From 89537c6b4622961880b8bb94df1cd51ec3e2412a Mon Sep 17 00:00:00 2001
From: Martun Karapetyan <martun.karapetyan@gmail.com>
Date: Thu, 19 Oct 2023 00:49:19 -0700
Subject: [PATCH] Simplest zkllvm hash<poseidon>() function compatible
 transcript #214

---
 .../plonk/constraint_system.hpp               |   1 -
 .../nil/crypto3/zk/transcript/fiat_shamir.hpp | 109 +++++++++++++++++-
 .../systems/plonk/placeholder/placeholder.cpp |   7 +-
 3 files changed, 111 insertions(+), 6 deletions(-)

diff --git a/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint_system.hpp b/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint_system.hpp
index 48b56d83f..b397ab59d 100644
--- a/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint_system.hpp
+++ b/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint_system.hpp
@@ -225,7 +225,6 @@ namespace nil {
                         return lookup_degree;
                     }
 
-
                     bool operator==(const plonk_constraint_system<FieldType, ArithmetizationParams> &other) const {
                         return (this->_gates == other._gates) && (this->_copy_constraints == other._copy_constraints) &&
                                (this->_lookup_gates == other._lookup_gates) && (this->_lookup_tables == other._lookup_tables);
diff --git a/include/nil/crypto3/zk/transcript/fiat_shamir.hpp b/include/nil/crypto3/zk/transcript/fiat_shamir.hpp
index 93f6c3b68..cf3ee0f32 100644
--- a/include/nil/crypto3/zk/transcript/fiat_shamir.hpp
+++ b/include/nil/crypto3/zk/transcript/fiat_shamir.hpp
@@ -30,12 +30,24 @@
 #include <nil/marshalling/algorithms/pack.hpp>
 #include <nil/crypto3/marshalling/algebra/types/field_element.hpp>
 
+#include <nil/crypto3/hash/type_traits.hpp>
 #include <nil/crypto3/hash/algorithm/hash.hpp>
 #include <nil/crypto3/hash/sha2.hpp>
 #include <nil/crypto3/hash/keccak.hpp>
 
-#include <nil/crypto3/multiprecision/cpp_int.hpp>
+#include <nil/crypto3/algebra/curves/pallas.hpp>
+#include <nil/crypto3/algebra/fields/arithmetic_params/pallas.hpp>
+#include <nil/crypto3/hash/poseidon.hpp>
+
+#include <nil/crypto3/hash/detail/poseidon/kimchi_constants.hpp>
+#include <nil/crypto3/hash/detail/poseidon/original_constants.hpp>
+#include <nil/crypto3/hash/detail/poseidon/poseidon_sponge.hpp>
+#include <nil/crypto3/hash/detail/poseidon/poseidon_policy.hpp>
+#include <nil/crypto3/hash/detail/poseidon/poseidon_permutation.hpp>
+#include <nil/crypto3/hash/detail/poseidon/poseidon_sponge.hpp>
+#include <nil/crypto3/hash/detail/block_stream_processor.hpp>
 
+#include <nil/crypto3/multiprecision/cpp_int.hpp>
 namespace nil {
     namespace crypto3 {
         namespace zk {
@@ -116,8 +128,9 @@ namespace nil {
                     }
                 };
 
-                template<typename Hash>
-                struct fiat_shamir_heuristic_sequential {
+                template<typename Hash, typename Enable = void>
+                struct fiat_shamir_heuristic_sequential
+                {
                     typedef Hash hash_type;
 
