Struct ROInput 

pub struct ROInput { /* private fields */ }

Random oracle input structure

The random oracle input encapsulates the serialization format and methods using during hashing.

When implementing the Hashable trait to enable hashing for a type, you must implement its to_roinput() serialization method using the ROInput functions below.

The random oracle input structure is used (by generic code) to serialize the object into both a vector of pasta::Fp field elements and into a vector of bytes, depending on the situation.

Here is an example of how ROInput is used during the definition of the Hashable trait.

use mina_hasher::{Hashable, ROInput};
use mina_curves::pasta::Fp;

#[derive(Clone)]
pub struct MyExample {
    pub x: Fp,
    pub y: Fp,
    pub nonce: u64,
}

impl Hashable for MyExample {
    type D = ();

    fn to_roinput(&self) -> ROInput {
        ROInput::new()
            .append_field(self.x)
            .append_field(self.y)
            .append_u64(self.nonce)
    }

    fn domain_string(_: Self::D) -> Option<String> {
        format!("MyExampleMainnet").into()
    }
}

Details: For technical reasons related to our proof system and performance, non-field-element members are serialized for signing differently than other types. Additionally, during signing all members of the random oracle input get serialized together in two different ways: both as bytes and as a vector of field elements. The random oracle input automates and encapsulates this complexity.

Implementations

impl ROInput

pub fn new() -> Self

Create a new empty random oracle input

pub fn append_hashable(self, input: &impl Hashable) -> Self

Append a Hashable input

pub fn append_roinput(self, roi: ROInput) -> Self

Append another random oracle input

pub fn append_field(self, f: Fp) -> Self

Append a base field element

pub fn append_scalar(self, s: Fq) -> Self

Append a scalar field element by converting it to bits.

This method converts the scalar field element to its byte representation, then extracts exactly [Fq::MODULUS_BIT_SIZE] bits (255 bits for Pallas curve) in little-endian bit order and appends them to the bits vector.

Bit Representation

• Uses little-endian bit ordering within bytes (LSB first)
• Extracts exactly 255 bits from the 32-byte scalar representation
• The scalar field modulus is 255 bits, so the MSB of the 32nd byte is unused

Differences from Self::append_field

• Self::append_scalar: Converts scalar to 255 bits and adds to the bits vector
• Self::append_field: Adds base field element directly to the fields vector

Examples

use mina_hasher::ROInput;
use mina_curves::pasta::Fq;

// Regular scalar value
let scalar = Fq::from(42u64);
let roi = ROInput::new().append_scalar(scalar);
let bytes = roi.to_bytes();
assert_eq!(bytes.len(), 32); // 255 bits rounded up to 32 bytes

// Maximum scalar value (modulus - 1)
let max_scalar = Fq::from(0u64) - Fq::from(1u64);
let roi = ROInput::new().append_scalar(max_scalar);
let bytes = roi.to_bytes();
assert_eq!(bytes.len(), 32); // 255 bits rounded up to 32 bytes

Note

All scalar field values, including the maximum value (modulus - 1), will fit exactly in 255 bits and can be safely appended.

pub fn append_bool(self, b: bool) -> Self

Append a single bit

pub fn append_bytes(self, bytes: &[u8]) -> Self

Append bytes

pub fn append_u32(self, x: u32) -> Self

Append a 32-bit unsigned integer

pub fn append_u64(self, x: u64) -> Self

Append a 64-bit unsigned integer

pub fn to_bytes(&self) -> Vec<u8>

Serialize random oracle input to bytes

pub fn to_fields(&self) -> Vec<Fp>

Convert the random oracle input to a vector of packed field elements by packing the bits into field elements and appending them to the fields. The bits are packed by taking chunks of size Fp::MODULUS_BIT_SIZE - 1.

pub fn serialize(&self) -> Vec<u8>

Serialize the ROInput into bytes

pub fn deserialize(input: &[u8]) -> Result<Self, Error>

Deserialize a ROInput from bytes

Trait Implementations

impl Clone for ROInput

fn clone(&self) -> ROInput

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ROInput

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for ROInput

fn default() -> ROInput

Returns the “default value” for a type.

impl PartialEq for ROInput

fn eq(&self, other: &ROInput) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for ROInput

impl StructuralPartialEq for ROInput