logos-storage/rust-poseidon-bn254-pure
1
0
Fork 0
mirror of https://github.com/logos-storage/rust-poseidon-bn254-pure.git synced 2026-05-18 02:19:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

add Poseidon2 constants for t=2,3,4 generated by the sage script from HorizenLabs

Browse Source
This commit is contained in:
Balazs Komuves 2026-02-03 21:26:18 +01:00
parent a64bc59088
commit 919db6bc5b
No known key found for this signature in database
GPG Key ID: F63B7AEF18435562
6 changed files with 1617 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
constants/circomlib/.gitignore → constants/.gitignore vendored
View File

0
constants/circomlib/Circomlib.hs → constants/haskell/Circomlib.hs
View File

0
constants/circomlib/Field.hs → constants/haskell/Field.hs
View File

892
constants/haskell/HorizenLabs.hs Normal file
View File

@ -0,0 +1,892 @@
--
-- generated by the sage script included here, which was taken from
--
-- <https://github.com/HorizenLabs/poseidon2/blob/main/poseidon2_rust_params.sage>
--
module HorizenLabs where
--------------------------------------------------------------------------------
import Data.List ( transpose )
import Control.Monad
import System.Random
--------------------------------------------------------------------------------
partition :: Int -> [a] -> [[a]]
partition k = go where
go [] = []
go xs = take k xs : go (drop k xs)
--------------------------------------------------------------------------------
-- internal matrices
diag_T2 :: [Integer]
diag_T2 = [1,2]
diag_T3 :: [Integer]
diag_T3 = [1,1,2]
diag_T4 :: [Integer]
diag_T4 =
[ 0x074fa0019df3f3b8557c3639f6b4f6ea137c7ba71e63e22c685b73d19a72febd
, 0x04082a3658d386c5fa20a4c8cd6e73503e9420c68fd00b83398d2f488a44d580
, 0x2270508f9d6dadcb0e02f120fdfe38487b5b0f69bb243ed464c3e002798f2264
, 0x046f0e252500552cf8fc3e58a39e84d999ab4836ce57585e902afb24f847d61b
]
--------------------------------------------------------------------------------
-- external matrices (from the paper)
matrixMul :: Num a => [[Integer]] -> [a] -> [a]
matrixMul matrix vector
| length matrix /= n = error "matrixMul: wrong vertical dimension"
| any (\v -> length v /= n ) matrix = error "matrixMul: wrong horizontal dimension"
| otherwise = [ sum (zipWith f column vector) | column <- {- transpose -} matrix ]
where
n = length vector
f coeff x = fromInteger coeff * x
mds_matrix_M2_row_major :: [[Integer]]
mds_matrix_M2_row_major =
[ [ 2 , 1 ]
, [ 1 , 2 ]
]
mds_matrix_M3_row_major :: [[Integer]]
mds_matrix_M3_row_major =
[ [ 2 , 1 , 1 ]
, [ 1 , 2 , 1 ]
, [ 1 , 1 , 2 ]
]
----------------------------------------
--
-- the multiplication by this matrix
-- should be /ON THE LEFT/, that is, `M * x`
--
mds_matrix_M4_row_major :: [[Integer]]
mds_matrix_M4_row_major =
[ [ 5 , 7 , 1 , 3 ]
, [ 4 , 6 , 1 , 1 ]
, [ 1 , 3 , 5 , 7 ]
, [ 1 , 1 , 4 , 6 ]
]
-- from the paper
fast_mul_M4 :: Num a => [a] -> [a]
fast_mul_M4 [x0,x1,x2,x3] = [y0,y1,y2,y3] where
t0 = x0 + x1
t1 = x2 + x3
t2 = 2*x1 + t1
t3 = 2*x3 + t0
t4 = 4*t1 + t3
t5 = 4*t0 + t2
t6 = t3 + t5
t7 = t2 + t4
---
y0 = t6
y1 = t5
y2 = t7
y3 = t4
sanitCheck_mulM4 :: IO Bool
sanitCheck_mulM4 = do
xs <- replicateM 4 $ randomRIO (-1000,1000) :: IO [Integer]
let u = matrixMul mds_matrix_M4_row_major xs
let v = fast_mul_M4 xs
print xs
print u
print v
return $ (u == v)
--------------------------------------------------------------------------------
roundConst_T2 :: [[Integer]]
roundConst_T2 = partition 2
[ 0x1b0f911d14086df915fb5dcad17d329bbcaf192268bf6aaf8d653cd67e56fac1
, 0x1127f39dc3319cca37b2e38657e494b36fc394b6699ccab93bef9736e40bfe16
--
, 0x2781700d563fce0b5808e9646e7a09f775c2bc03c88ed76f85adbfe913dba5df
, 0x18a082c839d8907a5967e876323042f5f7ebb42268adf06494e0ac07f35d6c4e
--
, 0x042b1fd8e3c7e540a157d1c023d4a144f14eed95e2c0a0581706c521f089fc82
, 0x06b18a2c994861d9d725e9fd64ca264fd0765f22eca2143d99796aa044b06ecc
--
, 0x1c4d218c3e46ce42b7b24818963a2a77e0f6ce4316a2cbe26c657b81c8858df7
, 0x0689d49af09d5fdcf54fdc5cd3d1319632e9af741fb4fa7a6f24ffcc1f43c710
--
, 0x0738f552cb1f45ebc0792c7b54c3788c39b4cea99cb969887ae978db01691135
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x167ad1026b10712095661ec0a1b0b7345d53ba703a81609c4ee589045112caaa
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x08e6d41390278a26b6be511590bec903322e952507f595c1f6135013fb8a5e8d
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x20e00384b46596f5b6a2a0504c197440a8fa366d6ed6cdbbdda3a15e084c679c
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0a1cd32abe4dbfa3151976e4e3b16c0a313c77f9c3265bb825fa59847afc28cc
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1e415e2863a77a8844754ae31432461616399c8ad9821966171f999e34abc78d
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2a3637839897cfb37cd2b5b7eb144a4f72b9a7cfb1eebd4b03b69304eeddaae4
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x21608978d76f127d95f93e4f989deb5030f01882041e2b8758697c26228d8b7b
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x194c0a8c3b8ecbc06ae340ac1030dfc824043834a9d0f7ac519291225b9ca28d
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1166fe7722d746ba60fb176cee73686d7a7cac8af0f1486975a07d0f6f59194a
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x19999bc2703023400b1bde9d975d77fffa78a7b0ad548330dcfc64316eed9776
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0e99a38a27dc51d3f305e04ef33bda9c59969552db3db4cee9a2b51b47b4c5e0
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x22096ab45f4fb65613a15e25794c70659943b7df82f1f08d4dcb25601f2c84d2
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1299ca41340664c268d796709d5260a13bbbfb9b5b2ae4541048fea4dc576294
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1999cd5f8e63841cbe37b59da59dc445335b8cc2952b8278f3de41ab3f5fee05
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x20a3cb7ca468bc00328952a667f7327dca043b93ba50e99c6d8acaa3ccf6fe42
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1da7cbedf9ed721a5c5e2a2ecba19c866cf5a1f4a897e4734ecdd62033b7ef6f
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x02b9e986955cdc87d0de37bf7a4fa9e0d45cbe7dd7ccbf5cdfe8682823c84c6b
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2e95cd523a6ace90ec5cfcb0abb8a7ed3812916b639a15020f3370c52aeb59b9
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x252a9d132f96ab036db1790081e0febfddbfcb3ac1e75a5ce47ea45832309560
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1d546c0d5a37e25cc17dff6bb5bdd8f1b52ce7efb82b49a8263202fbfef6fa41
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1edca77145151e081dc7c0bc0747edabaffdf4be270e4f688086545522e0c79f
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2b1e2631889b7d00200ab3d5230a42bcd81aace1c856c58e6bfd47a79d68c083
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2fca27d33891724a1a88e88d2b744c621c98c63cd44423b22de248d6e5e19859
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x067b11ee349530f19438ea1b009004cef01e369ef18448ccdf528d03bdd79219
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x11a53544069588039e59119ece80bd9c9aa7675e4988577a1c7c90fec826e968
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0b23482d7dcbd7b2ae9df8c7f16ec38e14d409a889ab146df9aeb971e484c813
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x04706a2b625920dac055d563715a194ab2068da1b71522eb8cb7695052ba11ef
