Skip to content
This repository has been archived by the owner on Jun 28, 2022. It is now read-only.

Poseidon hash #3

Closed
wants to merge 47 commits into from
Closed

Poseidon hash #3

wants to merge 47 commits into from

Conversation

tsunrise
Copy link
Collaborator

@tsunrise tsunrise commented Jan 4, 2022

No description provided.

Cargo.toml Outdated Show resolved Hide resolved
@tsunrise tsunrise marked this pull request as draft January 4, 2022 22:17
Copy link

@bhgomes bhgomes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just some superficial things I wanted to ask about right now. Didn't finish reviewing every detail.

use ark_ff::PrimeField;

#[derive(Clone, Eq, PartialEq, Debug)]
pub struct Matrix<T: Clone>(pub Vec<Vec<T>>);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would suggest using a Vec<T> in row-major order for better performance.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

make sense (for better cache performance)

}

pub fn is_identity(&self) -> bool {
if !self.is_square() {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aren't all these matrices square? The transpose method for example seems to assume so. Do we need non-square matrices anywhere?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes all MDS matrices should be square

Copy link

@bhgomes bhgomes Jan 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then, we should notate this and make sure that we are using this fact everywhere in the interface and the implementation.

pub struct PoseidonConstants<F: PrimeField> {
pub mds_matrices: MdsMatrices<F>,
pub round_constants: Vec<F>,
pub domain_tag: F,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the domain_tag used for?

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is concatenated with hash input as the final hash input.

For example, if arity is 2, we have 2+1 hash inputs.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for now, domain tag is just 2^ARITY - 1

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this in the original spec? I thought you were supposed to zero-pad the input like this:

fn hash(x: T, y: T) -> T {
    poseidon_permutation_of_width_3(0, x, y)
}

BoyuanFeng and others added 9 commits January 20, 2022 20:05
because in plonk optimizations, we might need to combine some ARC with MDS for arity 3.
we can optimize this linear combination operation on plonk gate, specialized at ARITY
this optimization optimized ARITY-3 poseidon from 1124 to 433 gates
BoyuanFeng and others added 2 commits February 2, 2022 20:35
there is a bug during `verify_proof` though
@tsunrise tsunrise marked this pull request as ready for review February 18, 2022 07:46
@tsunrise
Copy link
Collaborator Author

moved to Manta-Network/manta-rs#57

@tsunrise tsunrise closed this Jun 27, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants