Address review comments

- Add that we treat BLAKE2b as a random oracle to the comment - Avoid unnecessary array allocation - Rename to `hash_to_scalar`
dusk-network · Dec 5, 2023 · d08bc2e · d08bc2e
1 parent 721e1ec
commit d08bc2e
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,7 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 
-- Add `from_var_bytes` to scalar [#133] and refactor and rename to `from_blake2b` [#137]
+- Add `from_var_bytes` to scalar [#133] and refactor and rename to `hash_to_scalar` [#137]
 
 ## [0.12.3] - 2023-11-01
 

diff --git a/src/scalar/dusk.rs b/src/scalar/dusk.rs
@@ -265,7 +265,8 @@ impl Scalar {
     /// BLAKE2b into a 512-bits number, and then converting the number into its
     /// `Scalar` representation by reducing it by the modulo.
     ///
-    /// This implementation follows the first conversion of
+    /// By treating the output of the BLAKE2b hash as a random oracle, this
+    /// implementation follows the first conversion of
     /// https://hackmd.io/zV6qe1_oSU-kYU6Tt7pO7Q with concrete numbers:
     /// ```text
     /// p = 0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001
@@ -278,17 +279,25 @@ impl Scalar {
     ///
     /// m = 3294906474794265442129797520630710739278575682199800681788903916070560242797
     /// ```
-    pub fn from_blake2b(input: &[u8]) -> Scalar {
+    pub fn hash_to_scalar(input: &[u8]) -> Scalar {
         let state = blake2b_simd::Params::new()
             .hash_length(64)
             .to_state()
             .update(input)
             .finalize();
 
-        let mut bytes = [0u8; 64];
-        bytes.copy_from_slice(&state.as_bytes()[..64]);
-
-        Self::from_bytes_wide(&bytes)
+        let bytes = state.as_bytes();
+
+        Scalar::from_u512([
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[0..8]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[8..16]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[16..24]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[24..32]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[32..40]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[40..48]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[48..56]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[56..64]).unwrap()),
+        ])
     }
 
     /// SHR impl
@@ -461,7 +470,7 @@ mod fuzz {
 
     quickcheck::quickcheck! {
         fn prop_scalar_from_raw_bytes(bytes: Vec<u8>) -> bool {
-            let scalar = Scalar::from_blake2b(&bytes);
+            let scalar = Scalar::hash_to_scalar(&bytes);
 
             is_scalar_in_range(&scalar)
         }