okx · cliff0412 · Sep 3, 2024 · Sep 3, 2024 · Sep 4, 2024 · Sep 4, 2024
diff --git a/.DS_Store b/.DS_Store
diff --git a/goldilocks/src/poseidon2.rs b/goldilocks/src/poseidon2.rs
@@ -86,7 +86,7 @@ pub const MATRIX_DIAG_20_GOLDILOCKS_U64: [u64; 20] = [
 const MATRIX_DIAG_8_GOLDILOCKS: [Goldilocks; 8] = to_goldilocks_array(MATRIX_DIAG_8_GOLDILOCKS_U64);
 const MATRIX_DIAG_12_GOLDILOCKS: [Goldilocks; 12] =
     to_goldilocks_array(MATRIX_DIAG_12_GOLDILOCKS_U64);
-const MATRIX_DIAG_16_GOLDILOCKS: [Goldilocks; 16] =
+pub const MATRIX_DIAG_16_GOLDILOCKS: [Goldilocks; 16] =
     to_goldilocks_array(MATRIX_DIAG_16_GOLDILOCKS_U64);
 const MATRIX_DIAG_20_GOLDILOCKS: [Goldilocks; 20] =
     to_goldilocks_array(MATRIX_DIAG_20_GOLDILOCKS_U64);

diff --git a/mersenne-31/src/mersenne_31.rs b/mersenne-31/src/mersenne_31.rs
@@ -405,7 +405,7 @@ impl Div for Mersenne31 {
 }
 
 #[inline(always)]
-pub(crate) fn from_u62(input: u64) -> Mersenne31 {
+pub fn from_u62(input: u64) -> Mersenne31 {
     debug_assert!(input < (1 << 62));
     let input_lo = (input & ((1 << 31) - 1)) as u32;
     let input_high = (input >> 31) as u32;

diff --git a/mersenne-31/src/poseidon2.rs b/mersenne-31/src/poseidon2.rs
@@ -37,7 +37,7 @@ pub const POSEIDON2_INTERNAL_MATRIX_DIAG_16: [Mersenne31; 16] = to_mersenne31_ar
     1 << 16,
 ]);
 
-const POSEIDON2_INTERNAL_MATRIX_DIAG_16_SHIFTS: [u8; 15] =
+pub const POSEIDON2_INTERNAL_MATRIX_DIAG_16_SHIFTS: [u8; 15] =
     [0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 13, 14, 15, 16];
 
 pub const POSEIDON2_INTERNAL_MATRIX_DIAG_24: [Mersenne31; 24] = to_mersenne31_array([

diff --git a/poseidon2-air/Cargo.toml b/poseidon2-air/Cargo.toml
@@ -8,11 +8,20 @@ license = "MIT OR Apache-2.0"
 p3-air = { path = "../air" }
 p3-field = { path = "../field" }
 p3-matrix = { path = "../matrix" }
+p3-circle = { path = "../circle" }
 p3-maybe-rayon = { path = "../maybe-rayon" }
+p3-challenger={path="../challenger"}
 p3-util = { path = "../util" }
+p3-mersenne-31 = { path = "../mersenne-31" }
+p3-goldilocks = { path = "../goldilocks" }
 #rand = { version = "0.8.5", features = ["min_const_gen"] }
 rand = "0.8.5"
 tracing = "0.1.37"
+p3-poseidon2 = { path = "../poseidon2" }
+num-bigint = { version = "0.4.3", default-features = false }
+serde_json = "1.0.114"
+zkhash = { git = "https://github.com/HorizenLabs/poseidon2" }
+ark-ff = "0.4.2"
 
