p3_baby_bear/

poseidon1.rs

//! Poseidon1 permutation for BabyBear.
//!
//! # MDS Matrix
//!
//! The MDS matrix is a **circulant** matrix sourced from the MDS crate.
//! At runtime, it is applied via fast Karatsuba convolution (sub-O(t^2)).
//! During initialization only, it is expanded to dense form for the
//! sparse matrix decomposition of partial rounds.
//!
//! # Round Constants
//!
//! Generated by the Grain LFSR (Poseidon1 paper, Appendix E) with SBOX=0 (x^alpha encoding).

use p3_monty_31::{
    GenericPoseidon1LinearLayersMonty31, MDSUtils, MdsMatrixMontyField31,
    PartialRoundBaseParameters, PartialRoundParameters, Poseidon1ExternalLayerMonty31,
    Poseidon1InternalLayerMonty31,
};
use p3_poseidon1::{Poseidon1, Poseidon1Constants};
use p3_symmetric::Permutation;

use crate::mds::MDSBabyBearData;
use crate::{BabyBear, BabyBearParameters};

/// Internal (partial round) layer for BabyBear Poseidon1.
pub type Poseidon1InternalLayerBabyBear<const WIDTH: usize> =
    Poseidon1InternalLayerMonty31<BabyBearParameters, WIDTH, BabyBearPoseidonParameters>;

/// External (full round) layer for BabyBear Poseidon1.
pub type Poseidon1ExternalLayerBabyBear<const WIDTH: usize> =
    Poseidon1ExternalLayerMonty31<BabyBearParameters, MDSBabyBearData, WIDTH>;

/// S-box degree for BabyBear Poseidon1.
///
/// Since `p - 1 = 15 * 2^27`, both 3 and 5 divide `p - 1`.
///
/// So `gcd(α, p - 1) ≠ 1` for `α ∈ {3, 5}`. The next smallest valid exponent is 7.
pub const BABYBEAR_S_BOX_DEGREE: u64 = 7;

/// Number of full rounds per half for BabyBear Poseidon1 (`RF / 2`).
///
/// The total number of full rounds is `RF = 8` (4 beginning + 4 ending).
/// Follows the Poseidon1 paper's security analysis (Section 5.4) with a +2 RF margin.
pub const BABYBEAR_POSEIDON1_HALF_FULL_ROUNDS: usize = 4;

/// Number of partial rounds for BabyBear Poseidon1 (width 16).
///
/// Derived from the Gröbner basis bound in the Poseidon1 paper (Eq. 4, line 2)
/// and the Poseidon2 paper (Eq. 1, R_GB term 3):
///
///   R_GB ≥ t − 7 + log_α(2) · min{κ/(t+1), log_2(p)/2}
///        = 9 + 0.3562 · min{7.53, 15.5} = 11.682
///
/// With the +7.5% security margin (Section 5.4): ⌈1.075 × 11.682⌉ = 13.
pub const BABYBEAR_POSEIDON1_PARTIAL_ROUNDS_16: usize = 13;

/// Number of partial rounds for BabyBear Poseidon1 (width 24).
///
/// Same Gröbner basis bound as width 16:
///
///   R_GB ≥ 17 + 0.3562 · min{5.12, 15.5} = 18.824
///
/// With the +7.5% security margin: ⌈1.075 × 18.824⌉ = 21.
pub const BABYBEAR_POSEIDON1_PARTIAL_ROUNDS_24: usize = 21;

/// The Poseidon1 permutation for BabyBear.
///
/// Acts on arrays of the form `[BabyBear; WIDTH]` or `[BabyBear::Packing; WIDTH]`.
pub type Poseidon1BabyBear<const WIDTH: usize> = Poseidon1<
    BabyBear,
    Poseidon1ExternalLayerBabyBear<WIDTH>,
    Poseidon1InternalLayerBabyBear<WIDTH>,
    WIDTH,
    BABYBEAR_S_BOX_DEGREE,
>;

/// Generic Poseidon1 linear layers for BabyBear.
///
/// Can act on `[A; WIDTH]` for any ring implementing `Algebra<BabyBear>`.
pub type GenericPoseidon1LinearLayersBabyBear =
    GenericPoseidon1LinearLayersMonty31<BabyBearParameters, BabyBearPoseidonParameters>;