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0bb0e50e51bb2734d7c4f33ff5cf6ca9fb6dfb7d7fcf0634728af4740fae4276
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x3007455add262dba63820b820c83db770815e25173d7135dbcc3ba7093b2a097
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x12ec5101850ece95abc64a2650dbd6aea20933c39f3f8f5b51e5ec46e8001309
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x031bc739d191ef4184819631e4082914afd76030982afc1849501ec6f778e95f
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x096c1572d1b9f920b1ee72a9604915c8cb247ff85275fcf0f4a0ada654585ff5
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x24d128a676be5f94fba51e1614144948e7abcf88d6a7a00240122d80e878bda9
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2faacc2b9446afaf279cba08d4f82f8bcf7bd01eefa66a49aba33b079e11d481
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x063cf02375b4d20690969fb656071e95ad55b498fb279459aeff41c83608ad7c
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x108d76b291699c83aec01442d555d6677c749bb216da9c50965c60067f044435
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1d414b79c12d4947d1b6a8505fb65ceced0dd5baeba03ade2a280bed334f7836
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1138ac6bbc3e7ceb3ef5e66248d0bcdaaa47b209e152b2fd1dbda926867424dd
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x18b71ca00d9b54fd4f08de6a287d7f37a14bcb4f5abf184218326687cd7e2f9f
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x24a212ad12a37f5543a38633581073f6edb22228bdee16633200d7e1ff9da939
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x132f9f2b913baf0e298c2dffef44780bf20baa57f15471e29b01a7a5a296a3dc
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0e4022364f9372514f3e41658e3b08e04a28a52a3c88e9df0e2d0165046170e8
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x043dfc314370800fd7de6f165999b2850912ff7e2d82bf606e4dcdd9971c8772
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1b19c89625c7627c82fd38144d75f941844abcda5b94e2751489d0c4a1e0c156
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1afb90155427205e0c01e571bd5b644b776b007c06d69ec9197e58ed93c4b5e8
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x098f0a8a1a732396d64f9861228eccb3ffee963449b95e1d4b61d717bb9bce43
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1a774f29801c2bf30e1b3124c969318265ebbfa6291dfbd22c4fe8cf6c3e7cf1
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0af97764fbff21e034010ebbd871e3cdf810e09ada3c856cc7094d0c7815d59a
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x22f303a3cdfe99658a7124cbc5c2ed7b74dff534f459e32b59af56ebfdf7d758
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1572e69b96de403a85ab3235e2ac489697cd543522bd494b42d72465fddf1333
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x06d283c3e56502655d727f645f4029d803079aaf705f5ecc0157299f437d6026
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0aea1e1df43a72ef1b7368c2e6f5838b87b3c35779e160b19a6077b5690364d7
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x22111a3fe6ac2e15cee0dc81c0518e89a9e6abf978746052dc7c9312f1b3b610
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1d71fda201fc9e3a7243fcede13b84e9b3fee8811fbd7bd9eb9a52fcdd6b4d63
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1cae357cb64c9b981371768d1b69ad39903222d8e7a1def6b339abb595239776
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0fc330a144165f3e8efff3ebd1fc33c9850161c4c2769398239102af7a12f972
, 0x27e215a7b14be98a8f9c5ff9a93081e65adcdeb0db784f481e553c2683018fea
--
, 0x0550f3cc00e36472d619951de4ab0966f060a79f60ba23b99a50a4d93f2622cc
, 0x288c50117d635194719a4d66a395f60da021773947f7527bcaa8c5b96553fafb
--
, 0x17cdbb9a2af71edee1583405d4f8c1d8cdca0dfe6eb1841a001ecfc76185535c
, 0x25aaad624aaf5a712824ece7dd102eda4c938c040e80a683fa962606e9c39514
--
, 0x121537e7f46a3290033acee5fd820ba27944d9a559f477dd5993f6cd1261fc17
, 0x10319a1245ca8d9e41b6eb422e5fe5f899476077bdd0acf522ff216dd99457e4
]
--------------------------------------------------------------------------------
roundConst_T3 :: [[Integer]]
roundConst_T3 = partition 3
[ 0x2c4c51fd1bb9567c27e99f5712b49e0574178b41b6f0a476cddc41d242cf2b43
, 0x1c5f8d18acb9c61ec6fcbfcda5356f1b3fdee7dc22c99a5b73a2750e5b054104
, 0x2d3c1988b4541e4c045595b8d574e98a7c2820314a82e67a4e380f1c4541ba90
--
, 0x052547dc9e6d936cab6680372f1734c39f490d0cb970e2077c82f7e4172943d3
, 0x29d967f4002adcbb5a6037d644d36db91f591b088f69d9b4257694f5f9456bc2
, 0x0350084b8305b91c426c25aeeecafc83fc5feec44b9636cb3b17d2121ec5b88a
--
, 0x1815d1e52a8196127530cc1e79f07a0ccd815fb5d94d070631f89f6c724d4cbe
, 0x17b5ba882530af5d70466e2b434b0ccb15b7a8c0138d64455281e7724a066272
, 0x1c859b60226b443767b73cd1b08823620de310bc49ea48662626014cea449aee
--
, 0x1b26e7f0ac7dd8b64c2f7a1904c958bb48d2635478a90d926f5ff2364effab37
, 0x2da7f36850e6c377bdcdd380efd9e7c419555d3062b0997952dfbe5c54b1a22e
, 0x17803c56450e74bc6c7ff97275390c017f682db11f3f4ca6e1f714efdfb9bd66
--
, 0x15ce7e5ae220e8623a40b3a3b22d441eff0c9be1ae1d32f1b777af84eea7e38c
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1bf60ac8bfff0f631983c93e218ca0d4a4059c254b4299b1d9984a07edccfaf0
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0fab0c9387cb2bec9dc11b2951088b9e1e1d2978542fc131f74a8f8fdac95b40
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x07d085a48750738019784663bccd460656dc62c1b18964a0d27a5bd0c27ee453
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x10d57b1fad99da9d3fe16cf7f5dae05be844f67b2e7db3472a2e96e167578bc4
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0c36c40f7bd1934b7d5525031467aa39aeaea461996a70eda5a2a704e1733bb0
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0e4b65a0f3e1f9d3166a2145063c999bd08a4679676d765f4d11f97ed5c080ae
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1ce5561061120d5c7ea09da2528c4c041b9ad0f05d655f38b10d79878b69f29d
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2d323f651c3da8f0e0754391a10fa111b25dfa00471edf5493c44dfc3f28add6
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x05a0741ee5bdc3e099fd6bdad9a0865bc9ceecd13ea4e702e536dd370b8f1953
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x176a2ec4746fc0e0eca9e5e11d6facaee05524a92e5785c8b8161780a4435136
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0691faf0f42a9ed97629b1ae0dc7f1b019c06dd852cb6efe57f7eeb1aa865aef
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0e46cf138dad09d61b9a7cab95a23b5c8cb276874f3715598bacb55d5ad271de
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0f18c3d95bac1ac424160d240cdffc2c44f7b6315ba65ed3ff2eff5b3e48b4f2
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2eea6af14b592ec45a4119ac1e6e6f0312ecd090a096e340d472283e543ddff7
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x06b0d7a8f4ce97d049ae994139f5f71dca4899d4f1cd3dd83a32a89a58c0a8e6
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x019df0b9828eed5892dd55c1ad6408196f6293d600ef4491703a1b37e119ba8e
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x08ca5e3c93817cdb1c2b2a12d02c779d74c1bb12b6668f3ab3ddd7837f3a4a00
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x28382d747e3fd6cb2e0d8e8edd79c5313eed307a3517c11046245b1476e4f701
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0ca89aecd5675b77c8271765da98cfcb6875b3053d4742c9ff502861bd16ad28
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x19046bc0b03ca90802ec83f212001e7ffd7f9224cfffae523451deb52eab3787
