint64(0xe909678474e687fe)),
+	frontend.Variable(uint64(0xdfe89923f6c9c2ff)),
+	frontend.Variable(uint64(0xece5a71e0cfedc75)),
+	frontend.Variable(uint64(0x5ff98fd5d51fe610)),
+	frontend.Variable(uint64(0x83e8941918964615)),
+	frontend.Variable(uint64(0x5922040b47f150c1)),
+	frontend.Variable(uint64(0xf97d750e3dd94521)),
+	frontend.Variable(uint64(0x5080d4c2b86f56d7)),
+	frontend.Variable(uint64(0xa7de115b56c78d70)),
+	frontend.Variable(uint64(0x6a9242ac87538194)),
+	frontend.Variable(uint64(0xf7856ef7f9173e44)),
+	frontend.Variable(uint64(0x2265fc92feb0dc09)),
+	frontend.Variable(uint64(0x17dfc8e4f7ba8a57)),
+	frontend.Variable(uint64(0x9001a64209f21db8)),
+	frontend.Variable(uint64(0x90004c1371b893c5)),
+	frontend.Variable(uint64(0xb932b7cf752e5545)),
+	frontend.Variable(uint64(0xa0b1df81b6fe59fc)),
+	frontend.Variable(uint64(0x8ef1dd26770af2c2)),
+	frontend.Variable(uint64(0x0541a4f9cfbeed35)),
+	frontend.Variable(uint64(0x9e61106178bfc530)),
+	frontend.Variable(uint64(0xb3767e80935d8af2)),
+	frontend.Variable(uint64(0x0098d5782065af06)),
+	frontend.Variable(uint64(0x31d191cd5c1466c7)),
+	frontend.Variable(uint64(0x410fefafa319ac9d)),
+	frontend.Variable(uint64(0xbdf8f242e316c4ab)),
+	frontend.Variable(uint64(0x9e8cd55b57637ed0)),
+	frontend.Variable(uint64(0xde122bebe9a39368)),
+	frontend.Variable(uint64(0x4d001fd58f002526)),
+	frontend.Variable(uint64(0xca6637000eb4a9f8)),
+	frontend.Variable(uint64(0x2f2339d624f91f78)),
+	frontend.Variable(uint64(0x6d1a7918c80df518)),
+	frontend.Variable(uint64(0xdf9a4939342308e9)),
+	frontend.Variable(uint64(0xebc2151ee6c8398c)),
+	frontend.Variable(uint64(0x03cc2ba8a1116515)),
+	frontend.Variable(uint64(0xd341d037e840cf83)),
+	frontend.Variable(uint64(0x387cb5d25af4afcc)),
+	frontend.Variable(uint64(0xbba2515f22909e87)),
+	frontend.Variable(uint64(0x7248fe7705f38e47)),
+	frontend.Variable(uint64(0x4d61e56a525d225a)),
+	frontend.Variable(uint64(0x262e963c8da05d3d)),
+	frontend.Variable(uint64(0x59e89b094d220ec2)),
+	frontend.Variable(uint64(0x055d5b52b78b9c5e)),
+	frontend.Variable(uint64(0x82b27eb33514ef99)),
+	frontend.Variable(uint64(0xd30094ca96b7ce7b)),
+	frontend.Variable(uint64(0xcf5cb381cd0a1535)),
+	frontend.Variable(uint64(0xfeed4db6919e5a7c)),
+	frontend.Variable(uint64(0x41703f53753be59f)),
+	frontend.Variable(uint64(0x5eeea940fcde8b6f)),
+	frontend.Variable(uint64(0x4cd1f1b175100206)),
+	frontend.Variable(uint64(0x4a20358574454ec0)),
+	frontend.Variable(uint64(0x1478d361dbbf9fac)),
+	frontend.Variable(uint64(0x6f02dc07d141875c)),
+	frontend.Variable(uint64(0x296a202ed8e556a2)),
+	frontend.Variable(uint64(0x2afd67999bf32ee5)),
+	frontend.Variable(uint64(0x7acfd96efa95491d)),
+	frontend.Variable(uint64(0x6798ba0c0abb2c6d)),
+	frontend.Variable(uint64(0x34c6f57b26c92122)),
+	frontend.Variable(uint64(0x5736e1bad206b5de)),
+	frontend.Variable(uint64(0x20057d2a0056521b)),
+	frontend.Variable(uint64(0x3dea5bd5d0578bd7)),
+	frontend.Variable(uint64(0x16e50d897d4634ac)),
+	frontend.Variable(uint64(0x29bff3ecb9b7a6e3)),
+	frontend.Variable(uint64(0x475cd3205a3bdcde)),
+	frontend.Variable(uint64(0x18a42105c31b7e88)),
+	frontend.Variable(uint64(0x023e7414af663068)),
+	frontend.Variable(uint64(0x15147108121967d7)),
+	frontend.Variable(uint64(0xe4a3dff1d7d6fef9)),
+	frontend.Variable(uint64(0x01a8d1a588085737)),
+	frontend.Variable(uint64(0x11b4c74eda62beef)),
+	frontend.Variable(uint64(0xe587cc0d69a73346)),
+	frontend.Variable(uint64(0x1ff7327017aa2a6e)),
+	frontend.Variable(uint64(0x594e29c42473d06b)),
+	frontend.Variable(uint64(0xf6f31db1899b12d5)),
+	frontend.Variable(uint64(0xc02ac5e47312d3ca)),
+	frontend.Variable(uint64(0xe70201e960cb78b8)),
+	frontend.Variable(uint64(0x6f90ff3b6a65f108)),
+	frontend.Variable(uint64(0x42747a7245e7fa84)),
+	frontend.Variable(uint64(0xd1f507e43ab749b2)),
+	frontend.Variable(uint64(0x1c86d265f15750cd)),
+	frontend.Variable(uint64(0x3996ce73dd832c1c)),
+	frontend.Variable(uint64(0x8e7fba02983224bd)),
+	frontend.Variable(uint64(0xba0dec7103255dd4)),
+	frontend.Variable(uint64(0x9e9cbd781628fc5b)),
+	frontend.Variable(uint64(0xdae8645996edd6a5)),
+	frontend.Variable(uint64(0xdebe0853b1a1d378)),
+	frontend.Variable(uint64(0xa49229d24d014343)),
+	frontend.Variable(uint64(0x7be5b9ffda905e1c)),
+	frontend.Variable(uint64(0xa3c95eaec244aa30)),
+	frontend.Variable(uint64(0x0230bca8f4df0544)),
+	frontend.Variable(uint64(0x4135c2bebfe148c6)),
+	frontend.Variable(uint64(0x166fc0cc438a3c72)),
+	frontend.Variable(uint64(0x3762b59a8ae83efa)),
+	frontend.Variable(uint64(0xe8928a4c89114750)),
+	frontend.Variable(uint64(0x2a440b51a4945ee5)),
+	frontend.Variable(uint64(0x80cefd2b7d99ff83)),
+	frontend.Variable(uint64(0xbb9879c6e61fd62a)),
+	frontend.Variable(uint64(0x6e7c8f1a84265034)),
+	frontend.Variable(uint64(0x164bb2de1bbeddc8)),
+	frontend.Variable(uint64(0xf3c12fe54d5c653b)),
+	frontend.Variable(uint64(0x40b9e922ed9771e2)),
+	frontend.Variable(uint64(0x551f5b0fbe7b1840)),
+	frontend.Variable(uint64(0x25032aa7c4cb1811)),
+	frontend.Variable(uint64(0xaaed34074b164346)),
+	frontend.Variable(uint64(0x8ffd96bbf9c9c81d)),
+	frontend.Variable(uint64(0x70fc91eb5937085c)),
+	frontend.Variable(uint64(0x7f795e2a5f915440)),
+	frontend.Variable(uint64(0x4543d9df5476d3cb)),
+	frontend.Variable(uint64(0xf172d73e004fc90d)),
+	frontend.Variable(uint64(0xdfd1c4febcc81238)),
+	frontend.Variable(uint64(0xbc8dfb627fe558fc)),
 }
 
-var MDS_MATRIX_CIRC = []field.F{
-	field.NewFieldConst(17),
-	field.NewFieldConst(15),
-	field.NewFieldConst(41),
-	field.NewFieldConst(16),
-	field.NewFieldConst(2),
-	field.NewFieldConst(28),
-	field.NewFieldConst(13),
-	field.NewFieldConst(13),
-	field.NewFieldConst(39),
-	field.NewFieldConst(18),
-	field.NewFieldConst(34),
-	field.NewFieldConst(20),
+var MDS_MATRIX_CIRC = []frontend.Variable{
+	frontend.Variable(uint64(17)),
+	frontend.Variable(uint64(15)),
+	frontend.Variable(uint64(41)),
+	frontend.Variable(uint64(16)),
+	frontend.Variable(uint64(2)),
+	frontend.Variable(uint64(28)),
+	frontend.Variable(uint64(13)),
+	frontend.Variable(uint64(13)),
+	frontend.Variable(uint64(39)),
+	frontend.Variable(uint64(18)),
+	frontend.Variable(uint64(34)),
+	frontend.Variable(uint64(20)),
 }
 
 var MDS_MATRIX_CIRC_VARS = []frontend.Variable{
-	frontend.Variable(17),
-	frontend.Variable(15),
-	frontend.Variable(41),
-	frontend.Variable(16),
-	frontend.Variable(2),
-	frontend.Variable(28),
-	frontend.Variable(13),
-	frontend.Variable(13),
-	frontend.Variable(39),
-	frontend.Variable(18),
-	frontend.Variable(34),
-	frontend.Variable(20),
+	frontend.Variable(uint64(17)),
+	frontend.Variable(uint64(15)),
+	frontend.Variable(uint64(41)),
+	frontend.Variable(uint64(16)),
+	frontend.Variable(uint64(2)),
+	frontend.Variable(uint64(28)),
+	frontend.Variable(uint64(13)),
+	frontend.Variable(uint64(13)),
+	frontend.Variable(uint64(39)),
+	frontend.Variable(uint64(18)),
+	frontend.Variable(uint64(34)),
+	frontend.Variable(uint64(20)),
 }
 
-var MDS_MATRIX_DIAG = []field.F{
-	field.NewFieldConst(8),
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-	field.ZERO_F,
-}
+var ZERO_VAR = frontend.Variable(uint64(0))
 
-var ZERO_VAR = frontend.Variable(0)
+var MDS_MATRIX_DIAG = []frontend.Variable{
+	frontend.Variable(uint64(8)),
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+	ZERO_VAR,
+}
 
 var MDS_MATRIX_DIAG_VARS = []frontend.Variable{
-	frontend.Variable(8),
+	frontend.Variable(uint64(8)),
 	ZERO_VAR,
 	ZERO_VAR,
 	ZERO_VAR,
@@ -430,771 +429,771 @@ var MDS_MATRIX_DIAG_VARS = []frontend.Variable{
 	ZERO_VAR,
 }
 
-var MDS0TO0 = field.NewFieldConst(25)
+var MDS0TO0 = frontend.Variable(uint64(25))
 
-var MDS0TO0_VAR = frontend.Variable(25)
+var MDS0TO0_VAR = frontend.Variable(uint64(25))
 
-var FAST_PARTIAL_FIRST_ROUND_CONSTANT = []field.F{
-	field.NewFieldConst(0x3cc3f892184df408),
-	field.NewFieldConst(0xe993fd841e7e97f1),
-	field.NewFieldConst(0xf2831d3575f0f3af),
-	field.NewFieldConst(0xd2500e0a350994ca),
-	field.NewFieldConst(0xc5571f35d7288633),
-	field.NewFieldConst(0x91d89c5184109a02),
-	field.NewFieldConst(0xf37f925d04e5667b),
-	field.NewFieldConst(0x2d6e448371955a69),
-	field.NewFieldConst(0x740ef19ce01398a1),
-	field.NewFieldConst(0x694d24c0752fdf45),
-	field.NewFieldConst(0x60936af96ee2f148),
-	field.NewFieldConst(0xc33448feadc78f0c),
+var FAST_PARTIAL_FIRST_ROUND_CONSTANT = []frontend.Variable{
+	frontend.Variable(uint64(0x3cc3f892184df408)),
+	frontend.Variable(uint64(0xe993fd841e7e97f1)),
+	frontend.Variable(uint64(0xf2831d3575f0f3af)),
+	frontend.Variable(uint64(0xd2500e0a350994ca)),
+	frontend.Variable(uint64(0xc5571f35d7288633)),
+	frontend.Variable(uint64(0x91d89c5184109a02)),
+	frontend.Variable(uint64(0xf37f925d04e5667b)),
+	frontend.Variable(uint64(0x2d6e448371955a69)),
+	frontend.Variable(uint64(0x740ef19ce01398a1)),
+	frontend.Variable(uint64(0x694d24c0752fdf45)),
+	frontend.Variable(uint64(0x60936af96ee2f148)),
+	frontend.Variable(uint64(0xc33448feadc78f0c)),
 }
 
-var FAST_PARTIAL_ROUND_CONSTANTS = []field.F{
-	field.NewFieldConst(0x74cb2e819ae421ab),
-	field.NewFieldConst(0xd2559d2370e7f663),
-	field.NewFieldConst(0x62bf78acf843d17c),
-	field.NewFieldConst(0xd5ab7b67e14d1fb4),
-	field.NewFieldConst(0xb9fe2ae6e0969bdc),
-	field.NewFieldConst(0xe33fdf79f92a10e8),
-	field.NewFieldConst(0x0ea2bb4c2b25989b),
-	field.NewFieldConst(0xca9121fbf9d38f06),
-	field.NewFieldConst(0xbdd9b0aa81f58fa4),
-	field.NewFieldConst(0x83079fa4ecf20d7e),
-	field.NewFieldConst(0x650b838edfcc4ad3),
-	field.NewFieldConst(0x77180c88583c76ac),
-	field.NewFieldConst(0xaf8c20753143a180),
-	field.NewFieldConst(0xb8ccfe9989a39175),
-	field.NewFieldConst(0x954a1729f60cc9c5),
-	field.NewFieldConst(0xdeb5b550c4dca53b),
-	field.NewFieldConst(0xf01bb0b00f77011e),
-	field.NewFieldConst(0xa1ebb404b676afd9),
-	field.NewFieldConst(0x860b6e1597a0173e),
-	field.NewFieldConst(0x308bb65a036acbce),
-	field.NewFieldConst(0x1aca78f31c97c876),
-	field.NewFieldConst(0x0),
+var FAST_PARTIAL_ROUND_CONSTANTS = []frontend.Variable{
+	frontend.Variable(uint64(0x74cb2e819ae421ab)),
+	frontend.Variable(uint64(0xd2559d2370e7f663)),
+	frontend.Variable(uint64(0x62bf78acf843d17c)),
+	frontend.Variable(uint64(0xd5ab7b67e14d1fb4)),
+	frontend.Variable(uint64(0xb9fe2ae6e0969bdc)),
+	frontend.Variable(uint64(0xe33fdf79f92a10e8)),
+	frontend.Variable(uint64(0x0ea2bb4c2b25989b)),
+	frontend.Variable(uint64(0xca9121fbf9d38f06)),
+	frontend.Variable(uint64(0xbdd9b0aa81f58fa4)),
+	frontend.Variable(uint64(0x83079fa4ecf20d7e)),
+	frontend.Variable(uint64(0x650b838edfcc4ad3)),
+	frontend.Variable(uint64(0x77180c88583c76ac)),
+	frontend.Variable(uint64(0xaf8c20753143a180)),
+	frontend.Variable(uint64(0xb8ccfe9989a39175)),
+	frontend.Variable(uint64(0x954a1729f60cc9c5)),
+	frontend.Variable(uint64(0xdeb5b550c4dca53b)),
+	frontend.Variable(uint64(0xf01bb0b00f77011e)),
+	frontend.Variable(uint64(0xa1ebb404b676afd9)),
+	frontend.Variable(uint64(0x860b6e1597a0173e)),
+	frontend.Variable(uint64(0x308bb65a036acbce)),
+	frontend.Variable(uint64(0x1aca78f31c97c876)),
+	frontend.Variable(uint64(0x0)),
 }
 
