fix: input for each constraint wrong (Consensys#11)

Co-authored-by: ZhAnGeek <lecky.z@nodereal.io>

frontend/compiled/lazy_poseidon.go

@@ -23,15 +23,11 @@ func FetchLazyConstraint(S []LinearExpression, staticR1c []R1C, j int, Coefs Coe
 	// s0 + v, s2, s3 2
 
 	for i := range S {
-		// if it is constant, we just skipped the r1c, because constant will not generate first 3 r1c
-		if _, isConstant := ConstantValue(S[i], Coefs); isConstant {
-			continue
-		}
 		if j == i*3 {
 			zero := LinearExpression{Pack(0, CoeffIdZero, schema.Public)}
 			addRes := S[i]
 			one := LinearExpression{Pack(0, CoeffIdOne, schema.Public)}
-			cID := Coefs.GetCoeffID(constants.RC[len(S)-2][i+1])
+			cID := Coefs.GetCoeffID(constants.RC[len(S)-3][i])
 
 			if cID == -1 {
 				os.Exit(-1)
@@ -64,7 +60,7 @@ func FetchLazyConstraint(S []LinearExpression, staticR1c []R1C, j int, Coefs Coe
 			zero := LinearExpression{Pack(0, CoeffIdZero, schema.Public)}
 			addRes := S[i]
 			one := LinearExpression{Pack(0, CoeffIdOne, schema.Public)}
-			cID := Coefs.GetCoeffID(constants.RC[len(S)-2][i+1])
+			cID := Coefs.GetCoeffID(constants.RC[len(S)-3][i])
 
 			if cID == -1 {
 				os.Exit(-1)
@@ -109,39 +105,23 @@ func FetchLazyConstraint(S []LinearExpression, staticR1c []R1C, j int, Coefs Coe
 var ConstraintsMap []int
 
 func init() {
-	ConstraintsMap = []int{240, 261, 297, 321, 354, 381, 402, 417, 459, 465, 504}
+	ConstraintsMap = []int{243, 264, 300, 324, 357, 384, 405, 420, 462, 468, 507}
 }
 
 func GetConstraintsNum(variables []frontend.Variable, api frontend.API) int {
-	constantNum := 0
-	for _, s := range variables {
-		if _, t := api.Compiler().ConstantValue(s); t {
-			constantNum++
-		}
-	}
-	if constantNum == len(variables) {
-		return 0
-	}
-	return ConstraintsMap[len(variables)-2] - constantNum*3
+	return ConstraintsMap[len(variables)-3]
 }
 func GetConstraintsNumLinear(variables []LinearExpression) int {
-	constantNum := 0
-	for _, s := range variables {
-		if t := IsConstant(s); t {
-			constantNum++
-		}
-	}
-	return ConstraintsMap[len(variables)-2] - constantNum*3
+	return ConstraintsMap[len(variables)-3]
 }
 
 func StaticPoseidonR1CS(v frontend.Variable, Coefs CoeffTable, data ...LinearExpression) []R1C {
-	t := len(data) + 1
+	t := len(data)
 	if t < 3 || t > 13 {
 		panic("Not supported input size")
 	}
 	state := make([]LinearExpression, t)
-	state[0] = LinearExpression{Pack(0, CoeffIdZero, schema.Public)}
-	copy(state[1:], data)
+	copy(state[:], data)
 
 	return StaticPermutation(v, state, Coefs)
 }
@@ -152,7 +132,7 @@ func StaticPermutation(V frontend.Variable, state []LinearExpression, Coefs Coef
 	for i := 0; i < len(stateCopy); i++ {
 		stateCopy[i] = state[i].Clone()
 	}
-	stateCopy, r1csFullRound1, wid := StaticFullRound(stateCopy, V, Coefs, &roundCounter, V.(LinearExpression)[0].WireID()-GetConstraintsNumLinear(state[1:]))
+	stateCopy, r1csFullRound1, wid := StaticFullRound(stateCopy, V, Coefs, &roundCounter, V.(LinearExpression)[0].WireID()-GetConstraintsNumLinear(state))
 	stateCopy, r1csPartial1, wid := StaticPartial(stateCopy, V, Coefs, &roundCounter, wid)
 	_, r1csFullRound2, _ := StaticFullRound(stateCopy, V, Coefs, &roundCounter, wid)
 