                     fiat_shamir_heuristic_sequential() : state(hash<hash_type>({0})) {
@@ -184,6 +197,96 @@ namespace nil {
                 private:
                     typename hash_type::digest_type state;
                 };
+
+                // Specialize for posseidon.
+                template<typename Hash>
+                struct fiat_shamir_heuristic_sequential<
+                        Hash,
+                        typename std::enable_if_t<crypto3::hashes::is_poseidon<Hash>::value>> {
+
+                    typedef Hash hash_type;
+                    using field_type = nil::crypto3::algebra::curves::pallas::base_field_type;
+                    using poseidon_policy = nil::crypto3::hashes::detail::mina_poseidon_policy<field_type>;
+                    using permutation_type = nil::crypto3::hashes::detail::poseidon_permutation<poseidon_policy>;
+                    using state_type = typename permutation_type::state_type;
+
+                    fiat_shamir_heuristic_sequential() : state({0,0,0}), cur(1) {
+                    }
+
+                    template<typename InputRange>
+                    fiat_shamir_heuristic_sequential(const InputRange &r) : state({0,0,0}), cur(1) {
+                    }
+
+                    template<typename InputIterator>
+                    fiat_shamir_heuristic_sequential(InputIterator first, InputIterator last) : state({0,0,0}), cur(1){
+                    }
+
+                    void operator()(const typename hash_type::digest_type input){
+                        state[cur] = input;
+                        if( cur == 2 ){
+                            state_type poseidon_state;
+                            std::copy(state.begin(), state.end(), poseidon_state.begin());
+                            permutation_type::permute(poseidon_state);
+
+                            state[0] = poseidon_state[2];
+                            state[1] = 0;
+                            state[2] = 0;
+                            cur = 1;
+                        } else {
+                            cur++;
+                        }
+                    }
+
+                    template<typename InputRange>
+                    void operator()(const InputRange &r) {
+                        BOOST_ASSERT_MSG(false, "Not supported");
+                    }
+
+                    template<typename Field>
+                    typename Field::value_type challenge() {
+                        state_type poseidon_state;
+                        std::copy(state.begin(), state.end(), poseidon_state.begin());
+                        permutation_type::permute(poseidon_state);
+
+                        state[0] = poseidon_state[2];
+                        state[1] = 0;
+                        state[2] = 0;
+                        cur = 1;
+                        return state[0];
+                    }
+
+                    template<typename Integral>
+                    Integral int_challenge() {
+                        auto c = challenge<field_type>();
+                        nil::marshalling::status_type status;
+
+                        nil::crypto3::multiprecision::cpp_int intermediate_result = nil::marshalling::pack(c, status);
+                        Integral result = 0;
+                        Integral factor = 1;
+                        while (intermediate_result > 0) {
+                            result += factor * (Integral)(intermediate_result%0x100);
+                            factor *= 0x100;
+                            intermediate_result = intermediate_result/0x100;
+                        }
+                        return result;
+                    }
+
+                    template<typename Field, std::size_t N>
+                    std::array<typename Field::value_type, N> challenges() {
+
+                        std::array<typename Field::value_type, N> result;
+                        for (auto &ch : result) {
+                            ch = challenge<Field>();
+                        }
+
+                        return result;
+                    }
+
+                private:
+                    std::vector<typename hash_type::digest_type> state;
+                    std::size_t cur = 1;
+                };
+
             }    // namespace transcript
         }        // namespace zk
     }            // namespace crypto3
diff --git a/test/systems/plonk/placeholder/placeholder.cpp b/test/systems/plonk/placeholder/placeholder.cpp
index dc0eeed87..859e23f23 100644
--- a/test/systems/plonk/placeholder/placeholder.cpp
+++ b/test/systems/plonk/placeholder/placeholder.cpp
@@ -57,6 +57,7 @@
 #include <nil/crypto3/hash/sha2.hpp>
 #include <nil/crypto3/hash/md5.hpp>
 #include <nil/crypto3/hash/keccak.hpp>
+#include <nil/crypto3/hash/poseidon.hpp>
 
 #include <nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp>
 #include <nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp>
@@ -228,8 +229,10 @@ struct test_initializer {
 BOOST_AUTO_TEST_SUITE(placeholder_circuit1)
     using curve_type = algebra::curves::pallas;
     using field_type = typename curve_type::base_field_type;
-    using merkle_hash_type = hashes::keccak_1600<512>;
-    using transcript_hash_type = hashes::keccak_1600<512>;
+    using policy = hashes::detail::poseidon_policy<field_type, 128, 2>;
+    using merkle_hash_type = hashes::poseidon<policy>;
+    using transcript_hash_type = hashes::poseidon<policy>;
+    constexpr static const std::size_t table_rows_log = 4;
 
     struct placeholder_test_params {
         constexpr static const std::size_t usable_rows = 13;