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x036fd7dfa1c05110b3428e6abcc43e1de9abba915320c4a600f843bfb676ca51
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x08f0a7abcb1a2f6595a9b7380c5028e3999db4fe5cb21892e5bb5cb11a7757ba
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0b614acc1ce3fbe9048f8385e4ee24c3843deea186bacea3c904c9f6340ad8cb
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x00b2d98c5d988f9b41f2c98e017fc954a6ae423b2261575941f8eac8835d985c
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1457f18555b7973ba5b311d57ec5d77e936980b97f5973875f1f7cc765a4fc95
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x002b453debc1bee525cb751bc10641a6b86f847d696418cf1144950982591bfa
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0c2af1abcc6ece77218315d2af445ccbfc6647b7af2510682882cc792c6bb8cf
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0e2825d9eb84b59902a1adb49ac0c2c291dee7c45d2e8c30369a4d595039e8ad
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x297e2e86a8c672d39f3343b8dfce7a6f20f3571bfd5c8a28e3905aa2dcfeca44
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x00d397281d902e49ec6504ba9186e806db9ad4fc8f86e7277aa7f1467eb6f9de
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2fb7c89c372d7e2050e7377ed471000c73544a2b9fd66557f3577c09cac98b4b
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x16125247be4387a8c3e62490167f0cffdba02eda4f018d0b40639a13bb0cfef9
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2291fd9d442f2d9b97ab22f7d4d52c2a82e41f852cf620b144612650a39e26e8
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1eec61f16a275ae238540feaeeadfec56d32171b1cc393729d06f37f476fde71
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x259ce871ba5dacbb48d8aed3d8513eef51558dc0b360f28c1a15dbfc5e7f6ca2
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2d3376a14ddbf95587e2f7567ff04fe13a3c7cb17363c8b9c5dd1d9262a210cb
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x13b843d9f65f4cddd7ce10d9cad9b8b99ac5e9a8c4269288173a91c0f3c3b084
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0b52e9b2f1aa9fd204e4a42c481cc76c704783e34114b8e93e026a50fa9764e8
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1fd083229276c7f27d3ad941476b394ff37bd44d3a1e9caca1400d9077a2056c
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x22743c328a6283f3ba7379af22c684c498568fd7ad9fad5151368c913197cbd9
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x043007aefd9741070d95caaaba0c1b070e4eec8eef8c1e512c8e579c6ed64f76
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x17ab175144f64bc843074f6b3a0c57c5dd2c954af8723c029ee642539496a7b3
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2befcad3d53fba5eeef8cae9668fed5c1e9e596a46e8458e218f7a665fddf4eb
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x15151c4116d97de74bfa6ca3178f73c8fe8fe612c70c6f85a7a1551942cb71cc
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2ac40bf6c3176300a6835d5fc7cc4fd5e5d299fb1baa86487268ec1b9eedfa97
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0f151de1f01b4e24ffe04279318f0a68efabb485188f191e37e6915ff6059f6e
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2e43dffc34537535182aebac1ad7bf0a5533b88f65f9652f0ad584e2ffc4dd1f
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2ebabc2c37ef53d8b13b24a2a2b729d536735f58956125a3876da0664c2442d7
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0dc3beceb34e49f5ad7226dd202c5cf879dffcc9a6dd32a300e8f2a4b59edf03
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2f1ddeccce83adf68779c53b639871a8f81d4d00aefe1e812efce8ec999d457d
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1f63e41280ff5c021715d52b19780298ed8bd3d5eb506316b527e24149d4d4f1
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1b8c1252a5888f8cb2672effb5df49c633d3fd7183271488a1c40d0f88e7636e
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0f45697130f5498e2940568ef0d5e9e16b1095a6cdbb6411df20a973c605e70b
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0780ccc403cdd68983acbd34cda41cacfb2cf911a93076bc25587b4b0aed4929
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x238d26ca97c691591e929f32199a643550f325f23a85d420080b289d7cecc9d4
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x25672a14b5d085e31a30a7e1d5675ebfab034fb04dc2ec5e544887523f98dede
, 0x0cf702434b891e1b2f1d71883506d68cdb1be36fa125674a3019647b3a98accd
, 0x1837e75235ff5d112a5eddf7a4939448748339e7b5f2de683cf0c0ae98bdfbb3
--
, 0x1cd8a14cff3a61f04197a083c6485581a7d836941f6832704837a24b2d15613a
, 0x266f6d85be0cef2ece525ba6a54b647ff789785069882772e6cac8131eecc1e4
, 0x0538fde2183c3f5833ecd9e07edf30fe977d28dd6f246d7960889d9928b506b3
--
, 0x07a0693ff41476abb4664f3442596aa8399fdccf245d65882fce9a37c268aa04
, 0x11eb49b07d33de2bd60ea68e7f652beda15644ed7855ee5a45763b576d216e8e
, 0x08f8887da6ce51a8c06041f64e22697895f34bacb8c0a39ec12bf597f7c67cfc
--
, 0x2a912ec610191eb7662f86a52cc64c0122bd5ba762e1db8da79b5949fdd38092
, 0x2031d7fd91b80857aa1fef64e23cfad9a9ba8fe8c8d09de92b1edb592a44c290
, 0x0f81ebce43c47711751fa64d6c007221016d485641c28c507d04fd3dc7fba1d2
]
--------------------------------------------------------------------------------
roundConst_T4 :: [[Integer]]
roundConst_T4 = partition 4
[ 0x062c6aca1e92c46c6020cfc8ad80661855c9434464ab4ff3335151d0f35f9021
, 0x14eeaba2213bf28f15eae1a8164fbefb00bbcdd4b7ecbe747fa7109a34bd5c49
, 0x296a2d7c793283f53bf61656e498b02828728adf20ff0b3398c4cba57e9630f8
, 0x1ab075c41d0cc6bb5ef5529ef7285551e83f7c7c6107edb3ce89a914d14b4544
--
, 0x2bcd55844d9c1835dfe90057d9f7e939f0668be5d84105f6516481370e4eeb6d
, 0x15fbcb4aa2b8ba7625e7a0da6644fcc82982f40ec86d905dac78fa0d20431e3a
, 0x0fec3cbb2dcf7505f07505eac17bdaaa1f3ce0686700256d0eab2eb1252894fa
, 0x2ebb18631151593143043a675cd48b43045f3b0691530426d3b8ec378a7e5dda
--
, 0x29256595d1daf032c876ea484fd59ff5d2afd3b9e3371e620046b511f89fa16e
, 0x11f2c85c8341a8b5d6a0ae5c6d23860ebde99c4d06b22c1b0ea25b03ba2663d0
, 0x0223378de1965135563c66c150eb5fd6c53f587e2315891908bac7184bf578fa
, 0x01775c43f3d8b33cd4a8c3698184574673de96342fa21efe4d01d5c73b753014
--
, 0x247762988996b9dba33d1eaabf03623fcfa96746fdb8a1c54ec8caae42992276
, 0x1914acc4486a97e2ca3a0fbdc7d5d09bd8313cf5c38e9ab5ef7bd19a4ac10ec3
, 0x230afe858d2bf91b42329dccd88a25a9d4ba966e14419520b9aef951de943862
, 0x046ed2e4ed42ffed58893eedf7975e990949483210b12d7aad6cb377e5186dd2
--
, 0x1e95c3114538053b8769901f7fb143dedf9c59bedad62e2851a18f4ee0c5f14c
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x00e39cd8f12a7685ede95961e9c0cd821e0f5bc5f7c24ff53bb38854cc179214
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x22a48d1ebc56b76c91f5c91dbcb176937be38991d887598285d1b87b6987bd76
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x172ad173889fea3543994d23756e464708ab4e3ffd5b523d40a2df13cbb0ee96
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2617bb0620340ef42e305956f29970241a45959615260fc07f9829c254923666
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x23beac684d68b3c310a9ba2642e6dbf66e9bdcd3e40b0c047990ab7c368aac11
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0411e23d97c9dcb808b8ce71d7baa99aa95f8fcc08529699e55f751d79dd24e3
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x273a3a586619a58e3e96b32b5cdc520880546db015b8777e11e6f7450439d0ee
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2b6714f91d7849d1025ffa954f57569c5a8838ab75b134a1d30b09faae282efb