-var FAST_PARTIAL_ROUND_VS = [N_PARTIAL_ROUNDS][11]field.F{
-	{
-		field.NewFieldConst(0x94877900674181c3),
-		field.NewFieldConst(0xc6c67cc37a2a2bbd),
-		field.NewFieldConst(0xd667c2055387940f),
-		field.NewFieldConst(0x0ba63a63e94b5ff0),
-		field.NewFieldConst(0x99460cc41b8f079f),
-		field.NewFieldConst(0x7ff02375ed524bb3),
-		field.NewFieldConst(0xea0870b47a8caf0e),
-		field.NewFieldConst(0xabcad82633b7bc9d),
-		field.NewFieldConst(0x3b8d135261052241),
-		field.NewFieldConst(0xfb4515f5e5b0d539),
-		field.NewFieldConst(0x3ee8011c2b37f77c),
-	},
-	{
-		field.NewFieldConst(0x0adef3740e71c726),
-		field.NewFieldConst(0xa37bf67c6f986559),
-		field.NewFieldConst(0xc6b16f7ed4fa1b00),
-		field.NewFieldConst(0x6a065da88d8bfc3c),
-		field.NewFieldConst(0x4cabc0916844b46f),
-		field.NewFieldConst(0x407faac0f02e78d1),
-		field.NewFieldConst(0x07a786d9cf0852cf),
-		field.NewFieldConst(0x42433fb6949a629a),
-		field.NewFieldConst(0x891682a147ce43b0),
-		field.NewFieldConst(0x26cfd58e7b003b55),
-		field.NewFieldConst(0x2bbf0ed7b657acb3),
-	},
-	{
-		field.NewFieldConst(0x481ac7746b159c67),
-		field.NewFieldConst(0xe367de32f108e278),
-		field.NewFieldConst(0x73f260087ad28bec),
-		field.NewFieldConst(0x5cfc82216bc1bdca),
-		field.NewFieldConst(0xcaccc870a2663a0e),
-		field.NewFieldConst(0xdb69cd7b4298c45d),
-		field.NewFieldConst(0x7bc9e0c57243e62d),
-		field.NewFieldConst(0x3cc51c5d368693ae),
-		field.NewFieldConst(0x366b4e8cc068895b),
-		field.NewFieldConst(0x2bd18715cdabbca4),
-		field.NewFieldConst(0xa752061c4f33b8cf),
-	},
-	{
-		field.NewFieldConst(0xb22d2432b72d5098),
-		field.NewFieldConst(0x9e18a487f44d2fe4),
-		field.NewFieldConst(0x4b39e14ce22abd3c),
-		field.NewFieldConst(0x9e77fde2eb315e0d),
-		field.NewFieldConst(0xca5e0385fe67014d),
-		field.NewFieldConst(0x0c2cb99bf1b6bddb),
-		field.NewFieldConst(0x99ec1cd2a4460bfe),
-		field.NewFieldConst(0x8577a815a2ff843f),
-		field.NewFieldConst(0x7d80a6b4fd6518a5),
-		field.NewFieldConst(0xeb6c67123eab62cb),
-		field.NewFieldConst(0x8f7851650eca21a5),
-	},
-	{
-		field.NewFieldConst(0x11ba9a1b81718c2a),
-		field.NewFieldConst(0x9f7d798a3323410c),
-		field.NewFieldConst(0xa821855c8c1cf5e5),
-		field.NewFieldConst(0x535e8d6fac0031b2),
-		field.NewFieldConst(0x404e7c751b634320),
-		field.NewFieldConst(0xa729353f6e55d354),
-		field.NewFieldConst(0x4db97d92e58bb831),
-		field.NewFieldConst(0xb53926c27897bf7d),
-		field.NewFieldConst(0x965040d52fe115c5),
-		field.NewFieldConst(0x9565fa41ebd31fd7),
-		field.NewFieldConst(0xaae4438c877ea8f4),
-	},
-	{
-		field.NewFieldConst(0x37f4e36af6073c6e),
-		field.NewFieldConst(0x4edc0918210800e9),
-		field.NewFieldConst(0xc44998e99eae4188),
-		field.NewFieldConst(0x9f4310d05d068338),
-		field.NewFieldConst(0x9ec7fe4350680f29),
-		field.NewFieldConst(0xc5b2c1fdc0b50874),
-		field.NewFieldConst(0xa01920c5ef8b2ebe),
-		field.NewFieldConst(0x59fa6f8bd91d58ba),
-		field.NewFieldConst(0x8bfc9eb89b515a82),
-		field.NewFieldConst(0xbe86a7a2555ae775),
-		field.NewFieldConst(0xcbb8bbaa3810babf),
-	},
-	{
-		field.NewFieldConst(0x577f9a9e7ee3f9c2),
-		field.NewFieldConst(0x88c522b949ace7b1),
-		field.NewFieldConst(0x82f07007c8b72106),
-		field.NewFieldConst(0x8283d37c6675b50e),
-		field.NewFieldConst(0x98b074d9bbac1123),
-		field.NewFieldConst(0x75c56fb7758317c1),
-		field.NewFieldConst(0xfed24e206052bc72),
-		field.NewFieldConst(0x26d7c3d1bc07dae5),
-		field.NewFieldConst(0xf88c5e441e28dbb4),
-		field.NewFieldConst(0x4fe27f9f96615270),
-		field.NewFieldConst(0x514d4ba49c2b14fe),
-	},
-	{
-		field.NewFieldConst(0xf02a3ac068ee110b),
-		field.NewFieldConst(0x0a3630dafb8ae2d7),
-		field.NewFieldConst(0xce0dc874eaf9b55c),
-		field.NewFieldConst(0x9a95f6cff5b55c7e),
-		field.NewFieldConst(0x626d76abfed00c7b),
-		field.NewFieldConst(0xa0c1cf1251c204ad),
-		field.NewFieldConst(0xdaebd3006321052c),
-		field.NewFieldConst(0x3d4bd48b625a8065),
-		field.NewFieldConst(0x7f1e584e071f6ed2),
-		field.NewFieldConst(0x720574f0501caed3),
-		field.NewFieldConst(0xe3260ba93d23540a),
-	},
-	{
-		field.NewFieldConst(0xab1cbd41d8c1e335),
-		field.NewFieldConst(0x9322ed4c0bc2df01),
-		field.NewFieldConst(0x51c3c0983d4284e5),
-		field.NewFieldConst(0x94178e291145c231),
-		field.NewFieldConst(0xfd0f1a973d6b2085),
-		field.NewFieldConst(0xd427ad96e2b39719),
-		field.NewFieldConst(0x8a52437fecaac06b),
-		field.NewFieldConst(0xdc20ee4b8c4c9a80),
-		field.NewFieldConst(0xa2c98e9549da2100),
-		field.NewFieldConst(0x1603fe12613db5b6),
-		field.NewFieldConst(0x0e174929433c5505),
-	},
-	{
-		field.NewFieldConst(0x3d4eab2b8ef5f796),
-		field.NewFieldConst(0xcfff421583896e22),
-		field.NewFieldConst(0x4143cb32d39ac3d9),
-		field.NewFieldConst(0x22365051b78a5b65),
-		field.NewFieldConst(0x6f7fd010d027c9b6),
-		field.NewFieldConst(0xd9dd36fba77522ab),
-		field.NewFieldConst(0xa44cf1cb33e37165),
-		field.NewFieldConst(0x3fc83d3038c86417),
-		field.NewFieldConst(0xc4588d418e88d270),
-		field.NewFieldConst(0xce1320f10ab80fe2),
-		field.NewFieldConst(0xdb5eadbbec18de5d),
-	},
-	{
-		field.NewFieldConst(0x1183dfce7c454afd),
-		field.NewFieldConst(0x21cea4aa3d3ed949),
-		field.NewFieldConst(0x0fce6f70303f2304),
-		field.NewFieldConst(0x19557d34b55551be),
-		field.NewFieldConst(0x4c56f689afc5bbc9),
-		field.NewFieldConst(0xa1e920844334f944),
-		field.NewFieldConst(0xbad66d423d2ec861),
-		field.NewFieldConst(0xf318c785dc9e0479),
-		field.NewFieldConst(0x99e2032e765ddd81),
-		field.NewFieldConst(0x400ccc9906d66f45),
-		field.NewFieldConst(0xe1197454db2e0dd9),
-	},
-	{
-		field.NewFieldConst(0x84d1ecc4d53d2ff1),
-		field.NewFieldConst(0xd8af8b9ceb4e11b6),
-		field.NewFieldConst(0x335856bb527b52f4),
-		field.NewFieldConst(0xc756f17fb59be595),
-		field.NewFieldConst(0xc0654e4ea5553a78),
-		field.NewFieldConst(0x9e9a46b61f2ea942),
-		field.NewFieldConst(0x14fc8b5b3b809127),
-		field.NewFieldConst(0xd7009f0f103be413),
-		field.NewFieldConst(0x3e0ee7b7a9fb4601),
-		field.NewFieldConst(0xa74e888922085ed7),
-		field.NewFieldConst(0xe80a7cde3d4ac526),
-	},
-	{
-		field.NewFieldConst(0x238aa6daa612186d),
-		field.NewFieldConst(0x9137a5c630bad4b4),
-		field.NewFieldConst(0xc7db3817870c5eda),
-		field.NewFieldConst(0x217e4f04e5718dc9),
-		field.NewFieldConst(0xcae814e2817bd99d),
-		field.NewFieldConst(0xe3292e7ab770a8ba),
-		field.NewFieldConst(0x7bb36ef70b6b9482),
-		field.NewFieldConst(0x3c7835fb85bca2d3),
-		field.NewFieldConst(0xfe2cdf8ee3c25e86),
-		field.NewFieldConst(0x61b3915ad7274b20),
-		field.NewFieldConst(0xeab75ca7c918e4ef),
-	},
-	{
-		field.NewFieldConst(0xd6e15ffc055e154e),
-		field.NewFieldConst(0xec67881f381a32bf),
-		field.NewFieldConst(0xfbb1196092bf409c),
-		field.NewFieldConst(0xdc9d2e07830ba226),
-		field.NewFieldConst(0x0698ef3245ff7988),
-		field.NewFieldConst(0x194fae2974f8b576),
-		field.NewFieldConst(0x7a5d9bea6ca4910e),
-		field.NewFieldConst(0x7aebfea95ccdd1c9),
-		field.NewFieldConst(0xf9bd38a67d5f0e86),
-		field.NewFieldConst(0xfa65539de65492d8),
-		field.NewFieldConst(0xf0dfcbe7653ff787),
-	},
-	{
-		field.NewFieldConst(0x0bd87ad390420258),
-		field.NewFieldConst(0x0ad8617bca9e33c8),
-		field.NewFieldConst(0x0c00ad377a1e2666),
-		field.NewFieldConst(0x0ac6fc58b3f0518f),
-		field.NewFieldConst(0x0c0cc8a892cc4173),
-		field.NewFieldConst(0x0c210accb117bc21),
-		field.NewFieldConst(0x0b73630dbb46ca18),
-		field.NewFieldConst(0x0c8be4920cbd4a54),
-		field.NewFieldConst(0x0bfe877a21be1690),
-		field.NewFieldConst(0x0ae790559b0ded81),
-		field.NewFieldConst(0x0bf50db2f8d6ce31),
-	},
-	{
-		field.NewFieldConst(0x000cf29427ff7c58),
-		field.NewFieldConst(0x000bd9b3cf49eec8),
-		field.NewFieldConst(0x000d1dc8aa81fb26),
-		field.NewFieldConst(0x000bc792d5c394ef),
-		field.NewFieldConst(0x000d2ae0b2266453),
-		field.NewFieldConst(0x000d413f12c496c1),
-		field.NewFieldConst(0x000c84128cfed618),
-		field.NewFieldConst(0x000db5ebd48fc0d4),
-		field.NewFieldConst(0x000d1b77326dcb90),
-		field.NewFieldConst(0x000beb0ccc145421),
-		field.NewFieldConst(0x000d10e5b22b11d1),
-	},
-	{
-		field.NewFieldConst(0x00000e24c99adad8),
-		field.NewFieldConst(0x00000cf389ed4bc8),
-		field.NewFieldConst(0x00000e580cbf6966),
-		field.NewFieldConst(0x00000cde5fd7e04f),
-		field.NewFieldConst(0x00000e63628041b3),
-		field.NewFieldConst(0x00000e7e81a87361),
-		field.NewFieldConst(0x00000dabe78f6d98),
-		field.NewFieldConst(0x00000efb14cac554),
-		field.NewFieldConst(0x00000e5574743b10),
-		field.NewFieldConst(0x00000d05709f42c1),
-		field.NewFieldConst(0x00000e4690c96af1),
-	},
-	{
-		field.NewFieldConst(0x0000000f7157bc98),
-		field.NewFieldConst(0x0000000e3006d948),
-		field.NewFieldConst(0x0000000fa65811e6),
-		field.NewFieldConst(0x0000000e0d127e2f),
-		field.NewFieldConst(0x0000000fc18bfe53),
-		field.NewFieldConst(0x0000000fd002d901),
-		field.NewFieldConst(0x0000000eed6461d8),
-		field.NewFieldConst(0x0000001068562754),
-		field.NewFieldConst(0x0000000fa0236f50),
-		field.NewFieldConst(0x0000000e3af13ee1),
-		field.NewFieldConst(0x0000000fa460f6d1),
-	},
-	{
-		field.NewFieldConst(0x0000000011131738),
-		field.NewFieldConst(0x000000000f56d588),
-		field.NewFieldConst(0x0000000011050f86),
-		field.NewFieldConst(0x000000000f848f4f),
-		field.NewFieldConst(0x00000000111527d3),
-		field.NewFieldConst(0x00000000114369a1),
-		field.NewFieldConst(0x00000000106f2f38),
-		field.NewFieldConst(0x0000000011e2ca94),
-		field.NewFieldConst(0x00000000110a29f0),
-		field.NewFieldConst(0x000000000fa9f5c1),
-		field.NewFieldConst(0x0000000010f625d1),
-	},
-	{
-		field.NewFieldConst(0x000000000011f718),
-		field.NewFieldConst(0x000000000010b6c8),
-		field.NewFieldConst(0x0000000000134a96),
-		field.NewFieldConst(0x000000000010cf7f),
-		field.NewFieldConst(0x0000000000124d03),
-		field.NewFieldConst(0x000000000013f8a1),
-		field.NewFieldConst(0x0000000000117c58),
-		field.NewFieldConst(0x0000000000132c94),
-		field.NewFieldConst(0x0000000000134fc0),
-		field.NewFieldConst(0x000000000010a091),
-		field.NewFieldConst(0x0000000000128961),
-	},
-	{
-		field.NewFieldConst(0x0000000000001300),
-		field.NewFieldConst(0x0000000000001750),
-		field.NewFieldConst(0x000000000000114e),
-		field.NewFieldConst(0x000000000000131f),
-		field.NewFieldConst(0x000000000000167b),
-		field.NewFieldConst(0x0000000000001371),
-		field.NewFieldConst(0x0000000000001230),
-		field.NewFieldConst(0x000000000000182c),
-		field.NewFieldConst(0x0000000000001368),
-		field.NewFieldConst(0x0000000000000f31),
-		field.NewFieldConst(0x00000000000015c9),
-	},
-	{
-		field.NewFieldConst(0x0000000000000014),
-		field.NewFieldConst(0x0000000000000022),
-		field.NewFieldConst(0x0000000000000012),
-		field.NewFieldConst(0x0000000000000027),
-		field.NewFieldConst(0x000000000000000d),
-		field.NewFieldConst(0x000000000000000d),
-		field.NewFieldConst(0x000000000000001c),
-		field.NewFieldConst(0x0000000000000002),
-		field.NewFieldConst(0x0000000000000010),
-		field.NewFieldConst(0x0000000000000029),
-		field.NewFieldConst(0x000000000000000f),
+var FAST_PARTIAL_ROUND_VS = [N_PARTIAL_ROUNDS][11]frontend.Variable{
+	{
+		frontend.Variable(uint64(0x94877900674181c3)),
+		frontend.Variable(uint64(0xc6c67cc37a2a2bbd)),
+		frontend.Variable(uint64(0xd667c2055387940f)),
+		frontend.Variable(uint64(0x0ba63a63e94b5ff0)),
+		frontend.Variable(uint64(0x99460cc41b8f079f)),
+		frontend.Variable(uint64(0x7ff02375ed524bb3)),
+		frontend.Variable(uint64(0xea0870b47a8caf0e)),
+		frontend.Variable(uint64(0xabcad82633b7bc9d)),
+		frontend.Variable(uint64(0x3b8d135261052241)),
+		frontend.Variable(uint64(0xfb4515f5e5b0d539)),
+		frontend.Variable(uint64(0x3ee8011c2b37f77c)),
+	},
+	{
+		frontend.Variable(uint64(0x0adef3740e71c726)),
+		frontend.Variable(uint64(0xa37bf67c6f986559)),
