logos-co
/
nomos-pocs
mirror of https://github.com/logos-co/nomos-pocs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nomos-pocs/proof_of_leadership/circom/generate_inputs.py

1348 lines
72 KiB
Python
Executable File
Raw Permalink Blame History

#!/usr/bin/sage
# -*- mode: python ; -*-
from sage.all import *
import hashlib
import itertools
from hashlib import sha256
p = 52435875175126190479447740508185965837690552500527637822603658699938581184513
F = FiniteField(p)
# anemoi is from their repo
COST_ALPHA = {
3 : 2, 5 : 3, 7 : 4, 9 : 4,
11 : 5, 13 : 5, 15 : 5, 17 : 5,
19 : 6, 21 : 6, 23 : 6, 25 : 6,
27 : 6, 29 : 7, 31 : 7, 33 : 6,
35 : 7, 37 : 7, 39 : 7, 41 : 7,
43 : 7, 45 : 7, 47 : 8, 49 : 7,
51 : 7, 53 : 8, 55 : 8, 57 : 8,
59 : 8, 61 : 8, 63 : 8, 65 : 7,
67 : 8, 69 : 8, 71 : 9, 73 : 8,
75 : 8, 77 : 8, 79 : 9, 81 : 8,
83 : 8, 85 : 8, 87 : 9, 89 : 9,
91 : 9, 93 : 9, 95 : 9, 97 : 8,
99 : 8, 101 : 9, 103 : 9, 105 : 9,
107 : 9, 109 : 9, 111 : 9, 113 : 9,
115 : 9, 117 : 9, 119 : 9, 121 : 9,
123 : 9, 125 : 9, 127 : 10,
}
ALPHA_BY_COST = {
c : [x for x in range(3, 128, 2) if COST_ALPHA[x] == c]
for c in range(2, 11)
}
PI_0 = 1415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679
PI_1 = 8214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196
def get_prime(N):
result = (1 << N) - 1
while not is_prime(result):
result -= 2
return result
def get_n_rounds(s, l, alpha):
r = 0
complexity = 0
kappa = {3:1, 5:2, 7:4, 9:7, 11:9}
assert alpha in kappa
while complexity < 2**s:
r += 1
complexity = binomial(
4*l*r + kappa[alpha],
2*l*r
)**2
r += 2 # considering the second model
r += min(5,l+1) # security margin
return max(8, r)
# Linear layer generation
def is_mds(m):
# Uses the Laplace expansion of the determinant to calculate the (m+1)x(m+1) minors in terms of the mxm minors.
# Taken from https://github.com/mir-protocol/hash-constants/blob/master/mds_search.sage.
# 1-minors are just the elements themselves
if any(any(r == 0 for r in row) for row in m):
return False
N = m.nrows()
assert m.is_square() and N >= 2
det_cache = m
# Calculate all the nxn minors of m:
for n in range(2, N+1):
new_det_cache = dict()
for rows in itertools.combinations(range(N), n):
for cols in itertools.combinations(range(N), n):
i, *rs = rows
# Laplace expansion along row i
det = 0
for j in range(n):
# pick out c = column j; the remaining columns are in cs
c = cols[j]
cs = cols[:j] + cols[j+1:]
# Look up the determinant from the previous iteration
# and multiply by -1 if j is odd
cofactor = det_cache[(*rs, *cs)]
if j % 2 == 1:
cofactor = -cofactor
# update the determinant with the j-th term
det += m[i, c] * cofactor
if det == 0:
return False
new_det_cache[(*rows, *cols)] = det
det_cache = new_det_cache
return True
def M_2(x_input, b):
x = x_input[:]
x[0] += b*x[1]
x[1] += b*x[0]
return x
def M_3(x_input, b):
x = x_input[:]
t = x[0] + b*x[2]
x[2] += x[1]
x[2] += b*x[0]
x[0] = t + x[2]
x[1] += t
return x
def M_4(x_input, b):
x = x_input[:]
x[0] += x[1]
x[2] += x[3]
x[3] += b*x[0]
x[1] = b*(x[1] + x[2])
x[0] += x[1]
x[2] += b*x[3]
x[1] += x[2]
x[3] += x[0]
return x
def lfsr(x_input, b):
x = x_input[:]
l = len(x)
for r in range(0, l):
t = sum(b**(2**i) * x[i] for i in range(0, l))
x = x[1:] + [t]
return x
def circulant_mds_matrix(field, l, coeff_upper_limit=None):
if coeff_upper_limit == None:
coeff_upper_limit = l+1
assert(coeff_upper_limit > l)
for v in itertools.combinations_with_replacement(range(1,coeff_upper_limit), l):
mat = matrix.circulant(list(v)).change_ring(field)
if is_mds(mat):
return(mat)
# In some cases, the method won't return any valid matrix,
# hence the need to increase the limit further.
return circulant_mds_matrix(field, l, coeff_upper_limit+1)
def get_mds(field, l):
if l == 1:
return identity_matrix(field, 1)
if l <= 4: # low addition case
a = field.multiplicative_generator()
b = field.one()
t = 0
while True:
# we construct the matrix
mat = []
b = b*a
t += 1
for i in range(0, l):
x_i = [field.one() * (j == i) for j in range(0, l)]
if l == 2:
mat.append(M_2(x_i, b))
elif l == 3:
mat.append(M_3(x_i, b))
elif l == 4:
mat.append(M_4(x_i, b))
mat = Matrix(field, l, l, mat).transpose()
if is_mds(mat):
return mat
else: # circulant matrix case
return circulant_mds_matrix(field, l)
# AnemoiPermutation class
class AnemoiPermutation:
def __init__(self,
q=None,
alpha=None,
mat=None,
n_rounds=None,
n_cols=1,
security_level=128):
if q == None:
raise Exception("The characteristic of the field must be specified!")
self.q = q
self.prime_field = is_prime(q) # if true then we work over a
# prime field with
# characteristic just under
# 2**N, otherwise the
# characteristic is 2**self
self.n_cols = n_cols # the number of parallel S-boxes in each round
self.security_level = security_level
# initializing the other variables in the state:
# - q is the characteristic of the field
# - g is a generator of the multiplicative subgroup
# - alpha is the main exponent (in the center of the Flystel)
# - beta is the coefficient in the quadratic subfunction
# - gamma is the constant in the second quadratic subfunction
# - QUAD is the secondary (quadratic) exponent
# - from_field is a function mapping field elements to integers
# - to_field is a function mapping integers to field elements
self.F = GF(self.q)
if self.prime_field:
if alpha != None:
if gcd(alpha, self.q-1) != 1:
raise Exception("alpha should be co-prime with the characteristic!")
else:
self.alpha = alpha
else:
self.alpha = 3
while gcd(self.alpha, self.q-1) != 1:
self.alpha += 1
self.QUAD = 2
self.to_field = lambda x : self.F(x)
self.from_field = lambda x : Integer(x)
else:
self.alpha = 3
self.QUAD = 3
self.to_field = lambda x : self.F.fetch_int(x)
self.from_field = lambda x : x.integer_representation()
self.g = self.F.multiplicative_generator()
self.beta = self.g
self.delta = self.g**(-1)
self.alpha_inv = inverse_mod(self.alpha, self.q-1)
# total number of rounds
if n_rounds != None:
self.n_rounds = n_rounds
else:
self.n_rounds = get_n_rounds(self.security_level,
self.n_cols,
self.alpha)
# Choosing constants: self.C and self.D are built from the
# digits of pi using an open butterfly
self.C = []
self.D = []
pi_F_0 = self.to_field(PI_0 % self.q)
pi_F_1 = self.to_field(PI_1 % self.q)
for r in range(0, self.n_rounds):
pi_0_r = pi_F_0**r
self.C.append([])
self.D.append([])
for i in range(0, self.n_cols):
pi_1_i = pi_F_1**i
pow_alpha = (pi_0_r + pi_1_i)**self.alpha
self.C[r].append(self.g * (pi_0_r)**2 + pow_alpha)
self.D[r].append(self.g * (pi_1_i)**2 + pow_alpha + self.delta)
self.mat = get_mds(self.F, self.n_cols)
def __str__(self):
result = "Anemoi instance over F_{:d} ({}), n_rounds={:d}, n_cols={:d}, s={:d}".format(
self.q,
"odd prime field" if self.prime_field else "characteristic 2",
self.n_rounds,
self.n_cols,
self.security_level
)
result += "\nalpha={}, beta={}, \ndelta={}\nM_x=\n{}\ninv_alpha={}\n".format(
self.alpha,
self.beta,
self.delta,
self.mat,
self.alpha_inv
)
result += "C={}\nD={}".format(
[[self.from_field(x) for x in self.C[r]] for r in range(0, self.n_rounds)],
[[self.from_field(x) for x in self.D[r]] for r in range(0, self.n_rounds)],
)
return result
# !SECTION! Sub-components
def evaluate_sbox(self, _x, _y):
x, y = _x, _y
x -= self.beta*y**self.QUAD
y -= x**self.alpha_inv
x += self.beta*y**self.QUAD + self.delta
return x, y
def linear_layer(self, _x, _y):
x, y = _x[:], _y[:]
x = self.mat*vector(x)
y = self.mat*vector(y[1:] + [y[0]])
# Pseudo-Hadamard transform on each (x,y) pair
y += x
x += y
return list(x), list(y)
# !SECTION! Evaluation
def eval_with_intermediate_values(self, _x, _y):
x, y = _x[:], _y[:]
result = [[x[:], y[:]]]
for r in range(0, self.n_rounds):
for i in range(0, self.n_cols):
x[i] += self.C[r][i]
y[i] += self.D[r][i]
x, y = self.linear_layer(x, y)
for i in range(0, self.n_cols):
x[i], y[i] = self.evaluate_sbox(x[i], y[i])
result.append([x[:], y[:]])
# final call to the linear layer
x, y = self.linear_layer(x, y)
result.append([x[:], y[:]])
return result
def input_size(self):
return 2*self.n_cols
def __call__(self, _x):
if len(_x) != self.input_size():
raise Exception("wrong input size!")
