diff --git a/babyjub/eddsa_test.go b/babyjub/eddsa_test.go index 7e8f696..b927d47 100644 --- a/babyjub/eddsa_test.go +++ b/babyjub/eddsa_test.go @@ -97,7 +97,7 @@ func TestSignVerifyPoseidon(t *testing.T) { "15383486972088797283337779941324724402501462225528836549661220478783371668959", sig.R8.Y.String()) assert.Equal(t, - "1398758333392199195742243841591064350253744445503462896781493968760929513778", + "1672775540645840396591609181675628451599263765380031905495115170613215233181", sig.S.String()) ok := pk.VerifyPoseidon(msg, sig) @@ -109,7 +109,7 @@ func TestSignVerifyPoseidon(t *testing.T) { assert.Equal(t, ""+ "dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2"+ - "32f16b0f2f4c4e1169aa59685637e1429b6581a9531d058d65f4ab224eab1703", + "9d043ece562a8f82bfc0adb640c0107a7d3a27c1c7c1a6179a0da73de5c1b203", hex.EncodeToString(sigBuf[:])) ok = pk.VerifyPoseidon(msg, sig2) diff --git a/poseidon/poseidon.go b/poseidon/poseidon.go index a331f92..cbfba00 100644 --- a/poseidon/poseidon.go +++ b/poseidon/poseidon.go @@ -47,7 +47,7 @@ func mix(state []*ff.Element, newState []*ff.Element, m [][]*ff.Element) { for i := 0; i < len(state); i++ { newState[i].SetUint64(0) for j := 0; j < len(state); j++ { - mul.Mul(m[j][i], state[j]) + mul.Mul(m[i][j], state[j]) newState[i].Add(newState[i], mul) } } @@ -64,8 +64,8 @@ func Hash(inpBI []*big.Int) (*big.Int, error) { } inp := utils.BigIntArrayToElementArray(inpBI[:]) state := make([]*ff.Element, t) - copy(state[:], inp[:]) - state[len(state)-1] = zero() + state[0] = zero() + copy(state[1:], inp[:]) nRoundsF := NROUNDSF nRoundsP := NROUNDSP[t-2] @@ -79,10 +79,8 @@ func Hash(inpBI []*big.Int) (*big.Int, error) { for i := 0; i < nRoundsF+nRoundsP; i++ { ark(state, c.c[t-2], i*t) sbox(nRoundsF, nRoundsP, state, i) - if i < nRoundsF+nRoundsP-1 { - mix(state, newState, c.m[t-2]) - state, newState = newState, state - } + mix(state, newState, c.m[t-2]) + state, newState = newState, state } rE := state[0] r := big.NewInt(0) diff --git a/poseidon/poseidon_test.go b/poseidon/poseidon_test.go index 18cf258..b406a8f 100644 --- a/poseidon/poseidon_test.go +++ b/poseidon/poseidon_test.go @@ -25,24 +25,24 @@ func TestPoseidonHash(t *testing.T) { h, err := Hash([]*big.Int{b1}) assert.Nil(t, err) assert.Equal(t, - "11043376183861534927536506085090418075369306574649619885724436265926427398571", + "18586133768512220936620570745912940619677854269274689475585506675881198879027", h.String()) h, err = Hash([]*big.Int{b1, b2}) assert.Nil(t, err) assert.Equal(t, - "17117985411748610629288516079940078114952304104811071254131751175361957805920", + "7853200120776062878684798364095072458815029376092732009249414926327459813530", h.String()) h, err = Hash([]*big.Int{b1, b2, b0, b0, b0}) assert.Nil(t, err) assert.Equal(t, - "3975478831357328722254985704342968745327876719981393787143845259590563829094", + "1018317224307729531995786483840663576608797660851238720571059489595066344487", h.String()) h, err = Hash([]*big.Int{b1, b2, b0, b0, b0, b0}) assert.Nil(t, err) assert.Equal(t, - "19772360636270345724087386688434825760738403416279047262510528378903625000110", + "15336558801450556532856248569924170992202208561737609669134139141992924267169", h.String()) b3 := big.NewInt(3) @@ -50,12 +50,12 @@ func TestPoseidonHash(t *testing.T) { h, err = Hash([]*big.Int{b3, b4, b0, b0, b0}) assert.Nil(t, err) assert.Equal(t, - "3181200837746671699652342497997860344148947482942465819251904554707352676086", + "5811595552068139067952687508729883632420015185677766880877743348592482390548", h.String()) h, err = Hash([]*big.Int{b3, b4, b0, b0, b0, b0}) assert.Nil(t, err) assert.Equal(t, - "8386348873272147968934270337233829407378789978142456170950021426339096575008", + "12263118664590987767234828103155242843640892839966517009184493198782366909018", h.String()) b5 := big.NewInt(5) @@ -63,7 +63,7 @@ func TestPoseidonHash(t *testing.T) { h, err = Hash([]*big.Int{b1, b2, b3, b4, b5, b6}) assert.Nil(t, err) assert.Equal(t, - "5202465217520500374834597824465244016759843635092906214933648999760272616044", + "20400040500897583745843009878988256314335038853985262692600694741116813247201", h.String()) }