From 4a5a4cc43705b669ae4a8dc39d49c7ea2a54d4bc Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Tue, 13 Jul 2021 11:50:29 +0100 Subject: [PATCH] [book] merkle-crh.md: formatting. Signed-off-by: Daira Hopwood --- .../circuit/gadgets/sinsemilla/merkle-crh.md | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md b/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md index 303d12ff..fc8e6a10 100644 --- a/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md +++ b/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md @@ -3,23 +3,23 @@ ## Message decomposition $\mathsf{SinsemillaHash}$ is used in the [$\mathsf{MerkleCRH^{Orchard}}$ hash function](https://zips.z.cash/protocol/protocol.pdf#orchardmerklecrh). The input to $\mathsf{SinsemillaHash}$ is: -$$l_{\star} || \textsf{left}_{\star} || \textsf{right}_{\star}, $$ +$${l\star} \,||\, {\textsf{left}\star} \,||\, {\textsf{right}\star},$$ where: -- $l_{\star} = \textsf{I2LEBSP}_{10}(l) = \textsf{I2LEBSP}_{10}(\textsf{MerkleDepth}^\textsf{Orchard} - 1 - \textsf{layer})$, -- $\textsf{left}_{\star} = \textsf{I2LEBSP}_{\ell_{\textsf{Merkle}}^{\textsf{Orchard}}}(\textsf{left})$, -- $\textsf{right}_{\star} = \textsf{I2LEBSP}_{\ell_{\textsf{Merkle}}^{\textsf{Orchard}}}(\textsf{right})$, +- ${l\star} = \textsf{I2LEBSP}_{10}(l) = \textsf{I2LEBSP}_{10}(\textsf{MerkleDepth}^\textsf{Orchard} - 1 - \textsf{layer})$, +- ${\textsf{left}\star} = \textsf{I2LEBSP}_{\ell_{\textsf{Merkle}}^{\textsf{Orchard}}}(\textsf{left})$, +- ${\textsf{right}\star} = \textsf{I2LEBSP}_{\ell_{\textsf{Merkle}}^{\textsf{Orchard}}}(\textsf{right})$, -where $\ell_{\textsf{Merkle}}^{\textsf{Orchard}} = 255.$ $\textsf{left}$ and $\textsf{right}$ are allowed to be non-canonical $255$-bit encodings. +with $\ell_{\textsf{Merkle}}^{\textsf{Orchard}} = 255.$ $\textsf{left}$ and $\textsf{right}$ are allowed to be non-canonical $255$-bit encodings. We break these inputs into the following `MessagePiece`s: $$ \begin{aligned} -a \text{ (250 bits)} &= a_0||a_1 \\ - &= l_\star || (\text{bits } 0..=239 \text{ of } \textsf{ left }) \\ -b \text{ (20 bits)} &= b_0||b_1||b_2 \\ - &= (\text{bits } 240..=249 \text{ of } \textsf{left}) || (\text{bits } 250..=254 \text{ of } \textsf{left}) || (\text{bits } 0..=4 \text{ of } \textsf{right}) \\ +a \text{ (250 bits)} &= a_0 \,||\, a_1 \\ + &= {l\star} \,||\, (\text{bits } 0..=239 \text{ of } \textsf{ left }) \\ +b \text{ (20 bits)} &= b_0 \,||\, b_1 \,||\, b_2 \\ + &= (\text{bits } 240..=249 \text{ of } \textsf{left}) \,||\, (\text{bits } 250..=254 \text{ of } \textsf{left}) \,||\, (\text{bits } 0..=4 \text{ of } \textsf{right}) \\ c \text{ (250 bits)} &= \text{bits } 5..=254 \text{ of } \textsf{right} \end{aligned} $$ @@ -35,7 +35,7 @@ $$ \begin{aligned} z_{1,a} &= \frac{a - a_0}{2^{10}}\\ &= a_1 \\ - \implies a_0 &= a - (z_{1,a} \cdot 2^{10}). + \implies a_0 &= a - z_{1,a} \cdot 2^{10}. \end{aligned} $$ $l + 1$ is loaded into a fixed column at each layer of the hash. It is used both as a gate selector, and to fix the value of $l$. We check that $$a_0 = (l + 1) - 1.$$ @@ -66,4 +66,4 @@ and we use them to reconstruct the original field element inputs: 4. $\mathsf{right} = b_2 + 2^5 \cdot c$ ## Circuit components -The Orchard circuit spans $10$ advice columns while the $\textsf{Sinsemilla}$ chip only uses $5$ advice columns. We distribute the path hashing evenly across two $\textsf{Sinsemilla}$ chips to make better use of the available circuit area. Since the output from the previous layer hash is copied into the next layer hash, we maintain continuity even when moving from one chip to the other. \ No newline at end of file +The Orchard circuit spans $10$ advice columns while the $\textsf{Sinsemilla}$ chip only uses $5$ advice columns. We distribute the path hashing evenly across two $\textsf{Sinsemilla}$ chips to make better use of the available circuit area. Since the output from the previous layer hash is copied into the next layer hash, we maintain continuity even when moving from one chip to the other.