else:
x, y = _x[:self.n_cols], _x[self.n_cols:]
u, v = self.eval_with_intermediate_values(x, y)[-1]
return u + v # concatenation, not a sum
# !SECTION! Writing full system of equations
def get_polynomial_variables(self):
x_vars = []
y_vars = []
all_vars = []
for r in range(0, self.n_rounds+1):
x_vars.append(["X{:02d}{:02d}".format(r, i) for i in range(0, self.n_cols)])
y_vars.append(["Y{:02d}{:02d}".format(r, i) for i in range(0, self.n_cols)])
all_vars += x_vars[-1]
all_vars += y_vars[-1]
pol_ring = PolynomialRing(self.F, (self.n_rounds+1)*2*self.n_cols, all_vars)
pol_gens = pol_ring.gens()
result = {"X" : [], "Y" : []}
for r in range(0, self.n_rounds+1):
result["X"].append([])
result["Y"].append([])
for i in range(0, self.n_cols):
result["X"][r].append(pol_gens[self.n_cols*2*r + i])
result["Y"][r].append(pol_gens[self.n_cols*2*r + i + self.n_cols])
return result
def verification_polynomials(self, pol_vars):
equations = []
for r in range(0, self.n_rounds):
# the outputs of the open flystel are the state variables x, y at round r+1
u = pol_vars["X"][r+1]
v = pol_vars["Y"][r+1]
# the inputs of the open flystel are the state variables
# x, y at round r after undergoing the constant addition
# and the linear layer
x, y = pol_vars["X"][r], pol_vars["Y"][r]
x = [x[i] + self.C[r][i] for i in range(0, self.n_cols)]
y = [y[i] + self.D[r][i] for i in range(0, self.n_cols)]
x, y = self.linear_layer(x, y)
for i in range(0, self.n_cols):
equations.append(
(y[i]-v[i])**self.alpha + self.beta*y[i]**self.QUAD - x[i]
)
equations.append(
(y[i]-v[i])**self.alpha + self.beta*v[i]**self.QUAD + self.delta - u[i]
)
return equations
def print_verification_polynomials(self):
p_vars = self.get_polynomial_variables()
eqs = self.verification_polynomials(p_vars)
variables_string = ""
for r in range(0, self.n_rounds+1):
variables_string += str(p_vars["X"][r])[1:-1] + "," + str(p_vars["Y"][r])[1:-1] + ","
print(variables_string[:-1].replace(" ", ""))
print(self.q)
for f in eqs:
print(f)
# !SECTION! Modes of operation
def jive(P, b, _x):
if b < 2:
raise Exception("b must be at least equal to 2")
if P.input_size() % b != 0:
raise Exception("b must divide the input size!")
c = P.input_size()/b # length of the compressed output
# Output size check: we allow the output size to be 3 bits shorter than
# the theoretical target, as commonly used finite fields usually have a
# characteristic size slightly under 2**256.
if c * P.F.cardinality().nbits() < 2 * P.security_level - 3:
raise Exception(f"digest size is too small for the targeted security level!")
x = _x[:]
u = P(x)
compressed = []
for i in range(0, int(c)):
compressed.append(sum(x[int(i+c*j)] + u[int(i+c*j)]
for j in range(0, int(b))))
return compressed
A_2 = AnemoiPermutation(q=p, alpha=5, n_rounds=None, n_cols=1, security_level=128)
A_4 = AnemoiPermutation(q=p, alpha=5, n_rounds=None, n_cols=2, security_level=128)
A_16 = AnemoiPermutation(q=p, alpha=5, n_rounds=None, n_cols=8, security_level=128)
def anemoi(state):
if len(state) == 2:
return jive(A_2,2,state)[0]
if len(state) == 4:
return jive(A_4,4,state)[0]
if len(state) == 16:
return jive(A_16,16,state)[0]
def poseidon(state):
if len(state) == 2:
original_state = state
cst = poseidon_round_constant_2_to_1()
state = poseidon_linear_layer_2_to_1(state)
for i in range(4):
for j in range(2):
state[j] += cst[2*i+j]
state[j] = state[j]**5
state = poseidon_linear_layer_2_to_1(state)
for i in range(56):
state[0] += cst[i + 8]
state[0] = state[0]**5
state = poseidon_linear_layer_2_to_1(state)
for i in range(4):
for j in range(2):
state[j] += cst[64 + i*2 + j]
state[j] = state[j]**5
state = poseidon_linear_layer_2_to_1(state)
return state[0] + state[1] + original_state[0] + original_state[1]
if len(state) == 4:
original_state = state
cst = poseidon_round_constant_4_to_1()
state = poseidon_external_linear_layer_4_to_1(state)
for i in range(4):
for j in range(4):
state[j] += cst[4*i+j]
state[j] = state[j]**5
state = poseidon_external_linear_layer_4_to_1(state)
for i in range(56):
state[0] += cst[i + 16]
state[0] = state[0]**5
state = poseidon_internal_linear_layer_4_to_1(state)
for i in range(4):
for j in range(4):
state[j] += cst[72 + i*4 + j]
state[j] = state[j]**5
state = poseidon_external_linear_layer_4_to_1(state)
h = F(0)
for i in range(4):
h += state[i] + original_state[i]
return h
if len(state) == 16:
original_state = state
cst = poseidon_round_constant_16_to_1()
state = poseidon_external_linear_layer_16_to_1(state)
for i in range(4):
for j in range(16):
state[j] += cst[16*i+j]
state[j] = state[j]**5
state = poseidon_external_linear_layer_16_to_1(state)
for i in range(57):
state[0] += cst[i + 64]
state[0] = state[0]**5
state = poseidon_internal_linear_layer_16_to_1(state)
for i in range(4):
for j in range(16):
state[j] += cst[121 + i*16 + j]
state[j] = state[j]**5
state = poseidon_external_linear_layer_16_to_1(state)
h = F(0)
for i in range(16):
h += state[i] + original_state[i]
return h
def poseidon_linear_layer_2_to_1(state):
M = Matrix(F,[[2,1],[1,2]])
return [2*state[0]+state[1],state[0]+2*state[1]]
def poseidon_external_linear_layer_4_to_1(state):
M_4 = [[5,7,1,3],[4,6,1,1],[1,3,5,7],[1,1,4,6]]
new_state = [0 for i in range(4)]
for i in range(4):
for j in range(4):
new_state[i] += M_4[i][j] * state[j]
return new_state
def poseidon_external_linear_layer_16_to_1(state):
M_E = [[10,14,2,6,5,7,1,3,5,7,1,3,5,7,1,3],
[ 8,12,2,2,4,6,1,1,4,6,1,1,4,6,1,1],
[ 2,6,10,14,1,3,5,7,1,3,5,7,1,3,5,7],
[ 2,2,8,12,1,1,4,6,1,1,4,6,1,1,4,6],
[ 5,7,1,3,10,14,2,6,5,7,1,3,5,7,1,3],
[ 4,6,1,1,8,12,2,2,4,6,1,1,4,6,1,1],
[ 1,3,5,7,2,6,10,14,1,3,5,7,1,3,5,7],
[ 1,1,4,6,2,2,8,12,1,1,4,6,1,1,4,6],
[ 5,7,1,3,5,7,1,3,10,14,2,6,5,7,1,3],
[ 4,6,1,1,4,6,1,1,8,12,2,2,4,6,1,1],
[ 1,3,5,7,1,3,5,7,2,6,10,14,1,3,5,7],
[ 1,1,4,6,1,1,4,6,2,2,8,12,1,1,4,6],
[ 5,7,1,3,5,7,1,3,5,7,1,3,10,14,2,6],
[ 4,6,1,1,4,6,1,1,4,6,1,1,8,12,2,2],
[ 1,3,5,7,1,3,5,7,1,3,5,7,2,6,10,14],
[ 1,1,4,6,1,1,4,6,1,1,4,6,2,2,8,12]]
new_state = [0 for i in range(16)]
for i in range(16):
for j in range(16):
new_state[i] += M_E[i][j] * state[j]
return new_state
def poseidon_internal_linear_layer_4_to_1(state):
M_I = [[2,1,1,1],[1,2,1,1],[1,1,4,1],[1,1,1,8]]
new_state = [0 for i in range(4)]
for i in range(4):
for j in range(4):
new_state[i] += M_I[i][j] * state[j]
return new_state
def poseidon_internal_linear_layer_16_to_1(state):
M_I = [[68,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1],
[1,85,1,1,1,1,1,1,1,1,1,1,1,1,1,1],
[1,1,81,1,1,1,1,1,1,1,1,1,1,1,1,1],
[1,1,1,95,1,1,1,1,1,1,1,1,1,1,1,1],
[1,1,1,1,58,1,1,1,1,1,1,1,1,1,1,1],
[1,1,1,1,1,90,1,1,1,1,1,1,1,1,1,1],
[1,1,1,1,1,1,93,1,1,1,1,1,1,1,1,1],
[1,1,1,1,1,1,1,40,1,1,1,1,1,1,1,1],
[1,1,1,1,1,1,1,1,35,1,1,1,1,1,1,1],
[1,1,1,1,1,1,1,1,1,25,1,1,1,1,1,1],
[1,1,1,1,1,1,1,1,1,1,2,1,1,1,1,1],
[1,1,1,1,1,1,1,1,1,1,1,96,1,1,1,1],
[1,1,1,1,1,1,1,1,1,1,1,1,22,1,1,1],
[1,1,1,1,1,1,1,1,1,1,1,1,1,74,1,1],
[1,1,1,1,1,1,1,1,1,1,1,1,1,1,69,1],
[1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,53]]
new_state = [0 for i in range(16)]
for i in range(16):
for j in range(16):
new_state[i] += M_I[i][j] * state[j]
return new_state
def anemoi_C_2_to_1():
return [
39,
41362478282768062297187132445775312675360473883834860695283235286481594490621,
9548818195234740988996233204400874453525674173109474205108603996010297049928,
25365440569177822667580105183435418073995888230868180942004497015015045856900,
34023498397393406644117994167986720327178154686105264833093891093045919619309,
38816051319719761886041858113129205506758421478656182868737326994635468402951,
35167418087531820804128377095512663922179887277669504047069913414630376083753,
25885868839756469722325652387535232478219821850603640827385444642154834700231,
8867588811641202981080659274007552529205713737251862066053445622305818871963,
36439756010140137556111047750162544185710881404522379792044818039722752946048,
7788624504122357216765350546787885309160020166693449889975992574536033007374,
3134147137704626983201116226440762775442116005053282329971088789984415999550,
50252287380741824818995733304361249016282047978221591906573165442023106203143,
48434698978712278012409706205559577163572452744833134361195687109159129985373,
32960510617530186159512413633821386297955642598241661044178889571655571939473,
12850897859166761094422335671106280470381427571695744605265713866647560628356,
14578036872634298798382048587794204613583128573535557156943783762854124345644,
21588109842058901916690548710649523388049643745013696896704903154857389904594,
35731638686520516424752846654442973203189295883541072759390882351699754104989,
34141830003233180772153845227433233456603143306530920011579259084215824391544,
