Switch Poseidon2 -> Poseidon1

Co-authored-by: Thomas Coratger <thomas.coratger@gmail.com>

Author: TomWambsgans

Cargo.lock

@@ -18,7 +18,6 @@ members = [
     "crates/backend/air",
     "crates/backend/fiat-shamir",
     "crates/backend/sumcheck",
-    "crates/whir",
 ]
 
 [workspace.lints]
@@ -60,39 +59,42 @@ sub_protocols = { path = "crates/sub_protocols" }
 lean_compiler = { path = "crates/lean_compiler" }
 lean_prover = { path = "crates/lean_prover" }
 rec_aggregation = { path = "crates/rec_aggregation" }
+backend = { path = "crates/backend" }
 
 # External
 clap = { version = "4.5.59", features = ["derive"] }
-rand = "0.10"
+rand = "0.10.0"
 rayon = "1.11.0"
 pest = "2.7"
 pest_derive = "2.7"
 itertools = "0.14.0"
 tracing = "0.1.26"
 serde_json = "1.0.145"
 serde = { version = "1.0.228", features = ["derive"] }
-tracing-subscriber = { version = "0.3.19", features = ["std", "env-filter"] }
+tracing-subscriber = { version = "0.3.23", features = ["std", "env-filter"] }
 tracing-forest = { version = "0.3.0", features = ["ansi", "smallvec"] }
 postcard = { version = "1.1.3", features = ["alloc"] }
-lz4_flex = "0.12.0"
-
-backend = { path = "crates/backend" }
+lz4_flex = "0.13.0"
+leansig = { git = "https://github.com/leanEthereum/leanSig", branch = "devnet4" }
+leansig_fast_keygen = { git = "https://github.com/TomWambsgans/leanSig", branch = "devnet4-fast-keygen" }
 
 [features]
 prox-gaps-conjecture = ["rec_aggregation/prox-gaps-conjecture"]
 
 [dependencies]
 clap.workspace = true
 rec_aggregation.workspace = true
-xmss.workspace = true
 air.workspace = true
 rand.workspace = true
 sub_protocols.workspace = true
 utils.workspace = true
-
 lean_vm.workspace = true
+xmss.workspace = true
 backend.workspace = true
 
+[dev-dependencies]
+serde_json.workspace = true
+
 
 [profile.release]
 lto = "thin"

Cargo.toml

@@ -52,7 +52,7 @@ cargo run --release -- recursion --n 2
 
 | Proven          | Conjectured     |
 | --------------- | --------------- |
-| 0.75s - 188 KiB | 0.57s - 116 KiB |
+| 0.8s - 188 KiB | 0.57s - 116 KiB |
 
 
 ### Bonus: unbounded recursive aggregation

README.md

@@ -9,7 +9,7 @@ use crate::{
 };
 use field::PrimeCharacteristicRing;
 use field::{ExtensionField, PrimeField64};
-use koala_bear::{KoalaBear, default_koalabear_poseidon2_16};
+use koala_bear::{KoalaBear, default_koalabear_poseidon1_16};
 use symetric::Compression;
 
 pub struct VerifierState<EF: ExtensionField<PF<EF>>, P> {
@@ -71,7 +71,7 @@ where
         assert_eq!(TypeId::of::<PF<EF>>(), TypeId::of::<KoalaBear>());
         // SAFETY: We've confirmed PF<EF> == KoalaBear
         let paths: PrunedMerklePaths<KoalaBear, KoalaBear> = unsafe { std::mem::transmute(paths) };
-        let perm = default_koalabear_poseidon2_16();
+        let perm = default_koalabear_poseidon1_16();
         let hash_fn = |data: &[KoalaBear]| symetric::hash_slice::<_, _, 16, 8, DIGEST_LEN_FE>(&perm, data);
         let combine_fn = |left: &[KoalaBear; DIGEST_LEN_FE], right: &[KoalaBear; DIGEST_LEN_FE]| {
             symetric::compress(&perm, [*left, *right])

crates/backend/fiat-shamir/src/verifier.rs

@@ -1,7 +1,4 @@
-use koala_bear::{
-    ExternalLayerConstants, KOALABEAR_RC16_EXTERNAL_FINAL, KOALABEAR_RC16_EXTERNAL_INITIAL, KOALABEAR_RC16_INTERNAL,
-    Poseidon2KoalaBear, QuinticExtensionFieldKB,
-};
+use koala_bear::{QuinticExtensionFieldKB, default_koalabear_poseidon1_16};
 use mt_fiat_shamir::{FSProver, FSVerifier, ProverState, VerifierState};
 use std::time::Instant;
 
@@ -11,25 +8,18 @@ type EF = QuinticExtensionFieldKB;
 #[ignore]
 fn bench_grinding() {
     let n_reps = 100;
-    for grinding_bits in 10..=20 {
-        let mut prover_state = ProverState::<EF, _>::new(get_poseidon16());
+    for grinding_bits in 20..=20 {
+        let mut prover_state = ProverState::<EF, _>::new(default_koalabear_poseidon1_16());
         let time = Instant::now();
         for _ in 0..n_reps {
             prover_state.pow_grinding(grinding_bits);
         }
         let elapsed = time.elapsed();
-        let mut verifier_state = VerifierState::<EF, _>::new(prover_state.into_proof(), get_poseidon16()).unwrap();
+        let mut verifier_state =
+            VerifierState::<EF, _>::new(prover_state.into_proof(), default_koalabear_poseidon1_16()).unwrap();
         for _ in 0..n_reps {
             verifier_state.check_pow_grinding(grinding_bits).unwrap()
         }
         println!("Grinding {grinding_bits} bits: {:?}", elapsed / n_reps);
     }
 }
-
-pub fn get_poseidon16() -> Poseidon2KoalaBear<16> {
-    let external_constants = ExternalLayerConstants::new(
-        KOALABEAR_RC16_EXTERNAL_INITIAL.to_vec(),
-        KOALABEAR_RC16_EXTERNAL_FINAL.to_vec(),
-    );
-    Poseidon2KoalaBear::new(external_constants, KOALABEAR_RC16_INTERNAL.to_vec())
-}

crates/backend/fiat-shamir/tests/grinding.rs

@@ -337,7 +337,7 @@ pub trait PrimeCharacteristicRing:
 
         // For `N <= 8` we implement a tree sum structure and for `N > 8` we break the input into
         // chunks of `8`, perform a tree sum on each chunk and sum the results. The parameter `8`
-        // was determined experimentally by testing the speed of the poseidon2 internal layer computations.
+        // was determined experimentally by testing the speed of the poseidon internal layer computations.
         // This is a useful benchmark as we have a mix of summations of size 15, 23 with other work in between.
         // I only tested this on `AVX2` though so there might be a better value for other architectures.
         match N {

crates/backend/field/src/field.rs

@@ -1,6 +1,5 @@
 // Credits: Plonky3 (https://github.com/Plonky3/Plonky3) (MIT and Apache-2.0 licenses).
 
 mod packing;
-mod poseidon2;
 
 pub use packing::*;