214 Make it possible to use poseidon hash function in transcript [Syn…

…cWith: crypto3-zk#214] (#241) * Make it possible to use poseidon hash function in transcript --------- Co-authored-by: Martun Karapetyan <[email protected]>
NilFoundation · Dec 15, 2023 · 6e53d34 · 6e53d34
1 parent d8bd4e1
commit 6e53d34
Show file tree

Hide file tree

Showing 5 changed files with 276 additions and 278 deletions.
diff --git a/.github/workflows/pull-request-action.yml b/.github/workflows/pull-request-action.yml
@@ -11,9 +11,9 @@ on:
 jobs:
   handle-syncwith:
     name: Call Reusable SyncWith Handler
-    uses: NilFoundation/ci-cd/.github/workflows/reusable-handle-syncwith.yml@v1.1.0
+    uses: NilFoundation/ci-cd/.github/workflows/reusable-handle-syncwith.yml@v1.2.0
     with:
-      ci-cd-ref: 'v1.1.3'
+      ci-cd-ref: 'v1.2.0'
     secrets: inherit
 
   matrix-test-linux:

diff --git a/include/nil/crypto3/zk/transcript/fiat_shamir.hpp b/include/nil/crypto3/zk/transcript/fiat_shamir.hpp
@@ -30,12 +30,23 @@
 #include <nil/marshalling/algorithms/pack.hpp>
 #include <nil/crypto3/marshalling/algebra/types/field_element.hpp>
 
+#include <nil/crypto3/hash/type_traits.hpp>
 #include <nil/crypto3/hash/algorithm/hash.hpp>
 #include <nil/crypto3/hash/sha2.hpp>
 #include <nil/crypto3/hash/keccak.hpp>
 
-#include <nil/crypto3/multiprecision/cpp_int.hpp>
+#include <nil/crypto3/algebra/curves/pallas.hpp>
+#include <nil/crypto3/algebra/fields/arithmetic_params/pallas.hpp>
+#include <nil/crypto3/hash/poseidon.hpp>
+
+#include <nil/crypto3/hash/detail/poseidon/kimchi_constants.hpp>
+#include <nil/crypto3/hash/detail/poseidon/original_constants.hpp>
+#include <nil/crypto3/hash/detail/poseidon/poseidon_policy.hpp>
+#include <nil/crypto3/hash/detail/poseidon/poseidon_permutation.hpp>
+#include <nil/crypto3/hash/detail/poseidon/poseidon_sponge.hpp>
+#include <nil/crypto3/hash/detail/block_stream_processor.hpp>
 
+#include <nil/crypto3/multiprecision/cpp_int.hpp>
 namespace nil {
     namespace crypto3 {
         namespace zk {
@@ -116,8 +127,9 @@ namespace nil {
                     }
                 };
 
-                template<typename Hash>
-                struct fiat_shamir_heuristic_sequential {
+                template<typename Hash, typename Enable = void>
+                struct fiat_shamir_heuristic_sequential
+                {
                     typedef Hash hash_type;
 
                     fiat_shamir_heuristic_sequential() : state(hash<hash_type>({0})) {
@@ -184,6 +196,85 @@ namespace nil {
                 private:
                     typename hash_type::digest_type state;
                 };
+
+                // Specialize for posseidon.
+                template<typename Hash>
+                struct fiat_shamir_heuristic_sequential<
+                        Hash,
+                        typename std::enable_if_t<crypto3::hashes::is_poseidon<Hash>::value>> {
+
+                    typedef Hash hash_type;
+                    using field_type = nil::crypto3::algebra::curves::pallas::base_field_type;
+                    using poseidon_policy = nil::crypto3::hashes::detail::mina_poseidon_policy<field_type>;
+                    using permutation_type = nil::crypto3::hashes::detail::poseidon_permutation<poseidon_policy>;
+                    using state_type = typename permutation_type::state_type;
+
+                    fiat_shamir_heuristic_sequential() {
+                    }
+
+                    template<typename InputRange>
+                    fiat_shamir_heuristic_sequential(const InputRange &r) {
+                        sponge.absorb(hash<hash_type>(r));
+                    }
+
+                    template<typename InputIterator>
+                    fiat_shamir_heuristic_sequential(InputIterator first, InputIterator last) {
+                        sponge.absorb(hash<hash_type>(first, last));
+                    }
+
+                    void operator()(const typename hash_type::digest_type input) {
+                        sponge.absorb(input);
+                    }
+
+                    template<typename InputRange>
+                    void operator()(const InputRange &r) {
+                        sponge.absorb(hash<hash_type>(r));
+                    }
+
+                    template<typename InputIterator>
+                    void operator()(InputIterator first, InputIterator last) {
+                        sponge.absorb(hash<hash_type>(first, last));
+                    }
+
+                    template<typename Field>
+                    typename Field::value_type challenge() {
+                        return sponge.squeeze();
+                    }
+
+                    template<typename Integral>
+                    Integral int_challenge() {
+                        auto c = challenge<field_type>();
+                        nil::marshalling::status_type status;
+
+                        nil::crypto3::multiprecision::cpp_int intermediate_result = 
+                            c.data.template convert_to<nil::crypto3::multiprecision::cpp_int>();
+                        Integral result = 0;
+                        Integral factor = 1;
+                        size_t bytes_to_fill = sizeof(Integral);
+                        while (intermediate_result > 0 && bytes_to_fill != 0) {
+                            result += factor * (Integral)(intermediate_result % 0x100);
+                            factor *= 0x100;
+                            intermediate_result = intermediate_result / 0x100;
+                            bytes_to_fill -= 2;
+                        }
+                        return result;
+                    }
+
+                    template<typename Field, std::size_t N>
+                    std::array<typename Field::value_type, N> challenges() {
+
+                        std::array<typename Field::value_type, N> result;
+                        for (auto &ch : result) {
+                            ch = challenge<Field>();
+                        }
+
+                        return result;
+                    }
+
+                private:
+                    hashes::detail::poseidon_sponge_construction<typename Hash::policy_type> sponge;
+                };
+
             }    // namespace transcript
         }        // namespace zk
     }            // namespace crypto3

