Consensys · OlivierBBB · May 4, 2026 · May 5, 2026 · May 5, 2026 · May 5, 2026
diff --git a/arithmetization/src/main/riscv/instruction_processing/i_type.zkc b/arithmetization/src/main/riscv/instruction_processing/i_type.zkc
@@ -209,7 +209,7 @@ fn process_syscall<registers, ram>(pc:Address) -> (new_pc:Address) {
     var call_num:DoubleWord = registers[17]
     //
     switch call_num {
-        case 93: { // exit 
+        case 93: { // exit
             var exit_code:DoubleWord = registers[10]
             // check for non-zero exit code
             if exit_code != 0 {

diff --git a/arithmetization/src/main/riscv/instruction_processing/r_type.zkc b/arithmetization/src/main/riscv/instruction_processing/r_type.zkc
@@ -69,6 +69,8 @@ fn process_R_type_instruction<registers>(opcode:Opcode, instruction_parameters:u
 
     funct7::rs2::rs1::funct3::rd = instruction_parameters
 
+    printf "funct3 ≡ %b, funct7 ≡ %b\n", funct3, funct7
+
     v1 = registers[rs1]
     v2 = registers[rs2]
 
@@ -325,15 +327,21 @@ fn process_R_type_instruction<registers>(opcode:Opcode, instruction_parameters:u
                 } else {
                     registers[rd] = sgn_extension_u32_u64(v1_lower % v2_lower)
                 }
-            } else {
-                printf "[ERROR] Unsupported R-type instruction with\n"
-                printf "\topcode ≡ OP_32 ≡ %x ≡ %b\n", opcode, opcode
-                printf "\tfunct3 ≡ %x ≡ %b\n", funct3, funct3
-                printf "\tfunct7 ≡ %x ≡ %b\n", funct7, funct7
-                fail
             }
         }
 
+        case CUSTOM_0: {
+            // ==========================================
+            // custom instructions (precompiles etc ...)
+            // ==========================================
+
+            printf "custom-0 instruction\n"
+
+            if (funct3 == FUNCT3_POSEIDON_1) && (funct7 == FUNCT7_POSEIDON_1) {
+                printf "POSEIDON precompile\n"
+                fail
+            }
+        }
         default: {
             printf "[ERROR] Unsupported R-type instruction with\n"
             printf "\topcode ≡ %x ≡ %b\n", opcode, opcode

diff --git a/arithmetization/src/main/riscv/utils/constants.zkc b/arithmetization/src/main/riscv/utils/constants.zkc
@@ -25,7 +25,7 @@ static instruction_type_from_opcode(opcode:Opcode) -> (instruction_type:Type) {
     UNDEFINED_TYPE, // 0b0001000
     UNDEFINED_TYPE, // 0b0001001
     UNDEFINED_TYPE, // 0b0001010
-    UNDEFINED_TYPE, // 0b0001011
+    R_TYPE, // 0b0001011 NOTE: this is the custom-0 instruction opcode (0x0b)
     UNDEFINED_TYPE, // 0b0001100
     UNDEFINED_TYPE, // 0b0001101
     UNDEFINED_TYPE, // 0b0001110
@@ -147,6 +147,7 @@ static instruction_type_from_opcode(opcode:Opcode) -> (instruction_type:Type) {
 // R_type
 const OP:Opcode = 0b0110011 // ADD, SUB, SLL, SLT, SLTU, XOR, SRL, SRA, OR, AND
 const OP_32:Opcode = 0b0111011 // ADDW, SUBW, SLLW, SRLW, SRAW (RV64 only)
+const CUSTOM_0:Opcode = 0b0001011 // for precompiles
 
 // I_type
 const LOAD:Opcode = 0b0000011 // LB, LH, LW, LBU, LHU, LWU, LD
@@ -215,6 +216,9 @@ const FUNCT3_DIVUW:Funct3 = 0b101, FUNCT7_DIVUW:Funct7 = 0b0000001
 const FUNCT3_REMW:Funct3 = 0b110, FUNCT7_REMW:Funct7 = 0b0000001
 const FUNCT3_REMUW:Funct3 = 0b111, FUNCT7_REMUW:Funct7 = 0b0000001
 
+// CUSTOM_0 (0001011) — R-type precompiles
+const FUNCT3_POSEIDON_1:Funct3 = 0b111, FUNCT7_POSEIDON_1:Funct7 = 0b1111111
+
 // ======================
 // I-type funct3 values
 // ======================

diff --git a/arithmetization/src/test/examples/rust/Cargo.toml b/arithmetization/src/test/examples/rust/Cargo.toml
@@ -12,6 +12,10 @@ path = "src/blake.rs"
 name = "test"
 path = "src/test.rs"
 