+		frontend.Variable(uint64(0xc6b16f7ed4fa1b00)),
+		frontend.Variable(uint64(0x6a065da88d8bfc3c)),
+		frontend.Variable(uint64(0x4cabc0916844b46f)),
+		frontend.Variable(uint64(0x407faac0f02e78d1)),
+		frontend.Variable(uint64(0x07a786d9cf0852cf)),
+		frontend.Variable(uint64(0x42433fb6949a629a)),
+		frontend.Variable(uint64(0x891682a147ce43b0)),
+		frontend.Variable(uint64(0x26cfd58e7b003b55)),
+		frontend.Variable(uint64(0x2bbf0ed7b657acb3)),
+	},
+	{
+		frontend.Variable(uint64(0x481ac7746b159c67)),
+		frontend.Variable(uint64(0xe367de32f108e278)),
+		frontend.Variable(uint64(0x73f260087ad28bec)),
+		frontend.Variable(uint64(0x5cfc82216bc1bdca)),
+		frontend.Variable(uint64(0xcaccc870a2663a0e)),
+		frontend.Variable(uint64(0xdb69cd7b4298c45d)),
+		frontend.Variable(uint64(0x7bc9e0c57243e62d)),
+		frontend.Variable(uint64(0x3cc51c5d368693ae)),
+		frontend.Variable(uint64(0x366b4e8cc068895b)),
+		frontend.Variable(uint64(0x2bd18715cdabbca4)),
+		frontend.Variable(uint64(0xa752061c4f33b8cf)),
+	},
+	{
+		frontend.Variable(uint64(0xb22d2432b72d5098)),
+		frontend.Variable(uint64(0x9e18a487f44d2fe4)),
+		frontend.Variable(uint64(0x4b39e14ce22abd3c)),
+		frontend.Variable(uint64(0x9e77fde2eb315e0d)),
+		frontend.Variable(uint64(0xca5e0385fe67014d)),
+		frontend.Variable(uint64(0x0c2cb99bf1b6bddb)),
+		frontend.Variable(uint64(0x99ec1cd2a4460bfe)),
+		frontend.Variable(uint64(0x8577a815a2ff843f)),
+		frontend.Variable(uint64(0x7d80a6b4fd6518a5)),
+		frontend.Variable(uint64(0xeb6c67123eab62cb)),
+		frontend.Variable(uint64(0x8f7851650eca21a5)),
+	},
+	{
+		frontend.Variable(uint64(0x11ba9a1b81718c2a)),
+		frontend.Variable(uint64(0x9f7d798a3323410c)),
+		frontend.Variable(uint64(0xa821855c8c1cf5e5)),
+		frontend.Variable(uint64(0x535e8d6fac0031b2)),
+		frontend.Variable(uint64(0x404e7c751b634320)),
+		frontend.Variable(uint64(0xa729353f6e55d354)),
+		frontend.Variable(uint64(0x4db97d92e58bb831)),
+		frontend.Variable(uint64(0xb53926c27897bf7d)),
+		frontend.Variable(uint64(0x965040d52fe115c5)),
+		frontend.Variable(uint64(0x9565fa41ebd31fd7)),
+		frontend.Variable(uint64(0xaae4438c877ea8f4)),
+	},
+	{
+		frontend.Variable(uint64(0x37f4e36af6073c6e)),
+		frontend.Variable(uint64(0x4edc0918210800e9)),
+		frontend.Variable(uint64(0xc44998e99eae4188)),
+		frontend.Variable(uint64(0x9f4310d05d068338)),
+		frontend.Variable(uint64(0x9ec7fe4350680f29)),
+		frontend.Variable(uint64(0xc5b2c1fdc0b50874)),
+		frontend.Variable(uint64(0xa01920c5ef8b2ebe)),
+		frontend.Variable(uint64(0x59fa6f8bd91d58ba)),
+		frontend.Variable(uint64(0x8bfc9eb89b515a82)),
+		frontend.Variable(uint64(0xbe86a7a2555ae775)),
+		frontend.Variable(uint64(0xcbb8bbaa3810babf)),
+	},
+	{
+		frontend.Variable(uint64(0x577f9a9e7ee3f9c2)),
+		frontend.Variable(uint64(0x88c522b949ace7b1)),
+		frontend.Variable(uint64(0x82f07007c8b72106)),
+		frontend.Variable(uint64(0x8283d37c6675b50e)),
+		frontend.Variable(uint64(0x98b074d9bbac1123)),
+		frontend.Variable(uint64(0x75c56fb7758317c1)),
+		frontend.Variable(uint64(0xfed24e206052bc72)),
+		frontend.Variable(uint64(0x26d7c3d1bc07dae5)),
+		frontend.Variable(uint64(0xf88c5e441e28dbb4)),
+		frontend.Variable(uint64(0x4fe27f9f96615270)),
+		frontend.Variable(uint64(0x514d4ba49c2b14fe)),
+	},
+	{
+		frontend.Variable(uint64(0xf02a3ac068ee110b)),
+		frontend.Variable(uint64(0x0a3630dafb8ae2d7)),
+		frontend.Variable(uint64(0xce0dc874eaf9b55c)),
+		frontend.Variable(uint64(0x9a95f6cff5b55c7e)),
+		frontend.Variable(uint64(0x626d76abfed00c7b)),
+		frontend.Variable(uint64(0xa0c1cf1251c204ad)),
+		frontend.Variable(uint64(0xdaebd3006321052c)),
+		frontend.Variable(uint64(0x3d4bd48b625a8065)),
+		frontend.Variable(uint64(0x7f1e584e071f6ed2)),
+		frontend.Variable(uint64(0x720574f0501caed3)),
+		frontend.Variable(uint64(0xe3260ba93d23540a)),
+	},
+	{
+		frontend.Variable(uint64(0xab1cbd41d8c1e335)),
+		frontend.Variable(uint64(0x9322ed4c0bc2df01)),
+		frontend.Variable(uint64(0x51c3c0983d4284e5)),
+		frontend.Variable(uint64(0x94178e291145c231)),
+		frontend.Variable(uint64(0xfd0f1a973d6b2085)),
+		frontend.Variable(uint64(0xd427ad96e2b39719)),
+		frontend.Variable(uint64(0x8a52437fecaac06b)),
+		frontend.Variable(uint64(0xdc20ee4b8c4c9a80)),
+		frontend.Variable(uint64(0xa2c98e9549da2100)),
+		frontend.Variable(uint64(0x1603fe12613db5b6)),
+		frontend.Variable(uint64(0x0e174929433c5505)),
+	},
+	{
+		frontend.Variable(uint64(0x3d4eab2b8ef5f796)),
+		frontend.Variable(uint64(0xcfff421583896e22)),
+		frontend.Variable(uint64(0x4143cb32d39ac3d9)),
+		frontend.Variable(uint64(0x22365051b78a5b65)),
+		frontend.Variable(uint64(0x6f7fd010d027c9b6)),
+		frontend.Variable(uint64(0xd9dd36fba77522ab)),
+		frontend.Variable(uint64(0xa44cf1cb33e37165)),
+		frontend.Variable(uint64(0x3fc83d3038c86417)),
+		frontend.Variable(uint64(0xc4588d418e88d270)),
+		frontend.Variable(uint64(0xce1320f10ab80fe2)),
+		frontend.Variable(uint64(0xdb5eadbbec18de5d)),
+	},
+	{
+		frontend.Variable(uint64(0x1183dfce7c454afd)),
+		frontend.Variable(uint64(0x21cea4aa3d3ed949)),
+		frontend.Variable(uint64(0x0fce6f70303f2304)),
+		frontend.Variable(uint64(0x19557d34b55551be)),
+		frontend.Variable(uint64(0x4c56f689afc5bbc9)),
+		frontend.Variable(uint64(0xa1e920844334f944)),
+		frontend.Variable(uint64(0xbad66d423d2ec861)),
+		frontend.Variable(uint64(0xf318c785dc9e0479)),
+		frontend.Variable(uint64(0x99e2032e765ddd81)),
+		frontend.Variable(uint64(0x400ccc9906d66f45)),
+		frontend.Variable(uint64(0xe1197454db2e0dd9)),
+	},
+	{
+		frontend.Variable(uint64(0x84d1ecc4d53d2ff1)),
+		frontend.Variable(uint64(0xd8af8b9ceb4e11b6)),
+		frontend.Variable(uint64(0x335856bb527b52f4)),
+		frontend.Variable(uint64(0xc756f17fb59be595)),
+		frontend.Variable(uint64(0xc0654e4ea5553a78)),
+		frontend.Variable(uint64(0x9e9a46b61f2ea942)),
+		frontend.Variable(uint64(0x14fc8b5b3b809127)),
+		frontend.Variable(uint64(0xd7009f0f103be413)),
+		frontend.Variable(uint64(0x3e0ee7b7a9fb4601)),
+		frontend.Variable(uint64(0xa74e888922085ed7)),
+		frontend.Variable(uint64(0xe80a7cde3d4ac526)),
+	},
+	{
+		frontend.Variable(uint64(0x238aa6daa612186d)),
+		frontend.Variable(uint64(0x9137a5c630bad4b4)),
+		frontend.Variable(uint64(0xc7db3817870c5eda)),
+		frontend.Variable(uint64(0x217e4f04e5718dc9)),
+		frontend.Variable(uint64(0xcae814e2817bd99d)),
+		frontend.Variable(uint64(0xe3292e7ab770a8ba)),
+		frontend.Variable(uint64(0x7bb36ef70b6b9482)),
+		frontend.Variable(uint64(0x3c7835fb85bca2d3)),
+		frontend.Variable(uint64(0xfe2cdf8ee3c25e86)),
+		frontend.Variable(uint64(0x61b3915ad7274b20)),
+		frontend.Variable(uint64(0xeab75ca7c918e4ef)),
+	},
+	{
+		frontend.Variable(uint64(0xd6e15ffc055e154e)),
+		frontend.Variable(uint64(0xec67881f381a32bf)),
+		frontend.Variable(uint64(0xfbb1196092bf409c)),
+		frontend.Variable(uint64(0xdc9d2e07830ba226)),
+		frontend.Variable(uint64(0x0698ef3245ff7988)),
+		frontend.Variable(uint64(0x194fae2974f8b576)),
+		frontend.Variable(uint64(0x7a5d9bea6ca4910e)),
+		frontend.Variable(uint64(0x7aebfea95ccdd1c9)),
+		frontend.Variable(uint64(0xf9bd38a67d5f0e86)),
+		frontend.Variable(uint64(0xfa65539de65492d8)),
+		frontend.Variable(uint64(0xf0dfcbe7653ff787)),
+	},
+	{
+		frontend.Variable(uint64(0x0bd87ad390420258)),
+		frontend.Variable(uint64(0x0ad8617bca9e33c8)),
+		frontend.Variable(uint64(0x0c00ad377a1e2666)),
+		frontend.Variable(uint64(0x0ac6fc58b3f0518f)),
+		frontend.Variable(uint64(0x0c0cc8a892cc4173)),
+		frontend.Variable(uint64(0x0c210accb117bc21)),
+		frontend.Variable(uint64(0x0b73630dbb46ca18)),
+		frontend.Variable(uint64(0x0c8be4920cbd4a54)),
+		frontend.Variable(uint64(0x0bfe877a21be1690)),
+		frontend.Variable(uint64(0x0ae790559b0ded81)),
+		frontend.Variable(uint64(0x0bf50db2f8d6ce31)),
+	},
+	{
+		frontend.Variable(uint64(0x000cf29427ff7c58)),
+		frontend.Variable(uint64(0x000bd9b3cf49eec8)),
+		frontend.Variable(uint64(0x000d1dc8aa81fb26)),
+		frontend.Variable(uint64(0x000bc792d5c394ef)),
+		frontend.Variable(uint64(0x000d2ae0b2266453)),
+		frontend.Variable(uint64(0x000d413f12c496c1)),
+		frontend.Variable(uint64(0x000c84128cfed618)),
+		frontend.Variable(uint64(0x000db5ebd48fc0d4)),
+		frontend.Variable(uint64(0x000d1b77326dcb90)),
+		frontend.Variable(uint64(0x000beb0ccc145421)),
+		frontend.Variable(uint64(0x000d10e5b22b11d1)),
+	},
+	{
+		frontend.Variable(uint64(0x00000e24c99adad8)),
+		frontend.Variable(uint64(0x00000cf389ed4bc8)),
+		frontend.Variable(uint64(0x00000e580cbf6966)),
+		frontend.Variable(uint64(0x00000cde5fd7e04f)),
+		frontend.Variable(uint64(0x00000e63628041b3)),
+		frontend.Variable(uint64(0x00000e7e81a87361)),
+		frontend.Variable(uint64(0x00000dabe78f6d98)),
+		frontend.Variable(uint64(0x00000efb14cac554)),
+		frontend.Variable(uint64(0x00000e5574743b10)),
+		frontend.Variable(uint64(0x00000d05709f42c1)),
+		frontend.Variable(uint64(0x00000e4690c96af1)),
+	},
+	{
+		frontend.Variable(uint64(0x0000000f7157bc98)),
+		frontend.Variable(uint64(0x0000000e3006d948)),
+		frontend.Variable(uint64(0x0000000fa65811e6)),
+		frontend.Variable(uint64(0x0000000e0d127e2f)),
+		frontend.Variable(uint64(0x0000000fc18bfe53)),
+		frontend.Variable(uint64(0x0000000fd002d901)),
+		frontend.Variable(uint64(0x0000000eed6461d8)),
+		frontend.Variable(uint64(0x0000001068562754)),
+		frontend.Variable(uint64(0x0000000fa0236f50)),
+		frontend.Variable(uint64(0x0000000e3af13ee1)),
+		frontend.Variable(uint64(0x0000000fa460f6d1)),
+	},
+	{
+		frontend.Variable(uint64(0x0000000011131738)),
+		frontend.Variable(uint64(0x000000000f56d588)),
+		frontend.Variable(uint64(0x0000000011050f86)),
+		frontend.Variable(uint64(0x000000000f848f4f)),
+		frontend.Variable(uint64(0x00000000111527d3)),
+		frontend.Variable(uint64(0x00000000114369a1)),
+		frontend.Variable(uint64(0x00000000106f2f38)),
+		frontend.Variable(uint64(0x0000000011e2ca94)),
+		frontend.Variable(uint64(0x00000000110a29f0)),
+		frontend.Variable(uint64(0x000000000fa9f5c1)),
+		frontend.Variable(uint64(0x0000000010f625d1)),
+	},
+	{
+		frontend.Variable(uint64(0x000000000011f718)),
+		frontend.Variable(uint64(0x000000000010b6c8)),
+		frontend.Variable(uint64(0x0000000000134a96)),
+		frontend.Variable(uint64(0x000000000010cf7f)),
+		frontend.Variable(uint64(0x0000000000124d03)),
+		frontend.Variable(uint64(0x000000000013f8a1)),
+		frontend.Variable(uint64(0x0000000000117c58)),
+		frontend.Variable(uint64(0x0000000000132c94)),
+		frontend.Variable(uint64(0x0000000000134fc0)),
+		frontend.Variable(uint64(0x000000000010a091)),
+		frontend.Variable(uint64(0x0000000000128961)),
+	},
+	{
+		frontend.Variable(uint64(0x0000000000001300)),
+		frontend.Variable(uint64(0x0000000000001750)),
+		frontend.Variable(uint64(0x000000000000114e)),
+		frontend.Variable(uint64(0x000000000000131f)),
+		frontend.Variable(uint64(0x000000000000167b)),
+		frontend.Variable(uint64(0x0000000000001371)),
+		frontend.Variable(uint64(0x0000000000001230)),
+		frontend.Variable(uint64(0x000000000000182c)),
+		frontend.Variable(uint64(0x0000000000001368)),
+		frontend.Variable(uint64(0x0000000000000f31)),
+		frontend.Variable(uint64(0x00000000000015c9)),
+	},
+	{
+		frontend.Variable(uint64(0x0000000000000014)),
+		frontend.Variable(uint64(0x0000000000000022)),
+		frontend.Variable(uint64(0x0000000000000012)),
+		frontend.Variable(uint64(0x0000000000000027)),
+		frontend.Variable(uint64(0x000000000000000d)),
+		frontend.Variable(uint64(0x000000000000000d)),
+		frontend.Variable(uint64(0x000000000000001c)),
+		frontend.Variable(uint64(0x0000000000000002)),
+		frontend.Variable(uint64(0x0000000000000010)),
+		frontend.Variable(uint64(0x0000000000000029)),
+		frontend.Variable(uint64(0x000000000000000f)),
 	},
 }
 
