From 52ef850b52eebb917ed79726d770008962d78467 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Tue, 14 Feb 2023 13:39:57 -0600 Subject: [PATCH 1/9] Allow impls on primitives --- .../tests/test_data/7_function/src/main.nr | 2 +- .../tests/test_data/9_conditional/src/main.nr | 2 +- .../tests/test_data/array_len/src/main.nr | 8 +- .../higher-order-functions/src/main.nr | 10 +- .../tests/test_data/struct_inputs/src/main.nr | 4 +- .../tests/test_data/to_le_bytes/src/main.nr | 4 +- .../src/hir/def_collector/dc_crate.rs | 11 +- .../noirc_frontend/src/hir/type_check/expr.rs | 17 +- crates/noirc_frontend/src/node_interner.rs | 69 ++++- crates/noirc_frontend/src/parser/mod.rs | 18 +- noir_stdlib/src/array.nr | 91 +++---- noir_stdlib/src/field.nr | 37 ++- noir_stdlib/src/hash.nr | 239 +++++++++--------- noir_stdlib/src/lib.nr | 16 -- noir_stdlib/src/merkle.nr | 6 +- noir_stdlib/src/sha256.nr | 78 +++--- noir_stdlib/src/sha512.nr | 44 ++-- 17 files changed, 350 insertions(+), 306 deletions(-) diff --git a/crates/nargo/tests/test_data/7_function/src/main.nr b/crates/nargo/tests/test_data/7_function/src/main.nr index a57889838b7..96ca9759a8f 100644 --- a/crates/nargo/tests/test_data/7_function/src/main.nr +++ b/crates/nargo/tests/test_data/7_function/src/main.nr @@ -33,7 +33,7 @@ fn test2(z: Field, t: u32 ) { fn pow(base: Field, exponent: Field) -> Field { let mut r = 1 as Field; - let b = std::field::to_le_bits(exponent, 32 as u32); + let b = exponent.to_le_bits(32 as u32); for i in 1..33 { r = r*r; r = (b[32-i] as Field) * (r * base) + (1 - b[32-i] as Field) * r; diff --git a/crates/nargo/tests/test_data/9_conditional/src/main.nr b/crates/nargo/tests/test_data/9_conditional/src/main.nr index 80577b2a12e..6c01ebadfc9 100644 --- a/crates/nargo/tests/test_data/9_conditional/src/main.nr +++ b/crates/nargo/tests/test_data/9_conditional/src/main.nr @@ -64,7 +64,7 @@ fn main(a: u32, mut c: [u32; 4], x: [u8; 5], result: pub [u8; 32]){ let as_bits_hardcode_1 = [1, 0]; let mut c1 = 0; for i in 0..2 { - let mut as_bits = std::field::to_le_bits(arr[i] as Field, 2); + let mut as_bits = (arr[i] as Field).to_le_bits(2); c1 = c1 + as_bits[0] as Field; if i == 0 { diff --git a/crates/nargo/tests/test_data/array_len/src/main.nr b/crates/nargo/tests/test_data/array_len/src/main.nr index 2531bbc42fb..5311aced781 100644 --- a/crates/nargo/tests/test_data/array_len/src/main.nr +++ b/crates/nargo/tests/test_data/array_len/src/main.nr @@ -1,11 +1,11 @@ use dep::std; fn len_plus_1(array: [T]) -> Field { - std::array::len(array) + 1 + array.len() + 1 } fn add_lens(a: [T], b: [Field]) -> Field { - std::array::len(a) + std::array::len(b) + a.len() + b.len() } fn nested_call(b: [Field]) -> Field { @@ -19,13 +19,13 @@ fn main(len3: [u8; 3], len4: [Field; 4]) { constrain nested_call(len4) == 5; // std::array::len returns a comptime value - constrain len4[std::array::len(len3)] == 4; + constrain len4[len3.len()] == 4; // test for std::array::sort let mut unsorted = len3; unsorted[0] = len3[1]; unsorted[1] = len3[0]; constrain unsorted[0] > unsorted[1]; - let sorted = std::array::sort(unsorted); + let sorted = unsorted.sort(unsorted); constrain sorted[0] < sorted[1]; } diff --git a/crates/nargo/tests/test_data/higher-order-functions/src/main.nr b/crates/nargo/tests/test_data/higher-order-functions/src/main.nr index d0d23e6ef1a..356de9eb6d9 100644 --- a/crates/nargo/tests/test_data/higher-order-functions/src/main.nr +++ b/crates/nargo/tests/test_data/higher-order-functions/src/main.nr @@ -34,15 +34,15 @@ fn main() -> pub Field { /// Test the array functions in std::array fn test_array_functions() { let myarray: [i32; 3] = [1, 2, 3]; - constrain std::array::any(myarray, |n| n > 2); + constrain myarray.any(|n| n > 2); let evens: [i32; 3] = [2, 4, 6]; - constrain std::array::all(evens, |n| n > 1); + constrain evens.all(|n| n > 1); - constrain std::array::fold(evens, 0, |a, b| a + b) == 12; - constrain std::array::reduce(evens, |a, b| a + b) == 12; + constrain evens.fold(0, |a, b| a + b) == 12; + constrain evens.reduce(|a, b| a + b) == 12; - let descending = std::array::sort_via(myarray, |a, b| a > b); + let descending = myarray.sort_via(|a, b| a > b); constrain descending == [3, 2, 1]; } diff --git a/crates/nargo/tests/test_data/struct_inputs/src/main.nr b/crates/nargo/tests/test_data/struct_inputs/src/main.nr index 61637d95ca1..e022f26947c 100644 --- a/crates/nargo/tests/test_data/struct_inputs/src/main.nr +++ b/crates/nargo/tests/test_data/struct_inputs/src/main.nr @@ -13,7 +13,7 @@ fn main(x : Field, y : pub myStruct, z: pub foo::bar::barStruct, a: pub foo::foo check_inner_struct(a, z); - for i in 0..std::array::len(struct_from_bar.array) { + for i in 0 .. struct_from_bar.array.len() { constrain struct_from_bar.array[i] == z.array[i]; } constrain z.val == struct_from_bar.val; @@ -30,7 +30,7 @@ fn main(x : Field, y : pub myStruct, z: pub foo::bar::barStruct, a: pub foo::foo fn check_inner_struct(a: foo::fooStruct, z: foo::bar::barStruct) { constrain a.bar_struct.val == z.val; - for i in 0..std::array::len(a.bar_struct.array) { + for i in 0.. a.bar_struct.array.len() { constrain a.bar_struct.array[i] == z.array[i]; } } diff --git a/crates/nargo/tests/test_data/to_le_bytes/src/main.nr b/crates/nargo/tests/test_data/to_le_bytes/src/main.nr index 2fb86170230..a5476ec13bf 100644 --- a/crates/nargo/tests/test_data/to_le_bytes/src/main.nr +++ b/crates/nargo/tests/test_data/to_le_bytes/src/main.nr @@ -2,7 +2,7 @@ use dep::std; fn main(x : Field) -> pub [u8; 4] { // The result of this byte array will be little-endian - let byte_array = std::field::to_le_bytes(x, 31); + let byte_array = x.to_le_bytes(31); let mut first_four_bytes = [0; 4]; for i in 0..4 { first_four_bytes[i] = byte_array[i]; @@ -11,4 +11,4 @@ fn main(x : Field) -> pub [u8; 4] { // We were incorrectly mapping our output array from bit decomposition functions during acir generation first_four_bytes[3] = byte_array[31]; first_four_bytes -} \ No newline at end of file +} diff --git a/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs b/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs index 1c5dc4f178f..2a0efbf41a4 100644 --- a/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs +++ b/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs @@ -227,9 +227,14 @@ fn collect_impls( } } } else if typ != Type::Error { - let span = *span; - let error = DefCollectorErrorKind::NonStructTypeInImpl { span }; - errors.push(error.into_file_diagnostic(unresolved.file_id)) + if true + /* in std crate */ + { + } else { + let span = *span; + let error = DefCollectorErrorKind::NonStructTypeInImpl { span }; + errors.push(error.into_file_diagnostic(unresolved.file_id)) + } } } } diff --git a/crates/noirc_frontend/src/hir/type_check/expr.rs b/crates/noirc_frontend/src/hir/type_check/expr.rs index e292672cc3b..88f768a71af 100644 --- a/crates/noirc_frontend/src/hir/type_check/expr.rs +++ b/crates/noirc_frontend/src/hir/type_check/expr.rs @@ -369,13 +369,16 @@ fn lookup_method( // In the future we could support methods for non-struct types if we have a context // (in the interner?) essentially resembling HashMap - other => { - errors.push(TypeCheckError::Unstructured { - span: interner.expr_span(expr_id), - msg: format!("Type '{other}' must be a struct type to call methods on it"), - }); - None - } + other => match interner.lookup_primitive_method(other, method_name) { + Some(method_id) => Some(method_id), + None => { + errors.push(TypeCheckError::Unstructured { + span: interner.expr_span(expr_id), + msg: format!("No method named '{method_name}' found for type '{other}'",), + }); + None + } + }, } } diff --git a/crates/noirc_frontend/src/node_interner.rs b/crates/noirc_frontend/src/node_interner.rs index 35b3a7e7a52..c6b7f99f797 100644 --- a/crates/noirc_frontend/src/node_interner.rs +++ b/crates/noirc_frontend/src/node_interner.rs @@ -169,10 +169,11 @@ pub struct NodeInterner { delayed_type_checks: Vec, - // A map from a struct type and method name to a function id for the method - // along with any generic on the struct it may require. E.g. if the impl is - // only for `impl Foo` rather than all Foo, the generics will be `vec![String]`. - struct_methods: HashMap<(StructId, String), (Vec, FuncId)>, + /// A map from a struct type and method name to a function id for the method. + struct_methods: HashMap<(StructId, String), FuncId>, + + /// Methods on primitive types defined in the stdlib. + primitive_methods: HashMap<(TypeMethodKey, String), FuncId>, } type TypeCheckFn = Box Result<(), TypeCheckError>>; @@ -241,6 +242,7 @@ impl Default for NodeInterner { language: Language::R1CS, delayed_type_checks: vec![], struct_methods: HashMap::new(), + primitive_methods: HashMap::new(), }; // An empty block expression is used often, we add this into the `node` on startup @@ -585,16 +587,67 @@ impl NodeInterner { method_id: FuncId, ) -> Option { match self_type { - Type::Struct(struct_type, generics) => { + Type::Struct(struct_type, _generics) => { let key = (struct_type.borrow().id, method_name); - self.struct_methods.insert(key, (generics.clone(), method_id)).map(|(_, id)| id) + self.struct_methods.insert(key, method_id) + } + Type::Error => None, + + other => { + let key = get_type_method_key(self_type).unwrap_or_else(|| { + unreachable!("Cannot add a method to the unsupported type '{}'", other) + }); + self.primitive_methods.insert((key, method_name), method_id) } - other => unreachable!