template class note_commitment_gadget : gadget { private: std::shared_ptr> block1; std::shared_ptr> block2; std::shared_ptr> hasher1; std::shared_ptr> intermediate_hash; std::shared_ptr> hasher2; public: note_commitment_gadget( protoboard &pb, pb_variable& ZERO, pb_variable_array& a_pk, pb_variable_array& v, pb_variable_array& rho, pb_variable_array& r, std::shared_ptr> result ) : gadget(pb) { pb_variable_array leading_byte = from_bits({1, 0, 1, 1, 0, 0, 0, 0}, ZERO); pb_variable_array first_of_rho(rho.begin(), rho.begin()+184); pb_variable_array last_of_rho(rho.begin()+184, rho.end()); intermediate_hash.reset(new digest_variable(pb, 256, "")); // final padding pb_variable_array length_padding = from_bits({ // padding 1,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, // length of message (840 bits) 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,1,1, 0,1,0,0,1,0,0,0 }, ZERO); block1.reset(new block_variable(pb, { leading_byte, a_pk, v, first_of_rho }, "")); block2.reset(new block_variable(pb, { last_of_rho, r, length_padding }, "")); pb_linear_combination_array IV = SHA256_default_IV(pb); hasher1.reset(new sha256_compression_function_gadget( pb, IV, block1->bits, *intermediate_hash, "")); pb_linear_combination_array IV2(intermediate_hash->bits); hasher2.reset(new sha256_compression_function_gadget( pb, IV2, block2->bits, *result, "")); } void generate_r1cs_constraints() { hasher1->generate_r1cs_constraints(); hasher2->generate_r1cs_constraints(); } void generate_r1cs_witness() { hasher1->generate_r1cs_witness(); hasher2->generate_r1cs_witness(); } };