Use Poseidon sponge in Halo2 transcript in prover and out-of-circuit verifier

Question

Use Poseidon sponge in Halo2 transcript in prover and out-of-circuit verifier

Opened this issue a year ago · 0 comments

The Halo2 proving system needs to be modified to use the Poseidon sponge to create the proof transcript instead of Blake2 or another non-circuit friendly hash.

This requires:

Finishing #6
Creating a ChallengeScalar type to replace the byte Challenge255
Creating a PoseidonTranscript which uses the Poseidon sponge and ChallengeScalar
Handle prefixes in a better way than absorbing prefix twice (related to manual padding)
Cleanup, e.g. merging Transcript and PoseidonTranscript to reduce redundant code
Verify correct behavior with good tests
Merge to some upstream