("Tried adding method to non-struct type '{}'", other), } } /// Search by name for a method on the given struct pub fn lookup_method(&self, id: StructId, method_name: &str) -> Option { - self.struct_methods.get(&(id, method_name.to_owned())).map(|(_, id)| *id) + self.struct_methods.get(&(id, method_name.to_owned())).copied() + } + + /// Looks up a given method name on the given primitive type. + pub fn lookup_primitive_method(&self, typ: &Type, method_name: &str) -> Option { + get_type_method_key(typ) + .and_then(|key| self.primitive_methods.get(&(key, method_name.to_owned())).copied()) + } +} + +/// These are the primitive type variants that we support adding methods to +#[derive(Copy, Clone, Hash, PartialEq, Eq)] +enum TypeMethodKey { + /// Fields and integers share methods for ease of use. These methods may still + /// accept only fields or integers, it is just that their names may not clash. + FieldOrInt, + Array, + Bool, + String, + Unit, + Tuple, + Function, +} + +fn get_type_method_key(typ: &Type) -> Option { + use TypeMethodKey::*; + let typ = typ.follow_bindings(); + match &typ { + Type::FieldElement(_) => Some(FieldOrInt), + Type::Array(_, _) => Some(Array), + Type::Integer(_, _, _) => Some(FieldOrInt), + Type::PolymorphicInteger(_, _) => Some(FieldOrInt), + Type::Bool(_) => Some(Bool), + Type::String(_) => Some(String), + Type::Unit => Some(Unit), + Type::Tuple(_) => Some(Tuple), + Type::Function(_, _) => Some(Function), + + // We do not support adding methods to these types + Type::TypeVariable(_) + | Type::NamedGeneric(_, _) + | Type::Forall(_, _) + | Type::Constant(_) + | Type::Error + | Type::Struct(_, _) => None, } } diff --git a/crates/noirc_frontend/src/parser/mod.rs b/crates/noirc_frontend/src/parser/mod.rs index 7b57018d533..20e24a6a55c 100644 --- a/crates/noirc_frontend/src/parser/mod.rs +++ b/crates/noirc_frontend/src/parser/mod.rs @@ -7,8 +7,8 @@ use std::sync::atomic::{AtomicU32, Ordering}; use crate::token::{Keyword, Token}; use crate::{ast::ImportStatement, Expression, NoirStruct}; use crate::{ - BlockExpression, CallExpression, ExpressionKind, ForExpression, Ident, IndexExpression, - LetStatement, NoirFunction, NoirImpl, Path, PathKind, Pattern, Recoverable, Statement, + BlockExpression, ExpressionKind, ForExpression, Ident, IndexExpression, LetStatement, + MethodCallExpression, NoirFunction, NoirImpl, Path, PathKind, Pattern, Recoverable, Statement, UnresolvedType, }; @@ -371,19 +371,15 @@ impl ForRange { expression: array, }); - let ident = |name: &str| Ident::new(name.to_string(), array_span); - - // std::array::len(array) + // array.len() let segments = vec![array_ident]; let array_ident = ExpressionKind::Variable(Path { segments, kind: PathKind::Plain }); - let segments = vec![ident("std"), ident("array"), ident("len")]; - let func_ident = ExpressionKind::Variable(Path { segments, kind: PathKind::Dep }); - - let end_range = ExpressionKind::Call(Box::new(CallExpression { - func: Box::new(Expression::new(func_ident, array_span)), - arguments: vec![Expression::new(array_ident.clone(), array_span)], + let end_range = ExpressionKind::MethodCall(Box::new(MethodCallExpression { + object: Expression::new(array_ident.clone(), array_span), + method_name: Ident::new("len".to_string(), array_span), + arguments: vec![], })); let end_range = Expression::new(end_range, array_span); diff --git a/noir_stdlib/src/array.nr b/noir_stdlib/src/array.nr index 125b044c0b2..f22339aec59 100644 --- a/noir_stdlib/src/array.nr +++ b/noir_stdlib/src/array.nr @@ -1,58 +1,61 @@ -#[builtin(array_len)] -fn len(_input : [T]) -> comptime Field {} -#[builtin(arraysort)] -fn sort(_a: [T; N]) -> [T; N] {} +impl [T; N] { + #[builtin(array_len)] + fn len(_array: Self) -> comptime Field {} -// Sort with a custom sorting function. -fn sort_via(mut a: [T; N], ordering: fn(T, T) -> bool) -> [T; N] { - for i in 1..len(a) { - for j in 0..i { - if ordering(a[i], a[j]) { - let old_a_j = a[j]; - a[j] = a[i]; - a[i] = old_a_j; + #[builtin(arraysort)] + fn sort(_array: Self) -> Self {} + + // Sort with a custom sorting function. + fn sort_via(mut a: Self, ordering: fn(T, T) -> bool) -> Self { + for i in 1 .. a.len() { + for j in 0..i { + if ordering(a[i], a[j]) { + let old_a_j = a[j]; + a[j] = a[i]; + a[i] = old_a_j; + } } } + a } - a -} -// Apply a function to each element of the array and an accumulator value, -// returning the final accumulated value. This function is also sometimes -// called `foldl`, `fold_left`, `reduce`, or `inject`. -fn fold(array: [T; N], mut accumulator: U, f: fn(U, T) -> U) -> U { - for i in 0 .. len(array) { - accumulator = f(accumulator, array[i]); + // Apply a function to each element of the array and an accumulator value, + // returning the final accumulated value. This function is also sometimes + // called `foldl`, `fold_left`, `reduce`, or `inject`. + fn fold(self, mut accumulator: U, f: fn(U, T) -> U) -> U { + for elem in self { + accumulator = f(accumulator, elem); + } + accumulator } - accumulator -} -// Apply a function to each element of the array and an accumulator value, -// returning the final accumulated value. Unlike fold, reduce uses the first -// element of the given array as its starting accumulator value. -fn reduce(array: [T; N], f: fn(T, T) -> T) -> T { - let mut accumulator = array[0]; - for i in 1 .. len(array) { - accumulator = f(accumulator, array[i]); + // Apply a function to each element of the array and an accumulator value, + // returning the final accumulated value. Unlike fold, reduce uses the first + // element of the given array as its starting accumulator value. + fn reduce(self, f: fn(T, T) -> T) -> T { + let mut accumulator = self[0]; + for i in 1 .. self.len() { + accumulator = f(accumulator, self[i]); + } + accumulator } - accumulator -} -// Returns true if all elements in the array satisfy the predicate -fn all(array: [T; N], predicate: fn(T) -> bool) -> bool { - let mut ret = true; - for i in 0 .. len(array) { - ret &= predicate(array[i]); + // Returns true if all elements in the array satisfy the predicate + fn all(self, predicate: fn(T) -> bool) -> bool { + let mut ret = true; + for elem in self { + ret &= predicate(elem); + } + ret } - ret -} -// Returns true if any element in the array satisfies the predicate -fn any(array: [T; N], predicate: fn(T) -> bool) -> bool { - let mut ret = false; - for i in 0 .. len(array) { - ret |= predicate(array[i]); + // Returns true if any element in the array satisfies the predicate + fn any(self, predicate: fn(T) -> bool) -> bool { + let mut ret = false; + for elem in self { + ret |= predicate(elem); + } + ret } - ret } diff --git a/noir_stdlib/src/field.nr b/noir_stdlib/src/field.nr index 0e8a5637842..0c6e33efb10 100644 --- a/noir_stdlib/src/field.nr +++ b/noir_stdlib/src/field.nr @@ -1,14 +1,31 @@ -#[builtin(to_le_bits)] -fn to_le_bits(_x : Field, _bit_size: u32) -> [u1] {} -fn to_le_bytes(x : Field, byte_size: u32) -> [u8] { - to_radix(x, 256, byte_size) -} +impl Field { + #[builtin(to_le_bits)] + fn to_le_bits(_x : Field, _bit_size: u32) -> [u1] {} + + fn to_le_bytes(x : Field, byte_size: u32) -> [u8] { + x.to_radix(256, byte_size) + } + + #[builtin(to_radix)] + //decompose _x into a _result_len vector over the _radix basis + //_radix must be less than 256 + fn to_radix(_x : Field, _radix: u32, _result_len: u32) -> [u8] {} -#[builtin(to_radix)] -//decompose _x into a _result_len vector over the _radix basis -//_radix must be less than 256 -fn to_radix(_x : Field, _radix: u32, _result_len: u32) -> [u8] {} + // Returns self to the power of the given exponent value. + // Caution: we assume the exponent fits into 32 bits + // using a bigger bit size impacts negatively the performance and should be done only if the exponent does not fit in 32 bits + fn pow_32(self, exponent: Field) -> Field { + let mut r: Field = 1; + let b = exponent.to_le_bits(32); + + for i in 1..33 { + r *= r; + r = (b[32-i] as Field) * (r * self) + (1 - b[32-i] as Field) * r; + } + r + } +} #[builtin(modulus_num_bits)] fn modulus_num_bits() -> comptime Field {} @@ -23,4 +40,4 @@ fn modulus_le_bits() -> [u1] {} fn modulus_be_bytes() -> [u8] {} #[builtin(modulus_le_bytes)] -fn modulus_le_bytes() -> [u8] {} \ No newline at end of file +fn modulus_le_bytes() -> [u8] {} diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr index 40e9ef4511e..d5768dd9f2c 100644 --- a/noir_stdlib/src/hash.nr +++ b/noir_stdlib/src/hash.nr @@ -1,14 +1,19 @@ -#[foreign(sha256)] -fn sha256(_input : [u8]) -> [u8; 32] {} -#[foreign(blake2s)] -fn blake2s(_input : [u8]) -> [u8; 32] {} +impl [u8; N] { + #[foreign(sha256)] + fn sha256(_input : [u8; N]) -> [u8; 32] {} -#[foreign(pedersen)] -fn pedersen(_input : [Field]) -> [Field; 2] {} + #[foreign(blake2s)] + fn blake2s(_input : [u8; N]) -> [u8; 32] {} +} + +impl [Field; N] { + #[foreign(pedersen)] + fn pedersen(_input : [Field; N]) -> [Field; 2] {} -#[foreign(hash_to_field_128_security)] -fn hash_to_field(_input : [Field]) -> Field {} + #[foreign(hash_to_field_128_security)] + fn hash_to_field(_input : [Field; N]) -> Field {} +} // mimc-p/p implementation // constants are (publicly generated) random numbers, for instance using keccak as a ROM. @@ -18,120 +23,122 @@ fn hash_to_field(_input : [Field]) -> Field {} fn mimc(x: Field, k: Field, constants: [Field], exp : Field) -> Field { //round 0 let mut t = x + k; - let mut h = crate::pow_32(t,exp); + let mut h = t.pow_32(exp); //next rounds - for i in 1..crate::array::len(constants) { + for i in 1 .. constants.len() { t = h + k + constants[i]; - h = crate::pow_32(t,exp); + h = t.pow_32(exp); }; h + k } global MIMC_BN254_ROUNDS = 91; -//mimc implementation with hardcoded parameters for BN254 curve. -fn mimc_bn254(x: [Field]) -> Field { - //mimc parameters - let exponent = 7; - //generated from seed "mimc" using keccak256 - let constants: [Field; MIMC_BN254_ROUNDS] = [ - 0, - 20888961410941983456478427210666206549300505294776164667214940546594746570981, - 15265126113435022738560151911929040668591755459209400716467504685752745317193, - 8334177627492981984476504167502758309043212251641796197711684499645635709656, - 1374324219480165500871639364801692115397519265181803854177629327624133579404, - 11442588683664344394633565859260176446561886575962616332903193988751292992472, - 2558901189096558760448896669327086721003508630712968559048179091037845349145, - 11189978595292752354820141775598510151189959177917284797737745690127318076389, - 3262966573163560839685415914157855077211340576201936620532175028036746741754, - 17029914891543225301403832095880481731551830725367286980611178737703889171730, - 4614037031668406927330683909387957156531244689520944789503628527855167665518, - 19647356996769918391113967168615123299113119185942498194367262335168397100658, - 5040699236106090655289931820723926657076483236860546282406111821875672148900, - 2632385916954580941368956176626336146806721642583847728103570779270161510514, - 17691411851977575435597871505860208507285462834710151833948561098560743654671, - 11482807709115676646560379017491661435505951727793345550942389701970904563183, - 8360838254132998143349158726141014535383109403565779450210746881879715734773, - 