Use XXH32 instead of sha256 for const hashing #1393
Conversation
|
I thought about this solution(in the first implementation I used a custom hash function). The problem is that the chance of getting collision is higher, and it will make the implementation of the same storage key calculation for other languages harder because they need find implementation of this not popular function=) The same for documentation, we need to describe the usage of an unusual hashing algorithm. But if other members of the ink! team like this idea, of course, go with it=) |
|
Thanks for your feedback! At first I shared your concerns about collisions, but as I thought a bit about it I came to a different conclusion. My guess was that reducing sha2 to 32 bits only has significant impact on its collision rate as well. And FNV1A is actually not that bad: According to this stack overflow answer, there are only ~4 collisions per ~200K hashes of UUIDS. This left me wondering, how bad is FNV1A compared to 32bit SHA256? I quickly hacked together my own very small and totally unscientific experiment. If you run this multiple times, you'll observe that the SHA2 option does only slightly better than FNV1a. In fact, sometimes there are even more collisions for SHA2: Based on that it seems like we don't gain much in terms of collision resistance by using 32bit SHA2 instead of FNV1A. This only applies to hashing UUIDs though (behavior in our use case might be different!).
I don't think FNV is "unusual". To my knowledge it is a solid (in terms of speed vs collision resistance) and often used non cryptographic hash.
I'd be very happy to hear some more opinions on this one as well 😊 |
xermicus
added
A-ink_storage
xermicus
added
dependencies
xermicus
requested review from
cmichi,
ascjones and
HCastano
as code owners
There was a problem hiding this comment.
I am in favour of this because it is a huge headache to require people who depend on ink std libs to run nightly or RUSTC_BOOTSTRAP=1.
The numbers and posts above seem to be encouraging. However I am not an expert on the suitability or not of hashing algorithms for unique key generation, so I would like somebody else here with more knowledge to approve this.
xermicus
changed the title
|
As discussed internall, switched to xxhash32, since it is used already in substrate for non cryptographic hashes. I used 0 as seed value, it is a valid seed and seems to be the common choice ( |
| @@ -69,8 +65,7 @@ impl KeyComposer { | |||
| /// 1. If `variant_name` is not empty then computes the ASCII byte representation and call it `V`. | |||
| /// 1. Compute the ASCII byte representation of `field_name` and call it `F`. | |||
| /// 1. Concatenate (`S` and `F`) or (`S`, `V` and `F`) using `::` as separator and call it `C`. | |||
| /// 1. Apply the `SHA2` 256-bit hash `H` of `C`. | |||
| /// 1. The first 4 bytes of `H` make up the storage key. | |||
| /// 1. The `FNV1A` 32-bit hash of `C` is the storage key. | |||
There was a problem hiding this comment.
@xermicus this should be XXHASH instead, eh?
Would it be feasible to use
FNVxxhashinstead of sha256 for Key hashing, since we use only 32bits of the sha hash anyways? WithFNVxxhashbeing a much simpler algorithm, it would allow us to useink_metadatawith stable rust without relying onRUSTC_BOOTSTRAP. Also what do you think @xgreenx ?