30272543670850635882116596228256005460817517173808721139136515002908946750291
]
def anemoi_D_2_to_1():
return [
14981678621464625851270783002338847382197300714436467949315331057125308909900,
28253420209785428420233456008091632509255652343634529984400816700490470131093,
51511939407083344002778208487678590135577660247075600880835916725469990319313,
46291121544435738125248657675097664742296276807186696922340332893747842754587,
3650460179273129580093806058710273018999560093475503119057680216309578390988,
45802223370746268123059159806400152299867771061127345631244786118574025749328,
11798621276624967315721748990709309216351696098813162382053396097866233042733,
42372918959432199162670834641599336326433006968669415662488070504036922966492,
52181371244193189669553521955614617990714056725501643636576377752669773323445,
23791984554824031672195249524658580601428376029501889159059009332107176394097,
33342520831620303764059548442834699069640109058400548818586964467754352720368,
16791548253207744974576845515705461794133799104808996134617754018912057476556,
11087343419860825311828133337767238110556416596687749174422888171911517001265,
11931207770538477937808955037363240956790374856666237106403111503668796872571,
3296943608590459582451043049934874894049468383833500962645016062634514172805,
7080580976521357573320018355401935489220216583936865937104131954142364033647,
25990144965911478244481527888046366474489820502460615136523859419965697796405,
33907313384235729375566529911940467295099705980234607934575786561097199483218,
25996950265608465541351207283024962044374873682152889814392533334239395044136,
17878892320641464292190655092475335317049416605865175118054314040434534086821,
25443622609028754422863910981890932539396181992608938932620284900889552530362
]
def anemoi_C_4_to_1():
return [
[39,
17756515227822460609684409997111995494590448775258437999344446424780281143353],
[41362478282768062297187132445775312675360473883834860695283235286481594490621,
3384073892082712848969991795331397937188893616190315628722966662742467187281],
[9548818195234740988996233204400874453525674173109474205108603996010297049928,
51311880822158488881090781617710146800056386303122657365679608608648067582435],
[25365440569177822667580105183435418073995888230868180942004497015015045856900,
29347609441914902330741511702270026847909178228078752565372729158237774700914],
[34023498397393406644117994167986720327178154686105264833093891093045919619309,
2339620320400167830454536231899316133967303509954474267430948538955691907104],
[38816051319719761886041858113129205506758421478656182868737326994635468402951,
27338042530319738113354246208426108832239651080023276643867223794985578055610],
[35167418087531820804128377095512663922179887277669504047069913414630376083753,
42192983528513372869128514327443204912824559545179630597589572656156258515752],
[25885868839756469722325652387535232478219821850603640827385444642154834700231,
42721818980548514490325424436763032046927347769153393863616095871384405840432],
[8867588811641202981080659274007552529205713737251862066053445622305818871963,
23473499332437056484066006746048591864129988909190267521144125882222313735740],
[36439756010140137556111047750162544185710881404522379792044818039722752946048,
16497366583607480604161417644040292299204496829635795525393416854929276060989],
[7788624504122357216765350546787885309160020166693449889975992574536033007374,
16727395967350522643500778393489915391834352737211416857240725807058479128000],
[3134147137704626983201116226440762775442116005053282329971088789984415999550,
46525506418681456193255596516104416743523037046982280449529426136392814992763],
[50252287380741824818995733304361249016282047978221591906573165442023106203143,
46030886964045328670650579467522042981756109464584907077434772786649263902996],
[48434698978712278012409706205559577163572452744833134361195687109159129985373,
19216533213230709497947223526297848065365334472367022650183395435586190711770]
]
def anemoi_D_4_to_1():
return [
[14981678621464625851270783002338847382197300714436467949315331057125308909900,
48720959343719104324739338388885839802998711550637402773896395605948383052052],
[28253420209785428420233456008091632509255652343634529984400816700490470131093,
6257781313532096835800460747082714697295034136932481743077166200794135826591],
[51511939407083344002778208487678590135577660247075600880835916725469990319313,
4386017178186728799761421274050927732938229436976005221436222062273391481632],
[46291121544435738125248657675097664742296276807186696922340332893747842754587,
13820180736478645172746469075181304604729976364812127548341524461074783412926],
[3650460179273129580093806058710273018999560093475503119057680216309578390988,
40385222771838099109662234020243831589690223478794847201235014486200724862134],
[45802223370746268123059159806400152299867771061127345631244786118574025749328,
50306980075778262214155693291132052551559962723436936231611301042966928400825],
[11798621276624967315721748990709309216351696098813162382053396097866233042733,
34806952212038537244506031612074847133207330427265785757809673463434908473570],
[42372918959432199162670834641599336326433006968669415662488070504036922966492,
22755759419530071315007011572076166983660942447634027701351681157370705921018],
[52181371244193189669553521955614617990714056725501643636576377752669773323445,
30334172084294870556875274308904688414158741457854908094300017436690480001547],
[23791984554824031672195249524658580601428376029501889159059009332107176394097,
19832360622723392584029764807971325641132953515557801717644226271356492507876],
[33342520831620303764059548442834699069640109058400548818586964467754352720368,
5828182614154296575131381170785760240834851189333374788484657124381010655319],
[16791548253207744974576845515705461794133799104808996134617754018912057476556,
23729797853490401568967730686618146850735129707152853256809050789424668284094],
[11087343419860825311828133337767238110556416596687749174422888171911517001265,
22848708497596347027267124890363029002241440143993561170521113640580467699956],
[11931207770538477937808955037363240956790374856666237106403111503668796872571,
51131682674615117766578358255722474622484771145670260043231096654077231782319]
]
def anemoi_C_16_to_1():
return [
[39,
17756515227822460609684409997111995494590448775258437999344446424780281143353,
10188916128123599964772546147951904500865009616764646948187915341627970346879,
3814237141406755457246679946340702245820791055503616462386588886553626328449,
31231358838611540266091127386940316382485316827738464579249222989762089961618,
3726010289701932654130304682574596267996890432970838266711107863585526844332,
36992578177313978374320714629037014712724552282717071185860782184820525992055,
6539662723010541897260760345121608837413747021964775102659796495628351576700],
[41362478282768062297187132445775312675360473883834860695283235286481594490621,
3384073892082712848969991795331397937188893616190315628722966662742467187281,
38536464596998108028197905645250196649287447208374169339784649587982292038621,
37592197675289757358471908199906415982484124338112374453435292524131427342810,
23880328728725835218995126249367316438768592574548525705412373412647097582882,
48825064577758348008118486787590853038041005302054740877940928369291358302191,
50534173420081783859714292066423124353911378857266355124747257390448683204724,
7428946804745276726594228607058422733621008211707460976374155647815125702793],
[9548818195234740988996233204400874453525674173109474205108603996010297049928,
51311880822158488881090781617710146800056386303122657365679608608648067582435,
24596965950552905296088269899880882549715354660832391374009234980535928382152,
34036826250287807194659359129722586818079652442547178531030410684351456041117,
47245638746867242507412562212796342461134942817161752237394648503282879275118,
31300595906266724771648800100316060631685700019604649908550024867487861705279,
3785144237087232802472944225009874259820952161256157218342463192641540401693,
13192072039732854032991114991329331830093509159172499125522354840599160152710],
[25365440569177822667580105183435418073995888230868180942004497015015045856900,
29347609441914902330741511702270026847909178228078752565372729158237774700914,
14356478667385969079309349540394948109414829921001045845599553435706989367858,
9488013611624811735432450930006811652991761655550510302915118428283918068143,
46788925259457988525082226160565541608877312582477767975013905645120335169226,
39167900530643229840202791109535532972977251341471019870612379478843295475401,
35468869056801697991539514623685427699753784556397696975236370718172619478088,
10386758415207822166675671630819234802877311049149240741713298889822859300210],
