Minor changes. Exclude sponge test.

noir-lang · Feb 8, 2023 · d13d472 · d13d472
1 parent 757348f
commit d13d472
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 26 deletions.
diff --git a/crates/nargo/tests/test_data/config.toml b/crates/nargo/tests/test_data/config.toml
@@ -1,8 +1,8 @@
 # List of tests to be excluded (i.e not run), as their directory name in test_data
 # "1_mul", "2_div","3_add","4_sub","5_over", "6","6_array", "7_function","7","8_integration", "9_conditional", "10_slices", "assign_ex", "bool_not", "bool_or", "pedersen_check", "poseidonperm_x5_254", "poseidonsponge_x5_254", "pred_eq", "schnorr", "sha256", "tuples",
 # "array_len", "array_neq", "bit_and", "cast_bool", "comptime_array_access", "generics", "global_comptime", "main_bool_arg", "main_return", "merkle_insert", "modules", "modules_more", "scalar_mul", "simple_shield", "struct", "submodules",
-# Exclude "sha2_byte" due to relatively long computation time and "sha2_blocks" due to very long computation time.
-exclude = ["comptime_fail", "sha2_blocks", "sha2_byte"]
+# Exclude "poseidonsponge_x5_254" and "sha2_byte" due to relatively long computation time and "sha2_blocks" due to very long computation time.
+exclude = ["comptime_fail", "poseidonsponge_x5_254", "sha2_blocks", "sha2_byte"]
 
 
 # List of tests (as their directory name in test_data) expecting to fail: if the test pass, we report an error.

diff --git a/crates/nargo/tests/test_data/poseidonperm_x5_254/src/main.nr b/crates/nargo/tests/test_data/poseidonperm_x5_254/src/main.nr
@@ -1,6 +1,6 @@
 use dep::std::hash::poseidon;
 
-fn main(x1: [Field; 3], y1: Field, x2: [Field; 5], y2: Field)
+fn main(x1: [Field; 3], y1: pub Field, x2: [Field; 5], y2: pub Field)
 {
     let perm1 = poseidon::bn254::perm::x5_3(x1);
     constrain perm1[0] == y1;

diff --git a/crates/nargo/tests/test_data/poseidonsponge_x5_254/src/main.nr b/crates/nargo/tests/test_data/poseidonsponge_x5_254/src/main.nr
@@ -2,7 +2,13 @@ use dep::std::hash::poseidon;
 
 fn main(x: [Field; 7])
 {
+    // Test optimised sponge
     let result = poseidon::bn254::sponge(x);
 
     constrain result == 0x080ae1669d62f0197190573d4a325bfb8d8fc201ce3127cbac0c47a7ac81ac48;
+
+    // Test unoptimised sponge
+    let result2 = poseidon::absorb(poseidon::bn254::consts::x5_5_config(), [0;5], 4, 1, x)[1];
+
+    constrain result2 == result;
 }
diff --git a/noir_stdlib/src/hash/poseidon.nr b/noir_stdlib/src/hash/poseidon.nr
@@ -4,8 +4,7 @@ use crate::array;
 use crate::pow_32;
 use crate::field::modulus_num_bits;
 
-struct PoseidonConfig<M,N>
-{
+struct PoseidonConfig<M,N> {
     t: comptime Field, // Width, i.e. state size
     rf: comptime u8, // Number of full rounds; should be even
     rp: comptime u8, // Number of partial rounds
@@ -21,12 +20,11 @@ fn config<M,N>(
     alpha: comptime Field,
     ark: [Field; M],
     mds: [Field; N])
-    -> PoseidonConfig<M,N>
-{
+    -> PoseidonConfig<M,N> {
     // Input checks
     constrain t as u8 * (rf + rp) == array::len(ark) as u8;
     constrain t * t == array::len(mds);
-    constrain alpha > 0;
+    constrain alpha != 0;
 
     PoseidonConfig {t, rf, rp, alpha, ark, mds}
 }
@@ -35,8 +33,7 @@ fn config<M,N>(
 fn permute<M,N,O>(
     pos_conf: PoseidonConfig<M, N>,
     mut state: [Field; O])
-    -> [Field; O]
-{
+    -> [Field; O] {
     let PoseidonConfig {t, rf, rp, alpha, ark, mds} = pos_conf;
 
     constrain t == array::len(state);
@@ -72,9 +69,7 @@ fn absorb<M,N,O,P>(
     rate: comptime Field, // Rate
     capacity: comptime Field, // Capacity; usually 1
     msg: [Field; P]) // Arbitrary length message
-    -> [Field; O]
-{
-
+    -> [Field; O] {
     constrain pos_conf.t == rate + capacity;
 
     let mut i = 0;
@@ -92,7 +87,7 @@ fn absorb<M,N,O,P>(
     }
 
     // If we have one more block to permute
-    if i > 0 {
+    if i != 0 {
         state = permute(pos_conf, state);
     }
 
@@ -101,16 +96,14 @@ fn absorb<M,N,O,P>(
 
 
 // Check security of sponge instantiation
-fn check_security(rate: Field, width: Field, security: Field) -> bool
-{
+fn check_security(rate: Field, width: Field, security: Field) -> bool {
     let n = modulus_num_bits();
 
     ((n-1)*(width-rate)/2) as u8 > security as u8
 }
 
 // A*x where A is an n x n matrix in row-major order and x an n-vector
-fn apply_matrix<N>(a: [Field], x: [Field; N]) -> [Field; N]
-{
+fn apply_matrix<N>(a: [Field], x: [Field; N]) -> [Field; N] {
     let mut y = x;
 
     for i in 0..array::len(x) {

diff --git a/noir_stdlib/src/hash/poseidon/bn254.nr b/noir_stdlib/src/hash/poseidon/bn254.nr
@@ -7,12 +7,12 @@ use crate::array;
 use crate::pow_32;
 use crate::hash::poseidon::apply_matrix;
 
-// Optimised permutation for this particular field
+// Optimised permutation for this particular field; uses hardcoded rf and rp values,
+// which should agree with those in pos_conf.
 fn permute<M,N,O>(
     pos_conf: PoseidonConfig<M, N>,
     mut state: [Field; O])
-    -> [Field; O]
-{
+    -> [Field; O] {
     let PoseidonConfig {t, rf: config_rf, rp: config_rp, alpha, ark, mds} = pos_conf;
     let rf = 8;
     let rp = [56, 57, 56, 60, 60, 63, 64, 63, 60, 66, 60, 65, 70, 60, 64, 68][array::len(state) - 2];
@@ -73,8 +73,7 @@ fn absorb<M,N,O,P>(
     rate: comptime Field, // Rate
     capacity: comptime Field, // Capacity; usually 1
     msg: [Field; P] // Arbitrary length message
-) -> [Field; O]
-{
+) -> [Field; O] {
 
     constrain pos_conf.t == rate + capacity;
 
@@ -93,15 +92,14 @@ fn absorb<M,N,O,P>(
     }
 
     // If we have one more block to permute
-    if i > 0 {
+    if i != 0 {
         state = permute(pos_conf, state);
     }
 
     state
 }
 
 // Variable-length Poseidon-128 sponge as suggested in second bullet point of §3 of https://eprint.iacr.org/2019/458.pdf
-fn sponge<N>(msg: [Field; N]) -> Field // Poseidon sponge (absorption) with rate 4 and width 5
-{
+fn sponge<N>(msg: [Field; N]) -> Field {
     absorb(consts::x5_5_config(), [0;5], 4, 1, msg)[1]
 }