Keccak round flags constraints

2026-01-08 16:53:07 +00:00 · 2022-06-13 17:41:17 +02:00 · 2022-06-13 17:41:17 +02:00 · bf375390b7
commit bf375390b7
parent d256044a19
1 changed files with 12 additions and 1 deletions
--- a/evm/src/keccak/round_flags.rs
+++ b/evm/src/keccak/round_flags.rs
@ -21,7 +21,11 @@ pub(crate) fn eval_round_flags<F: Field, P: PackedField<Scalar = F>>(
        yield_constr.constraint_first_row(vars.local_values[reg_step(i)]);
    }

-    // TODO: Transition.
+    for i in 0..NUM_ROUNDS {
+        let current_round_flag = vars.local_values[reg_step(i)];
+        let next_round_flag = vars.next_values[reg_step((i + 1) % NUM_ROUNDS)];
+        yield_constr.constraint_transition(next_round_flag - current_round_flag);
+    }
 }

 pub(crate) fn eval_round_flags_recursively<F: RichField + Extendable<D>, const D: usize>(
@ -37,4 +41,11 @@ pub(crate) fn eval_round_flags_recursively<F: RichField + Extendable<D>, const D
    for i in 1..NUM_ROUNDS {
        yield_constr.constraint_first_row(builder, vars.local_values[reg_step(i)]);
    }
+
+    for i in 0..NUM_ROUNDS {
+        let current_round_flag = vars.local_values[reg_step(i)];
+        let next_round_flag = vars.next_values[reg_step((i + 1) % NUM_ROUNDS)];
+        let diff = builder.sub_extension(next_round_flag, current_round_flag);
+        yield_constr.constraint_transition(builder, diff);
+    }
 }