diff --git a/test/systems/plonk/placeholder/circuits.hpp b/test/systems/plonk/placeholder/circuits.hpp
@@ -486,7 +486,7 @@ namespace nil {
 
                 template<typename FieldType>
                 circuit_description<FieldType, placeholder_circuit_params<FieldType,
-                    arithmetization_params_4>, 3, 3> circuit_test_4(
+                    arithmetization_params_4>, 5, 3> circuit_test_4(
                         typename nil::crypto3::random::algebraic_engine<FieldType> alg_rnd = nil::crypto3::random::algebraic_engine<FieldType>(),
                         boost::random::mt11213b rnd = boost::random::mt11213b()
                     ) {
@@ -504,7 +504,8 @@ namespace nil {
 
                     typedef placeholder_circuit_params<FieldType, arithmetization_params_4> circuit_params;
 
-                    circuit_description<FieldType, circuit_params, rows_log, permutation> test_circuit;
+                    circuit_description<FieldType, circuit_params, 5, permutation> test_circuit;
+                    test_circuit.table_rows = 1 << rows_log;
 
                     std::array<std::vector<typename FieldType::value_type>, table_columns> table;
                     for (std::size_t j = 0; j < table_columns; j++) {
@@ -534,18 +535,9 @@ namespace nil {
                     std::array<plonk_column<FieldType>, public_columns> public_input_assignment = {};
                     std::array<plonk_column<FieldType>, constant_columns> constant_assignment;
 
-                    std::vector<typename FieldType::value_type> sel_lookup(test_circuit.table_rows);
-                    sel_lookup ={1, 1, 0, 1, 1, 0, 0, 0};
-                    selectors_assignment[0] = sel_lookup;
-
-                    std::vector<typename FieldType::value_type> sel_gate0(test_circuit.table_rows);
-                    sel_gate0 = {1, 1, 1, 1, 1, 0, 0, 0};
-                    selectors_assignment[1] = sel_gate0;
-
-
-                    std::vector<typename FieldType::value_type> sel_lookup_table(test_circuit.table_rows);
-                    sel_lookup_table = {0, 1, 1, 1, 1, 0, 0, 0};
-                    selectors_assignment[2] = sel_lookup_table;
+                    selectors_assignment[0] = {1, 1, 0, 1, 1, 0, 0, 0};
+                    selectors_assignment[1] = {1, 1, 1, 1, 1, 0, 0, 0};
+                    selectors_assignment[2] = {0, 1, 1, 1, 1, 0, 0, 0};
 
                     for (std::size_t i = 0; i < constant_columns; i++) {
                         constant_assignment[i] = table[witness_columns + i];
@@ -555,6 +547,7 @@ namespace nil {
                         plonk_public_assignment_table<FieldType, arithmetization_params_4>(
                             public_input_assignment, constant_assignment, selectors_assignment));
 
+
                     plonk_variable<assignment_type> w0(0, 0, true, plonk_variable<assignment_type>::column_type::witness);
                     plonk_variable<assignment_type> w1(1, 0, true, plonk_variable<assignment_type>::column_type::witness);
                     plonk_variable<assignment_type> w2(2, 0, true, plonk_variable<assignment_type>::column_type::witness);