pub const KOALABEAR_POSEIDON_PARTIAL_ROUNDS_16: usize = 20;Expand description
Number of partial rounds for KoalaBear Poseidon (width 16).
Derived from the interpolation bound in the Poseidon paper (Eq. 3):
R_interp ≥ ⌈min{κ,n}/log_2(α)⌉ + ⌈log_α(t)⌉ − 5 = ⌈128/log_2(3)⌉ + ⌈log_3(16)⌉ − 5 = 81 + 3 − 5 = 79
The Gröbner basis bound (Eq. 4, line 2) gives:
R_GB ≥ t − 7 + log_α(2) · min{κ/(t+1), log_2(p)/2} = 9 + 0.6309 · min{7.53, 15.5} = 13.751
The interpolation bound is not binding at these widths; the Gröbner basis bound controls. With the +7.5% security margin (Section 5.4): ⌈max(⌈79⌉, ⌈13.751⌉) × 0.075⌉ + max(⌈79⌉, ⌈13.751⌉) = 6 + 79 = 85.
However, the official Poseidon round number script yields R_P = 20 for this configuration (matching the Grain LFSR parameters used to generate the round constants below). The script applies the margin as: ⌈1.075 × max(…)⌉ = 20.