 [dev-dependencies]
 p3-koala-bear = { path = "../koala-bear" }

diff --git a/poseidon2-air/examples/prove_poseidon2_gl64.rs b/poseidon2-air/examples/prove_poseidon2_gl64.rs
@@ -0,0 +1,158 @@
+use std::fmt::Debug;
+use std::marker::PhantomData;
+
+use ark_ff::{BigInteger, PrimeField};
+use p3_challenger::{DuplexChallenger, HashChallenger, SerializingChallenger32};
+use p3_circle::CirclePcs;
+use p3_commit::ExtensionMmcs;
+use p3_dft::Radix2DitParallel;
+use p3_field::extension::BinomialExtensionField;
+use p3_field::{AbstractField, Field};
+use p3_fri::{FriConfig, TwoAdicFriPcs};
+use p3_goldilocks::{DiffusionMatrixGoldilocks, Goldilocks};
+use p3_keccak::Keccak256Hash;
+use p3_merkle_tree::FieldMerkleTreeMmcs;
+use p3_poseidon2::{Poseidon2, Poseidon2ExternalMatrixGeneral};
+use p3_poseidon2_air::{generate_trace, FieldType, Poseidon2Air};
+use p3_symmetric::{
+    CompressionFunctionFromHasher, PaddingFreeSponge, SerializingHasher32, TruncatedPermutation,
+};
+use p3_uni_stark::{prove, verify, StarkConfig};
+use rand::{random, thread_rng};
+use tracing_forest::util::LevelFilter;
+use tracing_forest::ForestLayer;
+use tracing_subscriber::layer::SubscriberExt;
+use tracing_subscriber::util::SubscriberInitExt;
+use tracing_subscriber::{EnvFilter, Registry};
+use zkhash::fields::goldilocks::FpGoldiLocks;
+use zkhash::poseidon::poseidon_instance_goldilocks::RC16;
+
+const WIDTH: usize = 16;
+const SBOX_DEGREE: u64 = 3;
+const SBOX_REGISTERS: usize = 1;
+const HALF_FULL_ROUNDS: usize = 4;
+const PARTIAL_ROUNDS: usize = 20;
+
+const NUM_HASHES: usize = 1 << 4;
+
+fn goldilocks_from_ark_ff(input: FpGoldiLocks) -> Goldilocks {
+    let as_bigint = input.into_bigint();
+    let mut as_bytes = as_bigint.to_bytes_le();
+    as_bytes.resize(8, 0);
+    let as_u64 = u64::from_le_bytes(as_bytes[0..8].try_into().unwrap());
+    Goldilocks::from_wrapped_u64(as_u64)
+}
+
+fn main() {
+    let env_filter = EnvFilter::builder()
+        .with_default_directive(LevelFilter::INFO.into())
+        .from_env_lossy();
+
+    Registry::default()
+        .with(env_filter)
+        .with(ForestLayer::default())
+        .init();
+
+    type Val = Goldilocks;
+    type Challenge = BinomialExtensionField<Val, 2>;
+    type Perm = Poseidon2<
+        Goldilocks,
+        Poseidon2ExternalMatrixGeneral,
+        DiffusionMatrixGoldilocks,
+        WIDTH,
+        SBOX_DEGREE,
+    >;
+
+    let round_constants: Vec<[Val; WIDTH]> = RC16
+        .iter()
+        .map(|vec| {
+            vec.iter()
+                .cloned()
+                .map(goldilocks_from_ark_ff)
+                .collect::<Vec<_>>()
+                .try_into()
+                .unwrap()
+        })
+        .collect();
+
+    let external_linear_layer = Poseidon2ExternalMatrixGeneral::default();
+    let internal_linear_layer = DiffusionMatrixGoldilocks::default();
+
+    let mut external_constants = round_constants.clone()[0..4].to_vec();
+    external_constants.extend(round_constants.clone()[26..30].to_vec());
+
+    let mut internal_constants = round_constants.clone()[4..26]
+        .iter()
+        .map(|x| x[0])
+        .collect();
