From 01a5530213d663e30db5dfed8b22a0eabb67ae1c Mon Sep 17 00:00:00 2001 From: Kobi Gurkan Date: Fri, 4 Oct 2019 17:35:32 +0300 Subject: [PATCH] MiMCSponge: makes first and last round constants always zero --- circuits/mimcsponge.circom | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/circuits/mimcsponge.circom b/circuits/mimcsponge.circom index 3e84c460..bffe002d 100644 --- a/circuits/mimcsponge.circom +++ b/circuits/mimcsponge.circom @@ -39,8 +39,8 @@ template MiMCFeistel(nrounds) { signal output xL_out; signal output xR_out; - var c = [ - 0, + // doesn't contain the first and last round constants, which are always zero + var c_partial = [ 7120861356467848435263064379192047478074060781135320967663101236819528304084, 5024705281721889198577876690145313457398658950011302225525409148828000436681, 17980351014018068290387269214713820287804403312720763401943303895585469787384, @@ -258,8 +258,7 @@ template MiMCFeistel(nrounds) { 18224457394066545825553407391290108485121649197258948320896164404518684305122, 274945154732293792784580363548970818611304339008964723447672490026510689427, 11050822248291117548220126630860474473945266276626263036056336623671308219529, - 2119542016932434047340813757208803962484943912710204325088879681995922344971, - 0 + 2119542016932434047340813757208803962484943912710204325088879681995922344971 ]; var t; @@ -268,8 +267,14 @@ template MiMCFeistel(nrounds) { signal xL[nrounds-1]; signal xR[nrounds-1]; + var c; for (var i=0; i