Skip to content

crypto: implement ziren keccak state #32996

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fjl merged 2 commits into from
Oct 23, 2025
+62 −4
Merged

crypto: implement ziren keccak state #32996

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a68df15
crypto: use the ziren keccak syscall to compute trie roots
gballet Oct 22, 2025
932fe23
move ziren keccak state definition to the main ziren file
gballet Oct 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 62 additions & 4 deletions crypto/keccak_ziren.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,72 @@ package crypto
import (
"github.com/ProjectZKM/Ziren/crates/go-runtime/zkvm_runtime"
"github.com/ethereum/go-ethereum/common"
"golang.org/x/crypto/sha3"
)

// zirenKeccakState implements the KeccakState interface using the Ziren zkvm_runtime.
// It accumulates data written to it and uses the zkvm's Keccak256 system call for hashing.
type zirenKeccakState struct {
buf []byte // accumulated data
result []byte // cached result
dirty bool // whether new data has been written since last hash
}

func newZirenKeccakState() KeccakState {
return &zirenKeccakState{
buf: make([]byte, 0, 512), // pre-allocate reasonable capacity
}
}

func (s *zirenKeccakState) Write(p []byte) (n int, err error) {
s.buf = append(s.buf, p...)
s.dirty = true
return len(p), nil
}

func (s *zirenKeccakState) Sum(b []byte) []byte {
s.computeHashIfNeeded()
return append(b, s.result...)
}

func (s *zirenKeccakState) Reset() {
s.buf = s.buf[:0]
s.result = nil
s.dirty = false
}

func (s *zirenKeccakState) Size() int {
return 32
}

func (s *zirenKeccakState) BlockSize() int {
return 136 // Keccak256 rate
}

func (s *zirenKeccakState) Read(p []byte) (n int, err error) {
s.computeHashIfNeeded()

if len(p) == 0 {
return 0, nil
}

// After computeHashIfNeeded(), s.result is always a 32-byte slice
n = copy(p, s.result)
return n, nil
}

func (s *zirenKeccakState) computeHashIfNeeded() {
if s.dirty || s.result == nil {
// Use the zkvm_runtime Keccak256 which uses SyscallKeccakSponge
hashArray := zkvm_runtime.Keccak256(s.buf)
s.result = hashArray[:]
s.dirty = false
}
}

// NewKeccakState creates a new KeccakState
// For now, we fallback to the original implementation for the stateful interface.
// TODO: Implement a stateful wrapper around zkvm_runtime.Keccak256 if needed.
// This uses a Ziren-optimized implementation that leverages the zkvm_runtime.Keccak256 system call.
func NewKeccakState() KeccakState {
return sha3.NewLegacyKeccak256().(KeccakState)
return newZirenKeccakState()
}

// Keccak256 calculates and returns the Keccak256 hash using the Ziren zkvm_runtime implementation.
Expand Down