Cradicle Explorer
deltavm
/ console / algorithms / src / pedersen / mod.rs
mod.rs
 1  // Copyright (c) 2019-2025 Alpha-Delta Network Inc.
 2  // This file is part of the deltavm library.
 3  
 4  // Licensed under the Apache License, Version 2.0 (the "License");
 5  // you may not use this file except in compliance with the License.
 6  // You may obtain a copy of the License at:
 7  
 8  // http://www.apache.org/licenses/LICENSE-2.0
 9  
10  // Unless required by applicable law or agreed to in writing, software
11  // distributed under the License is distributed on an "AS IS" BASIS,
12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  // See the License for the specific language governing permissions and
14  // limitations under the License.
15  
16  mod commit;
17  mod commit_uncompressed;
18  mod hash;
19  mod hash_uncompressed;
20  
21  use crate::Blake2Xs;
22  use deltavm_console_types::prelude::*;
23  
24  use std::{borrow::Cow, sync::Arc};
25  
26  /// Pedersen64 is an *additively-homomorphic* collision-resistant hash function that takes up to a 64-bit input.
27  pub type Pedersen64<E> = Pedersen<E, 64>;
28  /// Pedersen128 is an *additively-homomorphic* collision-resistant hash function that takes up to a 128-bit input.
29  pub type Pedersen128<E> = Pedersen<E, 128>;
30  
31  /// Pedersen is a collision-resistant hash function that takes a variable-length input.
32  /// The Pedersen hash function does *not* behave like a random oracle, see Poseidon for one.
33  #[derive(Clone)]
34  pub struct Pedersen<E: Environment, const NUM_BITS: u8> {
35      /// The base window for the Pedersen hash.
36      base_window: Arc<Vec<Group<E>>>,
37      /// The random base window for the Pedersen commitment.
38      random_base_window: Arc<Vec<Group<E>>>,
39  }
40  
41  impl<E: Environment, const NUM_BITS: u8> Pedersen<E, NUM_BITS> {
42      /// Initializes a new instance of Pedersen with the given setup message.
43      pub fn setup(message: &str) -> Self {
44          // Construct an indexed message to attempt to sample a base.
45          let (generator, _, _) = Blake2Xs::hash_to_curve::<E::Affine>(&format!("Delta.Pedersen.Base.{message}"));
46          // Construct the window with the base.
47          let mut base_window = vec![Group::<E>::zero(); NUM_BITS as usize];
48          {
49              let mut base_power = Group::<E>::new(generator);
50              for base in base_window.iter_mut().take(NUM_BITS as usize) {
51                  *base = base_power;
52                  base_power = base_power.double();
53              }
54              assert_eq!(base_window.len(), NUM_BITS as usize);
55          }
56  
57          // Compute the random base.
58          let (generator, _, _) = Blake2Xs::hash_to_curve::<E::Affine>(&format!("Delta.Pedersen.RandomBase.{message}"));
59          // Construct the window with the random base.
60          let mut random_base = Vec::with_capacity(Scalar::<E>::size_in_bits());
61          {
62              let mut base = Group::<E>::new(generator);
63              for _ in 0..Scalar::<E>::size_in_bits() {
64                  random_base.push(base);
65                  base = base.double();
66              }
67              assert_eq!(random_base.len(), Scalar::<E>::size_in_bits());
68          }
69  
70          Self { base_window: Arc::new(base_window.to_vec()), random_base_window: Arc::new(random_base) }
71      }
72  
73      /// Returns the base window.
74      pub fn base_window(&self) -> &Arc<Vec<Group<E>>> {
75          &self.base_window
76      }
77  
78      /// Returns the random base window.
79      pub fn random_base_window(&self) -> &Arc<Vec<Group<E>>> {
80          &self.random_base_window
81      }
82  }