-var FAST_PARTIAL_ROUND_W_HATS = [N_PARTIAL_ROUNDS][11]field.F{
-	{
-		field.NewFieldConst(0x3d999c961b7c63b0),
-		field.NewFieldConst(0x814e82efcd172529),
-		field.NewFieldConst(0x2421e5d236704588),
-		field.NewFieldConst(0x887af7d4dd482328),
-		field.NewFieldConst(0xa5e9c291f6119b27),
-		field.NewFieldConst(0xbdc52b2676a4b4aa),
-		field.NewFieldConst(0x64832009d29bcf57),
-		field.NewFieldConst(0x09c4155174a552cc),
-		field.NewFieldConst(0x463f9ee03d290810),
-		field.NewFieldConst(0xc810936e64982542),
-		field.NewFieldConst(0x043b1c289f7bc3ac),
-	},
-	{
-		field.NewFieldConst(0x673655aae8be5a8b),
-		field.NewFieldConst(0xd510fe714f39fa10),
-		field.NewFieldConst(0x2c68a099b51c9e73),
-		field.NewFieldConst(0xa667bfa9aa96999d),
-		field.NewFieldConst(0x4d67e72f063e2108),
-		field.NewFieldConst(0xf84dde3e6acda179),
-		field.NewFieldConst(0x40f9cc8c08f80981),
-		field.NewFieldConst(0x5ead032050097142),
-		field.NewFieldConst(0x6591b02092d671bb),
-		field.NewFieldConst(0x00e18c71963dd1b7),
-		field.NewFieldConst(0x8a21bcd24a14218a),
-	},
-	{
-		field.NewFieldConst(0x202800f4addbdc87),
-		field.NewFieldConst(0xe4b5bdb1cc3504ff),
-		field.NewFieldConst(0xbe32b32a825596e7),
-		field.NewFieldConst(0x8e0f68c5dc223b9a),
-		field.NewFieldConst(0x58022d9e1c256ce3),
-		field.NewFieldConst(0x584d29227aa073ac),
-		field.NewFieldConst(0x8b9352ad04bef9e7),
-		field.NewFieldConst(0xaead42a3f445ecbf),
-		field.NewFieldConst(0x3c667a1d833a3cca),
-		field.NewFieldConst(0xda6f61838efa1ffe),
-		field.NewFieldConst(0xe8f749470bd7c446),
-	},
-	{
-		field.NewFieldConst(0xc5b85bab9e5b3869),
-		field.NewFieldConst(0x45245258aec51cf7),
-		field.NewFieldConst(0x16e6b8e68b931830),
-		field.NewFieldConst(0xe2ae0f051418112c),
-		field.NewFieldConst(0x0470e26a0093a65b),
-		field.NewFieldConst(0x6bef71973a8146ed),
-		field.NewFieldConst(0x119265be51812daf),
-		field.NewFieldConst(0xb0be7356254bea2e),
-		field.NewFieldConst(0x8584defff7589bd7),
-		field.NewFieldConst(0x3c5fe4aeb1fb52ba),
-		field.NewFieldConst(0x9e7cd88acf543a5e),
-	},
-	{
-		field.NewFieldConst(0x179be4bba87f0a8c),
-		field.NewFieldConst(0xacf63d95d8887355),
-		field.NewFieldConst(0x6696670196b0074f),
-		field.NewFieldConst(0xd99ddf1fe75085f9),
-		field.NewFieldConst(0xc2597881fef0283b),
-		field.NewFieldConst(0xcf48395ee6c54f14),
-		field.NewFieldConst(0x15226a8e4cd8d3b6),
-		field.NewFieldConst(0xc053297389af5d3b),
-		field.NewFieldConst(0x2c08893f0d1580e2),
-		field.NewFieldConst(0x0ed3cbcff6fcc5ba),
-		field.NewFieldConst(0xc82f510ecf81f6d0),
-	},
-	{
-		field.NewFieldConst(0x94b06183acb715cc),
-		field.NewFieldConst(0x500392ed0d431137),
-		field.NewFieldConst(0x861cc95ad5c86323),
-		field.NewFieldConst(0x05830a443f86c4ac),
-		field.NewFieldConst(0x3b68225874a20a7c),
-		field.NewFieldConst(0x10b3309838e236fb),
-		field.NewFieldConst(0x9b77fc8bcd559e2c),
-		field.NewFieldConst(0xbdecf5e0cb9cb213),
-		field.NewFieldConst(0x30276f1221ace5fa),
-		field.NewFieldConst(0x7935dd342764a144),
-		field.NewFieldConst(0xeac6db520bb03708),
-	},
-	{
-		field.NewFieldConst(0x7186a80551025f8f),
-		field.NewFieldConst(0x622247557e9b5371),
-		field.NewFieldConst(0xc4cbe326d1ad9742),
-		field.NewFieldConst(0x55f1523ac6a23ea2),
-		field.NewFieldConst(0xa13dfe77a3d52f53),
-		field.NewFieldConst(0xe30750b6301c0452),
-		field.NewFieldConst(0x08bd488070a3a32b),
-		field.NewFieldConst(0xcd800caef5b72ae3),
-		field.NewFieldConst(0x83329c90f04233ce),
-		field.NewFieldConst(0xb5b99e6664a0a3ee),
-		field.NewFieldConst(0x6b0731849e200a7f),
-	},
-	{
-		field.NewFieldConst(0xec3fabc192b01799),
-		field.NewFieldConst(0x382b38cee8ee5375),
-		field.NewFieldConst(0x3bfb6c3f0e616572),
-		field.NewFieldConst(0x514abd0cf6c7bc86),
-		field.NewFieldConst(0x47521b1361dcc546),
-		field.NewFieldConst(0x178093843f863d14),
-		field.NewFieldConst(0xad1003c5d28918e7),
-		field.NewFieldConst(0x738450e42495bc81),
-		field.NewFieldConst(0xaf947c59af5e4047),
-		field.NewFieldConst(0x4653fb0685084ef2),
-		field.NewFieldConst(0x057fde2062ae35bf),
-	},
-	{
-		field.NewFieldConst(0xe376678d843ce55e),
-		field.NewFieldConst(0x66f3860d7514e7fc),
-		field.NewFieldConst(0x7817f3dfff8b4ffa),
-		field.NewFieldConst(0x3929624a9def725b),
-		field.NewFieldConst(0x0126ca37f215a80a),
-		field.NewFieldConst(0xfce2f5d02762a303),
-		field.NewFieldConst(0x1bc927375febbad7),
-		field.NewFieldConst(0x85b481e5243f60bf),
-		field.NewFieldConst(0x2d3c5f42a39c91a0),
-		field.NewFieldConst(0x0811719919351ae8),
-		field.NewFieldConst(0xf669de0add993131),
-	},
-	{
-		field.NewFieldConst(0x7de38bae084da92d),
-		field.NewFieldConst(0x5b848442237e8a9b),
-		field.NewFieldConst(0xf6c705da84d57310),
-		field.NewFieldConst(0x31e6a4bdb6a49017),
-		field.NewFieldConst(0x889489706e5c5c0f),
-		field.NewFieldConst(0x0e4a205459692a1b),
-		field.NewFieldConst(0xbac3fa75ee26f299),
-		field.NewFieldConst(0x5f5894f4057d755e),
-		field.NewFieldConst(0xb0dc3ecd724bb076),
-		field.NewFieldConst(0x5e34d8554a6452ba),
-		field.NewFieldConst(0x04f78fd8c1fdcc5f),
-	},
-	{
-		field.NewFieldConst(0x4dd19c38779512ea),
-		field.NewFieldConst(0xdb79ba02704620e9),
-		field.NewFieldConst(0x92a29a3675a5d2be),
-		field.NewFieldConst(0xd5177029fe495166),
-		field.NewFieldConst(0xd32b3298a13330c1),
-		field.NewFieldConst(0x251c4a3eb2c5f8fd),
-		field.NewFieldConst(0xe1c48b26e0d98825),
-		field.NewFieldConst(0x3301d3362a4ffccb),
-		field.NewFieldConst(0x09bb6c88de8cd178),
-		field.NewFieldConst(0xdc05b676564f538a),
-		field.NewFieldConst(0x60192d883e473fee),
-	},
-	{
-		field.NewFieldConst(0x16b9774801ac44a0),
-		field.NewFieldConst(0x3cb8411e786d3c8e),
-		field.NewFieldConst(0xa86e9cf505072491),
-		field.NewFieldConst(0x0178928152e109ae),
-		field.NewFieldConst(0x5317b905a6e1ab7b),
-		field.NewFieldConst(0xda20b3be7f53d59f),
-		field.NewFieldConst(0xcb97dedecebee9ad),
-		field.NewFieldConst(0x4bd545218c59f58d),
-		field.NewFieldConst(0x77dc8d856c05a44a),
-		field.NewFieldConst(0x87948589e4f243fd),
-		field.NewFieldConst(0x7e5217af969952c2),
-	},
-	{
-		field.NewFieldConst(0xbc58987d06a84e4d),
-		field.NewFieldConst(0x0b5d420244c9cae3),
-		field.NewFieldConst(0xa3c4711b938c02c0),
-		field.NewFieldConst(0x3aace640a3e03990),
-		field.NewFieldConst(0x865a0f3249aacd8a),
-		field.NewFieldConst(0x8d00b2a7dbed06c7),
-		field.NewFieldConst(0x6eacb905beb7e2f8),
-		field.NewFieldConst(0x045322b216ec3ec7),
-		field.NewFieldConst(0xeb9de00d594828e6),
-		field.NewFieldConst(0x088c5f20df9e5c26),
-		field.NewFieldConst(0xf555f4112b19781f),
-	},
-	{
-		field.NewFieldConst(0xa8cedbff1813d3a7),
-		field.NewFieldConst(0x50dcaee0fd27d164),
-		field.NewFieldConst(0xf1cb02417e23bd82),
-		field.NewFieldConst(0xfaf322786e2abe8b),
-		field.NewFieldConst(0x937a4315beb5d9b6),
-		field.NewFieldConst(0x1b18992921a11d85),
-		field.NewFieldConst(0x7d66c4368b3c497b),
-		field.NewFieldConst(0x0e7946317a6b4e99),
-		field.NewFieldConst(0xbe4430134182978b),
-		field.NewFieldConst(0x3771e82493ab262d),
-		field.NewFieldConst(0xa671690d8095ce82),
-	},
-	{
-		field.NewFieldConst(0xb035585f6e929d9d),
-		field.NewFieldConst(0xba1579c7e219b954),
-		field.NewFieldConst(0xcb201cf846db4ba3),
-		field.NewFieldConst(0x287bf9177372cf45),
-		field.NewFieldConst(0xa350e4f61147d0a6),
-		field.NewFieldConst(0xd5d0ecfb50bcff99),
-		field.NewFieldConst(0x2e166aa6c776ed21),
-		field.NewFieldConst(0xe1e66c991990e282),
-		field.NewFieldConst(0x662b329b01e7bb38),
-		field.NewFieldConst(0x8aa674b36144d9a9),
-		field.NewFieldConst(0xcbabf78f97f95e65),
-	},
-	{
-		field.NewFieldConst(0xeec24b15a06b53fe),
-		field.NewFieldConst(0xc8a7aa07c5633533),
-		field.NewFieldConst(0xefe9c6fa4311ad51),
-		field.NewFieldConst(0xb9173f13977109a1),
-		field.NewFieldConst(0x69ce43c9cc94aedc),
-		field.NewFieldConst(0xecf623c9cd118815),
-		field.NewFieldConst(0x28625def198c33c7),
-		field.NewFieldConst(0xccfc5f7de5c3636a),
-		field.NewFieldConst(0xf5e6c40f1621c299),
-		field.NewFieldConst(0xcec0e58c34cb64b1),
-		field.NewFieldConst(0xa868ea113387939f),
-	},
-	{
-		field.NewFieldConst(0xd8dddbdc5ce4ef45),
-		field.NewFieldConst(0xacfc51de8131458c),
-		field.NewFieldConst(0x146bb3c0fe499ac0),
-		field.NewFieldConst(0x9e65309f15943903),
-		field.NewFieldConst(0x80d0ad980773aa70),
-		field.NewFieldConst(0xf97817d4ddbf0607),
-		field.NewFieldConst(0xe4626620a75ba276),
-		field.NewFieldConst(0x0dfdc7fd6fc74f66),
-		field.NewFieldConst(0xf464864ad6f2bb93),
-		field.NewFieldConst(0x02d55e52a5d44414),
-		field.NewFieldConst(0xdd8de62487c40925),
-	},
-	{
-		field.NewFieldConst(0xc15acf44759545a3),
-		field.NewFieldConst(0xcbfdcf39869719d4),
-		field.NewFieldConst(0x33f62042e2f80225),
-		field.NewFieldConst(0x2599c5ead81d8fa3),
-		field.NewFieldConst(0x0b306cb6c1d7c8d0),
-		field.NewFieldConst(0x658c80d3df3729b1),
-		field.NewFieldConst(0xe8d1b2b21b41429c),
-		field.NewFieldConst(0xa1b67f09d4b3ccb8),
-		field.NewFieldConst(0x0e1adf8b84437180),
-		field.NewFieldConst(0x0d593a5e584af47b),
-		field.NewFieldConst(0xa023d94c56e151c7),
-	},
-	{
-		field.NewFieldConst(0x49026cc3a4afc5a6),
-		field.NewFieldConst(0xe06dff00ab25b91b),
-		field.NewFieldConst(0x0ab38c561e8850ff),
-		field.NewFieldConst(0x92c3c8275e105eeb),
-		field.NewFieldConst(0xb65256e546889bd0),
-		field.NewFieldConst(0x3c0468236ea142f6),
-		field.NewFieldConst(0xee61766b889e18f2),
-		field.NewFieldConst(0xa206f41b12c30415),
-		field.NewFieldConst(0x02fe9d756c9f12d1),
-		field.NewFieldConst(0xe9633210630cbf12),
-		field.NewFieldConst(0x1ffea9fe85a0b0b1),
-	},
-	{
-		field.NewFieldConst(0x81d1ae8cc50240f3),
-		field.NewFieldConst(0xf4c77a079a4607d7),
-		field.NewFieldConst(0xed446b2315e3efc1),
-		field.NewFieldConst(0x0b0a6b70915178c3),
-		field.NewFieldConst(0xb11ff3e089f15d9a),
-		field.NewFieldConst(0x1d4dba0b7ae9cc18),
-		field.NewFieldConst(0x65d74e2f43b48d05),
-		field.NewFieldConst(0xa2df8c6b8ae0804a),
-		field.NewFieldConst(0xa4e6f0a8c33348a6),
-		field.NewFieldConst(0xc0a26efc7be5669b),
-		field.NewFieldConst(0xa6b6582c547d0d60),
-	},
-	{
-		field.NewFieldConst(0x84afc741f1c13213),
-		field.NewFieldConst(0x2f8f43734fc906f3),
-		field.NewFieldConst(0xde682d72da0a02d9),
-		field.NewFieldConst(0x0bb005236adb9ef2),
-		field.NewFieldConst(0x5bdf35c10a8b5624),
-		field.NewFieldConst(0x0739a8a343950010),
-		field.NewFieldConst(0x52f515f44785cfbc),
-		field.NewFieldConst(0xcbaf4e5d82856c60),
-		field.NewFieldConst(0xac9ea09074e3e150),
-		field.NewFieldConst(0x8f0fa011a2035fb0),
-		field.NewFieldConst(0x1a37905d8450904a),
-	},
-	{
-		field.NewFieldConst(0x3abeb80def61cc85),
-		field.NewFieldConst(0x9d19c9dd4eac4133),
-		field.NewFieldConst(0x075a652d9641a985),
-		field.NewFieldConst(0x9daf69ae1b67e667),
-		field.NewFieldConst(0x364f71da77920a18),
-		field.NewFieldConst(0x50bd769f745c95b1),
-		field.NewFieldConst(0xf223d1180dbbf3fc),
-		field.NewFieldConst(0x2f885e584e04aa99),
-		field.NewFieldConst(0xb69a0fa70aea684a),
-		field.NewFieldConst(0x09584acaa6e062a0),
-		field.NewFieldConst(0x0bc051640145b19b),
+var FAST_PARTIAL_ROUND_W_HATS = [N_PARTIAL_ROUNDS][11]frontend.Variable{
+	{
+		frontend.Variable(uint64(0x3d999c961b7c63b0)),
+		frontend.Variable(uint64(0x814e82efcd172529)),
+		frontend.Variable(uint64(0x2421e5d236704588)),
+		frontend.Variable(uint64(0x887af7d4dd482328)),
+		frontend.Variable(uint64(0xa5e9c291f6119b27)),
+		frontend.Variable(uint64(0xbdc52b2676a4b4aa)),
+		frontend.Variable(uint64(0x64832009d29bcf57)),
+		frontend.Variable(uint64(0x09c4155174a552cc)),
+		frontend.Variable(uint64(0x463f9ee03d290810)),
+		frontend.Variable(uint64(0xc810936e64982542)),
+		frontend.Variable(uint64(0x043b1c289f7bc3ac)),
+	},
+	{
+		frontend.Variable(uint64(0x673655aae8be5a8b)),
+		frontend.Variable(uint64(0xd510fe714f39fa10)),
