feat: Add Poseidon-BN254 hash functions (#1176)

* Move Poseidon tests * Add Poseidon hash functions and modify test * Move (failing) Poseidon tests back * Remove commented-out code
noir-lang · Apr 19, 2023 · 33feb2b · 33feb2b
1 parent ef07731
commit 33feb2b
Show file tree

Hide file tree

Showing 6 changed files with 158 additions and 17 deletions.
diff --git a/.../test_data/poseidonperm_x5_254/Nargo.toml → .../test_data/poseidon_bn254_hash/Nargo.toml b/.../test_data/poseidonperm_x5_254/Nargo.toml → .../test_data/poseidon_bn254_hash/Nargo.toml
diff --git a/...test_data/poseidonperm_x5_254/Prover.toml → ...test_data/poseidon_bn254_hash/Prover.toml b/...test_data/poseidonperm_x5_254/Prover.toml → ...test_data/poseidon_bn254_hash/Prover.toml
@@ -1,4 +1,4 @@
-x1 = [0,1,2]
+x1 = [1,2]
 y1 = "0x115cc0f5e7d690413df64c6b9662e9cf2a3617f2743245519e19607a4417189a"
-x2 = [0,1,2,3,4]
+x2 = [1,2,3,4]
 y2 = "0x299c867db6c1fdd79dcefa40e4510b9837e60ebb1ce0663dbaa525df65250465"
diff --git a/crates/nargo/tests/test_data/poseidon_bn254_hash/src/main.nr b/crates/nargo/tests/test_data/poseidon_bn254_hash/src/main.nr
@@ -0,0 +1,10 @@
+use dep::std::hash::poseidon;
+
+fn main(x1: [Field; 2], y1: pub Field, x2: [Field; 4], y2: pub Field)
+{
+    let hash1 = poseidon::bn254::hash_2(x1);
+    constrain hash1 == y1;
+
+    let hash2 = poseidon::bn254::hash_4(x2);
+    constrain hash2 == y2;
+}
diff --git a/crates/nargo/tests/test_data/poseidonperm_x5_254/src/main.nr b/crates/nargo/tests/test_data/poseidonperm_x5_254/src/main.nr
diff --git a/crates/nargo/tests/test_data/poseidonsponge_x5_254/src/main.nr b/crates/nargo/tests/test_data/poseidonsponge_x5_254/src/main.nr
@@ -6,9 +6,4 @@ fn main(x: [Field; 7])
     let result = poseidon::bn254::sponge(x);
 
     constrain result == 0x080ae1669d62f0197190573d4a325bfb8d8fc201ce3127cbac0c47a7ac81ac48;
-
-    // Test unoptimised sponge
-    let result2 = poseidon::absorb(poseidon::bn254::consts::x5_5_config(), [0;5], 4, 1, x)[1];
-
-    constrain result2 == result;
 }
diff --git a/noir_stdlib/src/hash/poseidon/bn254.nr b/noir_stdlib/src/hash/poseidon/bn254.nr
@@ -101,3 +101,149 @@ fn absorb<M,N,O,P>(
 fn sponge<N>(msg: [Field; N]) -> Field {
     absorb(consts::x5_5_config(), [0;5], 4, 1, msg)[1]
 }
+
+// Various instances of the Poseidon hash function
+// Consistent with Circom's implementation
+fn hash_1(input: [Field; 1]) -> Field {
+    let mut state = [0; 2];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_2(state)[0]
+}
+
+fn hash_2(input: [Field; 2]) -> Field {
+    let mut state = [0; 3];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_3(state)[0]
+}
+
+fn hash_3(input: [Field; 3]) -> Field {
+    let mut state = [0; 4];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_4(state)[0]
+}
+
+fn hash_4(input: [Field; 4]) -> Field {
+    let mut state = [0; 5];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_5(state)[0]
+}
+
+fn hash_5(input: [Field; 5]) -> Field {
+    let mut state = [0; 6];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_6(state)[0]
+}
+
+fn hash_6(input: [Field; 6]) -> Field {
+    let mut state = [0; 7];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_7(state)[0]
+}
+
+fn hash_7(input: [Field; 7]) -> Field {
+    let mut state = [0; 8];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_8(state)[0]
+}
+
+fn hash_8(input: [Field; 8]) -> Field {
+    let mut state = [0; 9];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_9(state)[0]
+}
+
+fn hash_9(input: [Field; 9]) -> Field {
+    let mut state = [0; 10];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_10(state)[0]
+}
+
+fn hash_10(input: [Field; 10]) -> Field {
+    let mut state = [0; 11];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_11(state)[0]
+}
+
+fn hash_11(input: [Field; 11]) -> Field {
+    let mut state = [0; 12];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_12(state)[0]
+}
+
+fn hash_12(input: [Field; 12]) -> Field {
+    let mut state = [0; 13];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_13(state)[0]
+}
+
+fn hash_13(input: [Field; 13]) -> Field {
+    let mut state = [0; 14];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_14(state)[0]
+}
+
+fn hash_14(input: [Field; 14]) -> Field {
+    let mut state = [0; 15];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_15(state)[0]
+}
+
+fn hash_15(input: [Field; 15]) -> Field {
+    let mut state = [0; 16];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_16(state)[0]
+}
+
+fn hash_16(input: [Field; 16]) -> Field {
+    let mut state = [0; 17];
+    for i in 0..input.len() {
+	state[i+1] = input[i];
+    }
+
+    perm::x5_17(state)[0]
+}