matter-labs · pompon0 · Nov 9, 2023 · Nov 3, 2023 · Nov 3, 2023 · Nov 3, 2023
diff --git a/node/Cargo.lock b/node/Cargo.lock
diff --git a/node/Cargo.toml b/node/Cargo.toml
@@ -46,7 +46,7 @@ rand = "0.8.0"
 rocksdb = "0.21.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0.95"
-sha2 = "0.10.6"
+sha3 = "0.10.8"
 snow = "0.9.3"
 syn = "2.0.17"
 tempfile = "3"

diff --git a/node/actors/network/src/noise/stream.rs b/node/actors/network/src/noise/stream.rs
@@ -5,7 +5,7 @@ use concurrency::{
     ctx, io,
     io::{AsyncRead as _, AsyncWrite as _},
 };
-use crypto::{sha256::Sha256, ByteFmt};
+use crypto::{keccak256::Keccak256, ByteFmt};
 use std::{
     pin::Pin,
     task::{ready, Context, Poll},
@@ -75,7 +75,7 @@ impl Default for Buffer {
 pub(crate) struct Stream<S = MeteredStream> {
     /// Hash of the handshake messages.
     /// Uniquely identifies the noise session.
-    id: Sha256,
+    id: Keccak256,
     /// Underlying TCP stream.
     #[pin]
     inner: S,
@@ -138,7 +138,7 @@ where
 
     /// Returns the noise session id.
     /// See `Stream::id`.
-    pub(crate) fn id(&self) -> Sha256 {
+    pub(crate) fn id(&self) -> Keccak256 {
         self.id
     }
 

diff --git a/node/deny.toml b/node/deny.toml
@@ -59,7 +59,7 @@ skip = [
     { name = "regex-syntax", version = "=0.6.29" },
 
     # Old versions required by hyper.
-    { name = "socket2", version = "=0.4.9" },
+    { name = "socket2", version = "=0.4.10" },
 ]
 
 [sources]

diff --git a/node/libs/concurrency/Cargo.toml b/node/libs/concurrency/Cargo.toml
@@ -11,7 +11,7 @@ anyhow.workspace = true
 once_cell.workspace = true
 pin-project.workspace = true
 rand.workspace = true
-sha2.workspace = true
+sha3.workspace = true
 thiserror.workspace = true
 time.workspace = true
 tokio.workspace = true

diff --git a/node/libs/concurrency/src/ctx/rng.rs b/node/libs/concurrency/src/ctx/rng.rs
@@ -2,7 +2,7 @@ use rand::{
     rngs::{OsRng, StdRng},
     Rng, SeedableRng,
 };
-use sha2::{digest::Update as _, Digest as _};
+use sha3::{digest::Update as _, Digest as _};
 use std::sync::atomic::{AtomicU64, Ordering};
 
 /// Splittable Pseudorandom Number Generators using Cryptographic Hashing
@@ -16,13 +16,13 @@ use std::sync::atomic::{AtomicU64, Ordering};
 /// which is not crypto-secure, but for tests should be good enough.
 pub(super) struct SplitProvider {
     /// Hash builder of the prefix of the ID.
-    builder: sha2::Sha256,
+    builder: sha3::Keccak256,
     /// Child branches constructed so far from this branch.
     branch: AtomicU64,
 }
 
 impl SplitProvider {
-    fn next_builder(&self) -> sha2::Sha256 {
+    fn next_builder(&self) -> sha3::Keccak256 {
         let branch = self.branch.fetch_add(1, Ordering::SeqCst);
         self.builder.clone().chain(branch.to_le_bytes())
     }
@@ -43,7 +43,7 @@ impl Provider {
     pub(super) fn test() -> Provider {
         Self::Split(
             SplitProvider {
-                builder: sha2::Sha256::new().chain("Lzr81nDW8eSOMH".as_bytes()),
+                builder: sha3::Keccak256::new().chain("Lzr81nDW8eSOMH".as_bytes()),
                 branch: 0.into(),
             }
             .into(),

@@ -12,5 +12,5 @@ blst.workspace = true
 ed25519-dalek.workspace = true
 hex.workspace = true
 rand.workspace = true
-sha2.workspace = true
+sha3.workspace = true
 thiserror.workspace = true
@@ -1,17 +1,18 @@
-//! Wrappers for the SHA256 cryptographic hash algorithm.
+//! Wrappers for the Keccak256 cryptographic hash algorithm.
 use crate::ByteFmt;
-use sha2::{digest::Update as _, Digest as _};
+use sha3::{digest::Update as _, Digest as _};
 
+mod test;
 pub mod testonly;
 
