Add Groth16Hybrid algorithm (5): SHA-256 key hash + Poseidon MAC#32
Merged
Add Groth16Hybrid algorithm (5): SHA-256 key hash + Poseidon MAC#32
Conversation
New SNARK circuit variant for when the verifier only knows SHA-256(K) (e.g., from existing HMAC key infrastructure). The circuit proves: 1. SHA-256(K) == key_hash (in-circuit SHA-256, ~26K constraints) 2. Poseidon(K_fr, payload_hash) == mac (in-circuit Poseidon) Changes across all layers: - types.rs: Groth16Hybrid = 5 algorithm variant - snark.rs: HybridKeyProofCircuit with SHA-256 key hash gadget + Poseidon MAC, le_bytes_to_fpvar helper, setup_hybrid/prove_hybrid/ verify_hybrid functions - sign.rs: sign_groth16_hybrid(), compute_sha256_full_key_hash() - verify.rs: verify_groth16_hybrid() - keys.rs, serialize.rs: algorithm 5 in all match arms - main.rs: "groth16-hybrid" in generate-key, snark-setup (with -a flag), sign, verify; SNARK VK verify dispatches on token algorithm 142 tests pass (125 unit + 4 reference + 13 test vectors). Hybrid tests use run_with_large_stack(64MB) for SHA-256 circuit. https://claude.ai/code/session_01LJyL1uYXD1JHMq8Q3v7shM
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
New SNARK circuit variant for when the verifier only knows SHA-256(K) (e.g., from existing HMAC key infrastructure). The circuit proves:
Changes across all layers:
142 tests pass (125 unit + 4 reference + 13 test vectors). Hybrid tests use run_with_large_stack(64MB) for SHA-256 circuit.
https://claude.ai/code/session_01LJyL1uYXD1JHMq8Q3v7shM