A Zig implementation of the Poseidon hash function, using the Neptune optimizations.
This implementation is currently targeting BN254 scalar field (i.e: BabyJubJub base field), to be compatible with:
- CircomLib repository.
- go-iden3-crypto implementation.
- poseidon-rs implementation.
See the compatibility tests.
The parameters for BN254 were pulled from CircomLib which can be generated with the official Sage script and transformed using a CircomLibJS tool created by @jbaylina.
Supporting other fields (e.g: BLS12-381 scalar field) would only involve generating the parameters.
This implementation doesn't use assembly (e.g: ADX) or SIMD instructions for finite field operations.
Run on AMD Ryzen 7 3800XT:
$ zig build run -Doptimize=ReleaseFast
Poseidon(width=1) took 13µs
Poseidon(width=2) took 20µs
Poseidon(width=3) took 26µs
Poseidon(width=4) took 35µs
Poseidon(width=5) took 44µs
Poseidon(width=6) took 55µs
Poseidon(width=7) took 64µs
Poseidon(width=8) took 73µs
Poseidon(width=9) took 81µs
Poseidon(width=10) took 97µs
Due to some limitations of JSON at comptime, the parameter parsing is dynamic for now. Whenever this gets fixed, we can avoid this (init) runtime overhead and strip down the binary size.
MIT