From 15633ad434fe58f4b2a59d90e5ee0abacd1e3e11 Mon Sep 17 00:00:00 2001 From: Kobi Gurkan Date: Fri, 17 Aug 2018 18:34:54 +0300 Subject: [PATCH] pedersen hashes: example of size limit bug --- bellman/src/gadgets/lookup.rs | 1 + zcash_primitives/src/pedersen_hash.rs | 19 ++++++++++++++++--- zcash_proofs/src/circuit/pedersen_hash.rs | 8 ++++++-- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/bellman/src/gadgets/lookup.rs b/bellman/src/gadgets/lookup.rs index bbb1da6..0c55801 100644 --- a/bellman/src/gadgets/lookup.rs +++ b/bellman/src/gadgets/lookup.rs @@ -154,6 +154,7 @@ where Ok(tmp) })?; + let one = CS::one(); // Compute the coefficients for the lookup constraints diff --git a/zcash_primitives/src/pedersen_hash.rs b/zcash_primitives/src/pedersen_hash.rs index f49fcb7..11dc387 100644 --- a/zcash_primitives/src/pedersen_hash.rs +++ b/zcash_primitives/src/pedersen_hash.rs @@ -18,7 +18,7 @@ impl Personalization { (0..6).map(|i| (num >> i) & 1 == 1).collect() } Personalization::Empty => { - vec![true, true, true, false, false, false] + vec![true, true, true, true, true, true] } } } @@ -115,13 +115,26 @@ where #[cfg(test)] mod test { - use crate::jubjub::*; + use crate::{ + jubjub::*, + pedersen_hash::{pedersen_hash, Personalization}, + }; + use pairing::bls12_381::{Bls12, Fr}; #[test] - fn test_pedersen_hash_generators() { + fn test_pedersen_hash_noncircuit() { let params = &JubjubBls12::new(); + /* for (i, generator) in params.pedersen_hash_generators().iter().enumerate() { println!("generator {}, x={}, y={}", i, generator.to_xy().0, generator.to_xy().1) } + */ + + let mut input: Vec = vec![]; + for i in 0..(63*3*4+1) { + input.push(true); + } + let p = pedersen_hash::(Personalization::Empty, input, ¶ms).to_xy(); + println!("hash = {}, {}", p.0, p.1); } } diff --git a/zcash_proofs/src/circuit/pedersen_hash.rs b/zcash_proofs/src/circuit/pedersen_hash.rs index 82703fa..7f43b1c 100644 --- a/zcash_proofs/src/circuit/pedersen_hash.rs +++ b/zcash_proofs/src/circuit/pedersen_hash.rs @@ -41,6 +41,7 @@ where let b = bits.next().unwrap_or(&boolean_false); let c = bits.next().unwrap_or(&boolean_false); + let tmp = lookup3_xy_with_conditional_negation( cs.namespace(|| format!("segment {}, window {}", segment_i, window_i)), &[a.clone(), b.clone(), c.clone()], @@ -213,16 +214,19 @@ mod test { fn test_pedersen_hash_alternative() { let params = &JubjubBls12::new(); - let mut input: Vec = vec![true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, true, false, true, true, true, true, true, false, true, false, false, false, true, true, false, false, false, false, false, false, false, false, false, false, true, false, false, false, true, false, true, true, true, false, false, true, true, false, true, true, true, true, true, false, true, true, false, true, true, false, true, false, true, false, true, true, false, true, false, true, true, false, false, false, false, false, true, true, false, true, false, true, true, true, true, false, true, false, true, false, false, false, false, true, true, true, false, true, true, true, false, true, false, false, true, false, true, true, true, false, false, false, true, true]; + let mut input: Vec = vec![]; + for i in 0..(63*3*4+1) { + input.push(true); + } let mut cs = TestConstraintSystem::::new(); + let input_bools: Vec = input.iter().enumerate().map(|(i, b)| { Boolean::from( AllocatedBit::alloc(cs.namespace(|| format!("input {}", i)), Some(*b)).unwrap() ) }).collect(); - let res = pedersen_hash( cs.namespace(|| "pedersen hash"), Personalization::Empty,