Making the hash function as a Trait

[kimurayu45z]

Intro

For example in frost-ristretto255 now it is implemented as FROST(Ristretto255, SHA512) which sha512 is tightly coupled as a hash function.

https://github.com/ZcashFoundation/frost/blob/frost-ristretto255/v2.1.0/frost-ristretto255/src/lib.rs#L129

However the hash function is not specified in the Schnorr signature only if it satisfies the collision resistance in nature.

Proposal

By making a trait like SchnorrHash,

pub trait SchnorrHash {
  fn hash_to_array(inputs: &[&[u8]]) -> [u8; 64];
}

pub struct Sha512;

impl SchnorrHash for Sha512 {
  // TODO
}

and making the struct like Ristretto255<H: SchnorrHash> where now only RistrettoSha512 is served
https://github.com/ZcashFoundation/frost/blob/frost-ristretto255/v2.1.0/frost-ristretto255/src/lib.rs#L150

users can choose the hash function of the Schnorr signature.

Ristretto255Sha512 can be an alias of Ristretto255<Sha512> and it can support the compatibility.

Motivation

By using ZK-friendly hash function like Poseidon, a ZK-friendly signature can be generated by FROST(Ristretto, Poseidon)

[conradoplg]

Thank you for the suggestion.

FROST ciphersuites are defined as curve+hash pairs, so currently my suggestion is to simply create a new ciphersuite based on frost-ristretto255 (by copying the code) and replacing the hash function. frost-core works with any ciphersuite that implements the Ciphersuite trait, which could be you own implementation.

That being said, we'll study the possibility of specifying the hash function separately.