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x243b328323cdbb3c7cdaeeb152adee94276da72c7cd8a35e99ade7868892cea0
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x26a972f999b68e97ace9a4eec0f943910103030b29cefa3f7be863dd1707f968
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2adf1bb322498c052c54b8fa10f403e0fb9dcb76158431831ac9376def9c740a
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x23310b7ef40c0babb2a2808664e3fdc7205751d1ddec0a5a76b4ed236dfe68dd
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x148474f9969233d119bae3ee957038d65a5ea6afaaa6cd499d65bbffe3ed05cb
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2ed449cd4c9f6e562e92ae737fa0733c67be1ee11bebfa3fe048803ebce8f18d
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x269da38b955c8c6b6bb58695a570e6a34b61769e87251681cc966fca9d2ddea6
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x277a69c44437b46607d509f1879e92c6584d1ff4d47b6891c34c9f6afcf61810
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2ac73db02a1461367c8044bcd02d965bef18b65adf04be5a60786db393176727
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x23ad5251099c88cdbc3c2471f3b846c05938a6bbbb76dd2dd245a9bf0b6b3e1f
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2e4536eb7ec62c78fb9db28766325bb0885ba6cc299b5cb680ef9c7f11add7b0
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x082d67b47527c7ccdb2dec59d922dc693bfac2f92d6ff1f8753b3f6702106243
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2f6787037cb13533657d7ded7377ecd3bd652c827959d272b9c82893c2a755fb
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0714c33afb146987a311230efd6695758e23ddd016354ad17caf46fc183f53c4
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2e190ad59fb275f062b080a1686f0f60d1ef8b827e233d5961ab220bb23b1c2a
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x21559d269992ae057bdc4324b93226d08f7886b5f5134d3e1f7e49eca9e16394
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1cf2a4d57999d721b74f11fdb6ce5820145245b8a2c5599284f784a8f6719e46
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0e1ae25fcff96304a4fb6207644072c211c7beb0ca90aebc899c53a876016609
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1584ec5473cc0733f3acc56cfaa968300fc07de5e886b3bd1d14a92e77c7abf7
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0a7bc3b154447d511f04871265b8062cfa273c092a9e2f62e3c2bbfb112cf7fe
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x28747836ecd2be5d40b988cea79a8857c3cab62a95ae9171366b72f7dea939f4
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x23be307ee51e97c1e2937db1830215a5eac33d725738364adbf3d81dc7c2d30a
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x181def07947f96db72fb5e362263f9c8c8b69b4674f5211b9507cbb7b873831f
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0f8d21a7c818b1f4b9f83a9d65f8f7f55f5c5eb4593ecf684221917b3e39b588
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x05295519ef59d19282820564c1b82b983481b2a96cf7dd2247d063df441e6ba4
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x05a3cd2f51447738a062fd93a8272b5289315b1aaa64413abdc40d68b7130ad2
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x11492a233946829dcf370d93e21333b3af3c50b0f383008df2c310fe3b6fc474
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x101ccfedaaafe9bd31bb88976fd9f03a90e0d8c1cce55e9046d2511c6dfeccb8
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0a152c325be5b2772785a2f728eb20cec5b22436eeafdbb381e045c6a62ab938
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x15fa1605b2ff2e7e817801d194d2f60c569549ebbc4bb59ad8343e2b4c5944ea
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2998881e818b9809e8a5c8c0117b1f7ac8e9bfb2f0bc517beb0d1f21b08b3548
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x26d233c6367e02f595aa143ebb7dac96784a98c5a3be6339e8d4e321566eb932
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x23d5c7234f84b69c425754bccf3446911f57715c0f32c4045ae12400743f178f
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0c3e111a0162923b3274576342aa9ddc97724b744065658ed192020e175d79d3
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x04e84eb21cbf0e9ac7fba9f16ec322e651455b8d9e2c9c7a7fed1ad2d4ca41d9
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x177eae242329a90b9428bd2a770b79ddbe20c9be111b000e12e8da1587aa098a
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1dfd07af57d83e452156d2395917954f63112b1cf08c65b5dc46060284609cbb
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0c93cc22811728871ffee73031dde764f68859060076a84c165f32bd80b144de
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x192ba9406dd09f462a2bde34ff0c3ba11d9be34093826bcc5aa29bef6baf4358
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1ba544393f910c5ed2a958703d4db259b7ba38e00aded367a4c8a668672fc223
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x130d3c3ab75a36f92a4d21c43cf05de1f22dc6522c744aeb1261567262c0ff52
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x2eb942f851531ef85bad6655be277cf999b54b92e06d203e510fe1dc6a55b907
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x136aaed22fc112f0fee586d7cf0c6411d45eeb05710726a4c83b622d24e9be3a
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x12a19ea10014c706f847311ad4fd2c4604fcf5b8512ecc0cd406ae03d9c2637b
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x1b96b73416e277aa0937d83c2302e1fb814049a5391eea4440ba5db482992d1c
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0cfe78b62e6e92e1598b89ba9cdc8142f0bdc8c2e7b044532710db5695ec5191
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0c57aaed1ebdd8c620a331358eec7033a7a9131be98c0ab89c14e8f83844b07d
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
, 0x0000000000000000000000000000000000000000000000000000000000000000
--
, 0x0155e1f2717d6781a983d590b4fdc9c49ac0c38941c126f374de635fd2755f8f
, 0x2f8c35fac154c165e591e13738c6ba6e5386cd5df1c2e6d3e26edf5d6c7edb7c
, 0x26eb32752b9ba4fcea44bc87eaca32bd5519b5907a6b23e0a7a22b7d11e15cef
, 0x1b21e5eab111193fbf5417cae28e4737a5f1234c229e1ad5a74304086c9827cf
--
, 0x111dc2c678fb55005223e774dd129e7764608e8138fbeb1ce5dc8a6979a924a0
, 0x3024a27ae2644fb248a6ba362f771517da30ec6c46f61f27a63ca4c59ff8e830
, 0x018429beeff6c5e2723b1766e152e2f27f59b1b9e71d64fb17fd40e024e75b03
, 0x0e5a747c762f153da09b482266454815b8e5083a8d0b59f7f9311ddd79041395
--
, 0x079d637718b241cc645289f8d25ac5952505acc57d1d7e4ffefd04813b34bbfa
, 0x0070074fb2d6a94e73eca8cd086c36431eb9d5adb3dc7b3c70ee0b118c225458
, 0x234dc6197e3dca9fd5e86ac3cb64a2bb0844d066dca20401bf8ce948f96ac82b
, 0x0225b5a421a0705e7d9db0992862078b88766b068b7fb5bec246be1d830dfd57
--
, 0x0908cdb99efa659af9d2b7e91325e2339f429483f78e803941e4354260b97554
, 0x0ac72765a8c8304270058039d6c7f10b632c834473ccb5d61c9b992e41ab4dab
, 0x1d1ccd8429ea10853a07a29c7432db4970a024fbc6b60a2b86b409a1c4c9ea7b
, 0x11ccf1fbe38bdcb6918c67855a3c075efdc43e26ff61abecc2dbf5ad6e996199
]
--------------------------------------------------------------------------------

0
constants/circomlib/convert.hs → constants/haskell/convert.hs
View File

725
constants/poseidon2/poseidon2_rust_params.sage Normal file
View File

@ -0,0 +1,725 @@
#
# taken from:
# <https://github.com/HorizenLabs/poseidon2/blob/main/poseidon2_rust_params.sage>
#
#-------------------------------------------------------------------------------
# Remark: This script contains functionality for GF(2^n), but currently works only over GF(p)! A few small adaptations are needed for GF(2^n).