+[[bin]]
+name = "poseidon1"
+path = "src/poseidon1.rs"
+
 [profile.release]
 opt-level = 2
 debug = false
diff --git a/arithmetization/src/test/examples/rust/src/poseidon1.rs b/arithmetization/src/test/examples/rust/src/poseidon1.rs
@@ -0,0 +1,99 @@
+#![no_std]
+#![no_main]
+
+/// inputs:
+/// - [×] KOALABEAR prime
+/// - [φ] 8  = n_full_rounds
+/// - [φ] 20 = n_partial_rounds
+/// - [φ] 1  = output_size
+/// - [φ] mds_matrix
+/// - [φ] round_constants
+/// - [✓] input vector
+/// - [✓] output vector
+///
+/// φ ≡ fixed
+/// ✓ ≡ to be provided
+/// × ≡ don't need it
+
+/// constants in the zkc file:
+///
+/// mds_matrix ≡ 0x07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555566fc28f5d5ccec4ed41da12f77164924a5bf72c2447f777784dd6b5ae10eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555566fc28f5d5ccec4ed41da12f77164924a5bf72c2447f7777863c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555566fc28f5d5ccec4ed41da12f77164924a5bf72c243a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555566fc28f5d5ccec4ed41da12f77164924a34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555566fc28f5d5ccec4ed41da12f739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555566fc28f5d5ccec4ed58e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555566fc28f5d468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c859159f555560fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd17462c2c8591489249250fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf33334428618621cdd174669d55556489249250fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf333344286186232cccccd69d55556489249250fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af2876bf333341fc0000032cccccd69d55556489249250fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c72281af28754aaaaab1fc0000032cccccd69d55556489249250fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f123471c723f80000054aaaaab1fc0000032cccccd69d55556489249250fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f000000ef0f0f17f0000003f80000054aaaaab1fc0000032cccccd69d55556489249250fe00000468e38e458e6666739ba2e8c34eaaaab3a9d89d963c9249310eeeeef07f00000
+/// roundconstants ≡ 0x7ee56a481136704512e419417ebbc12b1970b7d5662b60e83e4990c6679f91f5350813bb00874ad428a0081a18fa58725f25b0715e5d59985e6fd3e75b2e26606f1837bf3fe6182b1edd7ac557470d0043d486d51982c70f0ea53af961d6165b51639c002dec352c2950e5312d2cb94708256cef1a0109f61f51faf35cef1c623d65e50e33d91626133d5a1e0ff49b0d38900cd12c22cc3f28852bb206c65a027b2cf7bc68016e1a15e16bc05248149a6dd212a018d6830a5001be8264dac34e5902b287426583a00c9216323fe028a5245f8e4943bb297e7873dbd93cc987df286bb4ce640a8dcd512a8e3603a4cf55481837a203d6da8473726ac7760e7fdf54dfeb5d7d40afd6722cb316106a457345a7ccdb44061375154077a545744faa4eb5e5ee3794e83f47c7093c5694903c69cb6299373df84c46a0df5846b8758a3241ebcb0b09d2331af423571e66cec243e7dc24259a5d6127e85a3b1b9133fa343e5628485cd4c216e269f5165b60c625f683d9124f81f9174331f977344dc55a821dba5fc4177f54153bf55e3f11943bdbf191088c84a368256c9b3c90bbc66846166a03f4238d463335fb5e3d35516e59ae6f32d06cc0596293f36c87edb208fc60b534bcca8024f007f362731c6f1e1db6c60ca409bb585c1e7856e94edc16d2273418e114677b2c3730770075e435d1b18c22be3db54fb1fbb7477cb3ed7d5311c65b62ae7d559c5fa877f150483211570b490fef6a77ec311f2247171b4e0ac7112edf69c93b5a8850658094215619b4aa362019a76bf9d4ed5b413dff617e181e5e7ab57b33ad78333466c7ca6488dff471f068f4056e891f04f1eccc663257d5671e31b95871987c280c109e2a227761350a25e95b91b1c47a0735460182627053a677200ed4b07434cf0c4e6e751e8829bd5f5949ec32df7693452b3cf09e586ba0e2bf7ab93acf3ce597df536e3d42147a808d5e32eb565a203323509657666d44b7c56698636a57b84f9f554b61b96da0ab281585b6ac6705a2b4152872f60f4409fd23a9dd606f2b18d465ac9fd42f0efbea591e67fd217ca19b469c90ca03d60ef54ea7857e07c86a4f288ed4612fe51b227e2936142c4beb855b0b7d111e17dff6089beae10a5acf1a2fc33d8f60422dc66e1dc939635351b955522fc03eb94ef72a24a65c2e139c765139114478cc0