Feat/poseidon2

[ThomasPiellard]

Description

Implementation of poseidon2 for t=2,3 following
reference implementation
reference paper
TBD: algos 1, 2, 3 of https://tosc.iacr.org/index.php/ToSC/article/view/8913/8489 for finding internal matrices when t>3

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How has this been benchmarked?

Please describe the benchmarks that you ran to verify your changes.

• Benchmark A, on Macbook pro M1, 32GB RAM

goarch: amd64
pkg: github.com/consensys/gnark-crypto/ecc/bn254/fr/poseidon2
cpu: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
BenchmarkPoseidon2-12 163784 7035 ns/op

Checklist:

• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added tests that prove my fix is effective or that my feature works
• I did not modify files generated from templates
• golangci-lint does not output errors locally
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules

[yelhousni]

I reviewed bls12-377 and the code-generated part. The other curves should be similar. I can tell it follows the paper, the spec and the reference implementation. I am not confident on my understanding on the linear layer analysis (https://tosc.iacr.org/index.php/ToSC/article/view/8913/8489) but as I said it follows the spec and other implementations so it should be good. t>=4 cases are yet to be merged here or pushed in a different PR but this one is good to go. Only one remark the Sbox can be code-generated per curve/field as in MiMC to make the code simpler. We need also to add poseidon2 to hash/hashes.go.