12663821244032248511491386323242575231591777785787269938928497649288048289525, - 3067001377342968891237590775929219083706800062321980129409398033259904188058, - 8536471869378957766675292398190944925664113548202769136103887479787957959589, - 19825444354178182240559170937204690272111734703605805530888940813160705385792, - 16703465144013840124940690347975638755097486902749048533167980887413919317592, - 13061236261277650370863439564453267964462486225679643020432589226741411380501, - 10864774797625152707517901967943775867717907803542223029967000416969007792571, - 10035653564014594269791753415727486340557376923045841607746250017541686319774, - 3446968588058668564420958894889124905706353937375068998436129414772610003289, - 4653317306466493184743870159523234588955994456998076243468148492375236846006, - 8486711143589723036499933521576871883500223198263343024003617825616410932026, - 250710584458582618659378487568129931785810765264752039738223488321597070280, - 2104159799604932521291371026105311735948154964200596636974609406977292675173, - 16313562605837709339799839901240652934758303521543693857533755376563489378839, - 6032365105133504724925793806318578936233045029919447519826248813478479197288, - 14025118133847866722315446277964222215118620050302054655768867040006542798474, - 7400123822125662712777833064081316757896757785777291653271747396958201309118, - 1744432620323851751204287974553233986555641872755053103823939564833813704825, - 8316378125659383262515151597439205374263247719876250938893842106722210729522, - 6739722627047123650704294650168547689199576889424317598327664349670094847386, - 21211457866117465531949733809706514799713333930924902519246949506964470524162, - 13718112532745211817410303291774369209520657938741992779396229864894885156527, - 5264534817993325015357427094323255342713527811596856940387954546330728068658, - 18884137497114307927425084003812022333609937761793387700010402412840002189451, - 5148596049900083984813839872929010525572543381981952060869301611018636120248, - 19799686398774806587970184652860783461860993790013219899147141137827718662674, - 19240878651604412704364448729659032944342952609050243268894572835672205984837, - 10546185249390392695582524554167530669949955276893453512788278945742408153192, - 5507959600969845538113649209272736011390582494851145043668969080335346810411, - 18177751737739153338153217698774510185696788019377850245260475034576050820091, - 19603444733183990109492724100282114612026332366576932662794133334264283907557, - 10548274686824425401349248282213580046351514091431715597441736281987273193140, - 1823201861560942974198127384034483127920205835821334101215923769688644479957, - 11867589662193422187545516240823411225342068709600734253659804646934346124945, - 18718569356736340558616379408444812528964066420519677106145092918482774343613, - 10530777752259630125564678480897857853807637120039176813174150229243735996839, - 20486583726592018813337145844457018474256372770211860618687961310422228379031, - 12690713110714036569415168795200156516217175005650145422920562694422306200486, - 17386427286863519095301372413760745749282643730629659997153085139065756667205, - 2216432659854733047132347621569505613620980842043977268828076165669557467682, - 6309765381643925252238633914530877025934201680691496500372265330505506717193, - 20806323192073945401862788605803131761175139076694468214027227878952047793390, - 4037040458505567977365391535756875199663510397600316887746139396052445718861, - 19948974083684238245321361840704327952464170097132407924861169241740046562673, - 845322671528508199439318170916419179535949348988022948153107378280175750024, - 16222384601744433420585982239113457177459602187868460608565289920306145389382, - 10232118865851112229330353999139005145127746617219324244541194256766741433339, - 6699067738555349409504843460654299019000594109597429103342076743347235369120, - 6220784880752427143725783746407285094967584864656399181815603544365010379208, - 6129250029437675212264306655559561251995722990149771051304736001195288083309, - 10773245783118750721454994239248013870822765715268323522295722350908043393604, - 4490242021765793917495398271905043433053432245571325177153467194570741607167, - 19596995117319480189066041930051006586888908165330319666010398892494684778526, - 837850695495734270707668553360118467905109360511302468085569220634750561083, - 11803922811376367215191737026157445294481406304781326649717082177394185903907, - 10201298324909697255105265958780781450978049256931478989759448189112393506592, - 13564695482314888817576351063608519127702411536552857463682060761575100923924, - 9262808208636973454201420823766139682381973240743541030659775288508921362724, - 173271062536305557219323722062711383294158572562695717740068656098441040230, - 18120430890549410286417591505529104700901943324772175772035648111937818237369, - 20484495168135072493552514219686101965206843697794133766912991150184337935627, - 19155651295705203459475805213866664350848604323501251939850063308319753686505, - 11971299749478202793661982361798418342615500543489781306376058267926437157297, - 18285310723116790056148596536349375622245669010373674803854111592441823052978, - 7069216248902547653615508023941692395371990416048967468982099270925308100727, - 6465151453746412132599596984628739550147379072443683076388208843341824127379, - 16143532858389170960690347742477978826830511669766530042104134302796355145785, - 19362583304414853660976404410208489566967618125972377176980367224623492419647, - 1702213613534733786921602839210290505213503664731919006932367875629005980493, - 10781825404476535814285389902565833897646945212027592373510689209734812292327, - 4212716923652881254737947578600828255798948993302968210248673545442808456151, - 7594017890037021425366623750593200398174488805473151513558919864633711506220, - 18979889247746272055963929241596362599320706910852082477600815822482192194401, - 13602139229813231349386885113156901793661719180900395818909719758150455500533, - ]; - - let mut r = 0; - for i in 0 .. crate::array::len(x) { - let h = mimc(x[i], r, constants, exponent); - r = r + x[i] + h; - }; - r +impl [Field; N] { + //mimc implementation with hardcoded parameters for BN254 curve. + fn mimc_bn254(self) -> Field { + //mimc parameters + let exponent = 7; + //generated from seed "mimc" using keccak256 + let constants: [Field; MIMC_BN254_ROUNDS] = [ + 0, + 20888961410941983456478427210666206549300505294776164667214940546594746570981, + 15265126113435022738560151911929040668591755459209400716467504685752745317193, + 8334177627492981984476504167502758309043212251641796197711684499645635709656, + 1374324219480165500871639364801692115397519265181803854177629327624133579404, + 11442588683664344394633565859260176446561886575962616332903193988751292992472, + 2558901189096558760448896669327086721003508630712968559048179091037845349145, + 11189978595292752354820141775598510151189959177917284797737745690127318076389, + 3262966573163560839685415914157855077211340576201936620532175028036746741754, + 17029914891543225301403832095880481731551830725367286980611178737703889171730, + 4614037031668406927330683909387957156531244689520944789503628527855167665518, + 19647356996769918391113967168615123299113119185942498194367262335168397100658, + 5040699236106090655289931820723926657076483236860546282406111821875672148900, + 2632385916954580941368956176626336146806721642583847728103570779270161510514, + 17691411851977575435597871505860208507285462834710151833948561098560743654671, + 11482807709115676646560379017491661435505951727793345550942389701970904563183, + 8360838254132998143349158726141014535383109403565779450210746881879715734773, + 12663821244032248511491386323242575231591777785787269938928497649288048289525, + 3067001377342968891237590775929219083706800062321980129409398033259904188058, + 8536471869378957766675292398190944925664113548202769136103887479787957959589, + 19825444354178182240559170937204690272111734703605805530888940813160705385792, + 16703465144013840124940690347975638755097486902749048533167980887413919317592, + 13061236261277650370863439564453267964462486225679643020432589226741411380501, + 10864774797625152707517901967943775867717907803542223029967000416969007792571, + 10035653564014594269791753415727486340557376923045841607746250017541686319774, + 3446968588058668564420958894889124905706353937375068998436129414772610003289, + 4653317306466493184743870159523234588955994456998076243468148492375236846006, + 8486711143589723036499933521576871883500223198263343024003617825616410932026, + 250710584458582618659378487568129931785810765264752039738223488321597070280, + 2104159799604932521291371026105311735948154964200596636974609406977292675173, + 16313562605837709339799839901240652934758303521543693857533755376563489378839, + 6032365105133504724925793806318578936233045029919447519826248813478479197288, + 14025118133847866722315446277964222215118620050302054655768867040006542798474, + 7400123822125662712777833064081316757896757785777291653271747396958201309118, + 1744432620323851751204287974553233986555641872755053103823939564833813704825, + 8316378125659383262515151597439205374263247719876250938893842106722210729522, + 6739722627047123650704294650168547689199576889424317598327664349670094847386, + 21211457866117465531949733809706514799713333930924902519246949506964470524162, + 13718112532745211817410303291774369209520657938741992779396229864894885156527, + 5264534817993325015357427094323255342713527811596856940387954546330728068658, + 18884137497114307927425084003812022333609937761793387700010402412840002189451, + 5148596049900083984813839872929010525572543381981952060869301611018636120248, + 19799686398774806587970184652860783461860993790013219899147141137827718662674, + 19240878651604412704364448729659032944342952609050243268894572835672205984837, + 10546185249390392695582524554167530669949955276893453512788278945742408153192, + 5507959600969845538113649209272736011390582494851145043668969080335346810411, + 18177751737739153338153217698774510185696788019377850245260475034576050820091, + 19603444733183990109492724100282114612026332366576932662794133334264283907557, + 10548274686824425401349248282213580046351514091431715597441736281987273193140, + 1823201861560942974198127384034483127920205835821334101215923769688644479957, + 