snark: Pedersen hash doesn't seem to work with bls12-377 curve

When using a Pedersen hash (primitive and gadget) with the following parameters:

pub type CRH = PedersenCRH<bls12_377::G1Projective, CRHWindow>;

#[derive(Clone, PartialEq, Eq, Hash)]
pub struct CRHWindow;

impl PedersenWindow for CRHWindow {
    const WINDOW_SIZE: usize = 128;
    const NUM_WINDOWS: usize = 8;
}

pub type CRHGadget = PedersenCRHGadget<bls12_377::G1Projective, bls12_377::Fq, bls12_377::G1Gadget>;

pub type CRHGadgetParameters = <CRHGadget as FixedLengthCRHGadget<CRH, bls12_377::Fq>>::ParametersGadget;

The gadget and the primitive output different points even when given the same input. The tests crh_works and crh_primitive_gadget_test fail. Weirdly enough, the tests pass with Jujub.

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 15 (14 by maintainers)

Most upvoted comments

There is a “jubjub” for MNT4-753: https://github.com/scipr-lab/zexe/blob/master/algebra/src/ed_on_mnt4_753/curves/mod.rs

+1
weikengchen on Sep 12, 2020

You should prefer the “jubjub” based on bw6 or whatever instead of doing literally this normally.

Meanwhile we changed to the MNT curves. But we will eventually update to using the “jubjub” curve on MNT4-753.

+1
brunoffranca on Sep 12, 2020

You should prefer the “jubjub” based on bw6 or whatever instead of doing literally this normally.

+1
burdges on Sep 12, 2020

This should work in master now, as we use complete formulae now.

+1
Pratyush on Sep 12, 2020
Read more comments on GitHub
← arktype: Attest bench unable to benchmark types that rely on external dependencies
TiddlyServer: Unable to set authAccounts →