742579538f944de9aae3c2f1e2e195747be2496339c650b2e39528996656cb355580f461c1c70f6b2703faaa36f62e3348a672167cb394c880b2a46ba8263ffb74a1cf875d653d12772036a45523bdd9f2b02f72c2402b6006c077fe1581f9d6ea420904d6f5d6534fa066d89746198f1f426301ab441f274c200eac15c28b54b472339739d48c6281c4ed935fc3f9187fa4a1930a63ad4d7360f3f1889635a388f2862c145277ed1e84db23cad1f1b11f51f3dba2b1c26eb4e0f7f55466cd024b067c47902793b89000e8a283c4590b7ea6f567a2b5dc9730015247bc650567fcb133eff84547dc2ef34eb3dbb1240231766c6ae49174338b6242510081b514927062d98d67af30bbc26af15e870d907a35dfc5cac731f27ec53aa7d3f63ab0ec6216053f418796b3919156afd5eea69736704c6a90dce002b331169c0714d71783ddaffaf7e46495720ca59ea679820c942ef21a1798ea08914a74fa30c06cf186a4c8d52620f6d812220901a5277bb90230bf95e0ad8847a5e96e8b677b4056e70a50d2c5f0eed593646c4df10eb9a8721eed6b7534add366e3e74212b25810e1d8f707b45318a1a677f8ff20258c9e04cd02a002e24ff15634a715d4ac01e59601511e126e9c01a4c165c6e57cd11403ac6543b6787d847037dfbf96dd9d0794d24b2812a6f407d0131df8e4b8a7896237008582cf5e53412aafc3f54568d031a2507355331686d4ce76d91799c1a8c2b7a8ac960aee67274f7421c3c42146d26d369c54ae54a127eea16d15ce3eae869f28994262b8642610d4cc45e1af21c1a8526d0316b127b3576fe5d02d968a04ba00f5140bed993377fb9077859216e1931d9d153b0934e71914ff74eabae6c7196468e164b3cc258cb66c04c1473076b3afccd4236518b4ad85605291382e11e89b6cf5e16c3a82e6759212430095405e555c378880a24763a31254f53b24018b7fa432bbe8a731c9a12f23f6fd40d0e1d4ec41361c64d09a8f47003d23a40109ad29028c2fb883b6498f274d8be576a4277d218c2b3d46252c30c07cc2560209fe15b52a55fac4df19eb7025211165e414ff13cd9a1f4005aad1527a53f0072bbe9cb71d8bd7d4194b79a48e87a723341553c63d34faa132a01e33833e2d949726e04054957f87b71bce473eec57d556e55331fa93fde346a8ca81162dfde5c30d028094a42943052dcda3798849851f06b97658487797599b0d4436fdabc66c5b77d40c86a9e27e7055b6d0dd9d87e5598b51a4d04f35e3b2bc7533b5b2f3e33a125664d71ce382e6c2a24c4eb6e13f246f707e2d7ef
+
+const INPUT_STRING :&str = "000102030405060708090a0b0c0d0e0f";
+const OUPUT_STRING :&str = "00"; // TODO
+const INPUT_LENGTH :usize = 16; // length in bytes of the input string
+const OUTPUT_SIZE :usize = 1;  // number of output field elements, has to be ≤ rate
+
+const FUNCT3_POSEIDON_1 :u8 = 0b111;
+const FUNCT7_POSEIDON_1 :u8 = 0b1111111;
+
+
+core::arch::global_asm!(
+    ".global _start",
+    "_start:",
+    "li sp, 0x087fffff", // set stack pointer to a known memory region
+    "call main",
+);
+
+
+fn some_crap(input_offset :usize, input_size :usize, output_offset :usize) {
+  unsafe {
+    core::arch::asm!(
+      // interpretation of ":insn r 0x0b, 0x42, 0x69, {2}, {0}, {1}",
+      //
+      // instruction type: r
+      // opcode: 0x0b ≡ custom-0
+      // funct3: 0x01
+      // funct7: 0x69
+      //
+      // {0} = register address holding io
+      // {1} = register address holding is
+      // {2} = register address holding ro
+      //
+      // order is decided by the declaration order of the in(reg) XXX
+      ".insn r 0x0b, 0b111, 0b1111111, {2}, {0}, {1}",
+      in(reg) input_offset,
+      in(reg) input_size,
+      in(reg) output_offset,
+    );
+  }
+}
+
+/// Parse a hex string into a [u8; INPUT_LENGTH], for input.
+pub fn hex_to_input(s: &str) -> [u8; INPUT_LENGTH] {
+    let mut out = [0u8; INPUT_LENGTH];
+    for i in 0..INPUT_LENGTH {
+        out[i] = u8::from_str_radix(&s[i * 2..i * 2 + 2], 16).unwrap();
+    }
+    out
+}
+
+#[no_mangle]
+fn main() -> ! {
+
+    let input = hex_to_input(INPUT_STRING);
+
+    some_crap(input.as_ptr() as usize, input.len(), 0);
+
+    // Encode the 5 codes into a single exit code (e.g. 0000 for all pass, 1000 for 1st test failing, etc.)
+    exit(0);
+}
+
+fn exit(code: i32) -> ! {
+    unsafe {
+        core::arch::asm!(
+            "mv a0, {0}",  // exit code
+            "li a7, 93",   // syscall number for exit
+            "ecall",
+            in(reg) code,
+            options(noreturn)
