Test poseidon hash variants against an external library

Cargo.toml

@@ -142,7 +142,7 @@ build-data = "0.1.3"
 bincode = "1.3.3"
 hex = "0.4.2"
 const_format = "0.2.30"
-num-bigint = "0.4"
+num-bigint = "0.4.4"
 num-traits = "0.2"
 similar-asserts = "1.5.0"
 tempfile = "3.6.0"

tooling/nargo_cli/Cargo.toml

@@ -71,6 +71,7 @@ tracing-appender = "0.2.3"
 tokio-util = { version = "0.7.8", features = ["compat"] }
 
 [dev-dependencies]
+ark-bn254.workspace = true
 tempfile.workspace = true
 dirs.workspace = true
 assert_cmd = "2.0.8"
@@ -85,6 +86,7 @@ sha2.workspace = true
 sha3.workspace = true
 iai = "0.1.1"
 test-binary = "3.0.2"
+light-poseidon = { git = "https://github.com/Lightprotocol/light-poseidon.git", tag = "v0.2.0" }
 
 
 [[bench]]

tooling/nargo_cli/tests/stdlib-props.rs

@@ -259,23 +259,16 @@ fn fuzz_sha512_equivalence() {
 fn fuzz_poseidon2_equivalence() {
     use bn254_blackbox_solver::poseidon_hash;
 
-    for max_len in [0, 1, 3, 4, 511, 512] {
+    for max_len in [0, 1, 100] {
         let source = format!(
             "fn main(input: [Field; {max_len}], message_size: u32) -> pub Field {{
                 std::hash::poseidon2::Poseidon2::hash(input, message_size)
             }}"
         );
 
         let strategy = (0..=max_len)
-            .prop_flat_map(|len: usize| {
-                // Generate Field elements from random 32 byte vectors.
-                let field = prop::collection::vec(any::<u8>(), 32)
-                    .prop_map(|bytes| FieldElement::from_be_bytes_reduce(&bytes));
-
-                prop::collection::vec(field, len)
-            })
+            .prop_flat_map(field_vec_strategy)
             .prop_map(move |mut msg| {
-                // The output hash is a single field element.
                 let output = poseidon_hash(&msg, msg.len() < max_len).expect("failed to hash");
 
                 // The input has to be padded to the maximum length.
@@ -296,8 +289,50 @@ fn fuzz_poseidon2_equivalence() {
     }
 }
 
+#[test]
+fn fuzz_poseidon_equivalence() {
+    use light_poseidon::{Poseidon, PoseidonHasher};
+
+    let poseidon_hash = |inputs: &[FieldElement]| {
+        let mut poseidon = Poseidon::<ark_bn254::Fr>::new_circom(inputs.len()).unwrap();
+        let frs: Vec<ark_bn254::Fr> =
+            inputs.iter().map(|f| f.clone().into_repr()).collect::<Vec<_>>();
+        let hash = poseidon.hash(&frs).expect("failed to hash");
+        FieldElement::from_repr(hash)
+    };
+
+    // Noir has hashes up to length 16, but the reference library won't work with more than 12.
+    for len in 1..light_poseidon::MAX_X5_LEN {
+        let source = format!(
+            "fn main(input: [Field; {len}]) -> pub Field {{
+                std::hash::poseidon::bn254::hash_{len}(input)
+            }}"
+        );
+
+        let strategy = field_vec_strategy(len)
+            .prop_map(move |msg| {
+                let output = poseidon_hash(&msg);
+                let inputs = vec![("input", InputValue::Vec(vecmap(msg, InputValue::Field)))];
+
+                SnippetInputOutput::new(inputs, InputValue::Field(output))
+                    .with_description(format!("len = {len}"))
+            })
+            .boxed();
+
+        run_snippet_proptest(source.clone(), false, strategy);
+    }
+}
+
 fn bytes_input(bytes: &[u8]) -> InputValue {
     InputValue::Vec(
         bytes.iter().map(|b| InputValue::Field(FieldElement::from(*b as u32))).collect(),
     )
 }
+
+fn field_vec_strategy(len: usize) -> impl Strategy<Value = Vec<FieldElement>> {
+    // Generate Field elements from random 32 byte vectors.
+    let field = prop::collection::vec(any::<u8>(), 32)
+        .prop_map(|bytes| FieldElement::from_be_bytes_reduce(&bytes));
+
+    prop::collection::vec(field, len)
+}