therealyingtong
c61524ea29
p128pow5t3::tests: Extract verify_constants_helper.
...
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-10-12 11:58:27 +02:00
therealyingtong
2c97e56da7
Add hash() and permute() test vectors for Poseidon over Fq.
2021-10-12 11:58:27 +02:00
therealyingtong
f5775b6c6d
p128pow5t3.rs: Test against reference input for Fq field modulus.
2021-10-12 11:58:27 +02:00
therealyingtong
4eb4c57827
Impl Spec for P128Pow5T3 over Fq.
2021-10-12 11:58:27 +02:00
therealyingtong
764c445a81
Rename poseidon::nullifier -> poseidon::p128pow5t3.
2021-10-12 11:58:27 +02:00
therealyingtong
8e00f69d63
primitives::poseidon: Add constants for Fq field modulus.
2021-10-12 11:58:27 +02:00
Jack Grigg
97c27e3d5a
Use complete addition in SinsemillaCommit
...
This is necessary because the blinding factor r can be zero with greater
than negligible probability in an adversarial case, which with incomplete
addition would cause the circuit to compute a commitment that is not on
the curve.
2021-09-28 13:13:25 -06:00
Jack Grigg
8c82ceecbf
ff 0.11, group 0.11, pasta_curves 0.2 etc.
2021-09-06 20:39:43 +01:00
Kris Nuttycombe
5d78ab3508
Add Eq and Ord implementations for Orchard keys.
2021-08-23 11:29:06 -06:00
str4d
b4a82211ce
Merge pull request #184 from zcash/poseidon-domain-spec
...
poseidon::Domain: Remove Spec trait bound.
2021-08-17 12:55:01 +01:00
therealyingtong
1f852544cf
poseidon::Domain: Remove Spec trait bound.
...
The methods in the Domain trait are not generic over Spec.
2021-08-13 14:47:02 +08:00
str4d
4e33fe7aec
Use correct symbol for incomplete addition
...
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-08-12 21:34:35 +01:00
str4d
459e68b71e
Fix clippy lint
...
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-08-12 21:32:14 +01:00
Jack Grigg
9f3c9a7e60
Use mixed addition for Sinsemilla bases
...
Performance improvements:
- MerkleCRH: ~5%
- Commit^ivk: ~1%
- NoteCommit: ~3%
2021-08-12 15:45:00 +01:00
Jack Grigg
6197a0ef62
Use `group::Wnaf` to accelerate `sinsemilla::CommitDomain::commit`
...
Performance improvements:
- Commit^ivk: ~31%
- NoteCommit: ~22%
2021-08-12 15:45:00 +01:00
str4d
5f0c3b3585
Merge pull request #179 from zcash/sinsemilla-bases
...
primitives::sinsemilla: Use hard-coded generators in sinsemilla_s.
2021-08-12 15:18:38 +01:00
therealyingtong
92a7e20d30
Remove sinsemilla_s_generators() function.
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
2021-08-12 20:54:51 +08:00
therealyingtong
a9e96eb0a4
sinsemilla_s: Add documentation.
2021-08-12 16:15:24 +08:00
therealyingtong
995728caa6
primitives::sinsemilla: Use hard-coded generators in sinsemilla_s.
2021-08-12 15:45:14 +08:00
Jack Grigg
0d306d18aa
Expose and benchmark Poseidon
2021-08-10 13:44:04 +01:00
Jack Grigg
08b279b900
Expose and benchmark Sinsemilla primitive
2021-08-10 13:39:14 +01:00
Daira Hopwood
e4612f7f6c
Update Poseidon instantiation from 58 to 56 partial rounds. fixes #166
...
Test vectors are from https://github.com/zcash-hackworks/zcash-test-vectors/pull/45
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-08-04 13:04:13 +01:00
therealyingtong
74456acea1
primitives::sinsemilla.rs: Document panic in hash()
...
Document that hash() panics if a message is longer than K * C.
2021-06-30 20:01:05 +08:00
str4d
bb159a2ccf
Merge pull request #98 from zcash/merkle-chip
...
Merkle hash chip
2021-06-29 23:09:15 +01:00
therealyingtong
1ac3541505
Add spec::i2lebsp and constants::MERKLE_DEPTH_ORCHARD
2021-06-29 12:07:49 +08:00
Kris Nuttycombe
4bb252eb0c
Add Orchard incremental merkle tree digests.