+		frontend.Variable(uint64(0x2c68a099b51c9e73)),
+		frontend.Variable(uint64(0xa667bfa9aa96999d)),
+		frontend.Variable(uint64(0x4d67e72f063e2108)),
+		frontend.Variable(uint64(0xf84dde3e6acda179)),
+		frontend.Variable(uint64(0x40f9cc8c08f80981)),
+		frontend.Variable(uint64(0x5ead032050097142)),
+		frontend.Variable(uint64(0x6591b02092d671bb)),
+		frontend.Variable(uint64(0x00e18c71963dd1b7)),
+		frontend.Variable(uint64(0x8a21bcd24a14218a)),
+	},
+	{
+		frontend.Variable(uint64(0x202800f4addbdc87)),
+		frontend.Variable(uint64(0xe4b5bdb1cc3504ff)),
+		frontend.Variable(uint64(0xbe32b32a825596e7)),
+		frontend.Variable(uint64(0x8e0f68c5dc223b9a)),
+		frontend.Variable(uint64(0x58022d9e1c256ce3)),
+		frontend.Variable(uint64(0x584d29227aa073ac)),
+		frontend.Variable(uint64(0x8b9352ad04bef9e7)),
+		frontend.Variable(uint64(0xaead42a3f445ecbf)),
+		frontend.Variable(uint64(0x3c667a1d833a3cca)),
+		frontend.Variable(uint64(0xda6f61838efa1ffe)),
+		frontend.Variable(uint64(0xe8f749470bd7c446)),
+	},
+	{
+		frontend.Variable(uint64(0xc5b85bab9e5b3869)),
+		frontend.Variable(uint64(0x45245258aec51cf7)),
+		frontend.Variable(uint64(0x16e6b8e68b931830)),
+		frontend.Variable(uint64(0xe2ae0f051418112c)),
+		frontend.Variable(uint64(0x0470e26a0093a65b)),
+		frontend.Variable(uint64(0x6bef71973a8146ed)),
+		frontend.Variable(uint64(0x119265be51812daf)),
+		frontend.Variable(uint64(0xb0be7356254bea2e)),
+		frontend.Variable(uint64(0x8584defff7589bd7)),
+		frontend.Variable(uint64(0x3c5fe4aeb1fb52ba)),
+		frontend.Variable(uint64(0x9e7cd88acf543a5e)),
+	},
+	{
+		frontend.Variable(uint64(0x179be4bba87f0a8c)),
+		frontend.Variable(uint64(0xacf63d95d8887355)),
+		frontend.Variable(uint64(0x6696670196b0074f)),
+		frontend.Variable(uint64(0xd99ddf1fe75085f9)),
+		frontend.Variable(uint64(0xc2597881fef0283b)),
+		frontend.Variable(uint64(0xcf48395ee6c54f14)),
+		frontend.Variable(uint64(0x15226a8e4cd8d3b6)),
+		frontend.Variable(uint64(0xc053297389af5d3b)),
+		frontend.Variable(uint64(0x2c08893f0d1580e2)),
+		frontend.Variable(uint64(0x0ed3cbcff6fcc5ba)),
+		frontend.Variable(uint64(0xc82f510ecf81f6d0)),
+	},
+	{
+		frontend.Variable(uint64(0x94b06183acb715cc)),
+		frontend.Variable(uint64(0x500392ed0d431137)),
+		frontend.Variable(uint64(0x861cc95ad5c86323)),
+		frontend.Variable(uint64(0x05830a443f86c4ac)),
+		frontend.Variable(uint64(0x3b68225874a20a7c)),
+		frontend.Variable(uint64(0x10b3309838e236fb)),
+		frontend.Variable(uint64(0x9b77fc8bcd559e2c)),
+		frontend.Variable(uint64(0xbdecf5e0cb9cb213)),
+		frontend.Variable(uint64(0x30276f1221ace5fa)),
+		frontend.Variable(uint64(0x7935dd342764a144)),
+		frontend.Variable(uint64(0xeac6db520bb03708)),
+	},
+	{
+		frontend.Variable(uint64(0x7186a80551025f8f)),
+		frontend.Variable(uint64(0x622247557e9b5371)),
+		frontend.Variable(uint64(0xc4cbe326d1ad9742)),
+		frontend.Variable(uint64(0x55f1523ac6a23ea2)),
+		frontend.Variable(uint64(0xa13dfe77a3d52f53)),
+		frontend.Variable(uint64(0xe30750b6301c0452)),
+		frontend.Variable(uint64(0x08bd488070a3a32b)),
+		frontend.Variable(uint64(0xcd800caef5b72ae3)),
+		frontend.Variable(uint64(0x83329c90f04233ce)),
+		frontend.Variable(uint64(0xb5b99e6664a0a3ee)),
+		frontend.Variable(uint64(0x6b0731849e200a7f)),
+	},
+	{
+		frontend.Variable(uint64(0xec3fabc192b01799)),
+		frontend.Variable(uint64(0x382b38cee8ee5375)),
+		frontend.Variable(uint64(0x3bfb6c3f0e616572)),
+		frontend.Variable(uint64(0x514abd0cf6c7bc86)),
+		frontend.Variable(uint64(0x47521b1361dcc546)),
+		frontend.Variable(uint64(0x178093843f863d14)),
+		frontend.Variable(uint64(0xad1003c5d28918e7)),
+		frontend.Variable(uint64(0x738450e42495bc81)),
+		frontend.Variable(uint64(0xaf947c59af5e4047)),
+		frontend.Variable(uint64(0x4653fb0685084ef2)),
+		frontend.Variable(uint64(0x057fde2062ae35bf)),
+	},
+	{
+		frontend.Variable(uint64(0xe376678d843ce55e)),
+		frontend.Variable(uint64(0x66f3860d7514e7fc)),
+		frontend.Variable(uint64(0x7817f3dfff8b4ffa)),
+		frontend.Variable(uint64(0x3929624a9def725b)),
+		frontend.Variable(uint64(0x0126ca37f215a80a)),
+		frontend.Variable(uint64(0xfce2f5d02762a303)),
+		frontend.Variable(uint64(0x1bc927375febbad7)),
+		frontend.Variable(uint64(0x85b481e5243f60bf)),
+		frontend.Variable(uint64(0x2d3c5f42a39c91a0)),
+		frontend.Variable(uint64(0x0811719919351ae8)),
+		frontend.Variable(uint64(0xf669de0add993131)),
+	},
+	{
+		frontend.Variable(uint64(0x7de38bae084da92d)),
+		frontend.Variable(uint64(0x5b848442237e8a9b)),
+		frontend.Variable(uint64(0xf6c705da84d57310)),
+		frontend.Variable(uint64(0x31e6a4bdb6a49017)),
+		frontend.Variable(uint64(0x889489706e5c5c0f)),
+		frontend.Variable(uint64(0x0e4a205459692a1b)),
+		frontend.Variable(uint64(0xbac3fa75ee26f299)),
+		frontend.Variable(uint64(0x5f5894f4057d755e)),
+		frontend.Variable(uint64(0xb0dc3ecd724bb076)),
+		frontend.Variable(uint64(0x5e34d8554a6452ba)),
+		frontend.Variable(uint64(0x04f78fd8c1fdcc5f)),
+	},
+	{
+		frontend.Variable(uint64(0x4dd19c38779512ea)),
+		frontend.Variable(uint64(0xdb79ba02704620e9)),
+		frontend.Variable(uint64(0x92a29a3675a5d2be)),
+		frontend.Variable(uint64(0xd5177029fe495166)),
+		frontend.Variable(uint64(0xd32b3298a13330c1)),
+		frontend.Variable(uint64(0x251c4a3eb2c5f8fd)),
+		frontend.Variable(uint64(0xe1c48b26e0d98825)),
+		frontend.Variable(uint64(0x3301d3362a4ffccb)),
+		frontend.Variable(uint64(0x09bb6c88de8cd178)),
+		frontend.Variable(uint64(0xdc05b676564f538a)),
+		frontend.Variable(uint64(0x60192d883e473fee)),
+	},
+	{
+		frontend.Variable(uint64(0x16b9774801ac44a0)),
+		frontend.Variable(uint64(0x3cb8411e786d3c8e)),
+		frontend.Variable(uint64(0xa86e9cf505072491)),
+		frontend.Variable(uint64(0x0178928152e109ae)),
+		frontend.Variable(uint64(0x5317b905a6e1ab7b)),
+		frontend.Variable(uint64(0xda20b3be7f53d59f)),
+		frontend.Variable(uint64(0xcb97dedecebee9ad)),
+		frontend.Variable(uint64(0x4bd545218c59f58d)),
+		frontend.Variable(uint64(0x77dc8d856c05a44a)),
+		frontend.Variable(uint64(0x87948589e4f243fd)),
+		frontend.Variable(uint64(0x7e5217af969952c2)),
+	},
+	{
+		frontend.Variable(uint64(0xbc58987d06a84e4d)),
+		frontend.Variable(uint64(0x0b5d420244c9cae3)),
+		frontend.Variable(uint64(0xa3c4711b938c02c0)),
+		frontend.Variable(uint64(0x3aace640a3e03990)),
+		frontend.Variable(uint64(0x865a0f3249aacd8a)),
+		frontend.Variable(uint64(0x8d00b2a7dbed06c7)),
+		frontend.Variable(uint64(0x6eacb905beb7e2f8)),
+		frontend.Variable(uint64(0x045322b216ec3ec7)),
+		frontend.Variable(uint64(0xeb9de00d594828e6)),
+		frontend.Variable(uint64(0x088c5f20df9e5c26)),
+		frontend.Variable(uint64(0xf555f4112b19781f)),
+	},
+	{
+		frontend.Variable(uint64(0xa8cedbff1813d3a7)),
+		frontend.Variable(uint64(0x50dcaee0fd27d164)),
+		frontend.Variable(uint64(0xf1cb02417e23bd82)),
+		frontend.Variable(uint64(0xfaf322786e2abe8b)),
+		frontend.Variable(uint64(0x937a4315beb5d9b6)),
+		frontend.Variable(uint64(0x1b18992921a11d85)),
+		frontend.Variable(uint64(0x7d66c4368b3c497b)),
+		frontend.Variable(uint64(0x0e7946317a6b4e99)),
+		frontend.Variable(uint64(0xbe4430134182978b)),
+		frontend.Variable(uint64(0x3771e82493ab262d)),
+		frontend.Variable(uint64(0xa671690d8095ce82)),
+	},
+	{
+		frontend.Variable(uint64(0xb035585f6e929d9d)),
+		frontend.Variable(uint64(0xba1579c7e219b954)),
+		frontend.Variable(uint64(0xcb201cf846db4ba3)),
+		frontend.Variable(uint64(0x287bf9177372cf45)),
+		frontend.Variable(uint64(0xa350e4f61147d0a6)),
+		frontend.Variable(uint64(0xd5d0ecfb50bcff99)),
+		frontend.Variable(uint64(0x2e166aa6c776ed21)),
+		frontend.Variable(uint64(0xe1e66c991990e282)),
+		frontend.Variable(uint64(0x662b329b01e7bb38)),
+		frontend.Variable(uint64(0x8aa674b36144d9a9)),
+		frontend.Variable(uint64(0xcbabf78f97f95e65)),
+	},
+	{
+		frontend.Variable(uint64(0xeec24b15a06b53fe)),
+		frontend.Variable(uint64(0xc8a7aa07c5633533)),
+		frontend.Variable(uint64(0xefe9c6fa4311ad51)),
+		frontend.Variable(uint64(0xb9173f13977109a1)),
+		frontend.Variable(uint64(0x69ce43c9cc94aedc)),
+		frontend.Variable(uint64(0xecf623c9cd118815)),
+		frontend.Variable(uint64(0x28625def198c33c7)),
+		frontend.Variable(uint64(0xccfc5f7de5c3636a)),
+		frontend.Variable(uint64(0xf5e6c40f1621c299)),
+		frontend.Variable(uint64(0xcec0e58c34cb64b1)),
+		frontend.Variable(uint64(0xa868ea113387939f)),
+	},
+	{
+		frontend.Variable(uint64(0xd8dddbdc5ce4ef45)),
+		frontend.Variable(uint64(0xacfc51de8131458c)),
+		frontend.Variable(uint64(0x146bb3c0fe499ac0)),
+		frontend.Variable(uint64(0x9e65309f15943903)),
+		frontend.Variable(uint64(0x80d0ad980773aa70)),
+		frontend.Variable(uint64(0xf97817d4ddbf0607)),
+		frontend.Variable(uint64(0xe4626620a75ba276)),
+		frontend.Variable(uint64(0x0dfdc7fd6fc74f66)),
+		frontend.Variable(uint64(0xf464864ad6f2bb93)),
+		frontend.Variable(uint64(0x02d55e52a5d44414)),
+		frontend.Variable(uint64(0xdd8de62487c40925)),
+	},
+	{
+		frontend.Variable(uint64(0xc15acf44759545a3)),
+		frontend.Variable(uint64(0xcbfdcf39869719d4)),
+		frontend.Variable(uint64(0x33f62042e2f80225)),
+		frontend.Variable(uint64(0x2599c5ead81d8fa3)),
+		frontend.Variable(uint64(0x0b306cb6c1d7c8d0)),
+		frontend.Variable(uint64(0x658c80d3df3729b1)),
+		frontend.Variable(uint64(0xe8d1b2b21b41429c)),
+		frontend.Variable(uint64(0xa1b67f09d4b3ccb8)),
+		frontend.Variable(uint64(0x0e1adf8b84437180)),
+		frontend.Variable(uint64(0x0d593a5e584af47b)),
+		frontend.Variable(uint64(0xa023d94c56e151c7)),
+	},
+	{
+		frontend.Variable(uint64(0x49026cc3a4afc5a6)),
+		frontend.Variable(uint64(0xe06dff00ab25b91b)),
+		frontend.Variable(uint64(0x0ab38c561e8850ff)),
+		frontend.Variable(uint64(0x92c3c8275e105eeb)),
+		frontend.Variable(uint64(0xb65256e546889bd0)),
+		frontend.Variable(uint64(0x3c0468236ea142f6)),
+		frontend.Variable(uint64(0xee61766b889e18f2)),
+		frontend.Variable(uint64(0xa206f41b12c30415)),
+		frontend.Variable(uint64(0x02fe9d756c9f12d1)),
+		frontend.Variable(uint64(0xe9633210630cbf12)),
+		frontend.Variable(uint64(0x1ffea9fe85a0b0b1)),
+	},
+	{
+		frontend.Variable(uint64(0x81d1ae8cc50240f3)),
+		frontend.Variable(uint64(0xf4c77a079a4607d7)),
+		frontend.Variable(uint64(0xed446b2315e3efc1)),
+		frontend.Variable(uint64(0x0b0a6b70915178c3)),
+		frontend.Variable(uint64(0xb11ff3e089f15d9a)),
+		frontend.Variable(uint64(0x1d4dba0b7ae9cc18)),
+		frontend.Variable(uint64(0x65d74e2f43b48d05)),
+		frontend.Variable(uint64(0xa2df8c6b8ae0804a)),
+		frontend.Variable(uint64(0xa4e6f0a8c33348a6)),
+		frontend.Variable(uint64(0xc0a26efc7be5669b)),
+		frontend.Variable(uint64(0xa6b6582c547d0d60)),
+	},
+	{
+		frontend.Variable(uint64(0x84afc741f1c13213)),
+		frontend.Variable(uint64(0x2f8f43734fc906f3)),
+		frontend.Variable(uint64(0xde682d72da0a02d9)),
+		frontend.Variable(uint64(0x0bb005236adb9ef2)),
+		frontend.Variable(uint64(0x5bdf35c10a8b5624)),
+		frontend.Variable(uint64(0x0739a8a343950010)),
+		frontend.Variable(uint64(0x52f515f44785cfbc)),
+		frontend.Variable(uint64(0xcbaf4e5d82856c60)),
+		frontend.Variable(uint64(0xac9ea09074e3e150)),
+		frontend.Variable(uint64(0x8f0fa011a2035fb0)),
+		frontend.Variable(uint64(0x1a37905d8450904a)),
+	},
+	{
+		frontend.Variable(uint64(0x3abeb80def61cc85)),
+		frontend.Variable(uint64(0x9d19c9dd4eac4133)),
+		frontend.Variable(uint64(0x075a652d9641a985)),
+		frontend.Variable(uint64(0x9daf69ae1b67e667)),
+		frontend.Variable(uint64(0x364f71da77920a18)),
+		frontend.Variable(uint64(0x50bd769f745c95b1)),
+		frontend.Variable(uint64(0xf223d1180dbbf3fc)),
+		frontend.Variable(uint64(0x2f885e584e04aa99)),
+		frontend.Variable(uint64(0xb69a0fa70aea684a)),
+		frontend.Variable(uint64(0x09584acaa6e062a0)),
+		frontend.Variable(uint64(0x0bc051640145b19b)),
 	},
 }
 
