pedersen hashes: example of size limit bug

2025-02-11 17:55:46 +00:00 · 2018-08-17 18:34:54 +03:00 · 2018-08-17 18:34:54 +03:00 · 15633ad434
commit 15633ad434
parent 414d651c9c
3 changed files with 23 additions and 5 deletions
--- a/bellman/src/gadgets/lookup.rs
+++ b/bellman/src/gadgets/lookup.rs
@ -154,6 +154,7 @@ where
        Ok(tmp)
    })?;
    let one = CS::one();
    // Compute the coefficients for the lookup constraints
--- a/zcash_primitives/src/pedersen_hash.rs
+++ b/zcash_primitives/src/pedersen_hash.rs
@ -18,7 +18,7 @@ impl Personalization {
                (0..6).map(|i| (num >> i) & 1 == 1).collect()
            }
            Personalization::Empty => {
-                vec![true, true, true, false, false, false]
+                vec![true, true, true, true, true, true]
            }
        }
    }
@ -115,13 +115,26 @@ where
 #[cfg(test)]
 mod test {
-    use crate::jubjub::*;
+    use crate::{
        jubjub::*,
        pedersen_hash::{pedersen_hash, Personalization},
    };
    use pairing::bls12_381::{Bls12, Fr};
    #[test]
-    fn test_pedersen_hash_generators() {
+    fn test_pedersen_hash_noncircuit() {
        let params = &JubjubBls12::new();
        /*
        for (i, generator) in params.pedersen_hash_generators().iter().enumerate() {
            println!("generator {}, x={}, y={}", i, generator.to_xy().0, generator.to_xy().1)
        }
        */
        let mut input: Vec<bool> = vec![];
        for i in 0..(63*3*4+1) {
            input.push(true);
        }
        let p = pedersen_hash::<Bls12, _>(Personalization::Empty, input, &params).to_xy();
        println!("hash = {}, {}", p.0, p.1);
    }
 }
--- a/zcash_proofs/src/circuit/pedersen_hash.rs
+++ b/zcash_proofs/src/circuit/pedersen_hash.rs
@ -41,6 +41,7 @@ where
            let b = bits.next().unwrap_or(&boolean_false);
            let c = bits.next().unwrap_or(&boolean_false);
            let tmp = lookup3_xy_with_conditional_negation(
                cs.namespace(|| format!("segment {}, window {}", segment_i, window_i)),
                &[a.clone(), b.clone(), c.clone()],
@ -213,16 +214,19 @@ mod test {
    fn test_pedersen_hash_alternative() {
        let params = &JubjubBls12::new();
-        let mut input: Vec<bool> = vec![true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, false, false, true, true, true, false, true, false, true, true, true, true, true, false, true, false, false, false, true, true, false, false, false, false, false, false, false, false, false, false, true, false, false, false, true, false, true, true, true, false, false, true, true, false, true, true, true, true, true, false, true, true, false, true, true, false, true, false, true, false, true, true, false, true, false, true, true, false, false, false, false, false, true, true, false, true, false, true, true, true, true, false, true, false, true, false, false, false, false, true, true, true, false, true, true, true, false, true, false, false, true, false, true, true, true, false, false, false, true, true];
+        let mut input: Vec<bool> = vec![];
        for i in 0..(63*3*4+1) {
            input.push(true);
        }
        let mut cs = TestConstraintSystem::<Bls12>::new();
        let input_bools: Vec<Boolean> = input.iter().enumerate().map(|(i, b)| {
            Boolean::from(
                AllocatedBit::alloc(cs.namespace(|| format!("input {}", i)), Some(*b)).unwrap()
            )
        }).collect();
        let res = pedersen_hash(
            cs.namespace(|| "pedersen hash"),
            Personalization::Empty,