11867589662193422187545516240823411225342068709600734253659804646934346124945, + 18718569356736340558616379408444812528964066420519677106145092918482774343613, + 10530777752259630125564678480897857853807637120039176813174150229243735996839, + 20486583726592018813337145844457018474256372770211860618687961310422228379031, + 12690713110714036569415168795200156516217175005650145422920562694422306200486, + 17386427286863519095301372413760745749282643730629659997153085139065756667205, + 2216432659854733047132347621569505613620980842043977268828076165669557467682, + 6309765381643925252238633914530877025934201680691496500372265330505506717193, + 20806323192073945401862788605803131761175139076694468214027227878952047793390, + 4037040458505567977365391535756875199663510397600316887746139396052445718861, + 19948974083684238245321361840704327952464170097132407924861169241740046562673, + 845322671528508199439318170916419179535949348988022948153107378280175750024, + 16222384601744433420585982239113457177459602187868460608565289920306145389382, + 10232118865851112229330353999139005145127746617219324244541194256766741433339, + 6699067738555349409504843460654299019000594109597429103342076743347235369120, + 6220784880752427143725783746407285094967584864656399181815603544365010379208, + 6129250029437675212264306655559561251995722990149771051304736001195288083309, + 10773245783118750721454994239248013870822765715268323522295722350908043393604, + 4490242021765793917495398271905043433053432245571325177153467194570741607167, + 19596995117319480189066041930051006586888908165330319666010398892494684778526, + 837850695495734270707668553360118467905109360511302468085569220634750561083, + 11803922811376367215191737026157445294481406304781326649717082177394185903907, + 10201298324909697255105265958780781450978049256931478989759448189112393506592, + 13564695482314888817576351063608519127702411536552857463682060761575100923924, + 9262808208636973454201420823766139682381973240743541030659775288508921362724, + 173271062536305557219323722062711383294158572562695717740068656098441040230, + 18120430890549410286417591505529104700901943324772175772035648111937818237369, + 20484495168135072493552514219686101965206843697794133766912991150184337935627, + 19155651295705203459475805213866664350848604323501251939850063308319753686505, + 11971299749478202793661982361798418342615500543489781306376058267926437157297, + 18285310723116790056148596536349375622245669010373674803854111592441823052978, + 7069216248902547653615508023941692395371990416048967468982099270925308100727, + 6465151453746412132599596984628739550147379072443683076388208843341824127379, + 16143532858389170960690347742477978826830511669766530042104134302796355145785, + 19362583304414853660976404410208489566967618125972377176980367224623492419647, + 1702213613534733786921602839210290505213503664731919006932367875629005980493, + 10781825404476535814285389902565833897646945212027592373510689209734812292327, + 4212716923652881254737947578600828255798948993302968210248673545442808456151, + 7594017890037021425366623750593200398174488805473151513558919864633711506220, + 18979889247746272055963929241596362599320706910852082477600815822482192194401, + 13602139229813231349386885113156901793661719180900395818909719758150455500533, + ]; + + let mut r = 0; + for elem in self { + let h = mimc(elem, r, constants, exponent); + r = r + elem + h; + } + r + } } diff --git a/noir_stdlib/src/lib.nr b/noir_stdlib/src/lib.nr index 3435dfc0f5a..d896aca5044 100644 --- a/noir_stdlib/src/lib.nr +++ b/noir_stdlib/src/lib.nr @@ -7,19 +7,3 @@ mod scalar_mul; mod sha256; mod sha512; mod field; - -// Returns base^exponent. -// ^ means to the power of and not xor -// Caution: we assume the exponent fits into 32 bits -// using a bigger bit size impacts negatively the performance and should be done only if the exponent does not fit in 32 bits -fn pow_32(base: Field, exponent: Field) -> Field { - let mut r = 1 as Field; - let b = field::to_le_bits(exponent, 32); - - for i in 1..33 { - r = r*r; - r = (b[32-i] as Field) * (r * base) + (1 - b[32-i] as Field) * r; - }; - r -} - diff --git a/noir_stdlib/src/merkle.nr b/noir_stdlib/src/merkle.nr index 7b6db21d755..73f42f8ba8d 100644 --- a/noir_stdlib/src/merkle.nr +++ b/noir_stdlib/src/merkle.nr @@ -16,8 +16,8 @@ fn check_membership_in_noir(root : Field, leaf : Field, index : Field, hash_path // Returns the root of the tree from the provided leaf and its hashpath, using pedersen hash fn compute_root_from_leaf(leaf : Field, index : Field, hash_path: [Field]) -> Field { - let n = crate::array::len(hash_path); - let index_bits = crate::field::to_le_bits(index, n as u32); + let n = hash_path.len(); + let index_bits = index.to_le_bits(n as u32); let mut current = leaf; for i in 0..n { let path_bit = index_bits[i] as bool; @@ -27,7 +27,7 @@ fn compute_root_from_leaf(leaf : Field, index : Field, hash_path: [Field]) -> Fi (current, hash_path[i]) }; - current = crate::hash::pedersen([hash_left, hash_right])[0]; + current = [hash_left, hash_right].pedersen()[0]; }; current } diff --git a/noir_stdlib/src/sha256.nr b/noir_stdlib/src/sha256.nr index 8d2d0d12e4d..2df84efa1ba 100644 --- a/noir_stdlib/src/sha256.nr +++ b/noir_stdlib/src/sha256.nr @@ -100,30 +100,26 @@ fn msg_u8_to_u32(msg: [u8; 64]) -> [u32; 16] // SHA-256 hash function #[alternative(sha256)] -fn digest(msg: [u8]) -> [u8; 32] -{ +fn digest(msg: [u8]) -> [u8; 32] { let mut msg_block: [u8; 64] = [0; 64]; let mut h: [u32; 8] = [1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]; // Intermediate hash, starting with the canonical initial value let mut c: [u32; 8] = [0; 8]; // Compression of current message block as sequence of u32 let mut out_h: [u8; 32] = [0; 32]; // Digest as sequence of bytes let mut i = 0; // Message byte pointer - for k in 0..crate::array::len(msg) - { + for k in 0 .. msg.len() { // Populate msg_block msg_block[i] = msg[k]; i = i + 1; - if i == 64 // Enough to hash block - { + if i == 64 { // Enough to hash block c = sha_c(msg_u8_to_u32(msg_block), h); - for j in 0..8 - { + for j in 0..8 { h[j] = c[j] + h[j]; - }; + } i = 0; } - }; + } // Pad the rest such that we have a [u32; 2] block at the end representing the length // of the message, and a block of 1 0 ... 0 following the message (i.e. [1 << 7, 0, ..., 0]). @@ -132,64 +128,52 @@ fn digest(msg: [u8]) -> [u8; 32] // If i >= 57, there aren't enough bits in the current message block to accomplish this, so // the 1 and 0s fill up the current block, which we then compress accordingly. - if i >= 57 // Not enough bits (64) to store length. Fill up with zeros. - { - if i < 64 - { - for _i in 57..64 - { - if i <= 63 - { + if i >= 57 { // Not enough bits (64) to store length. Fill up with zeros. + if i < 64 { + for _i in 57..64 { + if i <= 63 { msg_block[i] = 0; - i = i + 1; + i += 1; } - }; + } } c = h; c = sha_c(msg_u8_to_u32(msg_block), c); - for j in 0..8 - { + for j in 0..8 { h[j] = c[j] + h[j]; - }; + } i = 0; } - for _i in 0..64 // In any case, fill blocks up with zeros until the last 64 (i.e. until i = 56). - { - if i < 56 - { + for _i in 0..64 {// In any case, fill blocks up with zeros until the last 64 (i.e. until i = 56). + if i < 56 { msg_block[i] = 0; i = i + 1; - } else if i < 64 - { - let mut len = 8*crate::array::len(msg) as u64; - for j in 0..8 - { - msg_block[63 - j] = len as u8; - len = len >> 8; - }; - i = i + 8; - } - }; + } else if i < 64 { + let mut len = 8 * msg.len() as u64; + for j in 0..8 { + msg_block[63 - j] = len as u8; + len = len >> 8; + }; + i = i + 8; + } + } // Hash final padded block c = h; c = sha_c(msg_u8_to_u32(msg_block), c); - for j in 0..8 - { + for j in 0..8 { h[j] = c[j] + h[j]; - }; + } // Return final hash as byte array - for j in 0..8 - { - for k in 0..4 - { + for j in 0..8 { + for k in 0..4 { out_h[31 - 4*j - k] = h[7 - j] as u8; h[7-j] = h[7-j] >> 8; - }; - }; + } + } out_h } diff --git a/noir_stdlib/src/sha512.nr b/noir_stdlib/src/sha512.nr index 45ca27b855d..b6b26962ca7 100644 --- a/noir_stdlib/src/sha512.nr +++ b/noir_stdlib/src/sha512.nr @@ -106,8 +106,7 @@ fn digest(msg: [u8]) -> [u8; 64] let mut out_h: [u8; 64] = [0; 64]; // Digest as sequence of bytes let mut i = 0; // Message byte pointer - for k in 0..crate::array::len(msg) - { + for k in 0 .. msg.len() { // Populate msg_block msg_block[i] = msg[k]; i = i + 1; @@ -153,40 +152,33 @@ fn digest(msg: [u8]) -> [u8; 64] i = 0; } - for _i in 0..128 // In any case, fill blocks up with zeros until the last 128 (i.e. until i = 112). - { - if i < 112 - { + for _i in 0..128 {// In any case, fill blocks up with zeros until the last 128 (i.e. until i = 112). + if i < 112 { msg_block[i] = 0; - i = i + 1; - } else if i < 128 - { - let mut len = 8*crate::array::len(msg) as u64; // u128 unsupported - for j in 0..16 - { - msg_block[127 - j] = len as u8; - len = len >> 8; - }; - i = i + 16; // Done. + i += 1; + } else if i < 128 { + let mut len = 8 * msg.len() as u64; // u128 unsupported + for j in 0..16 { + msg_block[127 - j] = len as u8; + len = len >> 8; } - }; + i += 16; // Done. + } + } // Hash final padded block c = sha_c(msg_u8_to_u64(msg_block), h); - for j in 0..8 - { + for j in 0..8 { h[j] = c[j] + h[j]; - }; + } // Return final hash as byte array - for j in 0..8 - { - for k in 0..8 - { + for j in 0..8 { + for k in 0..8 { out_h[63 - 8*j - k] = h[7 - j] as u8; h[7-j] = h[7-j] >> 8; - }; - }; + } + } out_h } From 2c94b253c41341f4ac15af0c27e5ee791011d744 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Tue, 14 Feb 2023 14:47:29 -0600 Subject: [PATCH 2/9] Update extra tests --- crates/nargo/tests/compile_tests_data/pass/basic_import.nr | 2 +- crates/nargo/tests/target_tests_data/pass/import/src/main.nr | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/crates/nargo/tests/compile_tests_data/pass/basic_import.nr b/crates/nargo/tests/compile_tests_data/pass/basic_import.nr index 212d0f13590..a473900a3ed 100644 --- a/crates/nargo/tests/compile_tests_data/pass/basic_import.nr +++ b/crates/nargo/tests/compile_tests_data/pass/basic_import.nr @@ -4,7 +4,7 @@ use dep::std; use crate::import::hello; fn main(x : Field, y : Field) { - let _k = std::hash::pedersen([x]); + let _k = [x].pedersen(); let _l = hello(x); constrain x != import::hello(y); diff --git a/crates/nargo/tests/target_tests_data/pass/import/src/main.nr b/crates/nargo/tests/target_tests_data/pass/import/src/main.nr index 212d0f13590..10bb4d263e1 100644 --- a/crates/nargo/tests/target_tests_data/pass/import/src/main.nr +++ b/crates/nargo/tests/target_tests_data/pass/import/src/main.nr @@ -1,10 +1,8 @@ mod import; -use dep::std; - use crate::import::hello; fn main(x : Field, y : Field) { - let _k = std::hash::pedersen([x]); + let _k = [x].pedersen(); let _l = hello(x); constrain x != import::hello(y); From 8f5796b564d3499434b53b7c0e668c6988fbc148 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Tue, 14 Feb 2023 15:10:32 -0600 Subject: [PATCH 3/9] Fix pedersen calls --- crates/nargo/tests/test_data/pedersen_check/src/main.nr | 6 +++--- crates/nargo/tests/test_data/simple_shield/src/main.nr | 6 +++--- crates/nargo/tests/test_data/strings/src/main.nr | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/crates/nargo/tests/test_data/pedersen_check/src/main.nr b/crates/nargo/tests/test_data/pedersen_check/src/main.nr index b727112ce55..61c6a4a80d2 100644 --- a/crates/nargo/tests/test_data/pedersen_check/src/main.nr +++ b/crates/nargo/tests/test_data/pedersen_check/src/main.nr @@ -1,7 +1,7 @@ use dep::std; fn main(x: Field, y: Field, salt: Field, out_x: Field, out_y: Field ) { - let res = std::hash::pedersen([x, y]); + let res = [x, y].pedersen(); constrain res[0] == out_x; constrain res[1] == out_y; @@ -11,7 +11,7 @@ fn main(x: Field, y: Field, salt: Field, out_x: Field, out_y: Field ) { state = state * 8 + raw_data[i]; } state += salt; - let hash = std::hash::pedersen([state]); - constrain std::hash::pedersen([43])[0] == hash[0]; + let hash = [state].pedersen(); + constrain [43].pedersen()[0] == hash[0]; } diff --git a/crates/nargo/tests/test_data/simple_shield/src/main.nr b/crates/nargo/tests/test_data/simple_shield/src/main.nr index 20d41481c7e..2a00d1e02fb 100644 --- a/crates/nargo/tests/test_data/simple_shield/src/main.nr +++ b/crates/nargo/tests/test_data/simple_shield/src/main.nr @@ -20,13 +20,13 @@ fn main( let pubkey_y = pubkey[1]; // Compute input note commitment - let note_commitment = std::hash::pedersen([pubkey_x, pubkey_y]); + let note_commitment = [pubkey_x, pubkey_y].pedersen(); // Compute input note nullifier - let nullifier = std::hash::pedersen([note_commitment[0], index, priv_key]); + let nullifier = [note_commitment[0], index, priv_key].pedersen(); // Compute output note nullifier - let receiver_note_commitment = std::hash::pedersen([to_pubkey_x, to_pubkey_y]); + let receiver_note_commitment = [to_pubkey_x, to_pubkey_y].pedersen(); // Check that the input note nullifier is in the root let is_member = std::merkle::check_membership(note_root, note_commitment[0], index, note_hash_path); diff --git a/crates/nargo/tests/test_data/strings/src/main.nr b/crates/nargo/tests/test_data/strings/src/main.nr index a22ad06af0f..dce3c670a66 100644 --- a/crates/nargo/tests/test_data/strings/src/main.nr +++ b/crates/nargo/tests/test_data/strings/src/main.nr @@ -19,7 +19,7 @@ fn main(message : pub str<11>, y : Field, hex_as_string : str<4>, hex_as_field : std::println(bad_message); constrain message != bad_message; - let hash = std::hash::pedersen([x]); + let hash = [x].pedersen(); std::println(hash); constrain hex_as_string == "0x41"; @@ -45,7 +45,7 @@ fn test_prints_array() { std::println(array); - let hash = std::hash::pedersen(array); + let hash = array.pedersen(); std::println(hash); } @@ -53,4 +53,4 @@ struct Test { a: Field, b: Field, c: [Field; 2], -} \ No newline at end of file +} From 0504edebec6615c775789a78b467534e7b6d98a8 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Tue, 14 Feb 2023 15:54:04 -0600 Subject: [PATCH 4/9] Fix remaining test errors --- crates/nargo/tests/test_data/6/src/main.nr | 6 +++--- crates/nargo/tests/test_data/7/src/main.nr | 2 +- crates/nargo/tests/test_data/9_conditional/src/main.nr | 6 +++--- crates/nargo/tests/test_data/array_len/src/main.nr | 2 +- crates/nargo/tests/test_data/hash_to_field/src/main.nr | 4 ++-- crates/nargo/tests/test_data/merkle_insert/src/main.nr | 2 +- crates/nargo/tests/test_data/sha256/src/main.nr | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/crates/nargo/tests/test_data/6/src/main.nr b/crates/nargo/tests/test_data/6/src/main.nr index 61be34e6d88..071ec719bec 100644 --- a/crates/nargo/tests/test_data/6/src/main.nr +++ b/crates/nargo/tests/test_data/6/src/main.nr @@ -9,12 +9,12 @@ use dep::std; fn main(x: [u8; 5], result: pub [u8; 32]) { - let mut digest = std::hash::sha256(x); + let mut digest = x.sha256(); digest[0] = 5 as u8; - digest = std::hash::sha256(x); + digest = x.sha256(); constrain digest == result; let y = [12,45,78,41]; - let h = std::hash::mimc_bn254(y); + let h = y.mimc_bn254(); constrain h == 18226366069841799622585958305961373004333097209608110160936134895615261821931; } diff --git a/crates/nargo/tests/test_data/7/src/main.nr b/crates/nargo/tests/test_data/7/src/main.nr index ec01ea7c4be..61e761dbfad 100644 --- a/crates/nargo/tests/test_data/7/src/main.nr +++ b/crates/nargo/tests/test_data/7/src/main.nr @@ -5,6 +5,6 @@ use dep::std; fn main(x: [u8; 5], result: [u8; 32]) { - let digest = std::hash::blake2s(x); + let digest = x.blake2s(); constrain digest == result; } diff --git a/crates/nargo/tests/test_data/9_conditional/src/main.nr b/crates/nargo/tests/test_data/9_conditional/src/main.nr index 6c01ebadfc9..c703436d042 100644 --- a/crates/nargo/tests/test_data/9_conditional/src/main.nr +++ b/crates/nargo/tests/test_data/9_conditional/src/main.nr @@ -14,9 +14,9 @@ fn sort(mut a: [u32; 4]) -> [u32; 4] { } fn call_intrinsic(x: [u8; 5], result: [u8; 32]) { - let mut digest = std::hash::sha256(x); + let mut digest = x.sha256(); digest[0] = 5 as u8; - digest = std::hash::sha256(x); + digest = x.sha256(); constrain digest == result; } @@ -137,7 +137,7 @@ fn main(a: u32, mut c: [u32; 4], x: [u8; 5], result: pub [u8; 32]){ let mut y = 0; if a == 0 { - let digest = std::hash::sha256(x); + let digest = x.sha256(); y = digest[0]; } else { y = 5; diff --git a/crates/nargo/tests/test_data/array_len/src/main.nr b/crates/nargo/tests/test_data/array_len/src/main.nr index 5311aced781..7ed9ebfd1c9 100644 --- a/crates/nargo/tests/test_data/array_len/src/main.nr +++ b/crates/nargo/tests/test_data/array_len/src/main.nr @@ -26,6 +26,6 @@ fn main(len3: [u8; 3], len4: [Field; 4]) { unsorted[0] = len3[1]; unsorted[1] = len3[0]; constrain unsorted[0] > unsorted[1]; - let sorted = unsorted.sort(unsorted); + let sorted = unsorted.sort(); constrain sorted[0] < sorted[1]; } diff --git a/crates/nargo/tests/test_data/hash_to_field/src/main.nr b/crates/nargo/tests/test_data/hash_to_field/src/main.nr index 2b7d59cd8b6..6f9bd83910f 100644 --- a/crates/nargo/tests/test_data/hash_to_field/src/main.nr +++ b/crates/nargo/tests/test_data/hash_to_field/src/main.nr @@ -1,5 +1,5 @@ use dep::std; fn main(input : Field) -> pub Field { - std::hash::hash_to_field([input]) -} \ No newline at end of file + [input].hash_to_field() +} diff --git a/crates/nargo/tests/test_data/merkle_insert/src/main.nr b/crates/nargo/tests/test_data/merkle_insert/src/main.nr index 6078bef79d6..64bfa58f55f 100644 --- a/crates/nargo/tests/test_data/merkle_insert/src/main.nr +++ b/crates/nargo/tests/test_data/merkle_insert/src/main.nr @@ -15,7 +15,7 @@ fn main( let new_leaf_exists = std::merkle::check_membership(new_root, leaf, index, old_hash_path); constrain new_leaf_exists == 1; - let h = std::hash::mimc_bn254(mimc_input); + let h = mimc_input.mimc_bn254(); constrain h == 18226366069841799622585958305961373004333097209608110160936134895615261821931; } diff --git a/crates/nargo/tests/test_data/sha256/src/main.nr b/crates/nargo/tests/test_data/sha256/src/main.nr index bf2249c4faf..00734bd5b27 100644 --- a/crates/nargo/tests/test_data/sha256/src/main.nr +++ b/crates/nargo/tests/test_data/sha256/src/main.nr @@ -14,6 +14,6 @@ use dep::std; fn main(x: Field, result: [u8; 32]) { // We use the `as` keyword here to denote the fact that we want to take just the first byte from the x Field // The padding is taken care of by the program - let digest = std::hash::sha256([x as u8]); + let digest = [x as u8].sha256(); constrain digest == result; } From 30b66c8c314f980c8144903b8139029f13344ca1 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Wed, 15 Feb 2023 08:27:12 -0600 Subject: [PATCH 5/9] Turn hash methods back into functions --- crates/nargo/tests/test_data/6/src/main.nr | 6 +- crates/nargo/tests/test_data/7/src/main.nr | 2 +- .../tests/test_data/9_conditional/src/main.nr | 9 +- .../tests/test_data/hash_to_field/src/main.nr | 2 +- .../tests/test_data/merkle_insert/src/main.nr | 2 +- .../test_data/pedersen_check/src/main.nr | 6 +- .../nargo/tests/test_data/sha256/src/main.nr | 2 +- .../tests/test_data/simple_shield/src/main.nr | 6 +- .../nargo/tests/test_data/strings/src/main.nr | 4 +- noir_stdlib/src/hash.nr | 230 +++++++++--------- 10 files changed, 131 insertions(+), 138 deletions(-) diff --git a/crates/nargo/tests/test_data/6/src/main.nr b/crates/nargo/tests/test_data/6/src/main.nr index 071ec719bec..61be34e6d88 100644 --- a/crates/nargo/tests/test_data/6/src/main.nr +++ b/crates/nargo/tests/test_data/6/src/main.nr @@ -9,12 +9,12 @@ use dep::std; fn main(x: [u8; 5], result: pub [u8; 32]) { - let mut digest = x.sha256(); + let mut digest = std::hash::sha256(x); digest[0] = 5 as u8; - digest = x.sha256(); + digest = std::hash::sha256(x); constrain digest == result; let y = [12,45,78,41]; - let h = y.mimc_bn254(); + let h = std::hash::mimc_bn254(y); constrain h == 18226366069841799622585958305961373004333097209608110160936134895615261821931; } diff --git a/crates/nargo/tests/test_data/7/src/main.nr b/crates/nargo/tests/test_data/7/src/main.nr index 61e761dbfad..ec01ea7c4be 100644 --- a/crates/nargo/tests/test_data/7/src/main.nr +++ b/crates/nargo/tests/test_data/7/src/main.nr @@ -5,6 +5,6 @@ use dep::std; fn main(x: [u8; 5], result: [u8; 32]) { - let digest = x.blake2s(); + let digest = std::hash::blake2s(x); constrain digest == result; } diff --git a/crates/nargo/tests/test_data/9_conditional/src/main.nr b/crates/nargo/tests/test_data/9_conditional/src/main.nr index c703436d042..0f37f3e92f4 100644 --- a/crates/nargo/tests/test_data/9_conditional/src/main.nr +++ b/crates/nargo/tests/test_data/9_conditional/src/main.nr @@ -14,9 +14,9 @@ fn sort(mut a: [u32; 4]) -> [u32; 4] { } fn call_intrinsic(x: [u8; 5], result: [u8; 32]) { - let mut digest = x.sha256(); + let mut digest = std::hash::sha256(x); digest[0] = 5 as u8; - digest = x.sha256(); + digest = std::hash::sha256(x); constrain digest == result; } @@ -36,7 +36,6 @@ fn test4() -> [u32; 4] { } fn main(a: u32, mut c: [u32; 4], x: [u8; 5], result: pub [u8; 32]){ - // Regression test for issue #547 // Warning: it must be kept at the start of main let arr: [u8; 2] = [1, 2]; @@ -49,7 +48,7 @@ fn main(a: u32, mut c: [u32; 4], x: [u8; 5], result: pub [u8; 32]){ //Issue reported in #421 if a == c[0] { constrain c[0] == 0; - } else { + } else { if a == c[1] { constrain c[1] == 0; } else { @@ -137,7 +136,7 @@ fn main(a: u32, mut c: [u32; 4], x: [u8; 5], result: pub [u8; 32]){ let mut y = 0; if a == 0 { - let digest = x.sha256(); + let digest = std::hash::sha256(x); y = digest[0]; } else { y = 5; diff --git a/crates/nargo/tests/test_data/hash_to_field/src/main.nr b/crates/nargo/tests/test_data/hash_to_field/src/main.nr index 6f9bd83910f..ffc334179ee 100644 --- a/crates/nargo/tests/test_data/hash_to_field/src/main.nr +++ b/crates/nargo/tests/test_data/hash_to_field/src/main.nr @@ -1,5 +1,5 @@ use dep::std; fn main(input : Field) -> pub Field { - [input].hash_to_field() + std::hash::hash_to_field([input]) } diff --git a/crates/nargo/tests/test_data/merkle_insert/src/main.nr b/crates/nargo/tests/test_data/merkle_insert/src/main.nr index 64bfa58f55f..6078bef79d6 100644 --- a/crates/nargo/tests/test_data/merkle_insert/src/main.nr +++ b/crates/nargo/tests/test_data/merkle_insert/src/main.nr @@ -15,7 +15,7 @@ fn main( let new_leaf_exists = std::merkle::check_membership(new_root, leaf, index, old_hash_path); constrain new_leaf_exists == 1; - let h = mimc_input.mimc_bn254(); + let h = std::hash::mimc_bn254(mimc_input); constrain h == 18226366069841799622585958305961373004333097209608110160936134895615261821931; } diff --git a/crates/nargo/tests/test_data/pedersen_check/src/main.nr b/crates/nargo/tests/test_data/pedersen_check/src/main.nr index 61c6a4a80d2..b727112ce55 100644 --- a/crates/nargo/tests/test_data/pedersen_check/src/main.nr +++ b/crates/nargo/tests/test_data/pedersen_check/src/main.nr @@ -1,7 +1,7 @@ use dep::std; fn main(x: Field, y: Field, salt: Field, out_x: Field, out_y: Field ) { - let res = [x, y].pedersen(); + let res = std::hash::pedersen([x, y]); constrain res[0] == out_x; constrain res[1] == out_y; @@ -11,7 +11,7 @@ fn main(x: Field, y: Field, salt: Field, out_x: Field, out_y: Field ) { state = state * 8 + raw_data[i]; } state += salt; - let hash = [state].pedersen(); - constrain [43].pedersen()[0] == hash[0]; + let hash = std::hash::pedersen([state]); + constrain std::hash::pedersen([43])[0] == hash[0]; } diff --git a/crates/nargo/tests/test_data/sha256/src/main.nr b/crates/nargo/tests/test_data/sha256/src/main.nr index 00734bd5b27..bf2249c4faf 100644 --- a/crates/nargo/tests/test_data/sha256/src/main.nr +++ b/crates/nargo/tests/test_data/sha256/src/main.nr @@ -14,6 +14,6 @@ use dep::std; fn main(x: Field, result: [u8; 32]) { // We use the `as` keyword here to denote the fact that we want to take just the first byte from the x Field // The padding is taken care of by the program - let digest = [x as u8].sha256(); + let digest = std::hash::sha256([x as u8]); constrain digest == result; } diff --git a/crates/nargo/tests/test_data/simple_shield/src/main.nr b/crates/nargo/tests/test_data/simple_shield/src/main.nr index 2a00d1e02fb..20d41481c7e 100644 --- a/crates/nargo/tests/test_data/simple_shield/src/main.nr +++ b/crates/nargo/tests/test_data/simple_shield/src/main.nr @@ -20,13 +20,13 @@ fn main( let pubkey_y = pubkey[1]; // Compute input note commitment - let note_commitment = [pubkey_x, pubkey_y].pedersen(); + let note_commitment = std::hash::pedersen([pubkey_x, pubkey_y]); // Compute input note nullifier - let nullifier = [note_commitment[0], index, priv_key].pedersen(); + let nullifier = std::hash::pedersen([note_commitment[0], index, priv_key]); // Compute output note nullifier - let receiver_note_commitment = [to_pubkey_x, to_pubkey_y].pedersen(); + let receiver_note_commitment = std::hash::pedersen([to_pubkey_x, to_pubkey_y]); // Check that the input note nullifier is in the root let is_member = std::merkle::check_membership(note_root, note_commitment[0], index, note_hash_path); diff --git a/crates/nargo/tests/test_data/strings/src/main.nr b/crates/nargo/tests/test_data/strings/src/main.nr index dce3c670a66..ca0d1691f86 100644 --- a/crates/nargo/tests/test_data/strings/src/main.nr +++ b/crates/nargo/tests/test_data/strings/src/main.nr @@ -19,7 +19,7 @@ fn main(message : pub str<11>, y : Field, hex_as_string : str<4>, hex_as_field : std::println(bad_message); constrain message != bad_message; - let hash = [x].pedersen(); + let hash = std::hash::pedersen([x]); std::println(hash); constrain hex_as_string == "0x41"; @@ -45,7 +45,7 @@ fn test_prints_array() { std::println(array); - let hash = array.pedersen(); + let hash = std::hash::pedersen(array); std::println(hash); } diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr index d5768dd9f2c..64a0eafa211 100644 --- a/noir_stdlib/src/hash.nr +++ b/noir_stdlib/src/hash.nr @@ -1,19 +1,15 @@ -impl [u8; N] { - #[foreign(sha256)] - fn sha256(_input : [u8; N]) -> [u8; 32] {} +#[foreign(sha256)] +fn sha256(_input : [u8; N]) -> [u8; 32] {} - #[foreign(blake2s)] - fn blake2s(_input : [u8; N]) -> [u8; 32] {} -} +#[foreign(blake2s)] +fn blake2s(_input : [u8; N]) -> [u8; 32] {} -impl [Field; N] { - #[foreign(pedersen)] - fn pedersen(_input : [Field; N]) -> [Field; 2] {} +#[foreign(pedersen)] +fn pedersen(_input : [Field; N]) -> [Field; 2] {} - #[foreign(hash_to_field_128_security)] - fn hash_to_field(_input : [Field; N]) -> Field {} -} +#[foreign(hash_to_field_128_security)] +fn hash_to_field(_input : [Field; N]) -> Field {} // mimc-p/p implementation // constants are (publicly generated) random numbers, for instance using keccak as a ROM. @@ -34,111 +30,109 @@ fn mimc(x: Field, k: Field, constants: [Field], exp : Field) -> Field { global MIMC_BN254_ROUNDS = 91; -impl [Field; N] { - //mimc implementation with hardcoded parameters for BN254 curve. - fn mimc_bn254(self) -> Field { - //mimc parameters - let exponent = 7; - //generated from seed "mimc" using keccak256 - let constants: [Field; MIMC_BN254_ROUNDS] = [ - 0, - 20888961410941983456478427210666206549300505294776164667214940546594746570981, - 15265126113435022738560151911929040668591755459209400716467504685752745317193, - 8334177627492981984476504167502758309043212251641796197711684499645635709656, - 1374324219480165500871639364801692115397519265181803854177629327624133579404, - 11442588683664344394633565859260176446561886575962616332903193988751292992472, - 2558901189096558760448896669327086721003508630712968559048179091037845349145, - 11189978595292752354820141775598510151189959177917284797737745690127318076389, - 3262966573163560839685415914157855077211340576201936620532175028036746741754, - 17029914891543225301403832095880481731551830725367286980611178737703889171730, - 4614037031668406927330683909387957156531244689520944789503628527855167665518, - 19647356996769918391113967168615123299113119185942498194367262335168397100658, - 5040699236106090655289931820723926657076483236860546282406111821875672148900, - 2632385916954580941368956176626336146806721642583847728103570779270161510514, - 17691411851977575435597871505860208507285462834710151833948561098560743654671, - 11482807709115676646560379017491661435505951727793345550942389701970904563183, - 8360838254132998143349158726141014535383109403565779450210746881879715734773, - 12663821244032248511491386323242575231591777785787269938928497649288048289525, - 3067001377342968891237590775929219083706800062321980129409398033259904188058, - 8536471869378957766675292398190944925664113548202769136103887479787957959589, - 19825444354178182240559170937204690272111734703605805530888940813160705385792, - 16703465144013840124940690347975638755097486902749048533167980887413919317592, - 13061236261277650370863439564453267964462486225679643020432589226741411380501, - 10864774797625152707517901967943775867717907803542223029967000416969007792571, - 10035653564014594269791753415727486340557376923045841607746250017541686319774, - 3446968588058668564420958894889124905706353937375068998436129414772610003289, - 4653317306466493184743870159523234588955994456998076243468148492375236846006, - 8486711143589723036499933521576871883500223198263343024003617825616410932026, - 250710584458582618659378487568129931785810765264752039738223488321597070280, - 2104159799604932521291371026105311735948154964200596636974609406977292675173, - 16313562605837709339799839901240652934758303521543693857533755376563489378839, - 6032365105133504724925793806318578936233045029919447519826248813478479197288, - 14025118133847866722315446277964222215118620050302054655768867040006542798474, - 7400123822125662712777833064081316757896757785777291653271747396958201309118, - 1744432620323851751204287974553233986555641872755053103823939564833813704825, - 8316378125659383262515151597439205374263247719876250938893842106722210729522, - 6739722627047123650704294650168547689199576889424317598327664349670094847386, - 21211457866117465531949733809706514799713333930924902519246949506964470524162, - 13718112532745211817410303291774369209520657938741992779396229864894885156527, - 5264534817993325015357427094323255342713527811596856940387954546330728068658, - 18884137497114307927425084003812022333609937761793387700010402412840002189451, - 5148596049900083984813839872929010525572543381981952060869301611018636120248, - 19799686398774806587970184652860783461860993790013219899147141137827718662674, - 19240878651604412704364448729659032944342952609050243268894572835672205984837, - 10546185249390392695582524554167530669949955276893453512788278945742408153192, - 5507959600969845538113649209272736011390582494851145043668969080335346810411, - 18177751737739153338153217698774510185696788019377850245260475034576050820091, - 19603444733183990109492724100282114612026332366576932662794133334264283907557, - 10548274686824425401349248282213580046351514091431715597441736281987273193140, - 