Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VIP: Add support for Blake2 precompile #1651

Open
fubuloubu opened this issue Oct 24, 2019 · 6 comments
Open

VIP: Add support for Blake2 precompile #1651

fubuloubu opened this issue Oct 24, 2019 · 6 comments
Labels
enhancement help wanted VIP: Approved VIP Approved

Comments

@fubuloubu
Copy link
Member

fubuloubu commented Oct 24, 2019
edited by jacqueswww
Loading

Simple Summary

Add support for blake2 cryptographic hash function

Motivation

Blake2 is a newer but popular hash function that is being used in a variety of circumstances including ZKP due to it's efficiency under pairing operations. Support in Vyper would make it easier to develop applications that use it.

Specification

Support for Blake2 is being added in the upcoming Istanbul hardfork. The specification is in EIP-152, and a reference implementation in a client is here: https://github.com/ethereum/py-evm/blob/master/eth/precompiles/blake2.py

Function signature:

blake2b_f() -> bytes32[2]

Backwards Compatibility

No backwards incompatibilities

Dependencies

No dependencies

Copyright

Copyright and related rights waived via CC0
@fubuloubu fubuloubu mentioned this issue Oct 24, 2019
Closed
@fubuloubu fubuloubu added Easy Pickings Used to denote issues that should be easy to implement enhancement help wanted labels Oct 24, 2019
@fubuloubu
Copy link
Member Author

Note: might be best to add this feature via #1230 ruleset switch so there it fails to compile under pre-Istanbul rules

@fubuloubu fubuloubu changed the title Add support for Blake2 precompile VIP: Add support for Blake2 precompile Oct 27, 2019
@fubuloubu fubuloubu mentioned this issue Oct 27, 2019
Closed
11 tasks
@fubuloubu fubuloubu added VIP: Approved VIP Approved and removed Easy Pickings Used to denote issues that should be easy to implement labels Oct 28, 2019
@SRCoughlin
Copy link

Please also include the blake2s hashing function.

@iamdefinitelyahuman
Copy link
Contributor 

blake2b_f(
    rounds: uint256,
    h: bytes32[2],
    m: bytes32[4],
    t0: Bytes[8],
    t1: Bytes[8],
    f: bool
) -> bytes32[2]

@fubuloubu
Copy link
Member Author

fubuloubu commented Jul 3, 2020
edited
Loading

We shouldn't have to make it so configurable. It should look more like:

blake2b(msg: Bytes) -> bytes32[2]
blake2s(msg: Bytes) -> bytes32

I think it's 9 rounds for blake2b and 7 rounds for blake2s. Then the message should be recursively hashed 4 32-byte chunks at a time until it's done. Not sure what h and t0/t1 are, probably KDF features (make them empty)

@charles-cooper
Copy link
Member

Please also include the blake2s hashing function.

coming up to speed on this -- how to calculate blake2s? is it somehow derivable from blake2b_f (which, just to make sure we're on the same page, can be calculated by calling the precompile at 0x09)?

@fubuloubu
Copy link
Member Author

fubuloubu commented Aug 5, 2022
edited
Loading

Please also include the blake2s hashing function.

coming up to speed on this -- how to calculate blake2s? is it somehow derivable from blake2b_f (which, just to make sure we're on the same page, can be calculated by calling the precompile at 0x09)?

The precompile at 0x09 is a large portion of what the blake2 series of hash functions use internally to compute hashes. There are several hash functions in this class, most notably blake2b and blake2s, which require a small amount of preprocessing and assume a few parameters for the call into 0x09.

Once that call is completed, the resulting hash would either be 256 bits (blake2b) or 512 bits (blake2s) to be returned from the function

Most of the time people would want to use just blake2b, but blake2s is also useful. Being able to call the internal function directly through the precompile is a rarer use case.

As a historical note, the precompile at 0x09 works with an internal method of the blake2 series of hash functions because that's what Zcash's PoW algorithm uses, and when it was created people wanted to bridge to Zcash more cheaply

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted VIP: Approved VIP Approved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fubuloubu @charles-cooper @SRCoughlin @iamdefinitelyahuman