arnaucube/keccak256-circom
1
1
Fork 0
mirror of https://github.com/arnaucube/keccak256-circom.git synced 2026-01-11 00:11:30 +01:00
Code Issues Projects Releases Wiki Activity

Chi Circom circuit implemented

Browse Source
This commit is contained in:
arnaucube
2021-11-02 16:02:06 +01:00
parent 0a35c4463b
commit f8afdd5a88
7 changed files with 314 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

227
circuits/chi.circom Normal file
View File

@@ -0,0 +1,227 @@
pragma circom 2.0.0;
include "./utils.circom";
template step() {
// out = a ^ (^b) & c
signal input a[64];
signal input b[64];
signal input c[64];
signal output out[64];
var i;
// ^b
component bXor = XorArraySingle(64);
for (i=0; i<64; i++) {
bXor.a[i] <== b[i];
}
// (^b)&c
component bc = AndArray(64);
for (i=0; i<64; i++) {
bc.a[i] <== bXor.out[i];
bc.b[i] <== c[i];
}
// a^(^b)&c
component abc = XorArray(64);
for (i=0; i<64; i++) {
abc.a[i] <== a[i];
abc.b[i] <== bc.out[i];
}
for (i=0; i<64; i++) {
out[i] <== abc.out[i];
}
}
template Chi() {
signal input in[25*64];
signal output out[25*64];
var i;
component r0 = step();
for (i=0; i<64; i++) {
r0.a[i] <== in[i];
r0.b[i] <== in[1*64+i];
r0.c[i] <== in[2*64+i];
}
component r1 = step();
for (i=0; i<64; i++) {
r1.a[i] <== in[1*64+i];
r1.b[i] <== in[2*64+i];
r1.c[i] <== in[3*64+i];
}
component r2 = step();
for (i=0; i<64; i++) {
r2.a[i] <== in[2*64+i];
r2.b[i] <== in[3*64+i];
r2.c[i] <== in[4*64+i];
}
component r3 = step();
for (i=0; i<64; i++) {
r3.a[i] <== in[3*64+i];
r3.b[i] <== in[4*64+i];
r3.c[i] <== in[0*64+i];
}
component r4 = step();
for (i=0; i<64; i++) {
r4.a[i] <== in[4*64+i];
r4.b[i] <== in[i];
r4.c[i] <== in[1*64+i];
}
component r5 = step();
for (i=0; i<64; i++) {
r5.a[i] <== in[5*64+i];
r5.b[i] <== in[6*64+i];
r5.c[i] <== in[7*64+i];
}
component r6 = step();
for (i=0; i<64; i++) {
r6.a[i] <== in[6*64+i];
r6.b[i] <== in[7*64+i];
r6.c[i] <== in[8*64+i];
}
component r7 = step();
for (i=0; i<64; i++) {
r7.a[i] <== in[7*64+i];
r7.b[i] <== in[8*64+i];
r7.c[i] <== in[9*64+i];
}
component r8 = step();
for (i=0; i<64; i++) {
r8.a[i] <== in[8*64+i];
r8.b[i] <== in[9*64+i];
r8.c[i] <== in[5*64+i];
}
component r9 = step();
for (i=0; i<64; i++) {
r9.a[i] <== in[9*64+i];
r9.b[i] <== in[5*64+i];
r9.c[i] <== in[6*64+i];
}
component r10 = step();
for (i=0; i<64; i++) {
r10.a[i] <== in[10*64+i];
r10.b[i] <== in[11*64+i];
r10.c[i] <== in[12*64+i];
}
component r11 = step();
for (i=0; i<64; i++) {
r11.a[i] <== in[11*64+i];
r11.b[i] <== in[12*64+i];
r11.c[i] <== in[13*64+i];
}
component r12 = step();
for (i=0; i<64; i++) {
r12.a[i] <== in[12*64+i];
r12.b[i] <== in[13*64+i];
r12.c[i] <== in[14*64+i];
}
component r13 = step();
for (i=0; i<64; i++) {
r13.a[i] <== in[13*64+i];
r13.b[i] <== in[14*64+i];
r13.c[i] <== in[10*64+i];
}
component r14 = step();
for (i=0; i<64; i++) {
r14.a[i] <== in[14*64+i];
r14.b[i] <== in[10*64+i];
r14.c[i] <== in[11*64+i];
}
component r15 = step();
for (i=0; i<64; i++) {
r15.a[i] <== in[15*64+i];
r15.b[i] <== in[16*64+i];
r15.c[i] <== in[17*64+i];
}
component r16 = step();
for (i=0; i<64; i++) {
r16.a[i] <== in[16*64+i];
r16.b[i] <== in[17*64+i];
r16.c[i] <== in[18*64+i];
}
component r17 = step();
for (i=0; i<64; i++) {
r17.a[i] <== in[17*64+i];
r17.b[i] <== in[18*64+i];
r17.c[i] <== in[19*64+i];
}
component r18 = step();
for (i=0; i<64; i++) {
r18.a[i] <== in[18*64+i];
r18.b[i] <== in[19*64+i];
r18.c[i] <== in[15*64+i];
}
component r19 = step();
for (i=0; i<64; i++) {
r19.a[i] <== in[19*64+i];
r19.b[i] <== in[15*64+i];
r19.c[i] <== in[16*64+i];
}
component r20 = step();
for (i=0; i<64; i++) {
r20.a[i] <== in[20*64+i];
r20.b[i] <== in[21*64+i];
r20.c[i] <== in[22*64+i];
}
component r21 = step();
for (i=0; i<64; i++) {
r21.a[i] <== in[21*64+i];
r21.b[i] <== in[22*64+i];
r21.c[i] <== in[23*64+i];
}
component r22 = step();
for (i=0; i<64; i++) {
r22.a[i] <== in[22*64+i];
r22.b[i] <== in[23*64+i];
r22.c[i] <== in[24*64+i];
}
component r23 = step();
for (i=0; i<64; i++) {
r23.a[i] <== in[23*64+i];
r23.b[i] <== in[24*64+i];
r23.c[i] <== in[20*64+i];
}
component r24 = step();
for (i=0; i<64; i++) {
r24.a[i] <== in[24*64+i];
r24.b[i] <== in[20*64+i];
r24.c[i] <== in[21*64+i];
}
for (i=0; i<64; i++) {
out[i] <== r0.out[i];
out[1*64+i] <== r1.out[i];
out[2*64+i] <== r2.out[i];
out[3*64+i] <== r3.out[i];
out[4*64+i] <== r4.out[i];
out[5*64+i] <== r5.out[i];
out[6*64+i] <== r6.out[i];
out[7*64+i] <== r7.out[i];
out[8*64+i] <== r8.out[i];
out[9*64+i] <== r9.out[i];
out[10*64+i] <== r10.out[i];
out[11*64+i] <== r11.out[i];
out[12*64+i] <== r12.out[i];
out[13*64+i] <== r13.out[i];
out[14*64+i] <== r14.out[i];
out[15*64+i] <== r15.out[i];
out[16*64+i] <== r16.out[i];
out[17*64+i] <== r17.out[i];
out[18*64+i] <== r18.out[i];
out[19*64+i] <== r19.out[i];
out[20*64+i] <== r20.out[i];
out[21*64+i] <== r21.out[i];
out[22*64+i] <== r22.out[i];
out[23*64+i] <== r23.out[i];
out[24*64+i] <== r24.out[i];
}
}