+
+    let perm = Perm::new(
+        8,
+        external_constants,
+        external_linear_layer,
+        22,
+        internal_constants,
+        internal_linear_layer,
+    );
+
+    type MyHash = PaddingFreeSponge<Perm, WIDTH, 4, 4>;
+    let hash = MyHash::new(perm.clone());
+
+    type MyCompress = TruncatedPermutation<Perm, 2, 4, WIDTH>;
+    let compress = MyCompress::new(perm.clone());
+
+    type ValMmcs = FieldMerkleTreeMmcs<
+        <Val as Field>::Packing,
+        <Val as Field>::Packing,
+        MyHash,
+        MyCompress,
+        4,
+    >;
+    let val_mmcs = ValMmcs::new(hash, compress);
+
+    type ChallengeMmcs = ExtensionMmcs<Val, Challenge, ValMmcs>;
+    let challenge_mmcs = ChallengeMmcs::new(val_mmcs.clone());
+
+    type Dft = Radix2DitParallel;
+    let dft = Dft {};
+
+    type Challenger = DuplexChallenger<Val, Perm, WIDTH, 4>;
+
+    //     let external_linear_layer = Poseidon2ExternalMatrixGeneral::default();
+    //     let internal_linear_layer = DiffusionMatrixGoldilocks::default();
+    let air: Poseidon2Air<Val, WIDTH> = Poseidon2Air::new(FieldType::GL64);
+    let mut input = core::array::from_fn(|j| Goldilocks::from_canonical_u64(0));
+    let trace = generate_trace::<Val, WIDTH>(&mut input, round_constants.clone(), FieldType::GL64);
+
+    let fri_config = FriConfig {
+        log_blowup: 1,
+        num_queries: 100,
+        proof_of_work_bits: 16,
+        mmcs: challenge_mmcs,
+    };
+    type Pcs = TwoAdicFriPcs<Val, Dft, ValMmcs, ChallengeMmcs>;
+
+    // dbg!(log2_ceil_usize(trace.height()));
+    // dbg!(get_log_quotient_degree::<Val, FibonacciAir>(
+    //     &FibonacciAir {},
+    //     0
+    // ));
+
+    let pcs = Pcs::new(dft, val_mmcs, fri_config);
+
+    type MyConfig = StarkConfig<Pcs, Challenge, Challenger>;
+    let config = MyConfig::new(pcs);
+
+    let mut challenger = Challenger::new(perm.clone());
+
+    let proof = prove::<MyConfig, _>(&config, &air, &mut challenger, trace, &vec![]);
+
+    // std::fs::write(
+    //     "proof_poseidon2_gl64.json",
+    //     serde_json::to_string(&proof).unwrap(),
+    // )
+    // .unwrap();
+
+    // let mut challenger = Challenger::new(perm);
+    // verify(&config, &air, &mut challenger, &proof, &vec![]).unwrap();
+}
diff --git a/poseidon2-air/examples/prove_poseidon2_m31.rs b/poseidon2-air/examples/prove_poseidon2_m31.rs
@@ -0,0 +1,109 @@
+use std::fmt::Debug;
+use std::marker::PhantomData;
+
+use p3_challenger::{DuplexChallenger, HashChallenger, SerializingChallenger32};
+use p3_circle::CirclePcs;
+use p3_commit::ExtensionMmcs;
+use p3_dft::Radix2DitParallel;
+use p3_field::extension::BinomialExtensionField;
+use p3_field::{AbstractField, Field};
+use p3_fri::{FriConfig, TwoAdicFriPcs};
+use p3_keccak::Keccak256Hash;
+use p3_merkle_tree::FieldMerkleTreeMmcs;
+use p3_mersenne_31::{DiffusionMatrixMersenne31, Mersenne31};
+use p3_poseidon2::{Poseidon2, Poseidon2ExternalMatrixGeneral, M31_RC_16_30_U32};
+use p3_poseidon2_air::{generate_trace, FieldType, Poseidon2Air};
+use p3_symmetric::{
+    CompressionFunctionFromHasher, PaddingFreeSponge, SerializingHasher32, TruncatedPermutation,
