Barretenberg: src/barretenberg/dsl/acir_format/sha256_constraint.cpp Source File

// === AUDIT STATUS ===

// internal:    { status: not started, auditors: [], date: YYYY-MM-DD }

// external_1:  { status: not started, auditors: [], date: YYYY-MM-DD }

// external_2:  { status: not started, auditors: [], date: YYYY-MM-DD }

// =====================


#include "sha256_constraint.hpp"

#include "barretenberg/serialize/msgpack_impl.hpp"

#include "barretenberg/stdlib/hash/sha256/sha256.hpp"

#include "round.hpp"


namespace acir_format {


template <typename Builder>


void create_sha256_compression_constraints(Builder& builder, const Sha256Compression& constraint)

{

    using field_ct = bb::stdlib::field_t<Builder>;


    std::array<field_ct, 16> inputs;

    std::array<field_ct, 8> hash_inputs;


    // Get the witness assignment for each witness index

    // Note that we do not range-check the inputs, which should be 32 bits,

    // because of the lookup-tables.

    size_t i = 0;

    for (const auto& witness_index_num_bits : constraint.inputs) {

        inputs[i] = to_field_ct(witness_index_num_bits, builder);

        ++i;

    }

    i = 0;

    for (const auto& witness_index_num_bits : constraint.hash_values) {

        hash_inputs[i] = to_field_ct(witness_index_num_bits, builder);

        ++i;

    }


    // Compute sha256 compression

    auto output_bytes = bb::stdlib::SHA256<Builder>::sha256_block(hash_inputs, inputs);


    // Constrain outputs to match expected witness indices

    for (size_t i = 0; i < 8; ++i) {

        field_ct result_witness = field_ct::from_witness_index(&builder, constraint.result[i]);

        output_bytes[i].assert_equal(result_witness);

    }

}


template void create_sha256_compression_constraints<bb::UltraCircuitBuilder>(bb::UltraCircuitBuilder& builder,

                                                                             const Sha256Compression& constraint);

template void create_sha256_compression_constraints<bb::MegaCircuitBuilder>(bb::MegaCircuitBuilder& builder,

                                                                            const Sha256Compression& constraint);


} // namespace acir_format

bb::ECCVMCircuitBuilder
Definition eccvm_circuit_builder.hpp:24

bb::MegaCircuitBuilder_
Definition mega_circuit_builder.hpp:19

bb::UltraCircuitBuilder_
Definition ultra_circuit_builder.hpp:41

bb::stdlib::SHA256::sha256_block
static std::array< field_ct, 8 > sha256_block(const std::array< field_ct, 8 > &h_init, const std::array< field_ct, 16 > &input)
Apply the SHA-256 compression function to a single 512-bit message block.
Definition sha256.cpp:248

bb::stdlib::field_t< Builder >

bb::stdlib::field_t< Builder >::from_witness_index
static field_t from_witness_index(Builder *ctx, uint32_t witness_index)
Definition field.cpp:62

builder
AluTraceBuilder builder
Definition alu.test.cpp:124

inputs
AvmProvingInputs inputs
Definition hinting_dbs.test.cpp:45

msgpack_impl.hpp

acir_format
Definition acir_format.cpp:31

acir_format::create_sha256_compression_constraints< bb::MegaCircuitBuilder >
template void create_sha256_compression_constraints< bb::MegaCircuitBuilder >(bb::MegaCircuitBuilder &builder, const Sha256Compression &constraint)

acir_format::create_sha256_compression_constraints
void create_sha256_compression_constraints(Builder &builder, const Sha256Compression &constraint)
Definition sha256_constraint.cpp:15

acir_format::create_sha256_compression_constraints< bb::UltraCircuitBuilder >
template void create_sha256_compression_constraints< bb::UltraCircuitBuilder >(bb::UltraCircuitBuilder &builder, const Sha256Compression &constraint)

acir_format::to_field_ct
bb::stdlib::field_t< Builder > to_field_ct(const WitnessOrConstant< typename Builder::FF > &input, Builder &builder)
Definition witness_constant.hpp:40

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

round.hpp

sha256_constraint.hpp

sha256.hpp

acir_format::Sha256Compression
Definition sha256_constraint.hpp:25

acir_format::Sha256Compression::hash_values
std::array< WitnessOrConstant< bb::fr >, 8 > hash_values
Definition sha256_constraint.hpp:27

acir_format::Sha256Compression::result
std::array< uint32_t, 8 > result
Definition sha256_constraint.hpp:28

acir_format::Sha256Compression::inputs
std::array< WitnessOrConstant< bb::fr >, 16 > inputs
Definition sha256_constraint.hpp:26