[34023498397393406644117994167986720327178154686105264833093891093045919619309,
2339620320400167830454536231899316133967303509954474267430948538955691907104,
12136748919666286297989154404429099226154686992028401568133058190732008277996,
19442569822772655270268482835742480365499256802520510905846953360427433130058,
6121842489566508888444793919988648467487285035515564826894797322329857604679,
52423305139993282549959548255411402052505266722715464547641713196825757370045,
721115880708783722056278375691123676170968994983418732948150001331611213553,
28368777671879812853105774722579268517023359292257929653599900440020077784493],
[38816051319719761886041858113129205506758421478656182868737326994635468402951,
27338042530319738113354246208426108832239651080023276643867223794985578055610,
15580674179713644540398409523441814073810768449493940562136422009899312699155,
4362660876979205605782410963041525734654031488177761934879852229226211686053,
11650586156654079013116836535888803264128748996614961532114710040258230535152,
19531964257180260867876509318520389540889883401661971174170106848135773712126,
28219700779483915272028450015085470411949576744039967576016029120273878374251,
33474277480452546775130924043517012470949538154685955521260479155699441559340],
[35167418087531820804128377095512663922179887277669504047069913414630376083753,
42192983528513372869128514327443204912824559545179630597589572656156258515752,
47389212411441573266379092392931599970417884729397156841216318364858334633325,
41487656259632727393098274178738763934249662924287956242704596746920012242443,
47585046162349898019384381324380934361400616741262019467964248889992556789636,
22864477306086472394102077909444955034170624450796904926669386049666664492257,
13351050514115985199153581050320477287713057625178307041078042677800880924875,
37405300160039662564807777381564989963058089105400420537288945543199341594301],
[25885868839756469722325652387535232478219821850603640827385444642154834700231,
42721818980548514490325424436763032046927347769153393863616095871384405840432,
5855288403637341107158034195599277569854359593529752399086836976954392351035,
18845851722124019325834426094831743068408557621685658713002749358354699910772,
33256528590007803378062158842587476459976080810702643409997408348306082386089,
2234591446681396008493892860306849390171100567645872660203494363121541667798,
194686086885408743916631695867994306362987352657004869135407425114760399927,
28761022534147935351682915336446217569572759443228321225221961720692449395484],
[8867588811641202981080659274007552529205713737251862066053445622305818871963,
23473499332437056484066006746048591864129988909190267521144125882222313735740,
5696063807157149622355481994320806474692190935543821893362808351446578125354,
48558031599255072862103809681060565464555437399403822458902024251997890071747,
29805490370918962312941798594103721605222271424104745148638516522088829641991,
37489036434356676843050473824100415300808075220521554146913930229334867812254,
11631357050894820069054650807562155039191303868752185889040197345022629525927,
24660767228992591228910666543569781024799661249145320635218341313794706416082],
[36439756010140137556111047750162544185710881404522379792044818039722752946048,
16497366583607480604161417644040292299204496829635795525393416854929276060989,
31479323495970113713816467604460499675889579912370034974841212556442942086146,
52327065242455117582590188333899352706031813782154293138553490341266149456684,
22462223600300108924276123720518708580622354327562062947406284488847554180931,
40996278729170725855966064159584167091102415184996744640950022676164065046834,
19430817579416357934148820670939901668848861606295052060308554899051486801548,
12483379002100433076591219143638049458199676871775181258981956241115974881163]
]
def anemoi_D_16_to_1():
return [
[14981678621464625851270783002338847382197300714436467949315331057125308909900,
48720959343719104324739338388885839802998711550637402773896395605948383052052,
11709610427641952476226704950218052763560489079301307464225164120801969364960,
3188799073106888901912065951229864304299742047220134499402570163601813730969,
35055566170683830204685883433867693478135114051401583710007741398997412970579,
41969389849183863090802087476567191363990360356945841340095187311995419576515,
7556226394164164334481570938023506204252451033715203682883249970224239802922,
17176882240248932567902590122153974429675966351354956648777145117980813990398],
[28253420209785428420233456008091632509255652343634529984400816700490470131093,
6257781313532096835800460747082714697295034136932481743077166200794135826591,
11966422202069200811427605007493817363680804416274031195624148724039857787313,
8876022912542631074912834764773050492660953075192093830253524158063181475941,
52049674541477055908813163364458131823806820044102483998576800878704568506967,
6541832267666828237118069633374954748041800470865307468523599474646236580472,
45442960117610900571098429443573054134827707854155326784175634232674544930715,
42411304802662598148459339452254226615271657786988481684897413326989736031615],
[51511939407083344002778208487678590135577660247075600880835916725469990319313,
4386017178186728799761421274050927732938229436976005221436222062273391481632,
663227665329044490605880474899933274574966982371072793854806732105730575244,
7956955597245727322388196907364651338722736293265717471854714933795446618648,
25615413494197319129070770032476622018948872899826892271961489884914005459090,
44089542881006441891384034667061558189843302802581673885742427288293557612473,
1330235044321395925144992814935234051203536271783948441776912650379638572084,
50810734147355221866144137049300565722210413848092339398051685135286006925932],
[46291121544435738125248657675097664742296276807186696922340332893747842754587,
13820180736478645172746469075181304604729976364812127548341524461074783412926,
21821175320697611197161277831984495658213397245419754392657307036488476373765,
14806577897118234786495606424219372997573800509149076370951604526939593458489,
4121259770197377590627011188630352152939645167495297314189270176024564981500,
30919407268792259403824602884665561517383256626800433152413305048922095010897,
11976519627445173558098140421995318477384771169277877503279343325183821276781,
26967980286239502443715270897174999681242618240421470318851152333782809701734],
[3650460179273129580093806058710273018999560093475503119057680216309578390988,
40385222771838099109662234020243831589690223478794847201235014486200724862134,
20738601554725926373596082603265918636164823648026470243422423735982938342408,
25898290090014076279086638237202313571292864987698437102115051403552551578909,
17027208157180086391192319363486696710451739452640092116905432497642111659971,
45311967859890310071336359937788702458122841339624237957674250711373999964046,
30801797608226447725817644589434252152704077439970597211826393252750837255264,
46087155524659491087900373896182305256600235815109519358969365828449471244522],
[45802223370746268123059159806400152299867771061127345631244786118574025749328,
50306980075778262214155693291132052551559962723436936231611301042966928400825,
9105861908793877437599087016640061747418296780065295891365798855886560153752,
48177591413367409915642056167048753041735583848456612607691620273026228709602,
7479286918288249337458111273748279770690595088312775476065356516306801980629,
49779837246224071690294810803445084047795402193671669060746314363358914880825,
43223717601022172097383565523190027152080076863600432708834283672429421806147,
36115990427252817831519272511481477474123806352110831880569955844865152409554],
[11798621276624967315721748990709309216351696098813162382053396097866233042733,
34806952212038537244506031612074847133207330427265785757809673463434908473570,
10559431278588446438155840088055546145087872298641007742921718770142881700525,
2511742758961381498086249076485723904703122022711664665388729650078747694082,
13058778062050708618301726264166109369024922071632328984390918925338427847716,
22757381433196923491096449596295348042138602481479098385721617124187105273559,
50435973648847072778532507268536698366596569483938905568975979489192305153887,
9692044244906573895772196051455153467294816541497792469074445791662352057118],
[42372918959432199162670834641599336326433006968669415662488070504036922966492,
22755759419530071315007011572076166983660942447634027701351681157370705921018,
8881354201366797207686592249590682298565723459695719800911380560885170725516,
19725785152035256359574211351446161592903393017031483635806025440159666669692,
38586107420291196905731314141240110021641762437995069426543221562298184751450,