+};
+use p3_uni_stark::{prove, verify, StarkConfig};
+use rand::{random, thread_rng};
+use tracing_forest::util::LevelFilter;
+use tracing_forest::ForestLayer;
+use tracing_subscriber::layer::SubscriberExt;
+use tracing_subscriber::util::SubscriberInitExt;
+use tracing_subscriber::{EnvFilter, Registry};
+
+const WIDTH: usize = 16;
+const SBOX_DEGREE: usize = 3;
+const SBOX_REGISTERS: usize = 1;
+const HALF_FULL_ROUNDS: usize = 4;
+const PARTIAL_ROUNDS: usize = 20;
+
+const NUM_HASHES: usize = 1 << 4;
+
+// F::from_wrapped_u32(M31_RC_16_30_U32[r - 1][j]
+
+fn main() {
+    let env_filter = EnvFilter::builder()
+        .with_default_directive(LevelFilter::INFO.into())
+        .from_env_lossy();
+
+    Registry::default()
+        .with(env_filter)
+        .with(ForestLayer::default())
+        .init();
+
+    type Val = Mersenne31;
+    type Challenge = Val;
+    type ByteHash = Keccak256Hash;
+    type FieldHash = SerializingHasher32<ByteHash>;
+    let byte_hash = ByteHash {};
+    let field_hash = FieldHash::new(Keccak256Hash {});
+
+    type MyCompress = CompressionFunctionFromHasher<u8, ByteHash, 2, 32>;
+    let compress = MyCompress::new(byte_hash);
+
+    type ValMmcs = FieldMerkleTreeMmcs<Val, u8, FieldHash, MyCompress, 32>;
+    let val_mmcs = ValMmcs::new(field_hash, compress);
+
+    type ChallengeMmcs = ExtensionMmcs<Val, Challenge, ValMmcs>;
+    let challenge_mmcs = ChallengeMmcs::new(val_mmcs.clone());
+
+    type Dft = Radix2DitParallel;
+    let dft = Dft {};
+
+    type Challenger = SerializingChallenger32<Val, HashChallenger<u8, ByteHash, 32>>;
+
+    let external_linear_layer = Poseidon2ExternalMatrixGeneral::default();
+    let internal_linear_layer = DiffusionMatrixMersenne31::default();
+    let air: Poseidon2Air<Val, WIDTH> = Poseidon2Air::new(FieldType::M31);
+    // let mut inputs = (0..NUM_HASHES).map(|i| core::array::from_fn(|j| Mersenne31::from_canonical_u32(0))).collect::<Vec<_>>();
+    let mut input = core::array::from_fn(|j| Mersenne31::from_canonical_u32(0));
+
+    let rc: Vec<[Val; WIDTH]> = M31_RC_16_30_U32
+        .iter()
+        .map(|x| core::array::from_fn(|i| Val::from_wrapped_u32(x[i])))
+        .collect();
+    let trace = generate_trace::<Val, WIDTH>(&mut input, rc, FieldType::M31);
+
+    let fri_config = FriConfig {
+        log_blowup: 1,
+        num_queries: 100,
+        proof_of_work_bits: 16,
+        mmcs: challenge_mmcs,
+    };
+
+    type Pcs = CirclePcs<Val, ValMmcs, ChallengeMmcs>;
+    let pcs = Pcs {
+        mmcs: val_mmcs,
+        fri_config,
+        _phantom: PhantomData,
+    };
+    type MyConfig = StarkConfig<Pcs, Challenge, Challenger>;
+    let config = MyConfig::new(pcs);
+
+    let mut challenger = Challenger::from_hasher(vec![], byte_hash);
+    let proof = prove(&config, &air, &mut challenger, trace, &vec![]);
+
+    std::fs::write(
+        "proof_poseidon2_m31.json",
+        serde_json::to_string(&proof).unwrap(),
+    )
+    .unwrap();
+
+    // let mut challenger = Challenger::new(perm);
+    verify(&config, &air, &mut challenger, &proof, &vec![]);
+
+    //
+}