-var FAST_PARTIAL_ROUND_INITIAL_MATRIX = [N_PARTIAL_ROUNDS][11]field.F{
-	{
-		field.NewFieldConst(0x80772dc2645b280b),
-		field.NewFieldConst(0xdc927721da922cf8),
-		field.NewFieldConst(0xc1978156516879ad),
-		field.NewFieldConst(0x90e80c591f48b603),
-		field.NewFieldConst(0x3a2432625475e3ae),
-		field.NewFieldConst(0x00a2d4321cca94fe),
-		field.NewFieldConst(0x77736f524010c932),
-		field.NewFieldConst(0x904d3f2804a36c54),
-		field.NewFieldConst(0xbf9b39e28a16f354),
-		field.NewFieldConst(0x3a1ded54a6cd058b),
-		field.NewFieldConst(0x42392870da5737cf),
-	},
-	{
-		field.NewFieldConst(0xe796d293a47a64cb),
-		field.NewFieldConst(0xb124c33152a2421a),
-		field.NewFieldConst(0x0ee5dc0ce131268a),
-		field.NewFieldConst(0xa9032a52f930fae6),
-		field.NewFieldConst(0x7e33ca8c814280de),
-		field.NewFieldConst(0xad11180f69a8c29e),
-		field.NewFieldConst(0xc75ac6d5b5a10ff3),
-		field.NewFieldConst(0xf0674a8dc5a387ec),
-		field.NewFieldConst(0xb36d43120eaa5e2b),
-		field.NewFieldConst(0x6f232aab4b533a25),
-		field.NewFieldConst(0x3a1ded54a6cd058b),
-	},
-	{
-		field.NewFieldConst(0xdcedab70f40718ba),
-		field.NewFieldConst(0x14a4a64da0b2668f),
-		field.NewFieldConst(0x4715b8e5ab34653b),
-		field.NewFieldConst(0x1e8916a99c93a88e),
-		field.NewFieldConst(0xbba4b5d86b9a3b2c),
-		field.NewFieldConst(0xe76649f9bd5d5c2e),
-		field.NewFieldConst(0xaf8e2518a1ece54d),
-		field.NewFieldConst(0xdcda1344cdca873f),
-		field.NewFieldConst(0xcd080204256088e5),
-		field.NewFieldConst(0xb36d43120eaa5e2b),
-		field.NewFieldConst(0xbf9b39e28a16f354),
-	},
-	{
-		field.NewFieldConst(0xf4a437f2888ae909),
-		field.NewFieldConst(0xc537d44dc2875403),
-		field.NewFieldConst(0x7f68007619fd8ba9),
-		field.NewFieldConst(0xa4911db6a32612da),
-		field.NewFieldConst(0x2f7e9aade3fdaec1),
-		field.NewFieldConst(0xe7ffd578da4ea43d),
-		field.NewFieldConst(0x43a608e7afa6b5c2),
-		field.NewFieldConst(0xca46546aa99e1575),
-		field.NewFieldConst(0xdcda1344cdca873f),
-		field.NewFieldConst(0xf0674a8dc5a387ec),
-		field.NewFieldConst(0x904d3f2804a36c54),
-	},
-	{
-		field.NewFieldConst(0xf97abba0dffb6c50),
-		field.NewFieldConst(0x5e40f0c9bb82aab5),
-		field.NewFieldConst(0x5996a80497e24a6b),
-		field.NewFieldConst(0x07084430a7307c9a),
-		field.NewFieldConst(0xad2f570a5b8545aa),
-		field.NewFieldConst(0xab7f81fef4274770),
-		field.NewFieldConst(0xcb81f535cf98c9e9),
-		field.NewFieldConst(0x43a608e7afa6b5c2),
-		field.NewFieldConst(0xaf8e2518a1ece54d),
-		field.NewFieldConst(0xc75ac6d5b5a10ff3),
-		field.NewFieldConst(0x77736f524010c932),
-	},
-	{
-		field.NewFieldConst(0x7f8e41e0b0a6cdff),
-		field.NewFieldConst(0x4b1ba8d40afca97d),
-		field.NewFieldConst(0x623708f28fca70e8),
-		field.NewFieldConst(0xbf150dc4914d380f),
-		field.NewFieldConst(0xc26a083554767106),
-		field.NewFieldConst(0x753b8b1126665c22),
-		field.NewFieldConst(0xab7f81fef4274770),
-		field.NewFieldConst(0xe7ffd578da4ea43d),
-		field.NewFieldConst(0xe76649f9bd5d5c2e),
-		field.NewFieldConst(0xad11180f69a8c29e),
-		field.NewFieldConst(0x00a2d4321cca94fe),
-	},
-	{
-		field.NewFieldConst(0x726af914971c1374),
-		field.NewFieldConst(0x1d7f8a2cce1a9d00),
-		field.NewFieldConst(0x18737784700c75cd),
-		field.NewFieldConst(0x7fb45d605dd82838),
-		field.NewFieldConst(0x862361aeab0f9b6e),
-		field.NewFieldConst(0xc26a083554767106),
-		field.NewFieldConst(0xad2f570a5b8545aa),
-		field.NewFieldConst(0x2f7e9aade3fdaec1),
-		field.NewFieldConst(0xbba4b5d86b9a3b2c),
-		field.NewFieldConst(0x7e33ca8c814280de),
-		field.NewFieldConst(0x3a2432625475e3ae),
-	},
-	{
-		field.NewFieldConst(0x64dd936da878404d),
-		field.NewFieldConst(0x4db9a2ead2bd7262),
-		field.NewFieldConst(0xbe2e19f6d07f1a83),
-		field.NewFieldConst(0x02290fe23c20351a),
-		field.NewFieldConst(0x7fb45d605dd82838),
-		field.NewFieldConst(0xbf150dc4914d380f),
-		field.NewFieldConst(0x07084430a7307c9a),
-		field.NewFieldConst(0xa4911db6a32612da),
-		field.NewFieldConst(0x1e8916a99c93a88e),
-		field.NewFieldConst(0xa9032a52f930fae6),
-		field.NewFieldConst(0x90e80c591f48b603),
-	},
-	{
-		field.NewFieldConst(0x85418a9fef8a9890),
-		field.NewFieldConst(0xd8a2eb7ef5e707ad),
-		field.NewFieldConst(0xbfe85ababed2d882),
-		field.NewFieldConst(0xbe2e19f6d07f1a83),
-		field.NewFieldConst(0x18737784700c75cd),
-		field.NewFieldConst(0x623708f28fca70e8),
-		field.NewFieldConst(0x5996a80497e24a6b),
-		field.NewFieldConst(0x7f68007619fd8ba9),
-		field.NewFieldConst(0x4715b8e5ab34653b),
-		field.NewFieldConst(0x0ee5dc0ce131268a),
-		field.NewFieldConst(0xc1978156516879ad),
-	},
-	{
-		field.NewFieldConst(0x156048ee7a738154),
-		field.NewFieldConst(0x91f7562377e81df5),
-		field.NewFieldConst(0xd8a2eb7ef5e707ad),
-		field.NewFieldConst(0x4db9a2ead2bd7262),
-		field.NewFieldConst(0x1d7f8a2cce1a9d00),
-		field.NewFieldConst(0x4b1ba8d40afca97d),
-		field.NewFieldConst(0x5e40f0c9bb82aab5),
-		field.NewFieldConst(0xc537d44dc2875403),
-		field.NewFieldConst(0x14a4a64da0b2668f),
-		field.NewFieldConst(0xb124c33152a2421a),
-		field.NewFieldConst(0xdc927721da922cf8),
-	},
-	{
-		field.NewFieldConst(0xd841e8ef9dde8ba0),
-		field.NewFieldConst(0x156048ee7a738154),
-		field.NewFieldConst(0x85418a9fef8a9890),
-		field.NewFieldConst(0x64dd936da878404d),
-		field.NewFieldConst(0x726af914971c1374),
-		field.NewFieldConst(0x7f8e41e0b0a6cdff),
-		field.NewFieldConst(0xf97abba0dffb6c50),
-		field.NewFieldConst(0xf4a437f2888ae909),
-		field.NewFieldConst(0xdcedab70f40718ba),
-		field.NewFieldConst(0xe796d293a47a64cb),
-		field.NewFieldConst(0x80772dc2645b280b),
+var FAST_PARTIAL_ROUND_INITIAL_MATRIX = [N_PARTIAL_ROUNDS][11]frontend.Variable{
+	{
+		frontend.Variable(uint64(0x80772dc2645b280b)),
+		frontend.Variable(uint64(0xdc927721da922cf8)),
+		frontend.Variable(uint64(0xc1978156516879ad)),
+		frontend.Variable(uint64(0x90e80c591f48b603)),
+		frontend.Variable(uint64(0x3a2432625475e3ae)),
+		frontend.Variable(uint64(0x00a2d4321cca94fe)),
+		frontend.Variable(uint64(0x77736f524010c932)),
+		frontend.Variable(uint64(0x904d3f2804a36c54)),
+		frontend.Variable(uint64(0xbf9b39e28a16f354)),
+		frontend.Variable(uint64(0x3a1ded54a6cd058b)),
+		frontend.Variable(uint64(0x42392870da5737cf)),
+	},
+	{
+		frontend.Variable(uint64(0xe796d293a47a64cb)),
+		frontend.Variable(uint64(0xb124c33152a2421a)),
+		frontend.Variable(uint64(0x0ee5dc0ce131268a)),
+		frontend.Variable(uint64(0xa9032a52f930fae6)),
+		frontend.Variable(uint64(0x7e33ca8c814280de)),
+		frontend.Variable(uint64(0xad11180f69a8c29e)),
+		frontend.Variable(uint64(0xc75ac6d5b5a10ff3)),
+		frontend.Variable(uint64(0xf0674a8dc5a387ec)),
+		frontend.Variable(uint64(0xb36d43120eaa5e2b)),
+		frontend.Variable(uint64(0x6f232aab4b533a25)),
+		frontend.Variable(uint64(0x3a1ded54a6cd058b)),
+	},
+	{
+		frontend.Variable(uint64(0xdcedab70f40718ba)),
+		frontend.Variable(uint64(0x14a4a64da0b2668f)),
+		frontend.Variable(uint64(0x4715b8e5ab34653b)),
+		frontend.Variable(uint64(0x1e8916a99c93a88e)),
+		frontend.Variable(uint64(0xbba4b5d86b9a3b2c)),
+		frontend.Variable(uint64(0xe76649f9bd5d5c2e)),
+		frontend.Variable(uint64(0xaf8e2518a1ece54d)),
+		frontend.Variable(uint64(0xdcda1344cdca873f)),
+		frontend.Variable(uint64(0xcd080204256088e5)),
+		frontend.Variable(uint64(0xb36d43120eaa5e2b)),
+		frontend.Variable(uint64(0xbf9b39e28a16f354)),
+	},
+	{
+		frontend.Variable(uint64(0xf4a437f2888ae909)),
+		frontend.Variable(uint64(0xc537d44dc2875403)),
+		frontend.Variable(uint64(0x7f68007619fd8ba9)),
+		frontend.Variable(uint64(0xa4911db6a32612da)),
+		frontend.Variable(uint64(0x2f7e9aade3fdaec1)),
+		frontend.Variable(uint64(0xe7ffd578da4ea43d)),
+		frontend.Variable(uint64(0x43a608e7afa6b5c2)),
+		frontend.Variable(uint64(0xca46546aa99e1575)),
+		frontend.Variable(uint64(0xdcda1344cdca873f)),
+		frontend.Variable(uint64(0xf0674a8dc5a387ec)),
+		frontend.Variable(uint64(0x904d3f2804a36c54)),
+	},
+	{
+		frontend.Variable(uint64(0xf97abba0dffb6c50)),
+		frontend.Variable(uint64(0x5e40f0c9bb82aab5)),
+		frontend.Variable(uint64(0x5996a80497e24a6b)),
+		frontend.Variable(uint64(0x07084430a7307c9a)),
+		frontend.Variable(uint64(0xad2f570a5b8545aa)),
+		frontend.Variable(uint64(0xab7f81fef4274770)),
+		frontend.Variable(uint64(0xcb81f535cf98c9e9)),
+		frontend.Variable(uint64(0x43a608e7afa6b5c2)),
+		frontend.Variable(uint64(0xaf8e2518a1ece54d)),
+		frontend.Variable(uint64(0xc75ac6d5b5a10ff3)),
+		frontend.Variable(uint64(0x77736f524010c932)),
+	},
+	{
+		frontend.Variable(uint64(0x7f8e41e0b0a6cdff)),
+		frontend.Variable(uint64(0x4b1ba8d40afca97d)),
+		frontend.Variable(uint64(0x623708f28fca70e8)),
+		frontend.Variable(uint64(0xbf150dc4914d380f)),
+		frontend.Variable(uint64(0xc26a083554767106)),
+		frontend.Variable(uint64(0x753b8b1126665c22)),
+		frontend.Variable(uint64(0xab7f81fef4274770)),
+		frontend.Variable(uint64(0xe7ffd578da4ea43d)),
+		frontend.Variable(uint64(0xe76649f9bd5d5c2e)),
+		frontend.Variable(uint64(0xad11180f69a8c29e)),
+		frontend.Variable(uint64(0x00a2d4321cca94fe)),
+	},
+	{
+		frontend.Variable(uint64(0x726af914971c1374)),
+		frontend.Variable(uint64(0x1d7f8a2cce1a9d00)),
+		frontend.Variable(uint64(0x18737784700c75cd)),
+		frontend.Variable(uint64(0x7fb45d605dd82838)),
+		frontend.Variable(uint64(0x862361aeab0f9b6e)),
+		frontend.Variable(uint64(0xc26a083554767106)),
+		frontend.Variable(uint64(0xad2f570a5b8545aa)),
+		frontend.Variable(uint64(0x2f7e9aade3fdaec1)),
+		frontend.Variable(uint64(0xbba4b5d86b9a3b2c)),
+		frontend.Variable(uint64(0x7e33ca8c814280de)),
+		frontend.Variable(uint64(0x3a2432625475e3ae)),
+	},
+	{
+		frontend.Variable(uint64(0x64dd936da878404d)),
+		frontend.Variable(uint64(0x4db9a2ead2bd7262)),
+		frontend.Variable(uint64(0xbe2e19f6d07f1a83)),
+		frontend.Variable(uint64(0x02290fe23c20351a)),
+		frontend.Variable(uint64(0x7fb45d605dd82838)),
+		frontend.Variable(uint64(0xbf150dc4914d380f)),
+		frontend.Variable(uint64(0x07084430a7307c9a)),
+		frontend.Variable(uint64(0xa4911db6a32612da)),
+		frontend.Variable(uint64(0x1e8916a99c93a88e)),
+		frontend.Variable(uint64(0xa9032a52f930fae6)),
+		frontend.Variable(uint64(0x90e80c591f48b603)),
+	},
+	{
+		frontend.Variable(uint64(0x85418a9fef8a9890)),
+		frontend.Variable(uint64(0xd8a2eb7ef5e707ad)),
+		frontend.Variable(uint64(0xbfe85ababed2d882)),
+		frontend.Variable(uint64(0xbe2e19f6d07f1a83)),
+		frontend.Variable(uint64(0x18737784700c75cd)),
+		frontend.Variable(uint64(0x623708f28fca70e8)),
+		frontend.Variable(uint64(0x5996a80497e24a6b)),
+		frontend.Variable(uint64(0x7f68007619fd8ba9)),
+		frontend.Variable(uint64(0x4715b8e5ab34653b)),
+		frontend.Variable(uint64(0x0ee5dc0ce131268a)),
+		frontend.Variable(uint64(0xc1978156516879ad)),
+	},
+	{
+		frontend.Variable(uint64(0x156048ee7a738154)),
+		frontend.Variable(uint64(0x91f7562377e81df5)),
+		frontend.Variable(uint64(0xd8a2eb7ef5e707ad)),
+		frontend.Variable(uint64(0x4db9a2ead2bd7262)),
+		frontend.Variable(uint64(0x1d7f8a2cce1a9d00)),
+		frontend.Variable(uint64(0x4b1ba8d40afca97d)),
+		frontend.Variable(uint64(0x5e40f0c9bb82aab5)),
+		frontend.Variable(uint64(0xc537d44dc2875403)),
+		frontend.Variable(uint64(0x14a4a64da0b2668f)),
+		frontend.Variable(uint64(0xb124c33152a2421a)),
+		frontend.Variable(uint64(0xdc927721da922cf8)),
+	},
+	{
+		frontend.Variable(uint64(0xd841e8ef9dde8ba0)),
+		frontend.Variable(uint64(0x156048ee7a738154)),
+		frontend.Variable(uint64(0x85418a9fef8a9890)),
+		frontend.Variable(uint64(0x64dd936da878404d)),
+		frontend.Variable(uint64(0x726af914971c1374)),
+		frontend.Variable(uint64(0x7f8e41e0b0a6cdff)),
+		frontend.Variable(uint64(0xf97abba0dffb6c50)),
+		frontend.Variable(uint64(0xf4a437f2888ae909)),
+		frontend.Variable(uint64(0xdcedab70f40718ba)),
+		frontend.Variable(uint64(0xe796d293a47a64cb)),
+		frontend.Variable(uint64(0x80772dc2645b280b)),
 	},
 }
 