+        );
+    }
+}
+
+// required by the compiler
+#[panic_handler]
+fn panic(_: &core::panic::PanicInfo) -> ! {
+    exit(3);
+}
diff --git a/arithmetization/src/test/poseidon/README.md b/arithmetization/src/test/poseidon/README.md
@@ -0,0 +1,41 @@
+# Generating data
+
+The Poseidon hash function requires two pieces of data besides the (nonempty) input byte slice:
+- the mds matrix of size t×t
+- the round constants a matrix of size r×t
+where t ≡ state width t and r ≡ total rounds.
+
+This data can be generated using the [poseidon-tools](https://github.com/khovratovich/poseidon-tools) library.
+
+## Generatring an mds matrix
+
+The following generates the MDS matrix for the koalabear prime with state width 16.
+
+```bash
+ python3
+>>> from poseidon.mds_matrix import generate_mds_matrix
+>>> KOALABEAR_P = 2130706433
+>>> STATE_WIDTH = 16
+>>> [[f"{k:08x}" for k in l] for l in generate_mds_matrix(STATE_WIDTH, KOALABEAR_P)]
+```
+
+## Getting round constants
+
+For the round constants I used `_KB_ROUND_CONSTANTS_16` from the tests of that repo.
+
+## Stuff
+
+```bash
+ python3
+>>> from poseidon.poseidon import Poseidon
+>>> KOALABEAR_P = 2130706433
+>>> pos = Poseidon(prime=KOALABEAR_P, alpha=3, t=16, r_f=8, r_p=20)
+# t is the state_width, no rate is specified (it defaults to t-1), r_f is the number of full rounds (which has to be
+# even), r_p that of partial rounds
+>>> pos.sponge_hash(list(range(16)), 1)
+[584229223]
+>>> pos.sponge_hash(list(range(16)), 15)
+[584229223, 1225903167, 435734976, 745693090, 1580884015, 1393870516, 1514786559, 1416327482, 401740899, 305698337, 123847430, 1985271412, 660999169, 1953826170, 1390527262]
+# 1 and 15 are the the respectve output_size's, which have to be ≤ rate
+```
+
diff --git a/arithmetization/src/test/poseidon/constants/mds_matrix.zkc b/arithmetization/src/test/poseidon/constants/mds_matrix.zkc
@@ -0,0 +1,20 @@
+// STATE_WIDTH × STATE_WIDTH matrix
+// M_{a,b} = Mij with ij = 8 × a + b
+static mds_matrix(ij:u8) -> (Mij:u32) {
+    0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556, 0x6fc28f5d, 0x5ccec4ed, 0x41da12f7, 0x7164924a, 0x5bf72c24, 0x47f77778, 0x4dd6b5ae,
+    0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556, 0x6fc28f5d, 0x5ccec4ed, 0x41da12f7, 0x7164924a, 0x5bf72c24, 0x47f77778,
+    0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556, 0x6fc28f5d, 0x5ccec4ed, 0x41da12f7, 0x7164924a, 0x5bf72c24,
+    0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556, 0x6fc28f5d, 0x5ccec4ed, 0x41da12f7, 0x7164924a,
+    0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556, 0x6fc28f5d, 0x5ccec4ed, 0x41da12f7,
+    0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556, 0x6fc28f5d, 0x5ccec4ed,
+    0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556, 0x6fc28f5d,
+    0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591, 0x59f55556,
+    0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746, 0x2c2c8591,
+    0x48924925, 0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862, 0x1cdd1746,
+    0x69d55556, 0x48924925, 0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334, 0x42861862,
+    0x32cccccd, 0x69d55556, 0x48924925, 0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287, 0x6bf33334,
+    0x1fc00000, 0x32cccccd, 0x69d55556, 0x48924925, 0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72, 0x281af287,
+    0x54aaaaab, 0x1fc00000, 0x32cccccd, 0x69d55556, 0x48924925, 0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1, 0x23471c72,
+    0x3f800000, 0x54aaaaab, 0x1fc00000, 0x32cccccd, 0x69d55556, 0x48924925, 0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000, 0x0ef0f0f1,
+    0x7f000000, 0x3f800000, 0x54aaaaab, 0x1fc00000, 0x32cccccd, 0x69d55556, 0x48924925, 0x0fe00000, 0x468e38e4, 0x58e66667, 0x39ba2e8c, 0x34eaaaab, 0x3a9d89d9, 0x63c92493, 0x10eeeeef, 0x07f00000
+}