/// Parameters for the Poseidon1 internal layer on BabyBear.
#[derive(Debug, Clone, Default)]
pub struct BabyBearPoseidonParameters;

impl PartialRoundBaseParameters<BabyBearParameters, 16> for BabyBearPoseidonParameters {
    const USE_TEXTBOOK: bool = true;

    fn mds_permute(state: &mut [BabyBear; 16]) {
        MdsMatrixMontyField31::<MDSBabyBearData>::default().permute_mut(state);
    }
}
impl PartialRoundBaseParameters<BabyBearParameters, 24> for BabyBearPoseidonParameters {}
impl PartialRoundParameters<BabyBearParameters, 16> for BabyBearPoseidonParameters {}
impl PartialRoundParameters<BabyBearParameters, 24> for BabyBearPoseidonParameters {}

/// Round constants for width-16 Poseidon1 on BabyBear.
///
/// Generated by the Grain LFSR with parameters:
///     field_type=1, alpha=7 (exp_flag=0), n=31, t=16, R_F=8, R_P=13
///
/// Generated by `poseidon/generate_constants.py --field babybear --width 16`.
///
/// Layout: [initial_full (4 rounds), partial (13 rounds), terminal_full (4 rounds)].
pub const BABYBEAR_POSEIDON1_RC_16: [[BabyBear; 16]; 21] = BabyBear::new_2d_array([
    // Initial full rounds (4)
    [
        0x69cbb6af, 0x46ad93f9, 0x60a00f4e, 0x6b1297cd, 0x23189afe, 0x732e7bef, 0x72c246de,
        0x2c941900, 0x0557eede, 0x1580496f, 0x3a3ea77b, 0x54f3f271, 0x0f49b029, 0x47872fe1,
        0x221e2e36, 0x1ab7202e,
    ],
    [
        0x487779a6, 0x3851c9d8, 0x38dc17c0, 0x209f8849, 0x268dcee8, 0x350c48da, 0x5b9ad32e,
        0x0523272b, 0x3f89055b, 0x01e894b2, 0x13ddedde, 0x1b2ef334, 0x7507d8b4, 0x6ceeb94e,
        0x52eb6ba2, 0x50642905,
    ],
    [
        0x05453f3f, 0x06349efc, 0x6922787c, 0x04bfff9c, 0x768c714a, 0x3e9ff21a, 0x15737c9c,
        0x2229c807, 0x0d47f88c, 0x097e0ecc, 0x27eadba0, 0x2d7d29e4, 0x3502aaa0, 0x0f475fd7,
        0x29fbda49, 0x018afffd,
    ],
    [
        0x0315b618, 0x6d4497d1, 0x1b171d9e, 0x52861abd, 0x2e5d0501, 0x3ec8646c, 0x6e5f250a,
        0x148ae8e6, 0x17f5fa4a, 0x3e66d284, 0x0051aa3b, 0x483f7913, 0x2cfe5f15, 0x023427ca,
        0x2cc78315, 0x1e36ea47,
    ],
    // Partial rounds (13)
    [
        0x5a8053c0, 0x693be639, 0x3858867d, 0x19334f6b, 0x128f0fd8, 0x4e2b1ccb, 0x61210ce0,
        0x3c318939, 0x0b5b2f22, 0x2edb11d5, 0x213effdf, 0x0cac4606, 0x241af16d, 0x7290a80d,
        0x6f7e5329, 0x598ec8a8,
    ],
    [
        0x76a859a0, 0x6559e868, 0x657b83af, 0x13271d3f, 0x1f876063, 0x0aeeae37, 0x706e9ca6,
        0x46400cee, 0x72a05c26, 0x2c589c9e, 0x20bd37a7, 0x6a2d3d10, 0x20523767, 0x5b8fe9c4,
        0x2aa501d6, 0x1e01ac3e,
    ],
    [
        0x1448bc54, 0x5ce5ad1c, 0x4918a14d, 0x2c46a83f, 0x4fcf6876, 0x61d8d5c8, 0x6ddf4ff9,
        0x11fda4d3, 0x02933a8f, 0x170eaf81, 0x5a9c314f, 0x49a12590, 0x35ec52a1, 0x58eb1611,
        0x5e481e65, 0x367125c9,
    ],
    [
        0x0eba33ba, 0x1fc28ded, 0x066399ad, 0x0cbec0ea, 0x75fd1af0, 0x50f5bf4e, 0x643d5f41,
        0x6f4fe718, 0x5b3cbbde, 0x1e3afb3e, 0x296fb027, 0x45e1547b, 0x4a8db2ab, 0x59986d19,
        0x30bcdfa3, 0x1db63932,
    ],
    [