1823201861560942974198127384034483127920205835821334101215923769688644479957, - 11867589662193422187545516240823411225342068709600734253659804646934346124945, - 18718569356736340558616379408444812528964066420519677106145092918482774343613, - 10530777752259630125564678480897857853807637120039176813174150229243735996839, - 20486583726592018813337145844457018474256372770211860618687961310422228379031, - 12690713110714036569415168795200156516217175005650145422920562694422306200486, - 17386427286863519095301372413760745749282643730629659997153085139065756667205, - 2216432659854733047132347621569505613620980842043977268828076165669557467682, - 6309765381643925252238633914530877025934201680691496500372265330505506717193, - 20806323192073945401862788605803131761175139076694468214027227878952047793390, - 4037040458505567977365391535756875199663510397600316887746139396052445718861, - 19948974083684238245321361840704327952464170097132407924861169241740046562673, - 845322671528508199439318170916419179535949348988022948153107378280175750024, - 16222384601744433420585982239113457177459602187868460608565289920306145389382, - 10232118865851112229330353999139005145127746617219324244541194256766741433339, - 6699067738555349409504843460654299019000594109597429103342076743347235369120, - 6220784880752427143725783746407285094967584864656399181815603544365010379208, - 6129250029437675212264306655559561251995722990149771051304736001195288083309, - 10773245783118750721454994239248013870822765715268323522295722350908043393604, - 4490242021765793917495398271905043433053432245571325177153467194570741607167, - 19596995117319480189066041930051006586888908165330319666010398892494684778526, - 837850695495734270707668553360118467905109360511302468085569220634750561083, - 11803922811376367215191737026157445294481406304781326649717082177394185903907, - 10201298324909697255105265958780781450978049256931478989759448189112393506592, - 13564695482314888817576351063608519127702411536552857463682060761575100923924, - 9262808208636973454201420823766139682381973240743541030659775288508921362724, - 173271062536305557219323722062711383294158572562695717740068656098441040230, - 18120430890549410286417591505529104700901943324772175772035648111937818237369, - 20484495168135072493552514219686101965206843697794133766912991150184337935627, - 19155651295705203459475805213866664350848604323501251939850063308319753686505, - 11971299749478202793661982361798418342615500543489781306376058267926437157297, - 18285310723116790056148596536349375622245669010373674803854111592441823052978, - 7069216248902547653615508023941692395371990416048967468982099270925308100727, - 6465151453746412132599596984628739550147379072443683076388208843341824127379, - 16143532858389170960690347742477978826830511669766530042104134302796355145785, - 19362583304414853660976404410208489566967618125972377176980367224623492419647, - 1702213613534733786921602839210290505213503664731919006932367875629005980493, - 10781825404476535814285389902565833897646945212027592373510689209734812292327, - 4212716923652881254737947578600828255798948993302968210248673545442808456151, - 7594017890037021425366623750593200398174488805473151513558919864633711506220, - 18979889247746272055963929241596362599320706910852082477600815822482192194401, - 13602139229813231349386885113156901793661719180900395818909719758150455500533, - ]; - - let mut r = 0; - for elem in self { - let h = mimc(elem, r, constants, exponent); - r = r + elem + h; - } - r +//mimc implementation with hardcoded parameters for BN254 curve. +fn mimc_bn254(self) -> Field { + //mimc parameters + let exponent = 7; + //generated from seed "mimc" using keccak256 + let constants: [Field; MIMC_BN254_ROUNDS] = [ + 0, + 20888961410941983456478427210666206549300505294776164667214940546594746570981, + 15265126113435022738560151911929040668591755459209400716467504685752745317193, + 8334177627492981984476504167502758309043212251641796197711684499645635709656, + 1374324219480165500871639364801692115397519265181803854177629327624133579404, + 11442588683664344394633565859260176446561886575962616332903193988751292992472, + 2558901189096558760448896669327086721003508630712968559048179091037845349145, + 11189978595292752354820141775598510151189959177917284797737745690127318076389, + 3262966573163560839685415914157855077211340576201936620532175028036746741754, + 17029914891543225301403832095880481731551830725367286980611178737703889171730, + 4614037031668406927330683909387957156531244689520944789503628527855167665518, + 19647356996769918391113967168615123299113119185942498194367262335168397100658, + 5040699236106090655289931820723926657076483236860546282406111821875672148900, + 2632385916954580941368956176626336146806721642583847728103570779270161510514, + 17691411851977575435597871505860208507285462834710151833948561098560743654671, + 11482807709115676646560379017491661435505951727793345550942389701970904563183, + 8360838254132998143349158726141014535383109403565779450210746881879715734773, + 12663821244032248511491386323242575231591777785787269938928497649288048289525, + 3067001377342968891237590775929219083706800062321980129409398033259904188058, + 8536471869378957766675292398190944925664113548202769136103887479787957959589, + 19825444354178182240559170937204690272111734703605805530888940813160705385792, + 16703465144013840124940690347975638755097486902749048533167980887413919317592, + 13061236261277650370863439564453267964462486225679643020432589226741411380501, + 10864774797625152707517901967943775867717907803542223029967000416969007792571, + 10035653564014594269791753415727486340557376923045841607746250017541686319774, + 3446968588058668564420958894889124905706353937375068998436129414772610003289, + 4653317306466493184743870159523234588955994456998076243468148492375236846006, + 8486711143589723036499933521576871883500223198263343024003617825616410932026, + 250710584458582618659378487568129931785810765264752039738223488321597070280, + 2104159799604932521291371026105311735948154964200596636974609406977292675173, + 16313562605837709339799839901240652934758303521543693857533755376563489378839, + 6032365105133504724925793806318578936233045029919447519826248813478479197288, + 14025118133847866722315446277964222215118620050302054655768867040006542798474, + 7400123822125662712777833064081316757896757785777291653271747396958201309118, + 1744432620323851751204287974553233986555641872755053103823939564833813704825, + 8316378125659383262515151597439205374263247719876250938893842106722210729522, + 6739722627047123650704294650168547689199576889424317598327664349670094847386, + 21211457866117465531949733809706514799713333930924902519246949506964470524162, + 13718112532745211817410303291774369209520657938741992779396229864894885156527, + 5264534817993325015357427094323255342713527811596856940387954546330728068658, + 18884137497114307927425084003812022333609937761793387700010402412840002189451, + 5148596049900083984813839872929010525572543381981952060869301611018636120248, + 19799686398774806587970184652860783461860993790013219899147141137827718662674, + 19240878651604412704364448729659032944342952609050243268894572835672205984837, + 10546185249390392695582524554167530669949955276893453512788278945742408153192, + 5507959600969845538113649209272736011390582494851145043668969080335346810411, + 18177751737739153338153217698774510185696788019377850245260475034576050820091, + 19603444733183990109492724100282114612026332366576932662794133334264283907557, + 10548274686824425401349248282213580046351514091431715597441736281987273193140, + 1823201861560942974198127384034483127920205835821334101215923769688644479957, + 11867589662193422187545516240823411225342068709600734253659804646934346124945, + 18718569356736340558616379408444812528964066420519677106145092918482774343613, + 10530777752259630125564678480897857853807637120039176813174150229243735996839, + 20486583726592018813337145844457018474256372770211860618687961310422228379031, + 12690713110714036569415168795200156516217175005650145422920562694422306200486, + 17386427286863519095301372413760745749282643730629659997153085139065756667205, + 2216432659854733047132347621569505613620980842043977268828076165669557467682, + 6309765381643925252238633914530877025934201680691496500372265330505506717193, + 20806323192073945401862788605803131761175139076694468214027227878952047793390, + 4037040458505567977365391535756875199663510397600316887746139396052445718861, + 19948974083684238245321361840704327952464170097132407924861169241740046562673, + 845322671528508199439318170916419179535949348988022948153107378280175750024, + 16222384601744433420585982239113457177459602187868460608565289920306145389382, + 10232118865851112229330353999139005145127746617219324244541194256766741433339, + 6699067738555349409504843460654299019000594109597429103342076743347235369120, + 6220784880752427143725783746407285094967584864656399181815603544365010379208, + 6129250029437675212264306655559561251995722990149771051304736001195288083309, + 10773245783118750721454994239248013870822765715268323522295722350908043393604, + 4490242021765793917495398271905043433053432245571325177153467194570741607167, + 19596995117319480189066041930051006586888908165330319666010398892494684778526, + 837850695495734270707668553360118467905109360511302468085569220634750561083, + 11803922811376367215191737026157445294481406304781326649717082177394185903907, + 10201298324909697255105265958780781450978049256931478989759448189112393506592, + 13564695482314888817576351063608519127702411536552857463682060761575100923924, + 9262808208636973454201420823766139682381973240743541030659775288508921362724, + 173271062536305557219323722062711383294158572562695717740068656098441040230, + 18120430890549410286417591505529104700901943324772175772035648111937818237369, + 20484495168135072493552514219686101965206843697794133766912991150184337935627, + 19155651295705203459475805213866664350848604323501251939850063308319753686505, + 11971299749478202793661982361798418342615500543489781306376058267926437157297, + 18285310723116790056148596536349375622245669010373674803854111592441823052978, + 7069216248902547653615508023941692395371990416048967468982099270925308100727, + 