Barretenberg: src/barretenberg/stdlib/hash/pedersen/pedersen.cpp Source File

// === AUDIT STATUS ===

// internal:    { status: not started, auditors: [], date: YYYY-MM-DD }

// external_1:  { status: not started, auditors: [], date: YYYY-MM-DD }

// external_2:  { status: not started, auditors: [], date: YYYY-MM-DD }

// =====================


#include "pedersen.hpp"

#include "barretenberg/crypto/pedersen_hash/pedersen.hpp"

#include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp"

namespace bb::stdlib {


using namespace bb;


template <typename C>


field_t<C> pedersen_hash<C>::hash(const std::vector<field_ct>& inputs, const GeneratorContext context)

{

    using cycle_scalar = typename cycle_group::cycle_scalar;

    using Curve = EmbeddedCurve;


    const auto base_points = context.generators->get(inputs.size(), context.offset, context.domain_separator);


    std::vector<cycle_scalar> scalars;

    std::vector<cycle_group> points;

    scalars.emplace_back(cycle_scalar::create_from_bn254_scalar(field_ct(inputs.size())));

    points.emplace_back(crypto::pedersen_hash_base<Curve>::length_generator);

    for (size_t i = 0; i < inputs.size(); ++i) {

        scalars.emplace_back(cycle_scalar::create_from_bn254_scalar(inputs[i]));

        // constructs constant cycle_group objects (non-witness)

        points.emplace_back(base_points[i]);

    }


    auto result = cycle_group::batch_mul(points, scalars);

    return result.x;

}


template <typename C>


field_t<C> pedersen_hash<C>::hash_skip_field_validation(const std::vector<field_ct>& inputs,

                                                        const GeneratorContext context)

{

    using cycle_scalar = typename cycle_group::cycle_scalar;

    using Curve = EmbeddedCurve;


    const auto base_points = context.generators->get(inputs.size(), context.offset, context.domain_separator);


    std::vector<cycle_scalar> scalars;

    std::vector<cycle_group> points;

    scalars.emplace_back(cycle_scalar::create_from_bn254_scalar(field_ct(inputs.size())));

    points.emplace_back(crypto::pedersen_hash_base<Curve>::length_generator);

    for (size_t i = 0; i < inputs.size(); ++i) {

        // `true` param = skip primality test when performing a scalar mul

        scalars.emplace_back(cycle_scalar::create_from_bn254_scalar(inputs[i], true));

        // constructs constant cycle_group objects (non-witness)

        points.emplace_back(base_points[i]);

    }


    auto result = cycle_group::batch_mul(points, scalars);

    return result.x;

}


template <typename C>


field_t<C> pedersen_hash<C>::hash_buffer(const stdlib::byte_array<C>& input, GeneratorContext context)

{

    const size_t num_bytes = input.size();

    const size_t bytes_per_element = 31;

    size_t num_elements = static_cast<size_t>(num_bytes % bytes_per_element != 0) + (num_bytes / bytes_per_element);


    std::vector<field_ct> elements;

    for (size_t i = 0; i < num_elements; ++i) {

        size_t bytes_to_slice = 0;

        if (i == num_elements - 1) {

            bytes_to_slice = num_bytes - (i * bytes_per_element);

        } else {

            bytes_to_slice = bytes_per_element;

        }

        auto element = static_cast<field_ct>(input.slice(i * bytes_per_element, bytes_to_slice));

        elements.emplace_back(element);

    }

    field_ct hashed;

    if (elements.size() < 2) {

        hashed = hash(elements, context);

    } else {

        hashed = hash({ elements[0], elements[1] }, context);

        for (size_t i = 2; i < elements.size(); ++i) {

            hashed = hash({ hashed, elements[i] }, context);

        }

    }

    return hashed;

}


template class pedersen_hash<bb::UltraCircuitBuilder>;

template class pedersen_hash<bb::MegaCircuitBuilder>;


} // namespace bb::stdlib

bb::crypto::pedersen_hash_base
Performs pedersen hashes!
Definition pedersen.hpp:30

bb::curve::Grumpkin
Definition grumpkin.hpp:50

bb::stdlib::byte_array
Represents a dynamic array of bytes in-circuit.
Definition byte_array.hpp:28

bb::stdlib::byte_array::slice
byte_array slice(size_t offset) const
Slice bytes from the byte array starting at offset. Does not add any constraints.
Definition byte_array.cpp:278

bb::stdlib::byte_array::size
size_t size() const
Definition byte_array.hpp:74

bb::stdlib::cycle_group::cycle_scalar
::bb::stdlib::cycle_scalar< Builder > cycle_scalar
Definition cycle_group.hpp:61

bb::stdlib::cycle_group::batch_mul
static cycle_group batch_mul(const std::vector< cycle_group > &base_points, const std::vector< BigScalarField > &scalars, GeneratorContext context={})
Definition cycle_group.hpp:109

bb::stdlib::cycle_scalar
cycle_scalar represents a member of the cycle curve SCALAR FIELD. This is NOT the native circuit fiel...
Definition cycle_scalar.hpp:34

bb::stdlib::cycle_scalar::create_from_bn254_scalar
static cycle_scalar create_from_bn254_scalar(const field_t &_in, bool skip_primality_test=false)
Use when we want to multiply a group element by a string of bits of known size. N....
Definition cycle_scalar.cpp:101

bb::stdlib::field_t
Definition field.hpp:45

bb::stdlib::pedersen_hash
stdlib class that evaluates in-circuit pedersen hashes, consistent with behavior in crypto::pedersen_...
Definition pedersen.hpp:23

bb::stdlib::pedersen_hash::hash_buffer
static field_ct hash_buffer(const stdlib::byte_array< Builder > &input, GeneratorContext context={})
Hash a byte_array.
Definition pedersen.cpp:67

bb::stdlib::pedersen_hash::hash_skip_field_validation
static field_ct hash_skip_field_validation(const std::vector< field_ct > &in, GeneratorContext context={})
Definition pedersen.cpp:37

bb::stdlib::pedersen_hash::EmbeddedCurve
typename cycle_group< Builder >::Curve EmbeddedCurve
Definition pedersen.hpp:28

bb::stdlib::pedersen_hash::hash
static field_ct hash(const std::vector< field_ct > &in, GeneratorContext context={})
Definition pedersen.cpp:15

context
StrictMock< MockContext > context
Definition data_copy.test.cpp:55

pedersen.hpp

grumpkin.hpp

field_ct
stdlib::field_t< Builder > field_ct
Definition graph_description_blake2s.test.cpp:12

hash
void hash(State &state) noexcept
Definition merkle_tree.bench.cpp:28

bb::stdlib
Definition graph_description_goblin.test.cpp:13

bb::stdlib::element
std::conditional_t< IsGoblinBigGroup< C, Fq, Fr, G >, element_goblin::goblin_element< C, goblin_field< C >, Fr, G >, element_default::element< C, Fq, Fr, G > > element
element wraps either element_default::element or element_goblin::goblin_element depending on parametr...
Definition biggroup.hpp:1055

bb
Entry point for Barretenberg command-line interface.
Definition acir_format_getters.cpp:6

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

pedersen.hpp

bb::crypto::GeneratorContext
Definition generator_data.hpp:133