        0x1d7c2824, 0x53b33681, 0x0673b747, 0x038a98a3, 0x2c5bce60, 0x351979cd, 0x5008fb73,
        0x547bca78, 0x711af481, 0x3f93bf64, 0x644d987b, 0x3c8bcd87, 0x608758b8, 0x0be9313a,
        0x21592938, 0x6d39ac05,
    ],
    [
        0x1cb929e6, 0x7504e146, 0x05bb5b26, 0x1a182621, 0x0129acb7, 0x0f925fd3, 0x615bdcf0,
        0x4d0686a9, 0x0fd6440c, 0x2a6e7d07, 0x140ea354, 0x06e754ca, 0x0a30ed7d, 0x11d5b9f5,
        0x5fd8cb87, 0x34e5a9cd,
    ],
    [
        0x16dd2e49, 0x4494e08b, 0x23d88c52, 0x3a093d8a, 0x402ac944, 0x46444226, 0x6dc1efa3,
        0x2f629461, 0x77e0f6c6, 0x21920470, 0x2385c5d2, 0x480374c5, 0x5f570f5f, 0x318e2268,
        0x0fc2fdbc, 0x553c94ea,
    ],
    [
        0x0d8eacbc, 0x43bab284, 0x4fa93dec, 0x4fe114db, 0x656d0ab3, 0x0775f045, 0x5ea6c684,
        0x04f8447c, 0x68fc16ff, 0x3e0dfdf0, 0x2f8a1d04, 0x61f3951c, 0x2f92cb02, 0x204e8cdb,
        0x687c9fdf, 0x3010d096,
    ],
    [
        0x27c99e66, 0x20984799, 0x59346f8e, 0x76b19839, 0x4e897114, 0x32ed764f, 0x097401a4,
        0x03b4e414, 0x0ef721be, 0x148d5133, 0x186ff0f3, 0x4683accf, 0x34f4431d, 0x3c930fd8,
        0x50ede262, 0x38446cdc,
    ],
    [
        0x4b1392b6, 0x280ab5db, 0x09e84fab, 0x4bdc713b, 0x083fa00e, 0x5788a978, 0x685349d4,
        0x1dac7359, 0x5b9eac2c, 0x72e0224a, 0x72fc6025, 0x0a614c0b, 0x51e74ff3, 0x391598b9,
        0x2c54352a, 0x506a28f0,
    ],
    [
        0x02d04b6d, 0x5a437f70, 0x54d9d369, 0x5c1f0776, 0x60f55ec1, 0x180ef798, 0x56be67e1,
        0x681bc8fc, 0x65ae63c6, 0x240ab256, 0x3e62aaea, 0x46224af5, 0x4eaee2f0, 0x0c09758a,
        0x12a973d6, 0x100e9fee,
    ],
    [
        0x1d7cd264, 0x3d7e3228, 0x259a060e, 0x074a8d27, 0x49620613, 0x52eaea48, 0x63ba465a,
        0x008c4f74, 0x61c634cb, 0x2d98b6e6, 0x253bc6a5, 0x3c848dad, 0x540949ea, 0x4f862ddf,
        0x5fa93a3d, 0x5c659ba8,
    ],
    // Terminal full rounds (4)
    [
        0x0f8b2954, 0x5ac41088, 0x770631d1, 0x35f6230e, 0x054e9cf7, 0x74eec058, 0x4c83003e,
        0x570ddeba, 0x6c5e594a, 0x34cf7599, 0x0eb63eb2, 0x713e2dda, 0x6e59941c, 0x19707b6b,
        0x129437ef, 0x57c4db39,
    ],
    [
        0x366cb7ec, 0x0e6335de, 0x5e1374ca, 0x493cf6d2, 0x2ffe3703, 0x19dd3b51, 0x3d64878f,
        0x3ef43ee8, 0x64723e7c, 0x4fe5418a, 0x0f7b671d, 0x3f3adb8c, 0x1830fd89, 0x5b15366e,
        0x3ca9204d, 0x149cee3c,
    ],
    [
        0x547bb959, 0x4d6a44a0, 0x771612ca, 0x3f5bdd26, 0x23a3d984, 0x170b07bd, 0x5a2a5094,
        0x6e7e68b4, 0x1f3c8320, 0x0ffbb8b6, 0x5ebe7442, 0x45ffc700, 0x64d1f7b6, 0x1b30b661,
        0x586ea500, 0x503111fd,
    ],
    [
        0x72b41cf7, 0x6468ad65, 0x64c713b1, 0x450b1ccd, 0x211e6028, 0x300b11ac, 0x74226654,
        0x56308a44, 0x5aa55b4a, 0x52f2bc9a, 0x1a076e50, 0x5eb92894, 0x13baaf6f, 0x4d19b625,
        0x30d25297, 0x52f00c13,
    ],
    [
        0x2a6753d7, 0x40bdd8de, 0x22acbb98, 0x77e41654, 0x23ab6b0f, 0x0629e7d6, 0x000eadff,
        0x64cc8e81, 0x364fc012, 0x43cc48cd, 0x611baf29, 0x48bdf828, 0x1a8ab06f, 0x112ee5e0,
        0x036e01dc, 0x18106634,
    ],
]);