6465151453746412132599596984628739550147379072443683076388208843341824127379, + 16143532858389170960690347742477978826830511669766530042104134302796355145785, + 19362583304414853660976404410208489566967618125972377176980367224623492419647, + 1702213613534733786921602839210290505213503664731919006932367875629005980493, + 10781825404476535814285389902565833897646945212027592373510689209734812292327, + 4212716923652881254737947578600828255798948993302968210248673545442808456151, + 7594017890037021425366623750593200398174488805473151513558919864633711506220, + 18979889247746272055963929241596362599320706910852082477600815822482192194401, + 13602139229813231349386885113156901793661719180900395818909719758150455500533, + ]; + + let mut r = 0; + for elem in self { + let h = mimc(elem, r, constants, exponent); + r = r + elem + h; } + r } From 78b40ac6638b7791d29c356594d00ddf4b1a098e Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Wed, 15 Feb 2023 11:41:15 -0600 Subject: [PATCH 6/9] Fix stdlib --- noir_stdlib/src/hash.nr | 16 ++++++++-------- noir_stdlib/src/merkle.nr | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr index 64a0eafa211..bf00fb27619 100644 --- a/noir_stdlib/src/hash.nr +++ b/noir_stdlib/src/hash.nr @@ -1,22 +1,22 @@ #[foreign(sha256)] -fn sha256(_input : [u8; N]) -> [u8; 32] {} +fn sha256(_input : [u8; N]) -> [u8; 32] {} #[foreign(blake2s)] -fn blake2s(_input : [u8; N]) -> [u8; 32] {} +fn blake2s(_input : [u8; N]) -> [u8; 32] {} #[foreign(pedersen)] -fn pedersen(_input : [Field; N]) -> [Field; 2] {} +fn pedersen(_input : [Field; N]) -> [Field; 2] {} #[foreign(hash_to_field_128_security)] -fn hash_to_field(_input : [Field; N]) -> Field {} +fn hash_to_field(_input : [Field; N]) -> Field {} // mimc-p/p implementation // constants are (publicly generated) random numbers, for instance using keccak as a ROM. // You must use constants generated for the native field // Rounds number should be ~ log(p)/log(exp) // For 254 bit primes, exponent 7 and 91 rounds seems to be recommended -fn mimc(x: Field, k: Field, constants: [Field], exp : Field) -> Field { +fn mimc(x: Field, k: Field, constants: [Field; N], exp : Field) -> Field { //round 0 let mut t = x + k; let mut h = t.pow_32(exp); @@ -31,7 +31,7 @@ fn mimc(x: Field, k: Field, constants: [Field], exp : Field) -> Field { global MIMC_BN254_ROUNDS = 91; //mimc implementation with hardcoded parameters for BN254 curve. -fn mimc_bn254(self) -> Field { +fn mimc_bn254(array: [Field; N]) -> Field { //mimc parameters let exponent = 7; //generated from seed "mimc" using keccak256 @@ -128,9 +128,9 @@ fn mimc_bn254(self) -> Field { 18979889247746272055963929241596362599320706910852082477600815822482192194401, 13602139229813231349386885113156901793661719180900395818909719758150455500533, ]; - + let mut r = 0; - for elem in self { + for elem in array { let h = mimc(elem, r, constants, exponent); r = r + elem + h; } diff --git a/noir_stdlib/src/merkle.nr b/noir_stdlib/src/merkle.nr index 73f42f8ba8d..9f7c5d5b130 100644 --- a/noir_stdlib/src/merkle.nr +++ b/noir_stdlib/src/merkle.nr @@ -27,7 +27,7 @@ fn compute_root_from_leaf(leaf : Field, index : Field, hash_path: [Field]) -> Fi (current, hash_path[i]) }; - current = [hash_left, hash_right].pedersen()[0]; + current = crate::hash::pedersen([hash_left, hash_right])[0]; }; current } From 55ba7ed9210692b15ba78459a6973fd7c7eb6168 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Wed, 15 Feb 2023 12:25:16 -0600 Subject: [PATCH 7/9] Revert nargo tests --- crates/nargo/tests/compile_tests_data/pass/basic_import.nr | 2 +- crates/nargo/tests/target_tests_data/pass/import/src/main.nr | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crates/nargo/tests/compile_tests_data/pass/basic_import.nr b/crates/nargo/tests/compile_tests_data/pass/basic_import.nr index a473900a3ed..212d0f13590 100644 --- a/crates/nargo/tests/compile_tests_data/pass/basic_import.nr +++ b/crates/nargo/tests/compile_tests_data/pass/basic_import.nr @@ -4,7 +4,7 @@ use dep::std; use crate::import::hello; fn main(x : Field, y : Field) { - let _k = [x].pedersen(); + let _k = std::hash::pedersen([x]); let _l = hello(x); constrain x != import::hello(y); diff --git a/crates/nargo/tests/target_tests_data/pass/import/src/main.nr b/crates/nargo/tests/target_tests_data/pass/import/src/main.nr index 10bb4d263e1..58fb0c3f3f2 100644 --- a/crates/nargo/tests/target_tests_data/pass/import/src/main.nr +++ b/crates/nargo/tests/target_tests_data/pass/import/src/main.nr @@ -2,7 +2,7 @@ mod import; use crate::import::hello; fn main(x : Field, y : Field) { - let _k = [x].pedersen(); + let _k = dep::std::hash::pedersen([x]); let _l = hello(x); constrain x != import::hello(y); From 99170e2b0f8346f272f0fccdedb166705d6865f8 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Thu, 16 Feb 2023 08:38:41 -0600 Subject: [PATCH 8/9] Format and update stdlib syntax --- noir_stdlib/src/sha256.nr | 14 ++++++------ noir_stdlib/src/sha512.nr | 46 ++++++++++++++++----------------------- 2 files changed, 26 insertions(+), 34 deletions(-) diff --git a/noir_stdlib/src/sha256.nr b/noir_stdlib/src/sha256.nr index 2df84efa1ba..83e08ada7e8 100644 --- a/noir_stdlib/src/sha256.nr +++ b/noir_stdlib/src/sha256.nr @@ -100,7 +100,7 @@ fn msg_u8_to_u32(msg: [u8; 64]) -> [u32; 16] // SHA-256 hash function #[alternative(sha256)] -fn digest(msg: [u8]) -> [u8; 32] { +fn digest(msg: [u8; N]) -> [u8; 32] { let mut msg_block: [u8; 64] = [0; 64]; let mut h: [u32; 8] = [1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]; // Intermediate hash, starting with the canonical initial value let mut c: [u32; 8] = [0; 8]; // Compression of current message block as sequence of u32 @@ -140,7 +140,7 @@ fn digest(msg: [u8]) -> [u8; 32] { c = h; c = sha_c(msg_u8_to_u32(msg_block), c); for j in 0..8 { - h[j] = c[j] + h[j]; + h[j] += c[j]; } i = 0; @@ -154,9 +154,9 @@ fn digest(msg: [u8]) -> [u8; 32] { let mut len = 8 * msg.len() as u64; for j in 0..8 { msg_block[63 - j] = len as u8; - len = len >> 8; - }; - i = i + 8; + len >>= 8; + } + i += 8; } } @@ -164,14 +164,14 @@ fn digest(msg: [u8]) -> [u8; 32] { c = h; c = sha_c(msg_u8_to_u32(msg_block), c); for j in 0..8 { - h[j] = c[j] + h[j]; + h[j] += c[j]; } // Return final hash as byte array for j in 0..8 { for k in 0..4 { out_h[31 - 4*j - k] = h[7 - j] as u8; - h[7-j] = h[7-j] >> 8; + h[7-j] >>= 8; } } diff --git a/noir_stdlib/src/sha512.nr b/noir_stdlib/src/sha512.nr index b6b26962ca7..66a5cc5a169 100644 --- a/noir_stdlib/src/sha512.nr +++ b/noir_stdlib/src/sha512.nr @@ -98,7 +98,7 @@ fn msg_u8_to_u64(msg: [u8; 128]) -> [u64; 16] } // SHA-512 hash function -fn digest(msg: [u8]) -> [u8; 64] +fn digest(msg: [u8; N]) -> [u8; 64] { let mut msg_block: [u8; 128] = [0; 128]; let mut h: [u64; 8] = [7640891576956012808, 13503953896175478587, 4354685564936845355, 11912009170470909681, 5840696475078001361, 11170449401992604703, 2270897969802886507, 6620516959819538809]; // Intermediate hash, starting with the canonical initial value @@ -110,44 +110,36 @@ fn digest(msg: [u8]) -> [u8; 64] // Populate msg_block msg_block[i] = msg[k]; i = i + 1; - if i == 128 // Enough to hash block - { + if i == 128 { // Enough to hash block c = sha_c(msg_u8_to_u64(msg_block), h); - for j in 0..8 - { - h[j] = c[j] + h[j]; - }; + for j in 0..8 { + h[j] += c[j]; + } i = 0; } - }; + } // Pad the rest such that we have a [u64; 2] block at the end representing the length // of the message, and a block of 1 0 ... 0 following the message (i.e. [1 << 7, 0, ..., 0]). msg_block[i] = 1 << 7; - i = i + 1; + i += 1; // If i >= 113, there aren't enough bits in the current message block to accomplish this, so // the 1 and 0s fill up the current block, which we then compress accordingly. - if i >= 113 // Not enough bits (128) to store length. Fill up with zeros. - { - - if i < 128 - { - for _i in 113..128 - { - if i <= 127 - { + if i >= 113 { // Not enough bits (128) to store length. Fill up with zeros. + if i < 128 { + for _i in 113..128 { + if i <= 127 { msg_block[i] = 0; - i = i + 1; + i += 1; } - }; + } } c = sha_c(msg_u8_to_u64(msg_block), h); - for j in 0..8 - { - h[j] = c[j] + h[j]; - }; + for j in 0..8 { + h[j] += c[j]; + } i = 0; } @@ -160,7 +152,7 @@ fn digest(msg: [u8]) -> [u8; 64] let mut len = 8 * msg.len() as u64; // u128 unsupported for j in 0..16 { msg_block[127 - j] = len as u8; - len = len >> 8; + len >>= 8; } i += 16; // Done. } @@ -169,14 +161,14 @@ fn digest(msg: [u8]) -> [u8; 64] // Hash final padded block c = sha_c(msg_u8_to_u64(msg_block), h); for j in 0..8 { - h[j] = c[j] + h[j]; + h[j] += c[j]; } // Return final hash as byte array for j in 0..8 { for k in 0..8 { out_h[63 - 8*j - k] = h[7 - j] as u8; - h[7-j] = h[7-j] >> 8; + h[7-j] >>= 8; } } From 37592d167e053e4f9936d7bb1d9a1aa455d71729 Mon Sep 17 00:00:00 2001 From: Jake Fecher Date: Thu, 16 Feb 2023 12:42:51 -0600 Subject: [PATCH 9/9] Remove 'if true' --- .../src/hir/def_collector/dc_crate.rs | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs b/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs index 2a0efbf41a4..ef9986796bc 100644 --- a/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs +++ b/crates/noirc_frontend/src/hir/def_collector/dc_crate.rs @@ -1,6 +1,6 @@ use super::dc_mod::collect_defs; use super::errors::DefCollectorErrorKind; -use crate::graph::CrateId; +use crate::graph::{CrateId, LOCAL_CRATE}; use crate::hir::def_map::{CrateDefMap, LocalModuleId, ModuleId}; use crate::hir::resolution::errors::ResolverError; use crate::hir::resolution::resolver::Resolver; @@ -226,15 +226,13 @@ fn collect_impls( errors.push(err.into_file_diagnostic(unresolved.file_id)); } } - } else if typ != Type::Error { - if true - /* in std crate */ - { - } else { - let span = *span; - let error = DefCollectorErrorKind::NonStructTypeInImpl { span }; - errors.push(error.into_file_diagnostic(unresolved.file_id)) - } + // Prohibit defining impls for primitive types if we're in the local crate. + // We should really prevent it for all crates that aren't the noir stdlib but + // there is no way of checking if the current crate is the stdlib currently. + } else if typ != Type::Error && crate_id == LOCAL_CRATE { + let span = *span; + let error = DefCollectorErrorKind::NonStructTypeInImpl { span }; + errors.push(error.into_file_diagnostic(unresolved.file_id)) } } }