@@ -423,22 +403,8 @@ func ConstantValue(v LinearExpression, Coefs CoeffTable) (*big.Int, bool) {
 	return new(big.Int).Set(Coefs.GetCoeffsById(cID)), true
 }
 
-func IsConstant(v LinearExpression) bool {
-	if len(v) != 1 {
-		return false
-	}
-	_, vID, visibility := v[0].Unpack()
-	return vID == 0 && visibility == schema.Public
-}
-
 func (le *LazyPoseidonInputs) GetConstraintsNum() int {
-	constantNum := 0
-	for _, s := range le.S {
-		if IsConstant(s) {
-			constantNum++
-		}
-	}
-	return ConstraintsMap[len(le.S)-2] - constantNum*3
+	return ConstraintsMap[len(le.S)-3]
 }
 
 func (le *LazyPoseidonInputs) FetchLazy(j int, r1cs *R1CS, coefs CoeffTable) R1C {

std/hash/poseidon/poseidon.go

@@ -76,17 +76,6 @@ func permutation(api frontend.API, state []frontend.Variable) []frontend.Variabl
 }
 
 func preHandleData(api frontend.API, data ...frontend.Variable) []frontend.Variable {
-	// if all constants, skipped
-	constantCount := 0
-	for i := range data {
-		if _, isConstant := api.Compiler().ConstantValue(data[i]); isConstant {
-			constantCount++
-		}
-	}
-	if constantCount == len(data) {
-		return data
-	}
-
 	// get the self variables by hint, and make sure it is equal to data[i]
 	for i := range data {
 		self, err := api.Compiler().NewHint(hint.Self, 1, data[i])
@@ -109,7 +98,7 @@ func Poseidon(api frontend.API, input ...frontend.Variable) frontend.Variable {
 
 	const maxLength = 12
 	state := make([]frontend.Variable, maxLength+1)
-	state[0] = frontend.Variable(0)
+	state[0] = preHandleData(api, frontend.Variable(0))[0]
 	startIndex := 0
 	lastIndex := 0
 
@@ -119,8 +108,8 @@ func Poseidon(api frontend.API, input ...frontend.Variable) frontend.Variable {
 		for i := 0; i < count; i++ {
 			lastIndex = (i + 1) * maxLength
 			copy(state[1:], input[startIndex:lastIndex])
-			v := api.AddInternalVariableWithLazy(compiled.GetConstraintsNum(state[1:], api))
-			api.AddLazyPoseidon(v, state[1:]...)
+			v := api.AddInternalVariableWithLazy(compiled.GetConstraintsNum(state[:], api))
+			api.AddLazyPoseidon(v, state[:]...)
 			state = permutation(api, state)
 			startIndex = lastIndex
 		}
@@ -131,8 +120,8 @@ func Poseidon(api frontend.API, input ...frontend.Variable) frontend.Variable {
 		lastIndex = inputLength
 		remainigLength := lastIndex - startIndex
 		copy(state[1:], input[startIndex:lastIndex])
-		v := api.AddInternalVariableWithLazy(compiled.GetConstraintsNum(state[1:remainigLength+1], api))
-		api.AddLazyPoseidon(v, state[1:remainigLength+1]...)
+		v := api.AddInternalVariableWithLazy(compiled.GetConstraintsNum(state[:remainigLength+1], api))
+		api.AddLazyPoseidon(v, state[:remainigLength+1]...)
 		state = permutation(api, state[:remainigLength+1])
 	}
 	return state[0]