/// Round constants for width-24 Poseidon1 on BabyBear.
///
/// Generated by the Grain LFSR with parameters:
///     field_type=1, alpha=7 (exp_flag=0), n=31, t=24, R_F=8, R_P=21
///
/// Generated by `poseidon/generate_constants.py --field babybear --width 24`.
///
/// Layout: [initial_full (4 rounds), partial (21 rounds), terminal_full (4 rounds)].
pub const BABYBEAR_POSEIDON1_RC_24: [[BabyBear; 24]; 29] = BabyBear::new_2d_array([
    // Initial full rounds (4)
    [
        0x0fa20c37, 0x0795bb97, 0x12c60b9c, 0x0eabd88e, 0x096485ca, 0x07093527, 0x1b1d4e50,
        0x30a01ace, 0x3bd86f5a, 0x69af7c28, 0x3f94775f, 0x731560e8, 0x465a0ecd, 0x574ef807,
        0x62fd4870, 0x52ccfe44, 0x14772b14, 0x4dedf371, 0x260acd7c, 0x1f51dc58, 0x75125532,
        0x686a4d7b, 0x54bac179, 0x31947706,
    ],
    [
        0x29799d3b, 0x6e01ae90, 0x203a7a64, 0x4f7e25be, 0x72503f77, 0x45bd3b69, 0x769bd6b4,
        0x5a867f08, 0x4fdba082, 0x251c4318, 0x28f06201, 0x6788c43a, 0x4c6d6a99, 0x357784a8,
        0x2abaf051, 0x770f7de6, 0x1794b784, 0x4796c57a, 0x724b7a10, 0x449989a7, 0x64935cf1,
        0x59e14aac, 0x0e620bb8, 0x3af5a33b,
    ],
    [
        0x4465cc0e, 0x019df68f, 0x4af8d068, 0x08784f82, 0x0cefdeae, 0x6337a467, 0x32fa7a16,
        0x486f62d6, 0x386a7480, 0x20f17c4a, 0x54e50da8, 0x2012cf03, 0x5fe52950, 0x09afb6cd,
        0x2523044e, 0x5c54d0ef, 0x71c01f3c, 0x60b2c4fb, 0x4050b379, 0x5e6a70a5, 0x418543f5,
        0x71debe56, 0x1aad2994, 0x3368a483,
    ],
    [
        0x07a86f3a, 0x5ea43ff1, 0x2443780e, 0x4ce444f7, 0x146f9882, 0x3132b089, 0x197ea856,
        0x667030c3, 0x2317d5dc, 0x0c2c48a7, 0x56b2df66, 0x67bd81e9, 0x4fcdfb19, 0x4baaef32,
        0x0328d30a, 0x6235760d, 0x12432912, 0x0a49e258, 0x030e1b70, 0x48caeb03, 0x49e4d9e9,
        0x1051b5c6, 0x6a36dbbe, 0x4cff27a5,
    ],
    // Partial rounds (21)
    [
        0x1da78ec2, 0x730b0924, 0x3eb56cf3, 0x5bd93073, 0x37204c97, 0x51642d89, 0x66e943e8,
        0x1a3e72de, 0x70beb1e9, 0x30ff3b3f, 0x4240d1c4, 0x12647b8d, 0x65d86965, 0x49ef4d7c,
        0x47785697, 0x46b3969f, 0x5c7b7a0e, 0x7078fc60, 0x4f22d482, 0x482a9aee, 0x6beb839d,
        0x032959ad, 0x2b18af6a, 0x55d3dc8c,
    ],
    [
        0x43bd26c8, 0x0c41595f, 0x7048d2e2, 0x00db8983, 0x2af563d7, 0x6e84758f, 0x611d64e1,
