Zeth - Zerocash on Ethereum  0.8
Reference implementation of the Zeth protocol by Clearmatics
mimc_round.hpp
Go to the documentation of this file.
1 // Copyright (c) 2015-2022 Clearmatics Technologies Ltd
2 //
3 // SPDX-License-Identifier: LGPL-3.0+
4 
5 #ifndef __ZETH_CIRCUITS_MIMC_ROUND_HPP__
6 #define __ZETH_CIRCUITS_MIMC_ROUND_HPP__
7 
8 #include "libzeth/circuits/circuit_utils.hpp"
9 #include "libzeth/core/utils.hpp"
10 
11 #include <libsnark/gadgetlib1/gadget.hpp>
12 
13 namespace libzeth
14 {
15 
16 template<typename FieldT, size_t Exponent>
17 class MiMC_round_gadget : public libsnark::gadget<FieldT>
18 {
19 private:
20  static_assert((Exponent & 1) == 1, "MiMC Exponent must be odd");
21 
22  static constexpr size_t EXPONENT_NUM_BITS = bit_utils<Exponent>::bit_size();
23  static constexpr size_t NUM_CONDITIONS =
24  bit_utils<Exponent>::bit_size() +
25  bit_utils<Exponent>::hamming_weight() - 2;
26 
27  // Message of the current round
28  const libsnark::pb_linear_combination<FieldT> msg;
29 
30  // Key of the current round
31  const libsnark::pb_linear_combination<FieldT> key;
32 
33  // Round constant of the current round
34  const FieldT round_const;
35 
36  // Result variable
37  const libsnark::pb_variable<FieldT> result;
38 
39  // Optional linear combination to add after the final round
40  const libsnark::pb_linear_combination<FieldT> add_to_result;
41 
42  // Flag indicating whether add_to_result is valid
43  const bool add_to_result_is_valid;
44 
45  // Intermediate values
46  std::vector<libsnark::pb_variable<FieldT>> exponents;
47 
48  // Initialization code shared by constructors.
49  void initialize();
50 
51 public:
52  MiMC_round_gadget(
53  libsnark::protoboard<FieldT> &pb,
54  const libsnark::pb_linear_combination<FieldT> &msg,
55  const libsnark::pb_linear_combination<FieldT> &key,
56  const FieldT &round_const,
57  libsnark::pb_variable<FieldT> &result,
58  const std::string &annotation_prefix = "MiMC_round_gadget");
59 
62  MiMC_round_gadget(
63  libsnark::protoboard<FieldT> &pb,
64  const libsnark::pb_linear_combination<FieldT> &msg,
65  const libsnark::pb_linear_combination<FieldT> &key,
66  const FieldT &round_const,
67  libsnark::pb_variable<FieldT> &result,
68  const libsnark::pb_linear_combination<FieldT> &add_to_result,
69  const std::string &annotation_prefix = "MiMC_round_gadget");
70 
71  void generate_r1cs_constraints();
72  void generate_r1cs_witness() const;
73 };
74 
75 } // namespace libzeth
76 
77 #include "libzeth/circuits/mimc/mimc_round.tcc"
78 
79 #endif // __ZETH_CIRCUITS_MIMC_ROUND_HPP__
libzeth::bit_utils::bit_size
static constexpr size_t bit_size()
utils.hpp
libzeth::bit_utils::hamming_weight
static constexpr size_t hamming_weight()
libzeth
Definition: binary_operation.hpp:15
circuit_utils.hpp
libzeth::MiMC_round_gadget::generate_r1cs_witness
void generate_r1cs_witness() const
libzeth::MiMC_round_gadget::MiMC_round_gadget
MiMC_round_gadget(libsnark::protoboard< FieldT > &pb, const libsnark::pb_linear_combination< FieldT > &msg, const libsnark::pb_linear_combination< FieldT > &key, const FieldT &round_const, libsnark::pb_variable< FieldT > &result, const std::string &annotation_prefix="MiMC_round_gadget")
libzeth::MiMC_round_gadget::generate_r1cs_constraints
void generate_r1cs_constraints()
mimc_round.tcc
libzeth::MiMC_round_gadget
Definition: mimc_round.hpp:17
Generated on Mon Nov 28 2022 10:29:03 for Zeth - Zerocash on Ethereum by   doxygen 1.8.17