from sage.rings.polynomial.polynomial_gf2x import GF2X_BuildIrred_list
from math import *
import itertools
###########################################################################
# p = 18446744069414584321 # GoldiLocks
# p = 2013265921 # BabyBear
# p = 52435875175126190479447740508185965837690552500527637822603658699938581184513 # BLS12-381
p = 21888242871839275222246405745257275088548364400416034343698204186575808495617 # BN254/BN256
# p = 28948022309329048855892746252171976963363056481941560715954676764349967630337 # Pasta (Pallas)
# p = 28948022309329048855892746252171976963363056481941647379679742748393362948097 # Pasta (Vesta)
n = len(p.bits()) # bit
# t = 12 # GoldiLocks (t = 12 for sponge, t = 8 for compression)
# t = 16 # BabyBear (t = 24 for sponge, t = 16 for compression)
# t = 2
# t = 3 # BN254/BN256, BLS12-381, Pallas, Vesta (t = 3 for sponge, t = 2 for compression)
t = 4
FIELD = 1
SBOX = 1 # SBOX = 0 # we use the "old" version to be consistent with existing Poseidon2 implementations.
FIELD_SIZE = n
NUM_CELLS = t
def get_alpha(p):
for alpha in range(3, p):
if gcd(alpha, p-1) == 1:
break
return alpha
alpha = get_alpha(p)
def get_sbox_cost(R_F, R_P, N, t):
return int(t * R_F + R_P)
def get_size_cost(R_F, R_P, N, t):
n = ceil(float(N) / t)
return int((N * R_F) + (n * R_P))
def poseidon_calc_final_numbers_fixed(p, t, alpha, M, security_margin):
# [Min. S-boxes] Find best possible for t and N
n = ceil(log(p, 2))
N = int(n * t)
cost_function = get_sbox_cost
ret_list = []
(R_F, R_P) = find_FD_round_numbers(p, t, alpha, M, cost_function, security_margin)
min_sbox_cost = cost_function(R_F, R_P, N, t)
ret_list.append(R_F)
ret_list.append(R_P)
ret_list.append(min_sbox_cost)
# [Min. Size] Find best possible for t and N
# Minimum number of S-boxes for fixed n results in minimum size also (round numbers are the same)!
min_size_cost = get_size_cost(R_F, R_P, N, t)
ret_list.append(min_size_cost)
return ret_list # [R_F, R_P, min_sbox_cost, min_size_cost]
def find_FD_round_numbers(p, t, alpha, M, cost_function, security_margin):
n = ceil(log(p, 2))
N = int(n * t)
sat_inequiv = sat_inequiv_alpha
R_P = 0
R_F = 0
min_cost = float("inf")
max_cost_rf = 0
# Brute-force approach
for R_P_t in range(1, 500):
for R_F_t in range(4, 100):
if R_F_t % 2 == 0:
if (sat_inequiv(p, t, R_F_t, R_P_t, alpha, M) == True):
if security_margin == True:
R_F_t += 2
R_P_t = int(ceil(float(R_P_t) * 1.075))
cost = cost_function(R_F_t, R_P_t, N, t)
if (cost < min_cost) or ((cost == min_cost) and (R_F_t < max_cost_rf)):
R_P = ceil(R_P_t)
R_F = ceil(R_F_t)
min_cost = cost
max_cost_rf = R_F
return (int(R_F), int(R_P))
def sat_inequiv_alpha(p, t, R_F, R_P, alpha, M):
N = int(FIELD_SIZE * NUM_CELLS)
if alpha > 0:
R_F_1 = 6 if M <= ((floor(log(p, 2) - ((alpha-1)/2.0))) * (t + 1)) else 10 # Statistical
R_F_2 = 1 + ceil(log(2, alpha) * min(M, FIELD_SIZE)) + ceil(log(t, alpha)) - R_P # Interpolation
R_F_3 = (log(2, alpha) * min(M, log(p, 2))) - R_P # Groebner 1
R_F_4 = t - 1 + log(2, alpha) * min(M / float(t + 1), log(p, 2) / float(2)) - R_P # Groebner 2
R_F_5 = (t - 2 + (M / float(2 * log(alpha, 2))) - R_P) / float(t - 1) # Groebner 3
R_F_max = max(ceil(R_F_1), ceil(R_F_2), ceil(R_F_3), ceil(R_F_4), ceil(R_F_5))
# Addition due to https://eprint.iacr.org/2023/537.pdf
r_temp = floor(t / 3.0)
over = (R_F - 1) * t + R_P + r_temp + r_temp * (R_F / 2.0) + R_P + alpha
under = r_temp * (R_F / 2.0) + R_P + alpha
binom_log = log(binomial(over, under), 2)
if binom_log == inf:
binom_log = M + 1
cost_gb4 = ceil(2 * binom_log) # Paper uses 2.3727, we are more conservative here
return ((R_F >= R_F_max) and (cost_gb4 >= M))
else:
print("Invalid value for alpha!")
exit(1)
R_F_FIXED, R_P_FIXED, _, _ = poseidon_calc_final_numbers_fixed(p, t, alpha, 128, True)
print("+++ R_F = {0}, R_P = {1} +++".format(R_F_FIXED, R_P_FIXED))
# For STARK TODO
# r_p_mod = R_P_FIXED % NUM_CELLS
# if r_p_mod != 0:
# R_P_FIXED = R_P_FIXED + NUM_CELLS - r_p_mod
###########################################################################
INIT_SEQUENCE = []