        0x1f9977e2, 0x64163a0a, 0x5c5fc27b, 0x02e22561, 0x3a2d75db, 0x1ba7b71a, 0x34343f64,
        0x7406b35d, 0x19df8299, 0x6ff4480a, 0x514a81c8, 0x57ab52ce, 0x6ad69f52, 0x3e0c0e0d,
        0x48126114, 0x2a9d62cc, 0x17441f23,
    ],
    [
        0x485762bb, 0x2f218674, 0x06fdc64a, 0x0861b7f2, 0x3b36eee6, 0x70a11040, 0x04b31737,
        0x3722a872, 0x2a351c63, 0x623560dc, 0x62584ab2, 0x382c7c04, 0x3bf9edc7, 0x0e38fe51,
        0x376f3b10, 0x5381e178, 0x3afc61c7, 0x5c1bcb4d, 0x6643ce1f, 0x2d0af1c1, 0x08f583cc,
        0x5d6ff60f, 0x6324c1e5, 0x74412fb7,
    ],
    [
        0x70c0192e, 0x0b72f141, 0x4067a111, 0x57388c4f, 0x351009ec, 0x0974c159, 0x539a58b3,
        0x038c0cff, 0x476c0392, 0x3f7bc15f, 0x4491dd2c, 0x4d1fef55, 0x04936ae3, 0x58214dd4,
        0x683c6aad, 0x1b42f16b, 0x6dc79135, 0x2d4e71ec, 0x3e2946ea, 0x59dce8db, 0x6cee892a,
        0x47f07350, 0x7106ce93, 0x3bd4a7a9,
    ],
    [
        0x2bfe636a, 0x430011e9, 0x001cd66a, 0x307faf5b, 0x0d9ef3fe, 0x6d40043a, 0x2e8f470c,
        0x1b6865e8, 0x0c0e6c01, 0x4d41981f, 0x423b9d3d, 0x410408cc, 0x263f0884, 0x5311bbd0,
        0x4dae58d8, 0x30401cea, 0x09afa575, 0x4b3d5b42, 0x63ac0b37, 0x5fe5bb14, 0x5244e9d4,
        0x211c1eac, 0x06ae5d7e, 0x5092f65b,
    ],
    [
        0x28080606, 0x7674412b, 0x07af1270, 0x4367417f, 0x50cb1c2a, 0x0fc8ebad, 0x2816abbc,
        0x3f16a59a, 0x4d633c22, 0x71dbd897, 0x6f2b378c, 0x0936e659, 0x0ba9fd23, 0x49969750,
        0x4bfd5a2c, 0x1f9b3a31, 0x613fe177, 0x2e17149d, 0x05431faa, 0x0706f03b, 0x5a810ed3,
        0x345424dd, 0x3111b0ce, 0x0b7753d3,
    ],
    [
        0x68dc180d, 0x3d51624f, 0x1f72ce83, 0x6f68c901, 0x39f01403, 0x3e496c94, 0x0f8d6022,
        0x3b90f26b, 0x0ac4ff19, 0x38b0519e, 0x1ec6af68, 0x463243e8, 0x354d173c, 0x13bcaaa5,
        0x2840d845, 0x33d63611, 0x675d9dd9, 0x6e11b2e0, 0x3d626b93, 0x06131077, 0x3e508d01,
        0x5feea10f, 0x0abf698c, 0x0a4b3856,
    ],
    [
        0x124dede5, 0x6805de45, 0x73cfbf3c, 0x47f8d207, 0x478b009b, 0x67be1c2e, 0x2bb6a2f5,
        0x62fa3b51, 0x4119d1c4, 0x454386c4, 0x45ef075a, 0x590aa38f, 0x0fdcef79, 0x0581f7b1,
        0x13d763c5, 0x061e601f, 0x33dd05e0, 0x23ffe142, 0x2b29ac8e, 0x47c382f6, 0x3e787c86,