5
circuits/rhopi.circom
View File

@@ -31,10 +31,6 @@ template RhoPi() {
var i;
for (i=0; i<64; i++) {
out[i] <== in[i];
}
// r[10] = a[1]<<1|a[1]>>(64-1)
component s10 = step(1, 64-1);
for (i=0; i<64; i++) {
@@ -157,6 +153,7 @@ template RhoPi() {
}
for (i=0; i<64; i++) {
out[i] <== in[i];
out[10*64+i] <== s10.out[i];
out[7*64+i] <== s7.out[i];
out[11*64+i] <== s11.out[i];

34
circuits/utils.circom
View File

@@ -50,6 +50,23 @@ template XorArray(n) {
out[i] <== aux[i].out;
}
}
template XorArraySingle(n) {
signal input a[n];
signal output out[n];
var i;
component aux[n];
for (i=0; i<n; i++) {
aux[i] = XOR();
aux[i].a <== a[i];
aux[i].b <== 1;
}
for (i=0; i<n; i++) {
out[i] <== aux[i].out;
}
}
template OrArray(n) {
signal input a[n];
signal input b[n];
@@ -67,6 +84,23 @@ template OrArray(n) {
}
}
template AndArray(n) {
signal input a[n];
signal input b[n];
signal output out[n];
var i;
component aux[n];
for (i=0; i<n; i++) {
aux[i] = AND();
aux[i].a <== a[i];
aux[i].b <== b[i];
}
for (i=0; i<n; i++) {
out[i] <== aux[i].out;
}
}
template ShL(n, r) {
signal input in[n];
signal output out[n];