sha256.cpp File Reference

Circuit implementation of SHA-256 compression function using lookup tables. More...

#include "sha256.hpp"
#include "barretenberg/stdlib/primitives/field/field.hpp"
#include "barretenberg/stdlib/primitives/plookup/plookup.hpp"
#include "barretenberg/stdlib_circuit_builders/plookup_tables/plookup_tables.hpp"
#include "barretenberg/stdlib_circuit_builders/plookup_tables/sha256.hpp"

Go to the source code of this file.

Namespaces
namespace	bb
	Entry point for Barretenberg command-line interface.
namespace	bb::stdlib

Detailed Description

Circuit implementation of SHA-256 compression function using lookup tables.

This implementation uses "sparse form" representations to efficiently compute SHA-256 operations:

• XOR operations become additions in sparse form (one digit per bit)
• Rotations become coefficient multiplications or table lookups
• Boolean functions (Choose, Majority) are computed via lookup tables

Two sparse bases are used:

• Base-28 for Choose + Σ₁: encodes 7*rotation + (e + 2f + 3g)
• Base-16 for Majority + Σ₀: encodes 4*rotation + (a + b + c)
• Base-16 with pre-rotated limbs for message schedule extension

See plookup_tables/sha256.hpp for the details of the lookup tables used herein.

Definition in file sha256.cpp.