diff --git a/poseidon/poseidon_test.go b/poseidon/poseidon_test.go
index 6617fed..3825f7e 100644
--- a/poseidon/poseidon_test.go
+++ b/poseidon/poseidon_test.go
@@ -22,17 +22,14 @@ func (circuit *TestPoseidonCircuit) Define(api frontend.API) error {
 
 	var input PoseidonState
 	for i := 0; i < 12; i++ {
-		input[i] = goldilocksApi.FromBits(api.ToBinary(circuit.In[i], 64)...)
+		input[i] = circuit.In[i]
 	}
 
 	poseidonChip := NewPoseidonChip(api, goldilocksApi, qeAPI)
 	output := poseidonChip.Poseidon(input)
 
 	for i := 0; i < 12; i++ {
-		goldilocksApi.AssertIsEqual(
-			output[i],
-			goldilocksApi.FromBits(api.ToBinary(circuit.Out[i])...),
-		)
+		api.AssertIsEqual(output[i], circuit.Out[i])
 	}
 
 	return nil
diff --git a/verifier/internal/gates/poseidon_gate.go b/verifier/internal/gates/poseidon_gate.go
index 0b5b901..9238c4e 100644
--- a/verifier/internal/gates/poseidon_gate.go
+++ b/verifier/internal/gates/poseidon_gate.go
@@ -147,7 +147,7 @@ func (g *PoseidonGate) EvalUnfiltered(api frontend.API, qeAPI *field.QuadraticEx
 		sBoxIn := vars.localWires[g.WirePartialSBox(r)]
 		constraints = append(constraints, qeAPI.SubExtension(state[0], sBoxIn))
 		state[0] = poseidonChip.SBoxMonomialExtension(sBoxIn)
-		state[0] = qeAPI.AddExtension(state[0], qeAPI.FieldToQE(poseidon.FAST_PARTIAL_ROUND_CONSTANTS[r]))
+		state[0] = qeAPI.AddExtension(state[0], qeAPI.VarToQE(poseidon.FAST_PARTIAL_ROUND_CONSTANTS[r]))
 		state = poseidonChip.MdsPartialLayerFastExtension(state, int(r))
 	}
 	sBoxIn := vars.localWires[g.WirePartialSBox(poseidon.N_PARTIAL_ROUNDS-1)]
diff --git a/verifier/internal/gates/poseidon_mds_gate.go b/verifier/internal/gates/poseidon_mds_gate.go
index 49540b2..39ab230 100644
--- a/verifier/internal/gates/poseidon_mds_gate.go
+++ b/verifier/internal/gates/poseidon_mds_gate.go
@@ -47,11 +47,11 @@ func (g *PoseidonMdsGate) mdsRowShfAlgebra(r uint64, v [poseidon.SPONGE_WIDTH]fi
 
 	res := qeAPI.ZERO_QE_ALGEBRA
 	for i := uint64(0); i < poseidon.SPONGE_WIDTH; i++ {
-		coeff := qeAPI.FieldToQE(poseidon.MDS_MATRIX_CIRC[i])
+		coeff := qeAPI.VarToQE(poseidon.MDS_MATRIX_CIRC[i])
 		res = qeAPI.AddExtensionAlgebra(res, qeAPI.ScalarMulExtensionAlgebra(coeff, v[(i+r)%poseidon.SPONGE_WIDTH]))
 	}
 
-	coeff := qeAPI.FieldToQE(poseidon.MDS_MATRIX_DIAG[r])
+	coeff := qeAPI.VarToQE(poseidon.MDS_MATRIX_DIAG[r])
 	res = qeAPI.AddExtensionAlgebra(res, qeAPI.ScalarMulExtensionAlgebra(coeff, v[r]))
 
 	return res
diff --git a/verifier/internal/plonk/challenger.go b/verifier/internal/plonk/challenger.go
index 5294a6d..23461b8 100644
--- a/verifier/internal/plonk/challenger.go
+++ b/verifier/internal/plonk/challenger.go
@@ -15,18 +15,18 @@ type ChallengerChip struct {
 	field             field.FieldAPI `gnark:"-"`
 	poseidonChip      *poseidon.PoseidonChip
 	poseidonBN128Chip *poseidon.PoseidonBN128Chip
-	spongeState       [poseidon.SPONGE_WIDTH]field.F
+	spongeState       [poseidon.SPONGE_WIDTH]frontend.Variable
 	inputBuffer       []field.F
 	outputBuffer      []field.F
 }
 
 func NewChallengerChip(api frontend.API, fieldAPI field.FieldAPI, poseidonChip *poseidon.PoseidonChip, poseidonBN128Chip *poseidon.PoseidonBN128Chip) *ChallengerChip {
-	var spongeState [poseidon.SPONGE_WIDTH]field.F
+	var spongeState [poseidon.SPONGE_WIDTH]frontend.Variable
 	var inputBuffer []field.F
 	var outputBuffer []field.F
 
 	for i := 0; i < poseidon.SPONGE_WIDTH; i++ {
-		spongeState[i] = field.ZERO_F
+		spongeState[i] = frontend.Variable(0)
 	}
 
 	return &ChallengerChip{
@@ -148,12 +148,13 @@ func (c *ChallengerChip) duplexing() {
 		panic("something went wrong")
 	}
 
-	copy(c.spongeState[:], c.inputBuffer)
+	for i := 0; i < len(c.inputBuffer); i++ {
+		c.spongeState[i] = c.field.Reduce(c.inputBuffer[i]).Limbs[0]
+	}
 	c.inputBuffer = clearBuffer(c.inputBuffer)
 	c.spongeState = c.poseidonChip.Poseidon(c.spongeState)
 	clearBuffer(c.outputBuffer)
 	for i := 0; i < poseidon.SPONGE_RATE; i++ {
-		c.outputBuffer = append(c.outputBuffer, c.spongeState[i])
-		// c.outputBuffer[i] = c.spongeState[i]
+		c.outputBuffer = append(c.outputBuffer, c.field.NewElement(c.spongeState[i]))
 	}
 }
diff --git a/verifier/internal/plonk/challenger_test.go b/verifier/internal/plonk/challenger_test.go
index da93d7a..f7796d2 100644
--- a/verifier/internal/plonk/challenger_test.go
+++ b/verifier/internal/plonk/challenger_test.go
@@ -4,46 +4,63 @@ import (
 	"math/big"
 	"testing"
 
+	"github.com/consensys/gnark/backend/groth16"
 	"github.com/consensys/gnark/frontend"
+	"github.com/consensys/gnark/frontend/cs/r1cs"
 	"github.com/consensys/gnark/test"
 	"github.com/succinctlabs/gnark-plonky2-verifier/field"
 	"github.com/succinctlabs/gnark-plonky2-verifier/poseidon"
+	"github.com/succinctlabs/gnark-plonky2-verifier/verifier/common"
+	"github.com/succinctlabs/gnark-plonky2-verifier/verifier/internal/fri"
+	"github.com/succinctlabs/gnark-plonky2-verifier/verifier/utils"
 )
 
 type TestChallengerCircuit struct {
-	PublicInputs              []field.F
-	CircuitDigest             poseidon.PoseidonBN128HashOut
-	WiresCap                  [16]poseidon.PoseidonBN128HashOut
-	PlonkZsPartialProductsCap [16]poseidon.PoseidonBN128HashOut
-	QuotientPolysCap          [16]poseidon.PoseidonBN128HashOut
+	commonCircuitDataFilename string `gnark:"-"`
+
+	CircuitDigest             frontend.Variable `gnark:",public"`
+	PublicInputs              []field.F         `gnark:",public"`
+	WiresCap                  []frontend.Variable
+	PlonkZsPartialProductsCap []frontend.Variable
+	QuotientPolysCap          []frontend.Variable
+	FriOpenings               fri.FriOpenings
+	CommitPhaseMerkleCaps     [][]frontend.Variable
+	FinalPoly                 common.PolynomialCoeffs
+	PowWitness                field.F
 }
 
 func (circuit *TestChallengerCircuit) Define(api frontend.API) error {
+	commonCircuitData := utils.DeserializeCommonCircuitData(circuit.commonCircuitDataFilename)
+
+	config := commonCircuitData.Config
+	numChallenges := config.NumChallenges
 	fieldAPI := field.NewFieldAPI(api)
 	qeAPI := field.NewQuadraticExtensionAPI(api, fieldAPI)
 	poseidonChip := poseidon.NewPoseidonChip(api, fieldAPI, qeAPI)
 	poseidonBN128Chip := poseidon.NewPoseidonBN128Chip(api, fieldAPI)
-	challengerChip := NewChallengerChip(api, fieldAPI, poseidonChip, poseidonBN128Chip)
+	challenger := NewChallengerChip(api, fieldAPI, poseidonChip, poseidonBN128Chip)
 
-	challengerChip.ObserveBN128Hash(circuit.CircuitDigest)
-	publicInputHash := poseidonChip.HashNoPad(circuit.PublicInputs[:])
-	challengerChip.ObserveHash(publicInputHash)
-	challengerChip.ObserveCap(circuit.WiresCap[:])
+	challenger.ObserveBN128Hash(circuit.CircuitDigest)
+	challenger.ObserveHash(poseidonChip.HashNoPad(circuit.PublicInputs))
+	challenger.ObserveCap(circuit.WiresCap)
+	plonkBetas := challenger.GetNChallenges(numChallenges)
+	plonkGammas := challenger.GetNChallenges(numChallenges)
 
-	numChallenges := uint64(2)
-	plonkBetas := challengerChip.GetNChallenges(numChallenges)
-	plonkGammas := challengerChip.GetNChallenges(numChallenges)
+	challenger.ObserveCap(circuit.PlonkZsPartialProductsCap)
+	plonkAlphas := challenger.GetNChallenges(numChallenges)
 
-	expectedPublicInputHash := [4]field.F{
-		field.NewFieldConstFromString("0"),
-		field.NewFieldConstFromString("0"),
-		field.NewFieldConstFromString("0"),
-		field.NewFieldConstFromString("0"),
-	}
+	challenger.ObserveCap(circuit.QuotientPolysCap)
+	plonkZeta := challenger.GetExtensionChallenge()
 