41983342504374430034240074906024700952180454895250182619374868616288213756381,
24699580977072888772599627764765708101597323007812082074548828715213834751707,
40903613549597429611399144365203839627850863176247809657126605147801691165582],
[52181371244193189669553521955614617990714056725501643636576377752669773323445,
30334172084294870556875274308904688414158741457854908094300017436690480001547,
35548861917762862971011720475855172816698712671893796030607658203859222685056,
23828822166916376664523534857031979764654878164406016294521947902346141831375,
9525926338952422609290893812113350942492558421053540078000977304624217008060,
51628644629799777637476595789175262638422034917782233018901952051044824901545,
10527109078832366866417586795816864610030244893563632007270266203664988878415,
11194215382192152257306835491684398858682370351821177979939632309447233186888],
[23791984554824031672195249524658580601428376029501889159059009332107176394097,
19832360622723392584029764807971325641132953515557801717644226271356492507876,
5370567718707734490084045178883836972105253285449736908577321570876055642415,
24072177097374519292068993110945703798030958684413852593268331853573451397392,
51092856030717857607132039047789240547482897962295861318467321833280572912593,
51610208211871924557451265725733951220616079019514789132032962359833072317205,
14800890894612002638570836260269548031587506768363863797633541619652896335116,
47927023617684282491494208201013569921672642612236042045401823798666133017562]
]
def poseidon_round_constant_2_to_1():
return [
44510337639712444877093863969199054965277800588455612249278638908194748645831,
21803715039317278198490310228838761820084178670568647145430631061363562182159,
7624865858307587153533893753671854337113466346291121078558552645350285711947,
40816250157678830542785454550323790288400761867270997552332922267166370848099,
26700489303136047462599262740180012654857443933973506452655094204874268181798,
29300041198680547975810813644545348954050411371551740473502764872245855641482,
26494260871076350781917504826961109818301921647993891506179327799406892257760,
51471943067203395853539598076816386277188697473371359746626216561944728278869,
48874150250826827063647140518997592549563417409147246235831213929889330889464,
4957296567799842922524759318027693610815701909959689401077625970883603151110,
49787130886622940646628207982474849305464467960406760686521606845929813913147,
38626507234346048667761615866199783635070759234617387640403950557591257611930,
43672937506493322470130890010227422460105683953151094688032165492686807529714,
10282858088808039236495153687326481750629167926398528104702176163827531439774,
5929373583590601619353793840106929273025491048347772550388315300478156302480,
40523767159781096993564794726793344971416282562716017669035314514589021856544,
35087653160263082011551011896785452178273871331090954735353760094574180797326,
44066134544197993553720315073514236799698542066082224906667320314729128689851,
46811190561503483095087189032015959148465356044838419985597715002375968521789,
35502138198479058392251639631217384470706251578088034693745546686222031522574,
3011951966042824356793101436014075881633742606023423824609791334873649401619,
36441783079799715976603149530703751751672873737838939240893549516900746063885,
5949000965032854376013985161729805610095473216976505768565157587449663833146,
39334547265154726054631299624100840161191136653442409769156478840344483284117,
44407194440944549422962884120864337491414458688079798116475114348830479824132,
17726376508115223453307205134714318843193912409715438117420622264717671262663,
756868613004458973360577644537468651009832005811964377612175868388980341238,
3421893741771938128946389260799798658478598753415463644298734220953059738355,
13293243933107737951928282334791569607692876620282367672054893180625816893632,
11906453198605884256628058547608350794281153234160543833653104246224561572116,
41007993900563419378450318427807675773574107233531791780559911428122060668864,
48053112103639043655338341411293547635466618118313162578053483741000954697443,
32234194819559922425974652761643838211443296225838831687358769666643041225472,
48939529425812404248175324082406620877605698116805848434311747711965735603142,
23172302197508009638107441698229967178757578829167657081073715837516157038684,
26828245904250884987904133111377098838723772557669646848196202419087853870872,
36025164071480125389137319620343252251920437049927443652919962965645042660420,
42147865145919705097445974287709456827305052297675196211654971979806749888911,
20585606416170880487041307637777839232517038894653375498347934603702403525799,
1047663270527934381838445994762652910090839507177449076034186708210288801902,
49864990265274912108645272682223261996354786042911445790248422528668444967688,
20274910123179255493744356413243132767746258718293295072669857132542604950741,
39934722872842035804029775488645871956511886709858512717725127998627130523912,
33295937568441654166303959882114891655347924209941192993151592385097862772126,
39198754144978337534654702520273605486297255614756323128663775493042981926264,
48114214484211668830722398263059235215883885642960292320018016482221617479308,
20857205525756474383857323509517945359548153106777905032259140536596758842151,
20481512031474492331394869498229505122694442073123511672315331466779200648987,
5512348932066875222255592673449822544023582557729178288775446420395599163714,
14748707870289380337081091822758247948394420380976550635416667891847265434773,
20722592968207591585193709289557966995643707360519106502308701025990663556112,
30345071158541998337681526950804671230825251993252779307899796752848528236301,
37998633152333475045376762610205951441947316428701472139959038991258723083573,
25187075483245106412039082847435291293567789993240499080077480139071082713811,
19421269742609173994970218921590288196829015512476170234735579602917648585528,
44645626649350902490681022627010246390651823839290377812847048196342039743308,
38015410591674700109176981164929629504879929166582206795827935147005325179107,
15907673084411204300870039215095416489657280867726923876605554605918361454411,
4839910768263945909615643698821897421248623201436406727882801614226282796736,
11993166323725114372511567048380837525145267539902083755578961856890086640616,
13920948384274828210917386586592591296235909076917892178237942711445546791673,
890670937435713979056767019654860866935017937714294844928044822115961948695,
17228860181078068965008756660486864527552317469394243328944319614877053158985,
10077644153064320976006893555780056518106113458749153233744229760482343163199,
49940012233787551970719440300197866554675665187348390484098206972627022147562,
46156268877611784805956766593634373731938578230585206172333523828368963221701,
22953533088186447995354081903847946065608888217162100116127853233026059928601,
52274456635025394989373456728632213614198023598074828050923870917877714774032,
10763107301772445560209819564880953581415947909035345171575074311681161298071,
18925434003927090811791086956853651992753402455627802833236246367412669605539,
44640541969065703218376218137336488126193962189090743983027473909004591005110,
6325804276918590364991192431609508508777152352802958405080031341778877821773
]
def poseidon_round_constant_4_to_1():
return [
11865901593870436687704696210307853465124332568266803587887584059192277437537,
37413344849675497106163505103761203874617077416461933389729149896951619083615,
32493856687297537788073517556470839888070933486712636845483468275561142904504,
8106572321306448561272383558012749963748358844705299406391447161298410877832,
11707331945334514286120137391947350087632085623772869951863164361695922976568,
50176353669915139758684707864014381736527453065793678083699453978150986704353,
7614231165138437703715796351400512419034157550777684039873810826440625723695,
17108745804308684637964438487237723214541645477949369557189249702220750722331,
28482709556494724328894800736802198653800073555798724636385135549439085356742,
22084621272529558534346674593668266856649195963035162420257478396107381285157,
11065046937453971018193111360820446155970823623967390073553725256595768408791,
20163386569362559253936962862374791389308839238220230985809310822791529262025,
3941572053547598429065422950522133819874343789089916995553450661687375302109,
26478286544099137612981910043301624023925078357447813396543283503388535703096,
20695873604353009531429015276900191600064214090812802713214397507580078182919,
13125722302273298866746961565666978849814465870768123336569424431819752980076,
36198064501926046106576802008779486932990788729159233810880339338049275796987,
44304460846758155168737768840994398685118878625607355725968797162919830864102,