-/// SHA256 hash.
+/// Keccak256 hash.
 #[derive(Copy, Clone, Default, PartialEq, Eq, PartialOrd, Ord, Hash)]
-pub struct Sha256(pub(crate) [u8; 32]);
+pub struct Keccak256(pub(crate) [u8; 32]);
 
-impl Sha256 {
-    /// Computes a SHA256 hash of a message.
+impl Keccak256 {
+    /// Computes a Keccak256 hash of a message.
     pub fn new(msg: &[u8]) -> Self {
-        Self(sha2::Sha256::new().chain(msg).finalize().into())
+        Self(sha3::Keccak256::new().chain(msg).finalize().into())
     }
 
     /// Returns a reference to the bytes of this hash.
@@ -20,7 +21,7 @@ impl Sha256 {
     }
 }
 
-impl ByteFmt for Sha256 {
+impl ByteFmt for Keccak256 {
     fn decode(bytes: &[u8]) -> anyhow::Result<Self> {
         Ok(Self(bytes.try_into()?))
     }

@@ -0,0 +1,33 @@
+#[test]
+fn test_keccak256() -> Result<(), Box<dyn std::error::Error>> {
+    use crate::keccak256::Keccak256;
+
+    // Test vectors obtained from a trusted source
+    let test_vectors: Vec<(&[u8], [u8; 32])> = vec![
+        (
+            b"testing",
+            hex::decode("5f16f4c7f149ac4f9510d9cf8cf384038ad348b3bcdc01915f95de12df9d1b02")?
+                .try_into()
+                .unwrap(),
+        ),
+        (
+            b"",
+            hex::decode("c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470")?
+                .try_into()
+                .unwrap(),
+        ),
+        (
+            &[0x12, 0x34, 0x56],
+            hex::decode("6adf031833174bbe4c85eafe59ddb54e6584648c2c962c6f94791ab49caa0ad4")?
+                .try_into()
+                .unwrap(),
+        ),
+    ];
+
+    for (input, expected_hash) in &test_vectors {
+        let hash = Keccak256::new(input);
+        assert_eq!(hash.as_bytes(), expected_hash);
+    }
+
+    Ok(())
+}
@@ -0,0 +1,13 @@
+//! Random hash generation, intended for use in testing
+
+use crate::keccak256::Keccak256;
+use rand::{
+    distributions::{Distribution, Standard},
+    Rng,
+};
+
+impl Distribution<Keccak256> for Standard {
+    fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> Keccak256 {
+        Keccak256(rng.gen())
+    }
+}
@@ -3,6 +3,6 @@
 pub mod bls12_381;
 pub mod ed25519;
 mod fmt;
-pub mod sha256;
+pub mod keccak256;
 
 pub use fmt::*;
diff --git a/node/libs/roles/src/node/messages.rs b/node/libs/roles/src/node/messages.rs
@@ -1,5 +1,5 @@
 use crate::node;
-use crypto::{sha256, ByteFmt, Text, TextFmt};
+use crypto::{keccak256, ByteFmt, Text, TextFmt};
 use utils::enum_util::{BadVariantError, Variant};
 
 /// The ID for an authentication session.
@@ -17,7 +17,7 @@ pub enum Msg {
 impl Msg {
     /// Get the hash of this message.
     pub fn hash(&self) -> MsgHash {
-        MsgHash(sha256::Sha256::new(&schema::canonical(self)))
+        MsgHash(keccak256::Keccak256::new(&schema::canonical(self)))
     }
 }
 
@@ -52,7 +52,7 @@ impl<V: Variant<Msg> + Clone> Signed<V> {
 }
 
 /// The hash of a message.
-pub struct MsgHash(pub(super) sha256::Sha256);
+pub struct MsgHash(pub(super) keccak256::Keccak256);
 
 impl ByteFmt for MsgHash {
     fn encode(&self) -> Vec<u8> {
@@ -66,11 +66,13 @@ impl ByteFmt for MsgHash {
 impl TextFmt for MsgHash {
     fn encode(&self) -> String {
         format!(
-            "validator_msg:sha256:{}",
+            "validator_msg:keccak256:{}",
             hex::encode(ByteFmt::encode(&self.0))
         )
     }
     fn decode(text: Text) -> anyhow::Result<Self> {
-        text.strip("validator_msg:sha256:")?.decode_hex().map(Self)
+        text.strip("validator_msg:keccak256:")?
+            .decode_hex()
+            .map(Self)
     }
 }
diff --git a/node/libs/roles/src/validator/conv.rs b/node/libs/roles/src/validator/conv.rs
@@ -15,23 +15,23 @@ use utils::enum_util::Variant;
 impl ProtoFmt for BlockHeaderHash {
     type Proto = proto::BlockHeaderHash;
     fn read(r: &Self::Proto) -> anyhow::Result<Self> {
-        Ok(Self(ByteFmt::decode(required(&r.sha256)?)?))
+        Ok(Self(ByteFmt::decode(required(&r.keccak256)?)?))
     }
     fn build(&self) -> Self::Proto {
         Self::Proto {
-            sha256: Some(self.0.encode()),
+            keccak256: Some(self.0.encode()),
         }
     }
 }
 
