|
|
package poseidon
import ( "math/big"
"github.com/iden3/go-iden3-crypto/ffg" )
func zero() *ffg.Element { return ffg.NewElement() }
// exp7 performs x^7 mod p
func exp7(a *ffg.Element) { a.Exp(*a, big.NewInt(7)) //nolint:gomnd
}
// exp7state perform exp7 for whole state
func exp7state(state []*ffg.Element) { for i := 0; i < len(state); i++ { exp7(state[i]) } }
// ark computes Add-Round Key, from the paper https://eprint.iacr.org/2019/458.pdf
func ark(state []*ffg.Element, it int) { for i := 0; i < len(state); i++ { state[i].Add(state[i], C[it+i]) } }
// mix returns [[matrix]] * [vector]
func mix(state []*ffg.Element) []*ffg.Element { mul := zero() newState := make([]*ffg.Element, mLen) for i := 0; i < mLen; i++ { newState[i] = zero() } for i := 0; i < mLen; i++ { newState[i].SetUint64(0) for j := 0; j < mLen; j++ { mul.Mul(M[i][j], state[j]) newState[i].Add(newState[i], mul) } } return newState }
// Hash computes the Poseidon hash for the given inputs
func Hash(inpBI [NROUNDSF]uint64, capBI [CAPLEN]uint64) ([CAPLEN]uint64, error) { state := make([]*ffg.Element, mLen) for i := 0; i < NROUNDSF; i++ { state[i] = ffg.NewElement().SetUint64(inpBI[i]) } for i := 0; i < CAPLEN; i++ { state[i+NROUNDSF] = ffg.NewElement().SetUint64(capBI[i]) }
for r := 0; r < NROUNDSF+NROUNDSP; r++ { ark(state, r*mLen)
if r < NROUNDSF/2 || r >= NROUNDSF/2+NROUNDSP { exp7state(state) } else { exp7(state[0]) }
state = mix(state) }
return [CAPLEN]uint64{ state[0].ToUint64Regular(), state[1].ToUint64Regular(), state[2].ToUint64Regular(), state[3].ToUint64Regular(), }, nil }
|