-	for i := 0; i < 4; i++ {
-		fieldAPI.AssertIsEqual(publicInputHash[i], expectedPublicInputHash[i])
-	}
+	challenger.ObserveOpenings(circuit.FriOpenings)
+
+	friChallenges := challenger.GetFriChallenges(
+		circuit.CommitPhaseMerkleCaps,
+		circuit.FinalPoly,
+		circuit.PowWitness,
+		commonCircuitData.DegreeBits,
+		config.FriConfig,
+	)
 
 	expectedPlonkBetas := [2]field.F{
 		field.NewFieldConstFromString("17615363392879944733"),
@@ -60,9 +77,6 @@ func (circuit *TestChallengerCircuit) Define(api frontend.API) error {
 		fieldAPI.AssertIsEqual(plonkGammas[i], expectedPlonkGammas[i])
 	}
 
-	challengerChip.ObserveCap(circuit.PlonkZsPartialProductsCap[:])
-	plonkAlphas := challengerChip.GetNChallenges(numChallenges)
-
 	expectedPlonkAlphas := [2]field.F{
 		field.NewFieldConstFromString("9276470834414745550"),
 		field.NewFieldConstFromString("5302812342351431915"),
@@ -72,9 +86,6 @@ func (circuit *TestChallengerCircuit) Define(api frontend.API) error {
 		fieldAPI.AssertIsEqual(plonkAlphas[i], expectedPlonkAlphas[i])
 	}
 
-	challengerChip.ObserveCap(circuit.QuotientPolysCap[:])
-	plonkZeta := challengerChip.GetExtensionChallenge()
-
 	expectedPlonkZeta := field.QuadraticExtension{
 		field.NewFieldConstFromString("3892795992421241388"),
 		field.NewFieldConstFromString("15786647757418200302"),
@@ -84,6 +95,14 @@ func (circuit *TestChallengerCircuit) Define(api frontend.API) error {
 		fieldAPI.AssertIsEqual(plonkZeta[i], expectedPlonkZeta[i])
 	}
 
+	fieldAPI.AssertIsEqual(friChallenges.FriAlpha[0], field.NewFieldConst(885535811531859621))
+
+	fieldAPI.AssertIsEqual(friChallenges.FriBetas[0][0], field.NewFieldConst(5231781384587895507))
+
+	fieldAPI.AssertIsEqual(friChallenges.FriPowResponse, field.NewFieldConst(70715523064019))
+
+	fieldAPI.AssertIsEqual(friChallenges.FriQueryIndices[0], field.NewFieldConst(11890500485816111017))
+
 	return nil
 }
 
@@ -100,88 +119,109 @@ func StringToBN128Hash(hashStr string) poseidon.PoseidonBN128HashOut {
 func TestChallengerWitness(t *testing.T) {
 	assert := test.NewAssert(t)
 
-	testCase := func(
-		publicInputs []field.F,
-		circuitDigest poseidon.PoseidonBN128HashOut,
-		wiresCap [16]poseidon.PoseidonBN128HashOut,
-		plonkZsPartialProductsCap [16]poseidon.PoseidonBN128HashOut,
-		quotientPolysCap [16]poseidon.PoseidonBN128HashOut,
-	) {
+	testCase := func() {
+		proofWithPis := utils.DeserializeProofWithPublicInputs("../../data/decode_block/proof_with_public_inputs.json")
+		verifierData := utils.DeserializeVerifierOnlyCircuitData("../../data/decode_block/verifier_only_circuit_data.json")
+
 		circuit := TestChallengerCircuit{
-			PublicInputs:              publicInputs,
-			CircuitDigest:             circuitDigest,
-			WiresCap:                  wiresCap,
-			PlonkZsPartialProductsCap: plonkZsPartialProductsCap,
-			QuotientPolysCap:          quotientPolysCap,
+			commonCircuitDataFilename: "../../data/decode_block/common_circuit_data.json",
+
+			CircuitDigest:             verifierData.CircuitDigest,
+			PublicInputs:              proofWithPis.PublicInputs,
+			WiresCap:                  proofWithPis.Proof.WiresCap,
+			PlonkZsPartialProductsCap: proofWithPis.Proof.PlonkZsPartialProductsCap,
+			QuotientPolysCap:          proofWithPis.Proof.QuotientPolysCap,
+			FriOpenings:               fri.ToFriOpenings(proofWithPis.Proof.Openings),
+			CommitPhaseMerkleCaps:     proofWithPis.Proof.OpeningProof.CommitPhaseMerkleCaps,
+			FinalPoly:                 proofWithPis.Proof.OpeningProof.FinalPoly,
+			PowWitness:                proofWithPis.Proof.OpeningProof.PowWitness,
 		}
 		witness := TestChallengerCircuit{
-			PublicInputs:              publicInputs,
-			CircuitDigest:             circuitDigest,
-			WiresCap:                  wiresCap,
-			PlonkZsPartialProductsCap: plonkZsPartialProductsCap,
-			QuotientPolysCap:          quotientPolysCap,
+			CircuitDigest:             verifierData.CircuitDigest,
+			PublicInputs:              proofWithPis.PublicInputs,
+			WiresCap:                  proofWithPis.Proof.WiresCap,
+			PlonkZsPartialProductsCap: proofWithPis.Proof.PlonkZsPartialProductsCap,
+			QuotientPolysCap:          proofWithPis.Proof.QuotientPolysCap,
+			FriOpenings:               fri.ToFriOpenings(proofWithPis.Proof.Openings),
+			CommitPhaseMerkleCaps:     proofWithPis.Proof.OpeningProof.CommitPhaseMerkleCaps,
+			FinalPoly:                 proofWithPis.Proof.OpeningProof.FinalPoly,
+			PowWitness:                proofWithPis.Proof.OpeningProof.PowWitness,
 		}
 		err := test.IsSolved(&circuit, &witness, field.TEST_CURVE.ScalarField())
 		assert.NoError(err)
 	}
 
-	publicInputs := []field.F{}
-
-	circuitDigest := StringToBN128Hash("11532502846882484230992726008257788785937565673229400981185786126842727172973")
-
-	wiresCaps := [16]poseidon.PoseidonBN128HashOut{}
-	wiresCaps[0] = StringToBN128Hash("6232016528318542211523647364792867346449137823066292895075623303633330508214")
-	wiresCaps[1] = StringToBN128Hash("3849229275985461680629770572508259203226163621677714310355251582693130685288")
-	wiresCaps[2] = StringToBN128Hash("5987556171512366759354088598227343740440477791444099795740854232780130336082")
-	wiresCaps[3] = StringToBN128Hash("8523377779888975334090507575349048869294640263235559121841789718805736414837")
-	wiresCaps[4] = StringToBN128Hash("4173305429039088756536564029627250985745421317354666614089039608061166671898")
-	wiresCaps[5] = StringToBN128Hash("19514742808406256372169729907222415291809011606011679387563713660256488346125")
-	wiresCaps[6] = StringToBN128Hash("8519703011007005463193900985655355044586093539828702987016626948657512235078")
-	wiresCaps[7] = StringToBN128Hash("13337062986664638507390757043422262298890182385759661595000247205380836291424")
-	wiresCaps[8] = StringToBN128Hash("13956988298720968721248573872513053256190487207048215310365406791617256823071")
-	wiresCaps[9] = StringToBN128Hash("4139118776078237399422219240136866906229498819930564462151328936368637474741")
-	wiresCaps[10] = StringToBN128Hash("20010683036854145765538326917745039166608941517703057250025522185331298063240")
-	wiresCaps[11] = StringToBN128Hash("16542849340693186579674885260236043503488748690860552251132996633211111581047")
-	wiresCaps[12] = StringToBN128Hash("15340310232736118098606223218073833983285921571850333937460777227732109309104")
-	wiresCaps[13] = StringToBN128Hash("14370557250059545670244193708996703450518439828341533154117610442161777001185")
-	wiresCaps[14] = StringToBN128Hash("18844434454299441334771065219656682212700835025465734281792408139929868142021")
-	wiresCaps[15] = StringToBN128Hash("19676343740377898318702605893881480074303742058989194823248293456630167789460")
-
-	plonkZsPartialProductsCaps := [16]poseidon.PoseidonBN128HashOut{}
-	plonkZsPartialProductsCaps[0] = StringToBN128Hash("18630303757724954689095079665308152603926320437432442392614316813333911252124")
-	plonkZsPartialProductsCaps[1] = StringToBN128Hash("1941509032097423911575973752610668722198580889286836043016771886256831254944")
-	plonkZsPartialProductsCaps[2] = StringToBN128Hash("6147898094056673441182607282006528423230906496770003193057422314911254596722")
-	plonkZsPartialProductsCaps[3] = StringToBN128Hash("8711744418341460096856191310559061094028644913424948320707020455945693390966")
-	plonkZsPartialProductsCaps[4] = StringToBN128Hash("3170507894509162329082713944669012510679535839018490515228566075949014704871")
-	plonkZsPartialProductsCaps[5] = StringToBN128Hash("9513443633020527244719737008971091746535961947215556968735061932963144145728")
-	plonkZsPartialProductsCaps[6] = StringToBN128Hash("16440622144490342815400399751667969445057099157732990266662948140364680211732")
-	plonkZsPartialProductsCaps[7] = StringToBN128Hash("16904904288584890809819587275120157893767917607795020298373538872373275028362")
-	plonkZsPartialProductsCaps[8] = StringToBN128Hash("1322883689945010694042124537248103086068476085787048131689196755087178475099")
-	plonkZsPartialProductsCaps[9] = StringToBN128Hash("3859729225679954076862546769780866075152550721517632074656261209033111218654")
-	plonkZsPartialProductsCaps[10] = StringToBN128Hash("5995885491698588595978721670502011088690021401297557688057158353938846681398")
-	plonkZsPartialProductsCaps[11] = StringToBN128Hash("16957177478856199232404038751327729781816109007496656232207408246975862260922")
-	plonkZsPartialProductsCaps[12] = StringToBN128Hash("9422393668093911702915740702404346320943009100616501740579421944206639410155")
-	plonkZsPartialProductsCaps[13] = StringToBN128Hash("15680345727093646870610240619814271686346382346107751208797654607051065248818")
-	plonkZsPartialProductsCaps[14] = StringToBN128Hash("4939261448468032698521878059774016528161329965101885352386001950329280576201")
-	plonkZsPartialProductsCaps[15] = StringToBN128Hash("7003946111898359335505647195128523292498498760325513092978040051648331398446")
-
-	quotientPolysCaps := [16]poseidon.PoseidonBN128HashOut{}
-	quotientPolysCaps[0] = StringToBN128Hash("3918560082526903400389798118659365477465402367561322989181693953047280669646")
-	quotientPolysCaps[1] = StringToBN128Hash("496966935842756068593963213547105605432646958081400837931911611833297095727")
-	quotientPolysCaps[2] = StringToBN128Hash("8683297895986438077633020202252074142721819824824948690853505463451806801507")
-	quotientPolysCaps[3] = StringToBN128Hash("14623770060934618886104076268225324888644340537717836901769942847173950269850")
-	quotientPolysCaps[4] = StringToBN128Hash("902377468311802642056170073282349607767917979325737018777782566011948776523")
-	quotientPolysCaps[5] = StringToBN128Hash("12124340721627925810131860890689432371048624670798932303474977401990312142398")
-	quotientPolysCaps[6] = StringToBN128Hash("21656753786114693289615694183370749990935753681953197920766927707640495235100")
-	quotientPolysCaps[7] = StringToBN128Hash("4651674172794111060599611529192263627230814664669763852917839857516619530510")
-	quotientPolysCaps[8] = StringToBN128Hash("13161231355626784301812735677481006076469384200800574341495987998366265598910")
-	quotientPolysCaps[9] = StringToBN128Hash("20853590455948262404101100028402584187982204016660952863575312077951992942329")
-	quotientPolysCaps[10] = StringToBN128Hash("742867642166478273564934628555265381154191517824405375118170559554873960389")
-	quotientPolysCaps[11] = StringToBN128Hash("17617970388755497287414457313283777609067524774358298322461931046141926005038")
-	quotientPolysCaps[12] = StringToBN128Hash("55496208750959228576253470708262329602643441253143570259294790484739321332")
-	quotientPolysCaps[13] = StringToBN128Hash("18450079114184018679423491604333957974306902732410122012117555285853099024676")
-	quotientPolysCaps[14] = StringToBN128Hash("14403337493956171864251492809058241138806636992110526018123749007090024780352")
-	quotientPolysCaps[15] = StringToBN128Hash("252265115458024097842043026135110356285192501597856208375838682286051476335")
-
-	testCase(publicInputs, circuitDigest, wiresCaps, plonkZsPartialProductsCaps, quotientPolysCaps)
+	testCase()
+}
+
+func TestChallengerProver(t *testing.T) {
+	proofWithPis := utils.DeserializeProofWithPublicInputs("../../data/decode_block/proof_with_public_inputs.json")
+	verifierData := utils.DeserializeVerifierOnlyCircuitData("../../data/decode_block/verifier_only_circuit_data.json")
+
+	circuit := TestChallengerCircuit{
+		commonCircuitDataFilename: "../../data/decode_block/common_circuit_data.json",
+
+		CircuitDigest:             verifierData.CircuitDigest,
+		PublicInputs:              proofWithPis.PublicInputs,
+		WiresCap:                  proofWithPis.Proof.WiresCap,
+		PlonkZsPartialProductsCap: proofWithPis.Proof.PlonkZsPartialProductsCap,
+		QuotientPolysCap:          proofWithPis.Proof.QuotientPolysCap,
+		FriOpenings:               fri.ToFriOpenings(proofWithPis.Proof.Openings),
+		CommitPhaseMerkleCaps:     proofWithPis.Proof.OpeningProof.CommitPhaseMerkleCaps,
+		FinalPoly:                 proofWithPis.Proof.OpeningProof.FinalPoly,
+		PowWitness:                proofWithPis.Proof.OpeningProof.PowWitness,
+	}
+
+	proofWithPis = utils.DeserializeProofWithPublicInputs("../../data/decode_block/proof_with_public_inputs.json")
+	verifierData = utils.DeserializeVerifierOnlyCircuitData("../../data/decode_block/verifier_only_circuit_data.json")
+
+	assignment := TestChallengerCircuit{
+		commonCircuitDataFilename: "../../data/decode_block/common_circuit_data.json",
+
+		CircuitDigest:             verifierData.CircuitDigest,
+		PublicInputs:              proofWithPis.PublicInputs,
+		WiresCap:                  proofWithPis.Proof.WiresCap,
+		PlonkZsPartialProductsCap: proofWithPis.Proof.PlonkZsPartialProductsCap,
+		QuotientPolysCap:          proofWithPis.Proof.QuotientPolysCap,
+		FriOpenings:               fri.ToFriOpenings(proofWithPis.Proof.Openings),
+		CommitPhaseMerkleCaps:     proofWithPis.Proof.OpeningProof.CommitPhaseMerkleCaps,
+		FinalPoly:                 proofWithPis.Proof.OpeningProof.FinalPoly,
+		PowWitness:                proofWithPis.Proof.OpeningProof.PowWitness,
+	}
+
+	r1cs, err := frontend.Compile(field.TEST_CURVE.ScalarField(), r1cs.NewBuilder, &circuit)
+	if err != nil {
+		panic(err)
+	}
+
+	println("num constraints is ", r1cs.GetNbConstraints())
+
+	assert := test.NewAssert(t)
+	err = test.IsSolved(&circuit, &assignment, field.TEST_CURVE.ScalarField())
+	assert.NoError(err)
+
+	witness, err := frontend.NewWitness(&assignment, field.TEST_CURVE.ScalarField())
+	if err != nil {
+		panic(err)
+	}
+
+	pk, vk, err := groth16.Setup(r1cs)
+	if err != nil {
+		panic(err)
+	}
+
+	proof, err := groth16.Prove(r1cs, pk, witness)
+	if err != nil {
+		panic(err)
+	}
+
+	publicWitness, err := witness.Public()
+	if err != nil {
+		panic(err)
+	}
+
+	err = groth16.Verify(proof, vk, publicWitness)
+	if err != nil {
+		panic(err)
+	}
 }