        0x3f20b08d, 0x4d935dfa, 0x3a3c23df,
    ],
    [
        0x4d9dad01, 0x4e5ddddc, 0x722bab01, 0x1a51d5ce, 0x27e556b7, 0x3fa18fe1, 0x6d0f2958,
        0x3059f7d1, 0x230519d7, 0x3952f12a, 0x46619d26, 0x62a8ebf8, 0x644fb0ab, 0x22a0f3d6,
        0x21fd764f, 0x32866049, 0x409133f1, 0x1667a8a2, 0x06a6c7b7, 0x6f53160f, 0x273b11d2,
        0x03176c5e, 0x72f9bbfa, 0x73ceba92,
    ],
    [
        0x5cdef81e, 0x01393286, 0x46daee07, 0x065d7ba7, 0x52d72d70, 0x3bab4b64, 0x6ada3843,
        0x2fc5fbed, 0x770d61b1, 0x5715aaea, 0x03ef0e91, 0x75b6c771, 0x242adf60, 0x00d0ca4d,
        0x36c0e389, 0x6602a85b, 0x1a2a3e30, 0x08e8402e, 0x4f427415, 0x4ca090cb, 0x112be00b,
        0x68942c71, 0x5ae9a9d9, 0x0fd80700,
    ],
    [
        0x710937b7, 0x22263d8a, 0x693f8325, 0x5ad70998, 0x337c7833, 0x64f3e8aa, 0x50de3c29,
        0x5b4d4100, 0x64fd2dcf, 0x76e3bf54, 0x1c254781, 0x5500ad0a, 0x213f01e0, 0x05860297,
        0x0a1006cb, 0x77048a99, 0x5d62287e, 0x15b9c906, 0x1f496f00, 0x00c0c7e0, 0x322b6472,
        0x278f62c7, 0x0dc1ebb9, 0x4dd5a99e,
    ],
    [
        0x32e5b93a, 0x5e37fb0d, 0x480448df, 0x1b473c1c, 0x4ef02492, 0x01d34c64, 0x1823e880,
        0x15658531, 0x5b192ad9, 0x595581d0, 0x13579188, 0x4a8dc02b, 0x1179a528, 0x3232c1c5,
        0x76026f85, 0x23d0b156, 0x371578fb, 0x541b82cf, 0x70d62891, 0x361b0736, 0x7495f131,
        0x4d5f3c2f, 0x14c92dfd, 0x08b45e27,
    ],
    [
        0x3a75137f, 0x473c3745, 0x4b91cc24, 0x0cd72859, 0x0e1fe6f0, 0x136d6cb4, 0x768b6779,
        0x0cb9cd80, 0x13ec6cf9, 0x22c85a46, 0x3f108b3b, 0x18a1a088, 0x3e5a4e5f, 0x439e9682,
        0x6167c1db, 0x03ef6829, 0x47ec4179, 0x34eab8cd, 0x7174d996, 0x677070f9, 0x3b9021cf,
        0x5f8a718e, 0x42bd5b38, 0x1d916068,
    ],
    [
        0x474976a3, 0x7509fdec, 0x13403014, 0x67bd93b4, 0x1d39399b, 0x3f92f399, 0x48222be6,
        0x6115c6be, 0x2ea139c5, 0x4c7db79d, 0x5b1669af, 0x4fb62878, 0x62d070ea, 0x631cb189,
        0x081e67db, 0x379e8018, 0x13668ff5, 0x3771cd2c, 0x630ab736, 0x53a679ec, 0x125d4ccd,
        0x0953a209, 0x36fdc8df, 0x77be669b,
    ],
    [
        0x5b4ea7fa, 0x17ea3f57, 0x6fa0454f, 0x07ef0ea5, 0x13dbb0bb, 0x19329741, 0x01082270,
        0x3dfdc9ba, 0x054e9eb1, 0x5fdc6fab, 0x68c5095d, 0x3820abbb, 0x18c49ea6, 0x2e9e188a,