 impl ProtoFmt for PayloadHash {
     type Proto = proto::PayloadHash;
     fn read(r: &Self::Proto) -> anyhow::Result<Self> {
-        Ok(Self(ByteFmt::decode(required(&r.sha256)?)?))
+        Ok(Self(ByteFmt::decode(required(&r.keccak256)?)?))
     }
     fn build(&self) -> Self::Proto {
         Self::Proto {
-            sha256: Some(self.0.encode()),
+            keccak256: Some(self.0.encode()),
         }
     }
 }
@@ -322,12 +322,12 @@ impl ProtoFmt for MsgHash {
     type Proto = proto::MsgHash;
 
     fn read(r: &Self::Proto) -> anyhow::Result<Self> {
-        Ok(Self(ByteFmt::decode(required(&r.sha256)?)?))
+        Ok(Self(ByteFmt::decode(required(&r.keccak256)?)?))
     }
 
     fn build(&self) -> Self::Proto {
         Self::Proto {
-            sha256: Some(self.0.encode()),
+            keccak256: Some(self.0.encode()),
         }
     }
 }

diff --git a/node/libs/roles/src/validator/messages/block.rs b/node/libs/roles/src/validator/messages/block.rs
@@ -1,7 +1,7 @@
 //! Messages related to blocks.
 
 use super::CommitQC;
-use crypto::{sha256, ByteFmt, Text, TextFmt};
+use crypto::{keccak256, ByteFmt, Text, TextFmt};
 use std::fmt;
 
 /// Payload of the block. Consensus algorithm does not interpret the payload
@@ -13,14 +13,17 @@ pub struct Payload(pub Vec<u8>);
 
 /// Hash of the Payload.
 #[derive(Clone, Copy, PartialEq, Eq, Hash, PartialOrd, Ord)]
-pub struct PayloadHash(pub(crate) sha256::Sha256);
+pub struct PayloadHash(pub(crate) keccak256::Keccak256);
 
 impl TextFmt for PayloadHash {
     fn encode(&self) -> String {
-        format!("payload:sha256:{}", hex::encode(ByteFmt::encode(&self.0)))
+        format!(
+            "payload:keccak256:{}",
+            hex::encode(ByteFmt::encode(&self.0))
+        )
     }
     fn decode(text: Text) -> anyhow::Result<Self> {
-        text.strip("payload:sha256:")?.decode_hex().map(Self)
+        text.strip("payload:keccak256:")?.decode_hex().map(Self)
     }
 }
 
@@ -33,7 +36,7 @@ impl fmt::Debug for PayloadHash {
 impl Payload {
     /// Hash of the payload.
     pub fn hash(&self) -> PayloadHash {
-        PayloadHash(sha256::Sha256::new(&self.0))
+        PayloadHash(keccak256::Keccak256::new(&self.0))
     }
 }
 
@@ -63,17 +66,17 @@ impl fmt::Display for BlockNumber {
 
 /// Hash of the block.
 #[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)]
-pub struct BlockHeaderHash(pub(crate) sha256::Sha256);
+pub struct BlockHeaderHash(pub(crate) keccak256::Keccak256);
 
 impl TextFmt for BlockHeaderHash {
     fn encode(&self) -> String {
         format!(
-            "block_hash:sha256:{}",
+            "block_hash:keccak256:{}",
             hex::encode(ByteFmt::encode(&self.0))
         )
     }
     fn decode(text: Text) -> anyhow::Result<Self> {
-        text.strip("block_hash:sha256:")?.decode_hex().map(Self)
+        text.strip("block_hash:keccak256:")?.decode_hex().map(Self)
     }
 }
 
@@ -97,13 +100,13 @@ pub struct BlockHeader {
 impl BlockHeader {
     /// Returns the hash of the block.
     pub fn hash(&self) -> BlockHeaderHash {
-        BlockHeaderHash(sha256::Sha256::new(&schema::canonical(self)))
+        BlockHeaderHash(keccak256::Keccak256::new(&schema::canonical(self)))
     }
 
     /// Creates a genesis block.
     pub fn genesis(payload: PayloadHash) -> Self {
         Self {
-            parent: BlockHeaderHash(sha256::Sha256::default()),
+            parent: BlockHeaderHash(keccak256::Keccak256::default()),
             number: BlockNumber(0),
             payload,
         }