Lib.rs

Cryptography
#bls12-381 #zero-knowledge

no-std dusk-poseidon

Implementation of Poseidon hash algorithm over the Bls12-381 Scalar field

by Victor Lopes, moana and 6 contributors. Owned by duskfoundation.

43 releases (25 breaking)

Uses new Rust 2024

new 0.43.0 Jun 3, 2026
0.42.0-rc.0 Feb 2, 2026
0.41.0 Feb 6, 2025
0.40.0 Aug 14, 2024
0.20.0-pre.1 Mar 31, 2021

#142 in Cryptography

Download history 1228/week @ 2026-02-12 691/week @ 2026-02-19 452/week @ 2026-02-26 1683/week @ 2026-03-05 2268/week @ 2026-03-12 1364/week @ 2026-03-19 482/week @ 2026-03-26 331/week @ 2026-04-02 218/week @ 2026-04-09 433/week @ 2026-04-16 285/week @ 2026-04-23 480/week @ 2026-04-30 287/week @ 2026-05-07 373/week @ 2026-05-14 225/week @ 2026-05-21 466/week @ 2026-05-28

1,445 downloads per month
Used in 29 crates (13 directly)

MPL-2.0 license

68KB
755 lines

Build Status Repository Documentation

Dusk-Poseidon

Reference implementation for the Poseidon Hashing algorithm.

Reference: Starkad and Poseidon: New Hash Functions for Zero Knowledge Proof Systems

This repository has been created so there's a unique library that holds the tools & functions required to perform Poseidon Hashes on field elements of the bls12-381 elliptic curve.

The hash uses the Hades design for its inner permutation and the SAFE framework for contstructing the sponge.

The library provides the two hashing techniques of Poseidon:

  • The 'normal' hashing functionalities operating on BlsScalar.
  • The 'gadget' hashing functionalities that build a circuit which outputs the hash.

Features

Select exactly one BLS backend feature when depending on this crate:

  • bls-backend-dusk forwards the pure Rust Dusk backend.
  • bls-backend-blst forwards the blst backend.

The backend features are mutually exclusive and are not enabled by default. The zk feature enables the dusk-plonk gadgets, and encryption enables the SAFE encryption helpers.

Example

use rand::rngs::StdRng;
use rand::SeedableRng;

use dusk_poseidon::{Domain, Hash};
use dusk_curves::bls12_381::BlsScalar;
use ff::Field;

// generate random input
let mut rng = StdRng::seed_from_u64(0xbeef);
let mut input = [BlsScalar::zero(); 42];
for scalar in input.iter_mut() {
    *scalar = BlsScalar::random(&mut rng);
}

// digest the input all at once
let hash = Hash::digest(Domain::Other, &input);

// update the input gradually
let mut hasher = Hash::new(Domain::Other);
hasher.update(&input[..3]);
hasher.update(&input[3..]);
assert_eq!(hash, hasher.finalize());

// create a hash used for merkle tree hashing with arity = 4
let merkle_hash = Hash::digest(Domain::Merkle4, &input[..4]);

// which is different when another domain is used
assert_ne!(merkle_hash, Hash::digest(Domain::Other, &input[..4]));

Benchmarks

There are benchmarks for hashing, encrypting and decrypting in their native form, operating on Scalar, and for a zero-knowledge circuit proof generation and verification.

To run all benchmarks on your machine, run

cargo bench --features=zk,encryption,bls-backend-blst

in the repository.

Licensing

This code is licensed under Mozilla Public License Version 2.0 (MPL-2.0). Please see LICENSE for further info.

About

Implementation designed by the dusk team.

Contributing

  • If you want to contribute to this repository/project please, check CONTRIBUTING.md
  • If you want to report a bug or request a new feature addition, please open an issue on this repository.

Dependencies

~5MB
~120K SLoC