PRIME_NUMBER = p
# if FIELD == 1 and len(sys.argv) != 8:
# print("Please specify a prime number (in hex format)!")
# exit()
# elif FIELD == 1 and len(sys.argv) == 8:
# PRIME_NUMBER = int(sys.argv[7], 16) # e.g. 0xa7, 0xFFFFFFFFFFFFFEFF, 0xa1a42c3efd6dbfe08daa6041b36322ef
F = GF(PRIME_NUMBER)
def grain_sr_generator():
bit_sequence = INIT_SEQUENCE
for _ in range(0, 160):
new_bit = bit_sequence[62] ^^ bit_sequence[51] ^^ bit_sequence[38] ^^ bit_sequence[23] ^^ bit_sequence[13] ^^ bit_sequence[0]
bit_sequence.pop(0)
bit_sequence.append(new_bit)
while True:
new_bit = bit_sequence[62] ^^ bit_sequence[51] ^^ bit_sequence[38] ^^ bit_sequence[23] ^^ bit_sequence[13] ^^ bit_sequence[0]
bit_sequence.pop(0)
bit_sequence.append(new_bit)
while new_bit == 0:
new_bit = bit_sequence[62] ^^ bit_sequence[51] ^^ bit_sequence[38] ^^ bit_sequence[23] ^^ bit_sequence[13] ^^ bit_sequence[0]
bit_sequence.pop(0)
bit_sequence.append(new_bit)
new_bit = bit_sequence[62] ^^ bit_sequence[51] ^^ bit_sequence[38] ^^ bit_sequence[23] ^^ bit_sequence[13] ^^ bit_sequence[0]
bit_sequence.pop(0)
bit_sequence.append(new_bit)
new_bit = bit_sequence[62] ^^ bit_sequence[51] ^^ bit_sequence[38] ^^ bit_sequence[23] ^^ bit_sequence[13] ^^ bit_sequence[0]
bit_sequence.pop(0)
bit_sequence.append(new_bit)
yield new_bit
grain_gen = grain_sr_generator()
def grain_random_bits(num_bits):
random_bits = [next(grain_gen) for i in range(0, num_bits)]
# random_bits.reverse() ## Remove comment to start from least significant bit
random_int = int("".join(str(i) for i in random_bits), 2)
return random_int
def init_generator(field, sbox, n, t, R_F, R_P):
# Generate initial sequence based on parameters
bit_list_field = [_ for _ in (bin(FIELD)[2:].zfill(2))]
bit_list_sbox = [_ for _ in (bin(SBOX)[2:].zfill(4))]
bit_list_n = [_ for _ in (bin(FIELD_SIZE)[2:].zfill(12))]
bit_list_t = [_ for _ in (bin(NUM_CELLS)[2:].zfill(12))]
bit_list_R_F = [_ for _ in (bin(R_F)[2:].zfill(10))]
bit_list_R_P = [_ for _ in (bin(R_P)[2:].zfill(10))]
bit_list_1 = [1] * 30
global INIT_SEQUENCE
INIT_SEQUENCE = bit_list_field + bit_list_sbox + bit_list_n + bit_list_t + bit_list_R_F + bit_list_R_P + bit_list_1
INIT_SEQUENCE = [int(_) for _ in INIT_SEQUENCE]
def generate_constants(field, n, t, R_F, R_P, prime_number):
round_constants = []
# num_constants = (R_F + R_P) * t # Poseidon
num_constants = (R_F * t) + R_P # Poseidon2
if field == 0:
for i in range(0, num_constants):
random_int = grain_random_bits(n)
round_constants.append(random_int)
elif field == 1:
for i in range(0, num_constants):
random_int = grain_random_bits(n)
while random_int >= prime_number:
# print("[Info] Round constant is not in prime field! Taking next one.")
random_int = grain_random_bits(n)
round_constants.append(random_int)
# Add (t-1) zeroes for Poseidon2 if partial round
if i >= ((R_F/2) * t) and i < (((R_F/2) * t) + R_P):
round_constants.extend([0] * (t-1))
return round_constants
def print_round_constants(round_constants, n, field):
print("Number of round constants:", len(round_constants))
if field == 0:
print("Round constants for GF(2^n):")
elif field == 1:
print("Round constants for GF(p):")
hex_length = int(ceil(float(n) / 4)) + 2 # +2 for "0x"
print(["{0:#0{1}x}".format(entry, hex_length) for entry in round_constants])
def create_mds_p(n, t):
M = matrix(F, t, t)
# Sample random distinct indices and assign to xs and ys
while True:
flag = True
rand_list = [F(grain_random_bits(n)) for _ in range(0, 2*t)]
while len(rand_list) != len(set(rand_list)): # Check for duplicates
rand_list = [F(grain_random_bits(n)) for _ in range(0, 2*t)]
xs = rand_list[:t]
ys = rand_list[t:]
# xs = [F(ele) for ele in range(0, t)]
# ys = [F(ele) for ele in range(t, 2*t)]
for i in range(0, t):
for j in range(0, t):
if (flag == False) or ((xs[i] + ys[j]) == 0):
flag = False
else:
entry = (xs[i] + ys[j])^(-1)
M[i, j] = entry
if flag == False:
continue
return M
def generate_vectorspace(round_num, M, M_round, NUM_CELLS):
t = NUM_CELLS
s = 1
V = VectorSpace(F, t)
if round_num == 0:
return V
elif round_num == 1:
return V.subspace(V.basis()[s:])
else:
mat_temp = matrix(F)
for i in range(0, round_num-1):
add_rows = []
for j in range(0, s):
add_rows.append(M_round[i].rows()[j][s:])
mat_temp = matrix(mat_temp.rows() + add_rows)
r_k = mat_temp.right_kernel()
extended_basis_vectors = []
for vec in r_k.basis():
extended_basis_vectors.append(vector([0]*s + list(vec)))
S = V.subspace(extended_basis_vectors)
return S
def subspace_times_matrix(subspace, M, NUM_CELLS):
t = NUM_CELLS
V = VectorSpace(F, t)
subspace_basis = subspace.basis()
new_basis = []
for vec in subspace_basis:
new_basis.append(M * vec)
new_subspace = V.subspace(new_basis)
return new_subspace
# Returns True if the matrix is considered secure, False otherwise
def algorithm_1(M, NUM_CELLS):
t = NUM_CELLS
s = 1
r = floor((t - s) / float(s))
# Generate round matrices
M_round = []
for j in range(0, t+1):
M_round.append(M^(j+1))
for i in range(1, r+1):
mat_test = M^i
entry = mat_test[0, 0]
mat_target = matrix.circulant(vector([entry] + ([F(0)] * (t-1))))
if (mat_test - mat_target) == matrix.circulant(vector([F(0)] * (t))):
return [False, 1]
S = generate_vectorspace(i, M, M_round, t)
V = VectorSpace(F, t)
basis_vectors= []
for eigenspace in mat_test.eigenspaces_right(format='galois'):
if (eigenspace[0] not in F):
continue
vector_subspace = eigenspace[1]
intersection = S.intersection(vector_subspace)
basis_vectors += intersection.basis()
IS = V.subspace(basis_vectors)
if IS.dimension() >= 1 and IS != V:
return [False, 2]
for j in range(1, i+1):
S_mat_mul = subspace_times_matrix(S, M^j, t)
if S == S_mat_mul:
print("S.basis():\n", S.basis())
return [False, 3]
return [True, 0]
# Returns True if the matrix is considered secure, False otherwise
def algorithm_2(M, NUM_CELLS):
t = NUM_CELLS
s = 1
V = VectorSpace(F, t)
trail = [None, None]
test_next = False
I = range(0, s)
I_powerset = list(sage.misc.misc.powerset(I))[1:]
for I_s in I_powerset:
test_next = False
new_basis = []
for l in I_s:
new_basis.append(V.basis()[l])
IS = V.subspace(new_basis)
for i in range(s, t):
new_basis.append(V.basis()[i])
full_iota_space = V.subspace(new_basis)
for l in I_s:
v = V.basis()[l]
while True:
delta = IS.dimension()
v = M * v
IS = V.subspace(IS.basis() + [v])
if IS.dimension() == t or IS.intersection(full_iota_space) != IS:
test_next = True
break
if IS.dimension() <= delta:
break
if test_next == True:
break
if test_next == True:
continue
return [False, [IS, I_s]]
return [True, None]
# Returns True if the matrix is considered secure, False otherwise
def algorithm_3(M, NUM_CELLS):
t = NUM_CELLS
s = 1
V = VectorSpace(F, t)
l = 4*t
for r in range(2, l+1):
next_r = False
res_alg_2 = algorithm_2(M^r, t)
if res_alg_2[0] == False:
return [False, None]
# if res_alg_2[1] == None:
# continue
# IS = res_alg_2[1][0]
# I_s = res_alg_2[1][1]
# for j in range(1, r):
# IS = subspace_times_matrix(IS, M, t)
# I_j = []
# for i in range(0, s):
# new_basis = []
# for k in range(0, t):
# if k != i:
# new_basis.append(V.basis()[k])
# iota_space = V.subspace(new_basis)
# if IS.intersection(iota_space) != iota_space:
# single_iota_space = V.subspace([V.basis()[i]])
# if IS.intersection(single_iota_space) == single_iota_space:
# I_j.append(i)
# else:
# next_r = True
# break
# if next_r == True:
# break
# if next_r == True:
# continue
# return [False, [IS, I_j, r]]
return [True, None]
def check_minpoly_condition(M, NUM_CELLS):
max_period = 2*NUM_CELLS
all_fulfilled = True
M_temp = M
for i in range(1, max_period + 1):
if not ((M_temp.minimal_polynomial().degree() == NUM_CELLS) and (M_temp.minimal_polynomial().is_irreducible() == True)):
all_fulfilled = False
break
M_temp = M * M_temp
return all_fulfilled
def generate_matrix(FIELD, FIELD_SIZE, NUM_CELLS):
if FIELD == 0:
print("Matrix generation not implemented for GF(2^n).")
