barretenberg
Loading...
Searching...
No Matches
Public Types | Static Public Member Functions | Static Public Attributes | List of all members
crypto::pedersen_hash_base< Curve > Class Template Reference

Performs pedersen hashes! More...

#include <pedersen.hpp>

Public Types

using AffineElement = typename Curve::AffineElement
 
using Element = typename Curve::Element
 
using Fq = typename Curve::BaseField
 
using Fr = typename Curve::ScalarField
 
using Group = typename Curve::Group
 
using GeneratorContext = typename crypto::GeneratorContext< Curve >
 

Static Public Member Functions

static Fq hash (const std::vector< Fq > &inputs, GeneratorContext context={})
 Given a vector of fields, generate a pedersen hash using generators from context.
 
static Fq hash_buffer (const std::vector< uint8_t > &input, GeneratorContext context={})
 Given an arbitrary length of bytes, convert them to fields and hash the result using the default generators.
 

Static Public Attributes

static constexpr AffineElement length_generator = Group::derive_generators("pedersen_hash_length", 1)[0]
 

Detailed Description

template<typename Curve>
class crypto::pedersen_hash_base< Curve >

Performs pedersen hashes!

To hash to a size-n list of field elements x, we return the X-coordinate of: 

 Hash(x) = n.[h] + Commit(x)

Where g is a list of generator points defined by generator_data And h is a unique generator whose domain separator is the string pedersen_hash_length.

The addition of n.[h] into the hash is to prevent length-extension attacks. It also ensures that the hash output is never the point at infinity.

It is neccessary that all generator points are linearly independent of one another, so that finding collisions is equivalent to solving the discrete logarithm problem. This is ensured via the generator derivation algorithm in generator_data

Member Function Documentation

◆ hash()

template<typename Curve >
Curve::BaseField crypto::pedersen_hash_base< Curve >::hash ( const std::vector< Fq > &  inputs,
GeneratorContext  context = {} 
)
static

Given a vector of fields, generate a pedersen hash using generators from context.

context.offset is used to access offset elements of context.generators if required. e.g. if one desires to compute inputs[0] * [generators[hash_index]] +inputs[1] * [generators[hash_index + 1]]` + ... etc Potentially useful to ensure multiple hashes with the same domain separator cannot collide.

Parameters
inputswhat are we hashing?
contextStores generator metadata + context pointer to the generators we are using for this hash
Returns
Fq (i.e. SNARK circuit scalar field, when hashing using a curve defined over the SNARK circuit scalar field)
The documentation for this class was generated from the following files:
Generated by doxygen 1.9.6