This repository hosts the Reinforced Concrete (RC) hash function, developed specifically for zkhack istanbul. It features implementations in Circom and o1js, offering a robust alternative to traditional hash functions in zk-based applications.
The reinforced-concrete-circom module implements the RC hash function for the bn254 field. This implementation exhibits a full test parity with both the reference implementation and a third party implementation.
template instances: 43
non-linear constraints: 846
linear constraints: 0
public inputs: 0
public outputs: 1
private inputs: 2
private outputs: 0
wires: 849
labels: 2313
- Install the dependencies required -
yarn - Test the circuit outputs -
yarn test:rc-circom
include "../node_modules/reinforced-concrete-circom/reinforcedConcrete.circom";
template MyCircuit() {
signal input a;
signal input b;
signal output c;
component hasher = ReinforcedConcrete();
hasher.state[0] <== a;
hasher.state[1] <== b;
c <== hasher.hash;
}The parameters of this implementation can be modified to serve as Monolith, since Monolith is a generalization of RC under the Goldilocks curve.
Alterations have been made to the precomputed values for the divisors in the decompose construct ensuring compatibility with the reference implementation, which splits 254 bit word into 64 bit words.
However, these modifications are unnecessary in an execution environment where the word size is 254 bits and above.
Compared to Poseidon, this hash function is designed with significantly fewer constraints, enhancing its security against statistical and algebraic attacks.
It's versatile enough to serve as a substitute for Poseidon in various zk-based applications, including but not limited to Semaphore and RLN.
The RC hash function, implemented in o1js, is tailored for the Pallas field. This version provides an API familiar to users using Poseidon within the o1js ecosystem.
For this particular implementation, round constants have been generated to align with the specific requirements of the Pallas field.
Note: while we have generated constants for the Pallas field, we cannot be sure of the result of the hash function since we have not prepared a kats for the same. This is out of scope for the submission :)
- Install the dependencies required -
yarn - Build the library -
yarn build:rc-o1js
import { Field } from 'o1js';
import { ReinforcedConcrete } from 'reinforced-concrete-o1js';
function knowsPreimage(preimage: Field) {
let hash = ReinforcedConcrete.hash([preimage, Field.zero()]);
hash.assertEquals(expectedHash);
}
const expectedHash =
Field(/* ... */);This hash function can replace Poseidon in any zk-based application. This includes, but not limited to, Semaphore, RLN, and so on.
A very un-optimized version of the RC hash function, implemented in Solidity. This implementation is not recommended for anyone sane.
You may find an optimized version in huff, which is atleast 20x cheaper than this implementation.
- Install the dependencies -
foundry install - Test the hash function -
yarn test:rc-sol
Don't use this!
These circuits & libraries are being provided as is. No guarantee, representation or warranty is being made, express or implied, as to the safety or correctness of the execution. They have not been audited and as such there can be no assurance they will work as intended. The creators are not liable for any of the foregoing. Users should proceed with caution and use at their own risk.