1  
 2  module Poseidon2.Sponge where
 3  
 4  --------------------------------------------------------------------------------
 5  
 6  import ZK.Algebra.Curves.BN128.Fr.Mont (Fr)
 7  
 8  import Poseidon2.Permutation
 9  
10  --------------------------------------------------------------------------------
11  
12  -- | Sponge construction with rate=1 (capacity=2), zero IV and 10* padding
13  sponge1 :: [Fr] -> Fr
14  sponge1 input = go (0,0,civ) (pad input) where
15  
16    -- domain separation: capacity IV = 2^64 + 256*t + rate
17    civ = fromInteger (2^64 + 0x0301)
18  
19    pad :: [Fr] -> [Fr]
20    pad (x:xs) = x : pad xs
21    pad []     = [1]
22  
23    go (sx,_ ,_ ) []     = sx
24    go (sx,sy,sz) (a:as) = go state' as where 
25      state' = permutation (sx+a, sy, sz)
26  
27  --------------------------------------------------------------------------------
28  
29  -- | Sponge construction with rate=2 (capacity=1), zero IV and 10* padding
30  sponge2 :: [Fr] -> Fr
31  sponge2 input = go (0,0,civ) (pad input) where
32  
33    -- domain separation: capacity IV = 2^64 + 256*t + rate
34    civ = fromInteger (2^64 + 0x0302)
35  
36    pad :: [Fr] -> [Fr]
37    pad (x:y:rest) = x : y : pad rest
38    pad [x]        = [x,1]
39    pad []         = [1,0]
40  
41    go (sx,_ ,_ ) []         = sx
42    go (sx,sy,sz) (a:b:rest) = go state' rest where 
43      state' = permutation (sx+a, sy+b, sz)
44  
45  --------------------------------------------------------------------------------
46