feat: add Pedersen hash

[bidzyyys]

Resolves #269

PR Checklist

• Tests
• Documentation
• Changelog

[netlify]

✅ Deploy Preview for contracts-stylus canceled.

Name	Link
🔨 Latest commit	de31feb
🔍 Latest deploy log	https://app.netlify.com/sites/contracts-stylus/deploys/67f802e63cb4050008284342

[netlify]

✅ Deploy Preview for contracts-stylus canceled.

Name	Link
🔨 Latest commit	a34d610
🔍 Latest deploy log	https://app.netlify.com/sites/contracts-stylus/deploys/6808e660d124f60008ecb383

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 88.3%. Comparing base (16cc1ff) to head (2492e86).

✅ All tests successful. No failed tests found.

Additional details and impacted files

Files with missing lines	Coverage Δ
lib/crypto/src/pedersen/instance/starknet.rs	99.9% <ø> (ø)
lib/crypto/src/pedersen/mod.rs	100.0% <100.0%> (ø)

... and 2 files with indirect coverage changes

[qalisander]

Good job!
First pass

[qalisander]

I don't think it is a good API for this kind of hash. Since after update is called you recreate U256 from variable size of bytes.
And e.g. calling update() two times with inputs [42, 42] and [43,43]. Or calling it with inputs [42, 42, 0, 0] and [43, 43] should produce the same hash, since bytes are not padded. And [42, 42] and [42, 42, 0, 0] will be parsed to the same integer. So we can easily peek different set of bytes, that will produce the same hash. It is an actual vulnerability to preimage attack. I don't think we should implement Hasher in this case (more simple) or redesign the trait and make it more generic (able to accept U256 as an argument)

I see that starknet-rs has only api where you can pass 256-bit integer.

[bidzyyys]

Fair point, I removed Hasher trait implementation.

[0xNeshi]

Suggested change

	};
	use stylus_sdk::prelude::*;
	#[entrypoint]
	#[storage]
	};
	use stylus_sdk::prelude::*;
	#[entrypoint]
	#[storage]

[0xNeshi]

Is this proptest regression important enough to have in repo? If this was the result on some mishap in the impl, we can remove it (this is the PR that first introduces the Pedersen hash after all); if this is a specific edge case, we can leave it in

[0xNeshi]

Suggested change

	//! This module contains pedersen hash instances for some popular curve
	//! instances.
	//! This module contains pedersen hash instances for some popular curves.

[0xNeshi]

Suggested change

	};
	#[derive(Clone, Default, PartialEq, Eq)]
	/// Starknet's Curve Details.
	pub struct StarknetCurveConfig;
	};
	/// Starknet's Curve Details.
	#[derive(Clone, Default, PartialEq, Eq)]
	pub struct StarknetCurveConfig;

[0xNeshi]

TODO

[0xNeshi]

Suggested change

	params: core::marker::PhantomData<F>,
	curve: core::marker::PhantomData<P>,
	params: PhantomData<F>,
	curve: PhantomData<P>,

nit: import PhantomData directly instead of using absolute path repeatedly

[0xNeshi]

nit: place pub mods below imports for clarity, I almost didn't realize these modules were declared here (confused them with additional imports)

[0xNeshi]

A link to where these constant points were taken from would be useful, helps maintainability and review

[0xNeshi]

Link to source of this const, if not here then at the module-level docs //!

[0xNeshi]

We should assert! things that must always hold for our code to be valid, the "invariants" of our code.
Otherwise returning a Result::Err might be clearer and more in line with Rust's way of doing things.

Not saying this or any other assert should be converted to an error as I lack enough in-depth knowledge to determine whether it should be done, I'm just pointing this out so that you can determine the right approach and that we're on the same page.

[0xNeshi]

Approved by mistake

[bidzyyys]

Solved in #644.