neptune 3.0.0

Poseidon hashing over BLS12-381 for Filecoin.
Documentation

Neptune crates.io CircleCI

About

Neptune is a Rust implementation of the Poseidon hash function tuned for Filecoin.

Neptune has been audited by ADBK Consulting and deemed fully compliant with the paper (Starkad and Poseidon: New Hash Functions for Zero Knowledge Proof Systems).

Neptune is specialized to the BLS12-381 curve. Although the API allows for type specialization to other fields, the round numbers, constants, and s-box selection may not be correct. Do not do this.

Hashes of arbitrary arities are generally supported — but secure round numbers have only been calculated for a selection (including especially 2, 4, and 8 — which are explicitly, rather than incidentally, supported). Filecoin Proofs make heavy use of 8-ary merkle trees and merkle inclusion proofs (in SNARKs).

Neptune also supports batch hashing and tree building, which can be performed on a GPU. The underlying GPU implementation, neptune-triton is implemented in the Futhark Programming Language. To use neptune-triton GPU batch hashing, compile neptune with the gpu feature.

Neptune now implements GPU batch hashing in pure OpenCL. The initial implementation is a bit less than 2x faster than the Futhark implementation, so once stabilized this will likely be the preferred option. The pure OpenCL batch hashing is provided by the internal proteus module. To use proteus, compile neptune with the opencl feature.

The gpu and opencl features are mutually exclusive.

At the time of the 1.0.0 release, Neptune on RTX 2080Ti GPU can build 8-ary Merkle trees for 4GiB of input in 16 seconds.

Implementation Specification

Filecoin's Poseidon specification is published in the Filecoin specification document here. Additionally, a PDF version is mirrored in this repo here.

Environment variables

  • NEPTUNE_DEFAULT_GPU=<bus-id> allows you to select the default GPU that tree-builder is going to run on given its bus-id.

(Bus-id is a decimal integer that can be found through nvidia-smi, rocm-smi, lspci and etc.)

Future Work

The following are likely areas of future work:

  • Support for multiple GPUs.
  • Support domain separation tag.
  • Improve throughput (?) by using OpenCL directly.

History

Neptune was originally bootstrapped from Dusk's reference implementation.

Changes

CHANGELOG

License

MIT or Apache 2.0