KeccakEnv

o1vm::interpreters::keccak::environment

Struct KeccakEnv 

Source 
pub struct KeccakEnv<F> {
    pub constraints_env: Env<F>,
    pub witness_env: Env<F>,
    pub step: Option<Steps>,
    pub(crate) hash_idx: u64,
    pub(crate) step_idx: u64,
    pub(crate) block_idx: u64,
    pub(crate) prev_block: Vec<u64>,
    pub(crate) blocks_left_to_absorb: u64,
    pub(crate) padded: Vec<u8>,
    pub(crate) pad_len: u64,
    two_to_pad: [F; 136],
    pad_suffixes: [[F; 5]; 136],
}
Expand description

This struct contains all that needs to be kept track of during the execution of the Keccak step interpreter

Fields§

§constraints_env: Env<F>

Environment for the constraints (includes lookups). The step of the hash that is being executed can be None if just ended

§witness_env: Env<F>

Environment for the witness (includes multiplicities)

§step: Option<Steps>

Current step

§hash_idx: u64

Hash index in the circuit

§step_idx: u64

Step counter of the total number of steps executed so far in the current hash (starts with 0)

§block_idx: u64

Current block of preimage data

§prev_block: Vec<u64>

Expanded block of previous step

§blocks_left_to_absorb: u64

How many blocks are left to absorb (including current absorb)

§padded: Vec<u8>

Padded preimage data

§pad_len: u64

Byte-length of the 10*1 pad (<=136)

§two_to_pad: [F; 136]

Precomputed 2^pad_len

§pad_suffixes: [[F; 5]; 136]

Precomputed suffixes for the padding blocks

Implementations§

Source§

impl<F: Field> KeccakEnv<F>

Source

pub fn new(hash_idx: u64, preimage: &[u8]) -> Self

Starts a new Keccak environment for a given hash index and bytestring of preimage data

Source

pub fn write_column(&mut self, column: KeccakColumn, value: u64)

Writes an integer value to a column of the Keccak witness

Source

pub fn write_column_field(&mut self, column: KeccakColumn, value: F)

Writes a field value to a column of the Keccak witness

Source

pub fn null_state(&mut self)

Nullifies the Witness and Constraint environments by resetting it to default values (except for table-related) This way, each row only adds the constraints of that step (do not nullify the step)

Source

pub fn selector(&self) -> Steps

Returns the selector of the current step in standardized form

Source

pub fn step(&mut self)

Entrypoint for the interpreter. It executes one step of the Keccak circuit (one row), and updates the environment accordingly (including the witness and inter-step lookups). When it finishes, it updates the value of the current step, so that the next call to the step() function executes the next step.

Source

pub fn update_step(&mut self)

This function updates the next step of the environment depending on the current step

Source

fn set_flag_round(&mut self, round: u64)

Updates the witness corresponding to the round value in [0..23]

Source

fn set_flag_absorb(&mut self, absorb: Absorbs)

Updates and any other sponge flag depending on the kind of absorb step (root, padding, both).

Source

fn set_flags_pad(&mut self)

Sets the flag columns related to padding flags such as PadLength, TwoToPad, PadBytesFlags, and PadSuffix.

Source

fn run_sponge(&mut self, sponge: Sponges)

Assigns the witness values needed in a sponge step (absorb or squeeze)

Source

fn run_absorb(&mut self, absorb: Absorbs)

Assigns the witness values needed in an absorb step (root, padding, or middle)

Source

fn run_squeeze(&mut self)

Assigns the witness values needed in a squeeze step

Source

fn run_round(&mut self, round: u64)

Assigns the witness values needed in the round step for the given round index

Source

fn run_theta(&mut self, state_a: &[u64]) -> Vec<u64>

Assigns the witness values needed in the theta algorithm

for x in 0…4
  C[x] = A[x,0] xor A[x,1] xor \
         A[x,2] xor A[x,3] xor \
         A[x,4]
for x in 0…4
  D[x] = C[x-1] xor rot(C[x+1],1)
for (x,y) in (0…4,0…4)
  A[x,y] = A[x,y] xor D[x]
Source

fn run_pirho(&mut self, state_e: &[u64]) -> Vec<u64>

Assigns the witness values needed in the pirho algorithm

for (x,y) in (0…4,0…4)
  B[y,2*x+3*y] = rot(A[x,y], r[x,y])
Source

fn run_chi(&mut self, state_b: &[u64]) -> Vec<u64>

Assigns the witness values needed in the chi algorithm

for (x,y) in (0…4,0…4)
  A[x, y] = B[x,y] xor ((not B[x+1,y]) and B[x+2,y])
Source

fn run_iota(&mut self, state_f: &[u64], round: usize) -> Vec<u64>

Assigns the witness values needed in the iota algorithm

A[0,0] = A[0,0] xor RC

Trait Implementations§

Source§

impl<F: Clone> Clone for KeccakEnv<F>

Source§

fn clone(&self) -> KeccakEnv<F>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<F: Debug> Debug for KeccakEnv<F>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<F: Field> Default for KeccakEnv<F>

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl<F> Freeze for KeccakEnv<F>
where F: Freeze,

§

impl<F> RefUnwindSafe for KeccakEnv<F>
where F: RefUnwindSafe,

§

impl<F> Send for KeccakEnv<F>
where F: Send,

§

impl<F> Sync for KeccakEnv<F>
where F: Sync,

§

impl<F> Unpin for KeccakEnv<F>
where F: Unpin,

§

impl<F> UnwindSafe for KeccakEnv<F>
where F: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V