33427295080737122973704388239917504856466726697805464799279074730831006493899,
33676819385378678616140345579679379172852136878360832374035200947147349341877,
44698579309865383047943970651850256651158236406641741596599260270592257060333,
9785548396072733556484927856146778907814788851086349315764873426432645263872,
13443943788901083053739342733252043423900693132812974385986650498262359453435,
50643729733611061821734405325096960434556494526582143101458996741611494836986,
9762302758250004682914036756566790454206292929079802149918241419991743778078,
19475373737975172049750799347581927313285945820087657933615778552974211829387,
26326676308398320579169539788392437654921007121904386041440053251920191437301,
33434337088018971767011967694326287068660679954245122268447231545106574191053,
21854837019991553667332010956652219921642250105983660108852707854862240766704,
1855873836256370364169888814967543928768577071445146807885001909257610924575,
48105724357874736702308498318239595022868478610964925776544998873327877770469,
6893757226114776013992120610353413647048965744053221939747330482283347049271,
49492933790401867565879330847407697876101917412920943837692305231776568086150,
43522959518323197786977932091172575965428037444858136419745890338308804820810,
39369220628770987071776708725487093142438968678975788148890686830600891659237,
24332002500271167754445178113059124234684848763578719088484322891936508359054,
32863475623207582419161401899951874256189430526558709698459253237664899579477,
8315390532973093090228198037973187268458339671135900692256692995983001224287,
41596164941281344945126840056611498785955123869980989807278169650894369778621,
41140021013127548285923961611241892352480288807646515822914427245468443615449,
42624333566444295089232230699974262280460377983015559040916764999567317327294,
29425841969458336716648866633284898031574592123216791821970989517602546368463,
20194832349178074328255630030474794676357522951312816945265283318496141911576,
33508834389330212986852784163678812323448884912646004437785005736522859730449,
20197489266521008707527755143868210833027985912465941510937472218208331469324,
38189796622106345878699238475711002255025750905901925248625120562682573353793,
48437331749916394313065146750618123382683254942785601073233866557242834888501,
34815884667490928168338620954175830688114531237099462583592020572423301193334,
1316079587764339149090919530288539945185249635387918305928554726824292235069,
33564480841331620167847153616337187248054503582700661803825728035418602546478,
4635634898381888421672273828316335969974599848444510316738469345444620659008,
8644506076646842294589324870931361199184791348209582052726445382015132439419,
39498585060657083972778194861599167626335350278223243726925173218749695943806,
42901602831339057007425445486193581840749112246589631302873671293308101878875,
20119933204882102974459031584507100339282292349398588923453836079377072829543,
7917862289043363038204972116125424279857433068189510615392330392863075948512,
41284417024025222157952919191031968108126105524670279472881067727309802924938,
11213861995768467857413038001306057240793870929626059934261458727946548965379,
2291742710611132809700323762125675349484016058554275673428643410085506076100,
30099159053997341705317995418169313532098300934328131162175924134794709943047,
447035513285578307783519781307142266645679652807941291454847780415896684065,
19941446202184504378547837635870560393064630187876613630546846906393007677289,
7595261399959684629699197426920893479848768772071384660164934610968891053864,
51598580281806900142260694365187051410317675046136337884836978415482902327015,
12450848281586712352554721829724230078424064515794153380314705783292880037478,
5237102499670441785007944785581992844697685968922355014280712201430686167152,
1412524057853628881005630586377727487233247150373319518286783509614859257068,
38519766408760192821848550196157518411386556623071006612683448412823634200875,
11338671486975802181674275776989710780888734229624346786700048285586675342901,
23124572501783393477231165425714476214042723292141825213493635111951207504070,
21528356110015199451243279738115385806356940590132503530639630620611521954326,
6284174238932569340060925799940162325946442751185026413727709496271066916876,
48373517651545249281510690416218268384343400250317171450103976311090286221260,
27752440147182328733098243645400559151338503658043397110598417983425635093551,
43156725395743020846958899706072234263962738024394096815001388170789961679788,
48906049704561774201639151262665470255437206145980347197443063657678740507943,
24918160465086526594937065443815615610757370328053649165018481775513828479869,
36462368786443951186110721729238677880688318912401935278190656741197184273952,
37367696075403883562827939745268661270924157618310868295845006320225084994632,
42130603320119794983803262970740129474583503116320676437504579920473229006778,
12096038367976885628335054904138821822550042039079703385879844461517464118581,
34671362090033614505367959844073659507869267381932134573786004532584171425818,
15908652423714359894720614650322760756461828514699821946843077879932200328081,
7518568119601342737128460613704294443674406422237476295695786631549469567412,
33513737101700389003254558060695049730922342329295390135821890558696123720054,
49765425774819103826723198731734445691737353182147628471479513204868044796119,
48731721046471530891684818884908827036844194399863789073273030545326532602503,
1994879948378542466338304292753049990663872919840272992167645879411261807091
]
def poseidon_round_constant_16_to_1():
return [
39725799400017827115953999199803965513668921247606107843235739645000498452181,
42966428960558994593504354654034020585855169251008976179361555763424614464338,
1902577049757491257818576950592390026062184527103985176709404045325719879153,
44431672934524375006946320990995907220611992982569305140824479722873832750184,
39726183949244760384768131039650643342100328144953562677717530936076214603575,
47922249389084318636163655667342945193486098112364797914711366318805271081986,
1862870272947949400931550187895813583996084263112126758587127421895920740217,
4609552006052426829558648842629624826577232105300129098751251434249497379415,
35588143488957689566276930373759329909335354222484070944945535758095890233602,
31992851211763793548423275170246297274462525072830105768609534303798701174374,
10431109178659867018016774068824625279897747730577584847579124215705854088752,
1949666570245048798153069638552026706752846020986409274673577266743024227986,
26013146320492118585809324011747055383255013664810283913111923543378165512435,
24326326384498087823059984407171843358848416830861907662385192677188116053544,
22319685994625011021753350147173406654223939569203496437101532456482753075879,
50557239558368781744228704045005139069258908206255515650400270553037541504198,
8150349453804124148576142676639616213878444242674057629308915686941165448719,
48208850819924081505370182430049176104131115325038330030896851480045955495846,
23292055228237110741391983617517431423114804124284097964494568447865687504083,
41624195613852190072343927309438239744583865875755371975404916906916622520312,
35035764767249963834124347515646744980548162618519514861977709647292192162935,
4779348796643887084014079273412324900195658451616750603184150546614709227590,
33367047533960399900339953965992791362189146117008495287189183308885826514987,
47818152023063189199872106125697047204743569529570459808477570336306405682618,
42796246674763432543587686312218067656639355734975037053737259369488219415432,
10957190869792979750714342710039883244593973691851341486138757518667861871308,
2841790402482039728028394542789470351099439451234544313142331893197703007354,
16616683520944631525798957628064854348665295295102366742591213566889088018633,
33567370488316680379461825404457605756079279555675131093451020281219258632141,
20149108407482774388930550024591991805677394222603241325670591147763821350175,
26521955033333972827600806868235450804729772994352860271090218480508888628468,
30420917495722730561485028971813175058988495495112448737909833585405582002453,
28826298253194385387635350229770135429043506867664273190337060583321839575111,
17917025733340975563320009027981039582040740238333569779892727038742964339095,
7141322642265363206186621258281581108534976046127258038741170240455221165198,
19418423356096329136327193014171723261000987171654451855537930843119849003480,
4435246673426368856651403911455319600556213204117162371080963632405613232527,
19632896986964074847700416879011202636067522051661757108806676985789880273707,
27046963462399353439595827223611516072637119359583733706532920096544318625175,