exit(1)
elif FIELD == 1:
mds_matrix = create_mds_p(FIELD_SIZE, NUM_CELLS)
result_1 = algorithm_1(mds_matrix, NUM_CELLS)
result_2 = algorithm_2(mds_matrix, NUM_CELLS)
result_3 = algorithm_3(mds_matrix, NUM_CELLS)
while result_1[0] == False or result_2[0] == False or result_3[0] == False:
mds_matrix = create_mds_p(FIELD_SIZE, NUM_CELLS)
result_1 = algorithm_1(mds_matrix, NUM_CELLS)
result_2 = algorithm_2(mds_matrix, NUM_CELLS)
result_3 = algorithm_3(mds_matrix, NUM_CELLS)
return mds_matrix
def generate_matrix_full(NUM_CELLS):
M = None
if t == 2:
M = matrix.circulant(vector([F(2), F(1)]))
elif t == 3:
M = matrix.circulant(vector([F(2), F(1), F(1)]))
elif t == 4:
M = matrix(F, [[F(5), F(7), F(1), F(3)], [F(4), F(6), F(1), F(1)], [F(1), F(3), F(5), F(7)], [F(1), F(1), F(4), F(6)]])
elif (t % 4) == 0:
M = matrix(F, t, t)
# M_small = matrix.circulant(vector([F(3), F(2), F(1), F(1)]))
M_small = matrix(F, [[F(5), F(7), F(1), F(3)], [F(4), F(6), F(1), F(1)], [F(1), F(3), F(5), F(7)], [F(1), F(1), F(4), F(6)]])
small_num = t // 4
for i in range(0, small_num):
for j in range(0, small_num):
if i == j:
M[i*4:(i+1)*4,j*4:(j+1)*4] = 2* M_small
else:
M[i*4:(i+1)*4,j*4:(j+1)*4] = M_small
else:
print("Error: No matrix for these parameters.")
exit()
return M
def generate_matrix_partial(FIELD, FIELD_SIZE, NUM_CELLS): ## TODO: Prioritize small entries
entry_max_bit_size = FIELD_SIZE
if FIELD == 0:
print("Matrix generation not implemented for GF(2^n).")
exit(1)
elif FIELD == 1:
M = None
if t == 2:
M = matrix(F, [[F(2), F(1)], [F(1), F(3)]])
elif t == 3:
M = matrix(F, [[F(2), F(1), F(1)], [F(1), F(2), F(1)], [F(1), F(1), F(3)]])
else:
M_circulant = matrix.circulant(vector([F(0)] + [F(1) for _ in range(0, NUM_CELLS - 1)]))
M_diagonal = matrix.diagonal([F(grain_random_bits(entry_max_bit_size)) for _ in range(0, NUM_CELLS)])
M = M_circulant + M_diagonal
# while algorithm_1(M, NUM_CELLS)[0] == False or algorithm_2(M, NUM_CELLS)[0] == False or algorithm_3(M, NUM_CELLS)[0] == False:
while check_minpoly_condition(M, NUM_CELLS) == False:
M_diagonal = matrix.diagonal([F(grain_random_bits(entry_max_bit_size)) for _ in range(0, NUM_CELLS)])
M = M_circulant + M_diagonal
if(algorithm_1(M, NUM_CELLS)[0] == False or algorithm_2(M, NUM_CELLS)[0] == False or algorithm_3(M, NUM_CELLS)[0] == False):
print("Error: Generated partial matrix is not secure w.r.t. subspace trails.")
exit()
return M
def generate_matrix_partial_small_entries(FIELD, FIELD_SIZE, NUM_CELLS):
if FIELD == 0:
print("Matrix generation not implemented for GF(2^n).")
