HashToPoint should re-hash at every iteration, instead of incrementing

HarryR / ethsnarks

A toolkit for viable zk-SNARKS on Ethereum, Web, Mobile and Desktop

GNU Lesser General Public License v3.0

240 stars 57 forks source link

HashToPoint should re-hash at every iteration, instead of incrementing #143

Open HarryR opened 4 years ago

HarryR commented 4 years ago

For example, the from_y_always is agnostic to the hashing algorithm which is first used to derive a field element. However, it does this by incrementing the coordinate until a point is valid.

See: https://github.com/HarryR/ethsnarks/blob/master/src/jubjub/point.cpp#L96

This should be changed to:

while True:
  y = H(y)
  x = derive_x(y)
  if x is not None:
    return x, y

HarryR commented 4 years ago

This will be a breaking change, and will invalidate many existing test vectors.