46022420944605380770914903892871308087212302911540340258773948901501361016991,
47210247379686065208769144617004411377616699091411215517824991959313614962397,
10113618698993232512425817656261980665816667005776383524586380129027083138291,
35517438329843448024913764440686318451400431892618552836051616554728503908001,
15621081553202567263286903894992975334527971102321162065809849644051230558156,
29674547690110160534416981628193785576251233526911087635787729103482288097393,
48072441526206759351688872909792052037070864282054279767041551741286737196367,
41744043803776630924388673324290707208134439478043126394378048339212169592401,
9628276074092566929694879552911540910341944885042275367756464425374067624509,
20632626646113120307999197184021140185329277351497138331616553936227435116058,
20792210528194122935550939155383235642592438080224243249333876170013316543401,
40415491313636855559381927040556471386850767350804210034574345185034062472388,
42065986796325477298062230949689861704213331366919061593388137948694441619250,
40821207536769008545206744063766400532504619210533302382117795523897539697933,
25553665219208663753910822024028906032034541099513008737546655361577447316484,
19736663029664934322245808384029169299382853413147390505477065761633976373362,
41037270906646381161943193245472673282253590700725246354740042685574618941505,
26465673628980636091049213717769341512445753008415873261263203826832299352951,
37036784788783168689308644616358821855616430701564621669397983274253847911044,
16882309834972349171728263406452316383132803207143172570189837375172214690963,
49236009794362178305819055463654400779656334164463557593816047235183326696206,
39126492963181209630544294313956192397928968809823631059639413986679789778216,
43658389378690206885714590070566109002458688834417247158444257250935092974665,
16333104498316984295745962415236263230477082737132070203651697035209925593266,
2343404888674146320460570191540978518333195833255755810571688909855019156349,
24634045350057319695041104791403403368011675948761890270733136933077818947573,
24387229815091645818728740871562656675244609698356948940855886553509325623218,
34856435078036813743723173976791961760363416490222768467602434757897150562809,
22463928646505673196264844647723745514489344400622648158270067812328221291172,
38337547475660790190067897986042722249254601625800102257245591381379028610987,
30884758170575514019575313258747378429451169785327990741538528539964746232511,
407062347257081198418184706020217550797090175697390265997395699504028840069,
46072527669630030314941843287930470349120547732416735746099013950369555752487,
26598420173680844002096268043589508593110520210883302319058895397482348813138,
5468186730708689095665003796421147031372937271113374556364693295567666309881,
20408443200377694476685908188621206365577738334727573068844969120059071063384,
46981234183655934922934842049383026387012791700440415493493702691352740266098,
33551792494519814298680232023513160371021410923276291252829879529580574549607,
44191750214736553132933384320160073484141698637542792822319467448466449199959,
52082663085085422534369913780529050462333401292522763448650886744352341477846,
43609725693554764598774802211508572436819354508573541391712385270827954088014,
5509314597941212988576665300843166762362117860942586466472903661374654433047,
5559029914528165704027960512924831270184459421996344081783499760333465840454,
33524678638941473952008777383950476291303669122863259465508971654565607710124,
45645434759869537782219495003520693614316744086502894675070357053578529462611,
21634412361943063812483816878212759698145592627132630568177240468236243443997,
17296076019245918134776233380747899670718046224411673517180705100767962406954,
51440070128252977573576752509509289893411386048688470945863901737258119109741,
3594222373894239759942466635754825806993182513993455014470212549644348436736,
47959769456918498933526528689384868494120276948030111429507861237362437496210,
33000764793048989170342190628396476268404452069453776919602031823454420654656,
42826490422129152698636386897788577399393533635964594559886553174637239521118,
52295329105725197789753101315429895369766102629019133090017712989241053783558,
47880622238513674104247747676583724803255466382975859845069693487703628947714,
43936946713208191402441184330937985658846334880823513129204372649490118165491,
40251165390594695927371248080107666232732935108005358445481599233717782638896,
4374561185857417857316731922491353498974134405011029557830297994813315862559,
36035028519117241692429568027060454516008330481155302030640451954673337039870,
17169679336575379664065214518686885005225695064353947035596355048982268831028,
15880917696586343406953592641564615996605082216639892270189959812763710888748,
44053791831887360310582759225296188780718960772971991969178524168816504578804,
17891697801976794338721931255832783817787274947410906666444514892619618334272,
41860684084301922118560078323296728501588433716011882280914057750677004252514,
39634237355488544158215275263851269921534055658196710011242793797355974120931,
17147446725471655980188874591608844349450837795690392086436662207272648235970,
19402693173125609969856950331264436884921152880190529800026177590116055294038,
10691603198079109355998270513275267963583839999640707229593969158192066085397,
47540627356602773888603132684733863602762111482745208345804634126586257262607,
5915674545476155673196233396217928914866410645604699985302660208523245942237,
111251938011213760763774859243277527837142141250061606873636423012197111197,
35063286980316874255015992522343006303508619821794962259547057506813060931773,
4955838234826402705564139094252802999139115369004968713576517960060305039082,
13792409982596927634720969816052864004355280343403291329940320489270508883803,
35825741100880023876488868468112742657673252321462610504266451341355067205610,
28460915945533593428542040906830378549800618474095963851867763677018897302929,
9713844506249087416664024364428812240068094374028199286225738527757038112467,
40679805732400884118723774115665481614915421978306297159251228478606230752474,
29757946798627258745416990533455815630324656030573466209153051560180917776353,
48357362019104750186375328819952102172608585465016965207540831676602884269263,
32940491071431805169868501574465967021193902185553749640148719707932598780469,
7473125368630470049034003737446766486818477818719886735195316440180323968735,
49797314418731632305394406125363649977467316746705136554158771555038756351980,
29423812245635343436136357631167744312439395772431168176499761020256672974116,
17752952597488467689955328967514036081230334268062286286791238444994797946364,
11187314008830530006226896925828877981837282277801039676209354309840830166312,
1460570367181490316969148060693926446394822620570366788008558284806968117734,
2845512215983531260468619146202988365036283019984734085030635808663534080897,
13678775934492824068869109923010846046122089274150470818447401546000515089448,
41560010339997824874371372926655493150700423413706122338193288307311885566768,
44104701369840880307377204949341973251175518351389507661546336745348450403920,
16099171949124285044549692766555664705752094379574657435086067387762269145164,
10885502210016683506969436609216522437947532105991633231562168011909638111557,
52156298020032266431787014754649280499452461532044760665828040879517728539708,
33945410025064742625417443716276958550285900443924582459678703741650438534809,
42330185455056468790993939554345514151954186453281863597765777627606599578516,
4657049000824091386723963460476049183867985168345526464398818750489141737163,
21923801997589000370088914236235074435502416056621470668050389849529574106202,
15805689248891728058742321832039785423037087284565290950005114696831443231147,
45984185687363711365029866793756997560497628108006072393015670720821342880668,
39156427118840011190894400331617643276463742427839568112463350872444907680494,
17893081445111736451083202165540649827781358816986209263756161212394728333001,
36437118588111746025389127729913810175419804691977510411734238734357426423809,
48260118028483684631326190969379716083209813670977725322552249653459435387882,
40486986020827308332276345571616851806907994309632663940769016980912192516960,
35099819227656121544999230187647432362290129526704475429625894785506342902690,
27580239951806652383156459031577005530932247841092109348006802746879132126644,
23271341957819036356728305748625419304831156372249949335195015298360923297133,
42515055996716749819345238125802133364043851479046925751568447538867534641232,
28714009840464082058245378340345146078016662568993921795177048501158035190256,
1111216851713657365641977385220157904693120725668727899264987734176843126786,