2021-06-22 18:14:27 -06:00
str4d
66340e2655
Merge pull request #67 from zcash/sinsemilla-chip-config
...
Sinsemilla chip with HashDomain
2021-06-22 16:20:35 +01:00
Daira Hopwood
81fb944997
Make this crate clippy clean for warnings on nightly.
...
One .clone() removal; all of the other changes are removing needless borrows that are immediately
dereferenced: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-06-21 18:04:00 +01:00
therealyingtong
eba2172f4f
chip::hash_to_point.rs: Implement hash_to_point instruction.
2021-06-19 18:17:10 +08:00
therealyingtong
74e617b46d
chip::generator_table.rs: Load Sinsemilla generator lookup table.
...
The 2^K table of generators used in the Sinsemilla hash. These
are loaded into a lookup table.
2021-06-19 18:14:22 +08:00
Jack Grigg
e90a5972f1
redpallas: Expose batch validation API
2021-06-14 21:41:12 +01:00
ebfull
ee26116fcf
Merge pull request #114 from zcash/util-range-check
...
utilities::lookup_range_check: Add LookupRangeCheck helper
2021-06-14 10:56:52 -06:00
therealyingtong
60861b7245
sinsemilla::constants.rs: Add INV_TWO_POW_K = 1 / 2^K constant.
2021-06-15 00:18:38 +08:00
therealyingtong
b7b8126ccf
spec.rs: Add lebs2ip function bounded on const generic L.
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
2021-06-13 23:20:59 +08:00
therealyingtong
e83880841a
utilities::lookup_range_check: Add LookupRangeCheck chip
...
This decomposes a field element into K-bit words and constrains each
word's range by looking it up in a K-bit lookup table.
The field element is broken down using a running sum. All interstitial
values of the running sum are returned.
2021-06-12 22:46:31 +08:00
Jack Grigg
769be6c080
Note encryption test vectors
2021-06-11 23:55:17 +01:00
str4d
0ead91a88c
Merge pull request #110 from zcash/tree-logic
...
Implement tree logic in Builder
2021-06-11 21:39:40 +01:00
str4d
d8f2af8983
Simplify `gen_const_array` implementation
...
Also includes a performance improvement to `i2lebsp_k`.
2021-06-11 20:46:30 +01:00
therealyingtong
18535894d6
constants::util.rs: Factor out gen_fixed_array() method.
2021-06-10 10:03:15 +08:00
therealyingtong
7818291118
primitives::sinsemilla.rs: Optimize and test i2lebsp_k
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
2021-06-09 23:50:59 +08:00
therealyingtong
b33248bdb0
src::tree.rs: Implement MerklePath.root() method.
...
Co-authored-by: Kris Nuttycombe <kris@electriccoin.co>
2021-06-08 22:31:24 +08:00
Jack Grigg
cbf7c3825f
builder: Store alpha and use it to derive rsk for signing spends
...
This was missed from zcash/orchard#49 , but could not have caused a
consensus failure or loss-of-funds because `alpha` _was_ being sampled
and used to derive `rk`, meaning that the signatures would fail to
validate.
2021-06-05 22:35:52 +01:00
Jack Grigg
bea8a9b7ff
Migrate to bitvec 0.22, ff 0.10, group 0.10, pasta_curves 0.1
2021-06-04 20:38:52 +01:00
Jack Grigg
91db490e20
test: Add Poseidon test vectors
2021-06-01 18:36:11 +01:00
Daira Hopwood
5925852c7d
Add Poseidon test vector generated by the reference code.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-06-01 18:36:11 +01:00
Jack Grigg
f5a4cc3550
poseidon::Hash gadget
2021-06-01 18:36:11 +01:00
Jack Grigg
38dd7b791d
PoseidonDuplexInstructions
2021-06-01 18:36:11 +01:00
Jack Grigg
f1b8abfccb
Arity-3 Poseidon chip
2021-06-01 18:36:11 +01:00
str4d
f82d00e40d
Merge pull request #77 from zcash/remove-rand-0.7
...
Remove rand 0.7 usage
2021-05-21 21:25:34 +01:00
str4d
7109153e88
Merge pull request #43 from zcash/constants
...
Add Orchard constants
2021-05-18 20:44:59 +01:00