feat(stdlib): Add keccak (#1249)

* Add keccak in stdlib * add simple keccak example * use assert * update to latest aztec_backend * update barretenberg to e66f1ef38c3c87c223456d8a77878c2bd3d346eb * change sha256 to keccak256 * update flake.lock * update commit * update cargo.lock --------- Co-authored-by: Kevaundray Wedderburn <[email protected]>
noir-lang · May 9, 2023 · 260d87d · 260d87d
1 parent 36f5b8e
commit 260d87d
Show file tree

Hide file tree

Showing 8 changed files with 89 additions and 13 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/crates/nargo_cli/Cargo.toml b/crates/nargo_cli/Cargo.toml
@@ -37,7 +37,7 @@ termcolor = "1.1.2"
 color-eyre = "0.6.2"
 
 # Backends
-acvm-backend-barretenberg = { git = "https://github.com/noir-lang/aztec_backend", rev = "c9fb9e806f1400a2ff7594a0669bec56025220bb", default-features=false }
+acvm-backend-barretenberg = { git = "https://github.com/noir-lang/aztec_backend", rev = "677f10e07011849f8aa0d75fe80390bb3081b1e5", default-features = false }
 
 [dev-dependencies]
 tempdir = "0.3.7"
@@ -50,4 +50,3 @@ default = ["plonk_bn254"]
 # The plonk backend can only use bn254, so we do not specify the field
 plonk_bn254 = ["acvm-backend-barretenberg/native"]
 plonk_bn254_wasm = ["acvm-backend-barretenberg/wasm"]
-
diff --git a/crates/nargo_cli/tests/test_data/keccak256/Nargo.toml b/crates/nargo_cli/tests/test_data/keccak256/Nargo.toml
@@ -0,0 +1,5 @@
+[package]
+authors = [""]
+compiler_version = "0.1"
+
+[dependencies]
diff --git a/crates/nargo_cli/tests/test_data/keccak256/Prover.toml b/crates/nargo_cli/tests/test_data/keccak256/Prover.toml
@@ -0,0 +1,35 @@
+x = 0xbd
+result = [
+        0x5a,
+        0x50,
+        0x2f,
+        0x9f,
+        0xca,
+        0x46,
+        0x7b,
+        0x26,
+        0x6d,
+        0x5b,
+        0x78,
+        0x33,
+        0x65,
+        0x19,
+        0x37,
+        0xe8,
+        0x05,
+        0x27,
+        0x0c,
+        0xa3,
+        0xf3,
+        0xaf,
+        0x1c,
+        0x0d,
+        0xd2,
+        0x46,
+        0x2d,
+        0xca,
+        0x4b,
+        0x3b,
+        0x1a,
+        0xbf,
+]
diff --git a/crates/nargo_cli/tests/test_data/keccak256/src/main.nr b/crates/nargo_cli/tests/test_data/keccak256/src/main.nr
@@ -0,0 +1,10 @@
+// Keccak256 example
+//
+use dep::std;
+
+fn main(x: Field, result: [u8; 32]) {
+    // We use the `as` keyword here to denote the fact that we want to take just the first byte from the x Field
+    // The padding is taken care of by the program
+    let digest = std::hash::keccak256([x as u8]);
+    assert(digest == result);
+}
diff --git a/crates/noirc_evaluator/src/ssa/builtin.rs b/crates/noirc_evaluator/src/ssa/builtin.rs
@@ -73,6 +73,7 @@ impl Opcode {
                 match op {
                     // Pointers do not overflow
                     BlackBoxFunc::SHA256
+                    | BlackBoxFunc::Keccak256
                     | BlackBoxFunc::Blake2s
                     | BlackBoxFunc::Pedersen
                     | BlackBoxFunc::FixedBaseScalarMul => BigUint::zero(),
@@ -84,9 +85,6 @@ impl Opcode {
                     BlackBoxFunc::AES => {
                         todo!("ICE: AES is unimplemented")
                     }
-                    BlackBoxFunc::Keccak256 => {
-                        todo!("ICE: Keccak256 is unimplemented")
-                    }
                     BlackBoxFunc::RANGE | BlackBoxFunc::AND | BlackBoxFunc::XOR => {
                         unimplemented!("ICE: these opcodes do not have Noir builtin functions")
                     }
@@ -105,10 +103,7 @@ impl Opcode {
             Opcode::LowLevel(op) => {
                 match op {
                     BlackBoxFunc::AES => todo!("ICE: AES is unimplemented"),
-                    BlackBoxFunc::Keccak256 => {
-                        todo!("ICE: Keccak256 is unimplemented")
-                    }
-                    BlackBoxFunc::SHA256 | BlackBoxFunc::Blake2s => {
+                    BlackBoxFunc::SHA256 | BlackBoxFunc::Blake2s | BlackBoxFunc::Keccak256 => {
                         (32, ObjectType::unsigned_integer(8))
                     }
                     BlackBoxFunc::ComputeMerkleRoot | BlackBoxFunc::HashToField128Security => {

diff --git a/flake.lock b/flake.lock
diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr
@@ -12,6 +12,9 @@ fn pedersen<N>(_input : [Field; N]) -> [Field; 2] {}
 #[foreign(hash_to_field_128_security)]
 fn hash_to_field<N>(_input : [Field; N]) -> Field {}
 
+#[foreign(keccak256)]
+fn keccak256<N>(_input : [u8; N]) -> [u8; 32] {}
+
 // mimc-p/p implementation
 // constants are (publicly generated) random numbers, for instance using keccak as a ROM.
 // You must use constants generated for the native field