34412967565386968523345579224490035779382635330951678114018655424976710134202,
42139998487524182591996890653589805817774015986629937281031206233447268328582,
21691713516840627241183176855164665841929652491546118303064101066110796188953,
27652419528236676047196125264032473043981854331278230828308077279941937298620,
31211569185747715573358506785717075277547885839683427922002064474550453938720,
12885686250323264975654813526936397901419023857524625007681452625820802164214,
38368208456555528544874775339563689416708041768804542366734634684956870468665,
17014127458377497594462762243899040828274799467801458439796258262209705848999,
18339473410858561688021816579378042667435599228737095147372090986285098295729,
30243070523454822835312974811746059176298060623371243491658504828859436915867,
6856623016702194887799030091421067262770379379384975426793372305588238369793,
14584928177339868798941696431226120632338622678933396299538143948251685736857,
28963568590115676917816187714525023427152141272289632646661816895205441501344,
15821449895801494782675541871540375313851597664972871699624592153555269853492,
26870110211337166665285488169972107901304782738602697811217352528389112713316,
29654640625766553122308126800147704038633411112031981115431401674463728957870,
45387771697529877530693987615375947783672003547457057946997587632853767376485,
51530073844213986083224257489799416809305283668200085363164553259742628578601,
39500637489121678568797859105259741238785871932514496730971686474963916800838,
34638632655721665381292046101540251812987268394182233780890406749905123665498,
47558773840542513144047273382754220597014222776549583477762891202886304283558,
34464683426026223214818536296789584915103714217643035512538086729011924346398,
50661423324933414471281644339552326226886136985713868196538700335246118227921,
16026951337367383175610820246210183497734025720194433489132017234538604936414,
33572475268799564642745000649407837861228346301126684294541252715366099579094,
26220434981437976873498592303656146371158505657662010285451539733034399969825,
31040488125858696173362986090795905945928951823554908571888900564555975057860,
47286385036886749775224009536390346046643937618292722852399698152345906543537,
20950917282535983122464307959293663918938997314569186126689031705635737272062,
16685712499755301665281386819771726363157372904949135525550583883571962834528,
18683291445525541017294795892345078328382688847480507122165708511223740177458,
2608268839331669212463985078421319322001352992807108968314090990777368891770,
40037105172855926626375817902131326490267684706159606232991633054381953553026,
21626330967116418140505001603028197974177240574915763170077069271066169546158,
35330469786033362269122965704661462637931218147681429112041541870602933338162,
7959740499179483922969783988740981409045430979967212583073048384801003055527
]
R = RealField(500) #Real numbers with precision 500 bits
if len(sys.argv) != Integer(7):
print("Usage: <script> <Merkle_tree_hash_function> <vrf_hash_function> <epoch_nonce> <slot_number> <total_stake> <active_slot_coefficient>")
exit()
merkle_hash = str(sys.argv[Integer(1)])
vrf_hash = str(sys.argv[Integer(2)])
epoch_nonce = int(sys.argv[Integer(3)])
slot_number = int(sys.argv[Integer(4)])
total_stake = int(sys.argv[Integer(5)])
active_slot_coefficient = R(sys.argv[Integer(6)])
if merkle_hash != "Anemoi" and merkle_hash != "Poseidon2":
print("Mekle Hash function must be: 'Anemoi' or 'Poseidon2'")
exit()
if vrf_hash != "Anemoi" and vrf_hash != "Poseidon2" and vrf_hash != "SHA256":
print("VRF Hash function must be: 'Anemoi', 'Poseidon2' or 'SHA256'")
exit()
if slot_number >= 18446744073709551616:
print("slot number must be 64 bits")
exit()
if active_slot_coefficient > 1:
print("active slot coefficient must be less than 1")
exit()
if epoch_nonce >= p:
print("epoch nonce must be less than p")
exit()
if total_stake >= p:
print("total stake must be less than p")
exit()
if vrf_hash != "SHA256":
t0 = F(int(-(((R(p) - 1) / 4) * ln(R(1) - active_slot_coefficient)) / R(total_stake)))
t1 = F(int(-(((R(p) - 1) / 4) * ln(R(1) - active_slot_coefficient)**2) / R(total_stake)**2))
else:
t0 = F(int(-((R(2**253) * ln(R(1) - active_slot_coefficient))) / R(total_stake)))
t1 = F(int(-((R(2**253) * ln(R(1) - active_slot_coefficient))**2) / R(total_stake)**2))
constraints = F(0)
value = F(500)
unit = F(0)
state = F(0)
note_nonce = F(0)
nullifier_secret_key = F(0)
index_bits = [0 for i in range(32)]
merkle_node = []
treshold = (t0 + t1 * value) * value
randomness = F(0)
if vrf_hash == "Anemoi":
ticket = anemoi([F(1818583396),epoch_nonce,slot_number,constraints,value,unit,state,note_nonce,nullifier_secret_key,randomness,F(0),F(0),F(0),F(0),F(0),F(0)])
while(ticket > treshold):
randomness += 1
ticket = anemoi([F(1818583396),epoch_nonce,slot_number,constraints,value,unit,state,note_nonce,nullifier_secret_key,randomness,F(0),F(0),F(0),F(0),F(0),F(0)])
if vrf_hash == "Poseidon2":
ticket = poseidon([F(1818583396),epoch_nonce,slot_number,constraints,value,unit,state,note_nonce,nullifier_secret_key,randomness,F(0),F(0),F(0),F(0),F(0),F(0)])
while(ticket > treshold):
randomness += 1
ticket = poseidon([F(1818583396),epoch_nonce,slot_number,constraints,value,unit,state,note_nonce,nullifier_secret_key,randomness,F(0),F(0),F(0),F(0),F(0),F(0)])
if vrf_hash =="SHA256":
h = sha256();
h.update(b"lead")
h.update(int.to_bytes(int(epoch_nonce),length=32,byteorder="big"))
h.update(int.to_bytes(int(slot_number),length=32,byteorder="big"))
h.update(int.to_bytes(int(constraints),length=32,byteorder="big"))
h.update(int.to_bytes(int(value),length=32,byteorder="big"))
h.update(int.to_bytes(int(unit),length=32,byteorder="big"))
h.update(int.to_bytes(int(state),length=32,byteorder="big"))
h.update(int.to_bytes(int(note_nonce),length=32,byteorder="big"))
h.update(int.to_bytes(int(nullifier_secret_key),length=32,byteorder="big"))
h.update(int.to_bytes(int(randomness),length=32,byteorder="big"))
bits = bin(int.from_bytes(h.digest(),byteorder="big"))[2:]
while len(bits) > 253:
bits = bits[:-1]
ticket = F(int(bits,2))
while(ticket > treshold):
randomness += 1
h = sha256();
h.update(b"lead")
h.update(int.to_bytes(int(epoch_nonce),length=32,byteorder="big"))
h.update(int.to_bytes(int(slot_number),length=32,byteorder="big"))
h.update(int.to_bytes(int(constraints),length=32,byteorder="big"))
h.update(int.to_bytes(int(value),length=32,byteorder="big"))
h.update(int.to_bytes(int(unit),length=32,byteorder="big"))
h.update(int.to_bytes(int(state),length=32,byteorder="big"))
h.update(int.to_bytes(int(note_nonce),length=32,byteorder="big"))
h.update(int.to_bytes(int(nullifier_secret_key),length=32,byteorder="big"))
h.update(int.to_bytes(int(randomness),length=32,byteorder="big"))
bits = bin(int.from_bytes(h.digest(),byteorder="big"))[2:]
while len(bits) > 253:
bits = bits[:-1]
ticket = F(int(bits,2))
if merkle_hash == "Anemoi":
note_commitment = anemoi([F(516297089516239580383111224192495220),note_nonce,nullifier_secret_key,value])
merkle_node.append(note_commitment)
for i in range(31):
merkle_node.append(anemoi([merkle_node[i],merkle_node[i]]))
commitment_root = anemoi([merkle_node[31],merkle_node[31]])
if merkle_hash == "Poseidon2":
note_commitment = poseidon([F(516297089516239580383111224192495220),note_nonce,nullifier_secret_key,value])
merkle_node.append(note_commitment)
for i in range(31):
merkle_node.append(poseidon([merkle_node[i],merkle_node[i]]))
commitment_root = poseidon([merkle_node[31],merkle_node[31]])
with open("input.json", "w") as file:
file.write('{\n\t"epoch_nonce" :\t\t\t\t"'+str(epoch_nonce)+'",')
file.write('\n\t"slot_number" :\t\t\t\t"'+str(slot_number)+'",')
file.write('\n\t"t0" :\t\t\t\t\t\t"'+str(t0)+'",')
file.write('\n\t"t1" :\t\t\t\t\t\t"'+str(t1)+'",')
file.write('\n\t"commitments_root" :\t\t"'+str(commitment_root)+'",')
file.write('\n\t"constraints" :\t\t\t\t"'+str(constraints)+'",')
file.write('\n\t"value" :\t\t\t\t\t"'+str(value)+'",')
file.write('\n\t"unit" :\t\t\t\t\t"'+str(unit)+'",')
file.write('\n\t"state" :\t\t\t\t\t"'+str(state)+'",')
file.write('\n\t"note_nonce" :\t\t\t\t"'+str(note_nonce)+'",')
file.write('\n\t"nullifier_secret_key" :\t"'+str(nullifier_secret_key)+'",')
file.write('\n\t"randomness" :\t\t\t\t"'+str(randomness)+'",')
file.write('\n\t"index" :\t\t\t\t\t[')
for i in range(32):
file.write('"')
file.write(str(index_bits[i]))
file.write('"')
if i == 31:
file.write('],')
else:
file.write(',')
file.write('\n\t"nodes" :\t\t\t\t\t[')
for i in range(32):
file.write('"')
file.write(str(merkle_node[i]))
file.write('"')
if i == 31:
file.write(']\n}')
else:
file.write(',\n\t\t\t\t\t\t\t\t')
Reference in New Issue View Git Blame Copy Permalink