darkfi_sdk::crypto::pasta_prelude

Trait FromUniformBytes

pub trait FromUniformBytes<const N: usize>: PrimeField {
    // Required method
    fn from_uniform_bytes(bytes: &[u8; N]) -> Self;
}
Expand description

Trait for constructing a PrimeField element from a fixed-length uniform byte array.

“Uniform” means that the byte array’s contents must be indistinguishable from the discrete uniform distribution. Suitable byte arrays can be obtained:

  • from a cryptographically-secure randomness source (which makes this constructor equivalent to Field::random).
  • from a cryptographic hash function output, which enables a “random” field element to be selected deterministically. This is the primary use case for FromUniformBytes.

The length N of the byte array is chosen by the trait implementer such that the loss of uniformity in the mapping from byte arrays to field elements is cryptographically negligible.

§Examples

use blake2b_simd::blake2b;
use bls12_381::Scalar;
use ff::FromUniformBytes;

// `bls12_381::Scalar` implements `FromUniformBytes<64>`, and BLAKE2b (by default)
// produces a 64-byte hash.
let hash = blake2b(b"Some message");
let val = Scalar::from_uniform_bytes(hash.as_array());

§Implementing FromUniformBytes

Self::from_uniform_bytes should always be implemented by interpreting the provided byte array as the little endian unsigned encoding of an integer, and then reducing that integer modulo the field modulus.

For security, N must be chosen so that N * 8 >= Self::NUM_BITS + 128. A larger value of N may be chosen for convenience; for example, for a field with a 255-bit modulus, N = 64 is convenient as it matches the output length of several common cryptographic hash functions (such as SHA-512 and BLAKE2b).

§Trait design

This trait exists because PrimeField::from_uniform_bytes([u8; N]) cannot currently exist (trait methods cannot use associated constants in the const positions of their type signature, and we do not want PrimeField to require a generic const parameter). However, this has the side-effect that FromUniformBytes can be implemented multiple times for different values of N. Most implementations of PrimeField should only need to implement FromUniformBytes trait for one value of N (chosen following the above considerations); if you find yourself needing to implement it multiple times, please let us know about your use case so we can take it into consideration for future evolutions of the ff traits.

Required Methods§

fn from_uniform_bytes(bytes: &[u8; N]) -> Self

Returns a field element that is congruent to the provided little endian unsigned byte representation of an integer.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementations on Foreign Types§

§

impl FromUniformBytes<64> for Fp

§

fn from_uniform_bytes(bytes: &[u8; 64]) -> Fp

Converts a 512-bit little endian integer into a Fp by reducing by the modulus.

§

impl FromUniformBytes<64> for Fq

§

fn from_uniform_bytes(bytes: &[u8; 64]) -> Fq

Converts a 512-bit little endian integer into a Fq by reducing by the modulus.

Implementors§