- Generated by
1.9.8
|
Barretenberg
The ZK-SNARK library at the core of Aztec
|
Entry transition relation for the K=4 compressed Poseidon2 internal block. More...
#include <poseidon2_transition_entry_relation.hpp>
Public Types | |
| using | FF = FF_ |
| using | QuadParams = crypto::Poseidon2QuadBn254Params |
Static Public Member Functions | |
| template<typename AllEntities > | |
| static bool | skip (const AllEntities &in) |
| template<typename ContainerOverSubrelations , typename AllEntities , typename Parameters > | |
| static void | accumulate (ContainerOverSubrelations &evals, const AllEntities &in, const Parameters &, const FF &scaling_factor) |
Static Public Attributes | |
| static constexpr std::array< size_t, 3 > | SUBRELATION_PARTIAL_LENGTHS |
| static constexpr fr | D1 = QuadParams::D1 |
| static constexpr auto & | A_one = QuadParams::A_one |
| static constexpr auto & | A2_one = QuadParams::A2_one |
| static constexpr fr | sum_A_one = QuadParams::sum_A_one |
Entry transition relation for the K=4 compressed Poseidon2 internal block.
The entry row holds the external-round output in standard encoding: (w_l, w_r, w_o, w_4) = (s_0, s_1, s_2, s_3) at the internal-block entry. Its wires share witness indices with the poseidon2_external propagate row, so they are copy-constrained to the true external output by the permutation relation.
The successor is the first compressed row, whose wires encode state[0] at 4 consecutive rounds: (w_l_shift, w_r_shift, w_o_shift, w_4_shift) = (state[0] at round 0, round 1, round 2, round 3).
w_l_shift = state[0] at round 0 = s_0 is enforced by the permutation relation because it shares the entry row's w_l witness. The three subrelations below cover rounds 1, 2, 3.
Each subrelation computes state[0] at the target round using the previous shifted wire, keeping the per-variable degree at 5.
Subrelations (each × q_poseidon2_transition_entry × gate separator, degree 7):
A_0 (round 1): w_r_shift = D_1 u_0 + w_r + w_o + w_4, u_0 = (w_l + q_l)^5
A_1 (round 2): w_o_shift = D_1 u_1 + 3 u_0 + (D_2+2) w_r + (D_3+2) w_o + (D_4+2) w_4 where u_1 = (w_r_shift + q_r)^5.
A_2 (round 3): w_4_shift = D_1 u_2 + 3 u_1 + (Σ + 6) u_0
Selector layout on the entry row: q_l = c_{rounds_f_begin + 0} // 1st internal round constant q_r = c_{rounds_f_begin + 1} q_o = c_{rounds_f_begin + 2} q_4, q_m, q_c, q_5 = 0 (unused)
Definition at line 48 of file poseidon2_transition_entry_relation.hpp.
| using bb::Poseidon2TransitionEntryRelationImpl< FF_ >::FF = FF_ |
Definition at line 50 of file poseidon2_transition_entry_relation.hpp.
| using bb::Poseidon2TransitionEntryRelationImpl< FF_ >::QuadParams = crypto::Poseidon2QuadBn254Params |
Definition at line 51 of file poseidon2_transition_entry_relation.hpp.
|
inlinestatic |
Definition at line 75 of file poseidon2_transition_entry_relation.hpp.
|
inlinestatic |
Definition at line 69 of file poseidon2_transition_entry_relation.hpp.
|
staticconstexpr |
Definition at line 66 of file poseidon2_transition_entry_relation.hpp.
|
staticconstexpr |
Definition at line 65 of file poseidon2_transition_entry_relation.hpp.
|
staticconstexpr |
Definition at line 59 of file poseidon2_transition_entry_relation.hpp.
|
staticconstexpr |
Definition at line 53 of file poseidon2_transition_entry_relation.hpp.
|
staticconstexpr |
Definition at line 67 of file poseidon2_transition_entry_relation.hpp.
1.9.8