exit(1)
elif FIELD == 1:
M_circulant = matrix.circulant(vector([F(0)] + [F(1) for _ in range(0, NUM_CELLS - 1)]))
combinations = list(itertools.product(range(2, 6), repeat=NUM_CELLS))
for entry in combinations:
M = M_circulant + matrix.diagonal(vector(F, list(entry)))
print(M)
# if M.is_invertible() == False or algorithm_1(M, NUM_CELLS)[0] == False or algorithm_2(M, NUM_CELLS)[0] == False or algorithm_3(M, NUM_CELLS)[0] == False:
if M.is_invertible() == False or check_minpoly_condition(M, NUM_CELLS) == False:
continue
return M
def matrix_partial_m_1(matrix_partial, NUM_CELLS):
M_circulant = matrix.identity(F, NUM_CELLS)
return matrix_partial - M_circulant
def print_linear_layer(M, n, t):
print("n:", n)
print("t:", t)
print("N:", (n * t))
print("Result Algorithm 1:\n", algorithm_1(M, NUM_CELLS))
print("Result Algorithm 2:\n", algorithm_2(M, NUM_CELLS))
print("Result Algorithm 3:\n", algorithm_3(M, NUM_CELLS))
hex_length = int(ceil(float(n) / 4)) + 2 # +2 for "0x"
print("Prime number:", "0x" + hex(PRIME_NUMBER))
matrix_string = "["
for i in range(0, t):
matrix_string += str(["{0:#0{1}x}".format(int(entry), hex_length) for entry in M[i]])
if i < (t-1):
matrix_string += ","
matrix_string += "]"
print("MDS matrix:\n", matrix_string)
def calc_equivalent_matrices(MDS_matrix_field):
# Following idea: Split M into M' * M'', where M'' is "cheap" and M' can move before the partial nonlinear layer
# The "previous" matrix layer is then M * M'. Due to the construction of M', the M[0,0] and v values will be the same for the new M' (and I also, obviously)
# Thus: Compute the matrices, store the w_hat and v_hat values
MDS_matrix_field_transpose = MDS_matrix_field.transpose()
w_hat_collection = []
v_collection = []
v = MDS_matrix_field_transpose[[0], list(range(1,t))]
M_mul = MDS_matrix_field_transpose
M_i = matrix(F, t, t)
for i in range(R_P_FIXED - 1, -1, -1):
M_hat = M_mul[list(range(1,t)), list(range(1,t))]
w = M_mul[list(range(1,t)), [0]]
v = M_mul[[0], list(range(1,t))]
v_collection.append(v.list())
w_hat = M_hat.inverse() * w
w_hat_collection.append(w_hat.list())
# Generate new M_i, and multiplication M * M_i for "previous" round
M_i = matrix.identity(t)
M_i[list(range(1,t)), list(range(1,t))] = M_hat
M_mul = MDS_matrix_field_transpose * M_i
return M_i, v_collection, w_hat_collection, MDS_matrix_field_transpose[0, 0]
def calc_equivalent_constants(constants, MDS_matrix_field):
constants_temp = [constants[index:index+t] for index in range(0, len(constants), t)]
MDS_matrix_field_transpose = MDS_matrix_field.transpose()
# Start moving round constants up
# Calculate c_i' = M^(-1) * c_(i+1)
# Split c_i': Add c_i'[0] AFTER the S-box, add the rest to c_i
# I.e.: Store c_i'[0] for each of the partial rounds, and make c_i = c_i + c_i' (where now c_i'[0] = 0)
num_rounds = R_F_FIXED + R_P_FIXED
R_f = R_F_FIXED / 2
for i in range(num_rounds - 2 - R_f, R_f - 1, -1):
inv_cip1 = list(vector(constants_temp[i+1]) * MDS_matrix_field_transpose.inverse())
constants_temp[i] = list(vector(constants_temp[i]) + vector([0] + inv_cip1[1:]))
constants_temp[i+1] = [inv_cip1[0]] + [0] * (t-1)
return constants_temp
def poseidon(input_words, matrix, round_constants):
R_f = int(R_F_FIXED / 2)
round_constants_counter = 0
state_words = list(input_words)
# First full rounds
for r in range(0, R_f):
# Round constants, nonlinear layer, matrix multiplication
for i in range(0, t):
state_words[i] = state_words[i] + round_constants[round_constants_counter]
round_constants_counter += 1
for i in range(0, t):
state_words[i] = (state_words[i])^alpha
state_words = list(matrix * vector(state_words))
# Middle partial rounds
for r in range(0, R_P_FIXED):
# Round constants, nonlinear layer, matrix multiplication
for i in range(0, t):
state_words[i] = state_words[i] + round_constants[round_constants_counter]
round_constants_counter += 1
state_words[0] = (state_words[0])^alpha
state_words = list(matrix * vector(state_words))
# Last full rounds
for r in range(0, R_f):
# Round constants, nonlinear layer, matrix multiplication
for i in range(0, t):
state_words[i] = state_words[i] + round_constants[round_constants_counter]
round_constants_counter += 1
for i in range(0, t):
state_words[i] = (state_words[i])^alpha
state_words = list(matrix * vector(state_words))
return state_words
def poseidon2(input_words, matrix_full, matrix_partial, round_constants):
R_f = int(R_F_FIXED / 2)
round_constants_counter = 0
state_words = list(input_words)
# First matrix mul
state_words = list(matrix_full * vector(state_words))
# First full rounds
for r in range(0, R_f):
# Round constants, nonlinear layer, matrix multiplication
for i in range(0, t):
state_words[i] = state_words[i] + round_constants[round_constants_counter]
round_constants_counter += 1
for i in range(0, t):
state_words[i] = (state_words[i])^alpha
state_words = list(matrix_full * vector(state_words))
# Middle partial rounds
for r in range(0, R_P_FIXED):
# Round constants, nonlinear layer, matrix multiplication
for i in range(0, t):
state_words[i] = state_words[i] + round_constants[round_constants_counter]
round_constants_counter += 1
state_words[0] = (state_words[0])^alpha
state_words = list(matrix_partial * vector(state_words))
# Last full rounds
for r in range(0, R_f):
# Round constants, nonlinear layer, matrix multiplication
for i in range(0, t):
state_words[i] = state_words[i] + round_constants[round_constants_counter]
round_constants_counter += 1
for i in range(0, t):
state_words[i] = (state_words[i])^alpha
state_words = list(matrix_full * vector(state_words))
return state_words
# Init
init_generator(FIELD, SBOX, FIELD_SIZE, NUM_CELLS, R_F_FIXED, R_P_FIXED)
# Round constants
round_constants = generate_constants(FIELD, FIELD_SIZE, NUM_CELLS, R_F_FIXED, R_P_FIXED, PRIME_NUMBER)
# print_round_constants(round_constants, FIELD_SIZE, FIELD)
# Matrix
# MDS = generate_matrix(FIELD, FIELD_SIZE, NUM_CELLS)
MATRIX_FULL = generate_matrix_full(NUM_CELLS)
MATRIX_PARTIAL = generate_matrix_partial(FIELD, FIELD_SIZE, NUM_CELLS)
MATRIX_PARTIAL_DIAGONAL_M_1 = [matrix_partial_m_1(MATRIX_PARTIAL, NUM_CELLS)[i,i] for i in range(0, NUM_CELLS)]
def to_hex(value):
l = len(hex(p - 1))
if l % 2 == 1:
l = l + 1
value = hex(int(value))[2:]
value = "0x" + value.zfill(l - 2)
print("from_hex(\"{}\"),".format(value))
print("use super::poseidon::PoseidonParams;")
print("use bellman_ce::pairing::{bls12_381::Bls12, ff::ScalarEngine, from_hex};")
print("type Scalar = <Bls12 as ScalarEngine>::Fr;")
print("use lazy_static::lazy_static;")
print("use std::sync::Arc;")
print()
print("lazy_static! {")
# # MDS
# print("pub static ref MDS{}: Vec<Vec<Scalar>> = vec![".format(t))
# for vec in MDS:
# print("vec![", end="")
# for val in vec:
# to_hex(val)
# print("],")
# print("];")
# print()
# Efficient partial matrix (diagonal - 1)
print("pub static ref MAT_DIAG{}_M_1: Vec<Scalar> = vec![".format(t))
for val in MATRIX_PARTIAL_DIAGONAL_M_1:
to_hex(val)
print("];")
print()
# Efficient partial matrix (full)
print("pub static ref MAT_INTERNAL{}: Vec<Vec<Scalar>> = vec![".format(t))
for vec in MATRIX_PARTIAL:
print("vec![", end="")
for val in vec:
to_hex(val)
print("],")
print("];")
print()
# Round constants
print("pub static ref RC{}: Vec<Vec<Scalar>> = vec![".format(t))
for (i,val) in enumerate(round_constants):
if i % t == 0:
print("vec![", end="")
to_hex(val)
if i % t == t - 1:
print("],")
print("];")
print()
print("pub static ref POSEIDON_{}_PARAMS: Arc<PoseidonParams<Scalar>> = Arc::new(PoseidonParams::new({}, {}, {}, {}, &MAT_DIAG{}_M_1, &RC{}));".format(t, t, alpha, R_F_FIXED, R_P_FIXED , t, t))
print("}")
print()
print()
state_in = vector([F(i) for i in range(t)])
# state_out = poseidon(state_in, MDS, round_constants)
state_out = poseidon2(state_in, MATRIX_FULL, MATRIX_PARTIAL, round_constants)
for (i,val) in enumerate(state_in):
if i % t == 0:
print("vec![", end="")
to_hex(val)
if i % t == t - 1:
print("],")
print("];")
for (i,val) in enumerate(state_out):
if i % t == 0:
print("vec![", end="")
to_hex(val)
if i % t == t - 1:
print("],")
print("];")