		Search-engine friendly clone of the ACL2 documentation.

Poseidon-instantiations

Poseidon-ingonyama-bls-255

Instantiation of Poseidon used by Ingonyama for the BLS12-381 scalar field.

This is an instantiation of the Poseidon permuation used by Ingonyama, as described in the URL below. It uses the Poseidon permutation but not any sponge absorb or squeeze steps. The number of input field elements is constrained to be no more than t = c + r, and they are loaded directly into both the capacity and rate field elements, left padded with zeros if needed to bring the total to t field elements. The output is a single field element taken from t[1], which is equivalent to the first element of the rate r[0]. See the Github repository.

This particular instantiation has 1 capacity and 4 rate field elements, 8 full rounds, 60 partial rounds, and an alpha of 5. The field is the prime order of the group defined by BLS12-381, which is also the base field in which the Jubjub curve is defined. Field elements require 255 bits.

There is no domain separation defined for this instantiation, so the caller must make sure to do their own padding and not to expect different results for inputs of [1] and [0,1], for example

Note, there is also a test case for this instantiation in the source file ingonyama-hash-tests.lisp.

Subtopics

Ingonyama-bls-255-hash: Hash no more than c + r inputs to a single field element output.
Ingonyama-bls-255--parameters: Poseidon parameters for Ingonyama BLS-255 rate 4 implementation.