Skip to content

Commit

Permalink
Poseidon optimization
Browse files Browse the repository at this point in the history
  • Loading branch information
jbaylina committed Oct 4, 2021
1 parent 0719ed6 commit ddea7da
Show file tree
Hide file tree
Showing 5 changed files with 25,217 additions and 11 deletions.
18 changes: 18 additions & 0 deletions .vscode/launch.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{
// Use IntelliSense to learn about possible attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"type": "pwa-node",
"request": "launch",
"name": "Launch Program",
"skipFiles": [
"<node_internals>/**"
],
"program": "${workspaceFolder}/calcoptimizedposeidonconsts/test_poseidon.js",
"cwd": "${workspaceFolder}/calcoptimizedposeidonconsts"
}
]
}
56 changes: 45 additions & 11 deletions src/poseidon.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@ const Scalar = require("ffjavascript").Scalar;
const ZqField = require("ffjavascript").ZqField;
const { unstringifyBigInts } = require("ffjavascript").utils;

// Prime 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001
const F = new ZqField(Scalar.fromString("21888242871839275222246405745257275088548364400416034343698204186575808495617"));
// const F = new ZqField(Scalar.fromString("0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001")); // bls
const F = new ZqField(Scalar.fromString("21888242871839275222246405745257275088548364400416034343698204186575808495617")); // bn128

// Parameters are generated by a reference script https://extgit.iaik.tugraz.at/krypto/hadeshash/-/blob/master/code/generate_parameters_grain.sage
// Used like so: sage generate_parameters_grain.sage 1 0 254 2 8 56 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001
const { C, M } = unstringifyBigInts(require("./poseidon_constants.json"));
const opt = unstringifyBigInts(require("./poseidon_constants_opt.json"));

// Using recommended parameters from whitepaper https://eprint.iacr.org/2019/458.pdf (table 2, table 8)
// Generated by https://extgit.iaik.tugraz.at/krypto/hadeshash/-/blob/master/code/calc_round_numbers.py
Expand All @@ -25,22 +25,56 @@ function poseidon(inputs) {
const t = inputs.length + 1;
const nRoundsF = N_ROUNDS_F;
const nRoundsP = N_ROUNDS_P[t - 2];
const C = opt.C[t-2];
const S = opt.S[t-2];
const M = opt.M[t-2];
const P = opt.P[t-2];

let state = [F.zero, ...inputs.map(a => F.e(a))];
for (let r = 0; r < nRoundsF + nRoundsP; r++) {
state = state.map((a, i) => F.add(a, C[t - 2][r * t + i]));

if (r < nRoundsF / 2 || r >= nRoundsF / 2 + nRoundsP) {
state = state.map(a => pow5(a));
} else {
state[0] = pow5(state[0]);
}
state = state.map((a, i) => F.add(a, C[i]));

for (let r = 0; r < nRoundsF/2-1; r++) {
state = state.map(a => pow5(a));
state = state.map((a, i) => F.add(a, C[(r +1)* t +i]));
state = state.map((_, i) =>
state.reduce((acc, a, j) => F.add(acc, F.mul(M[j][i], a)), F.zero)
);
}
state = state.map(a => pow5(a));
state = state.map((a, i) => F.add(a, C[(nRoundsF/2-1 +1)* t +i]));
state = state.map((_, i) =>
state.reduce((acc, a, j) => F.add(acc, F.mul(P[j][i], a)), F.zero)
);
for (let r = 0; r < nRoundsP; r++) {
state[0] = pow5(state[0]);
state[0] = F.add(state[0], C[(nRoundsF/2 +1)*t + r]);


const s0 = state.reduce((acc, a, j) => {
return F.add(acc, F.mul(S[(t*2-1)*r+j], a));
}, F.zero);
for (let k=1; k<t; k++) {
state[k] = F.add(state[k], F.mul(state[0], S[(t*2-1)*r+t+k-1] ));
}
state[0] =s0;
}
for (let r = 0; r < nRoundsF/2-1; r++) {
state = state.map(a => pow5(a));
state = state.map((a, i) => F.add(a, C[ (nRoundsF/2 +1)*t + nRoundsP + r*t + i ]));
state = state.map((_, i) =>
state.reduce((acc, a, j) => F.add(acc, F.mul(M[t - 2][i][j], a)), F.zero)
state.reduce((acc, a, j) => F.add(acc, F.mul(M[j][i], a)), F.zero)
);
}
state = state.map(a => pow5(a));
state = state.map((_, i) =>
state.reduce((acc, a, j) => F.add(acc, F.mul(M[j][i], a)), F.zero)
);

return F.normalize(state[0]);
}

module.exports = poseidon;



Loading

0 comments on commit ddea7da

Please sign in to comment.