        0x2ae6ba8e, 0x3316e9b4, 0x1198f546, 0x6d48ac8c, 0x11da719f, 0x4d8971e9, 0x3eada1b5,
        0x322bd9ba, 0x2952c026, 0x3615a986,
    ],
    [
        0x1c4df5d1, 0x3d0271a0, 0x11825b34, 0x44020592, 0x10adcc7f, 0x74724522, 0x1a7d3cc7,
        0x3c051d52, 0x688a979a, 0x19d3e91c, 0x6f4d5844, 0x3b366285, 0x3bab9ff4, 0x4fab2833,
        0x53b0a92c, 0x0f35a1f3, 0x0a6700b4, 0x219ce3cf, 0x58aaad93, 0x015c6972, 0x62bf3753,
        0x4c0c22ab, 0x06159dac, 0x747a77db,
    ],
    [
        0x122ae678, 0x040b047b, 0x0d704a7b, 0x4173964d, 0x5dd358db, 0x12844624, 0x19e307d1,
        0x546cde54, 0x205c95d6, 0x6f4a0c40, 0x5b4341fb, 0x666b78d6, 0x0443be7a, 0x3b981801,
        0x61e2e930, 0x08767993, 0x7301b3ae, 0x338a237d, 0x5c6235d0, 0x4e8738e9, 0x3abf961d,
        0x083a0e7d, 0x32013dd4, 0x067194e2,
    ],
    [
        0x0c959b6a, 0x63599487, 0x6a5dc6bc, 0x22e70afa, 0x31791344, 0x18dba091, 0x4fb0cfd4,
        0x756bdf68, 0x643ddd4a, 0x1737a0da, 0x4ba1da4f, 0x3e5903b0, 0x19143f40, 0x40230ee6,
        0x348ca8a7, 0x0ee0e8c2, 0x2fd2cab9, 0x21d83fd9, 0x16350cd5, 0x2a74f8d1, 0x3f4509c8,
        0x5dfeee95, 0x604bc769, 0x74483c22,
    ],
    [
        0x7258f84d, 0x38ea3718, 0x5d0bc047, 0x470fa0a8, 0x342768f7, 0x6e7d3fc4, 0x2c3b121d,
        0x6cdb42b0, 0x517dae8e, 0x036790e6, 0x35f5cc07, 0x0b4320e6, 0x5bc6356f, 0x3ddeffd2,
        0x630745f4, 0x3d294495, 0x0c631df0, 0x37b887f2, 0x13847e31, 0x2117bd80, 0x31b19840,
        0x3cca21e7, 0x359dff03, 0x350b873d,
    ],
    [
        0x6e09a5ec, 0x7227eb0a, 0x2cb61c48, 0x42b94b58, 0x74641f5d, 0x2b4b970f, 0x5edcd109,
        0x16471628, 0x4eade53b, 0x15778bd8, 0x0f63d6ec, 0x7541ff2d, 0x668283da, 0x70052aab,
        0x6463f544, 0x15d577ee, 0x634f67b8, 0x3985d088, 0x0455bddf, 0x3c2c3650, 0x523e91cc,
        0x13d37dd0, 0x6dc4ecf0, 0x01d27ccd,
    ],
    [
        0x0978f179, 0x6a5e0ac0, 0x0562d555, 0x2938fd4f, 0x442c8e97, 0x282ea5ea, 0x26d34fd4,
        0x4daacbcd, 0x4b2aab64, 0x19f2ec4a, 0x073cc19b, 0x77771cc2, 0x70adc427, 0x4aab0883,
        0x4f942ad8, 0x680ee898, 0x73dd609f, 0x2f386740, 0x5a447572, 0x4661fbfc, 0x1138e81f,
        0x2e4bc025, 0x4b4eb6af, 0x43e1f164,
    ],
    // Terminal full rounds (4)
    [
        0x0fc4efce, 0x62ecb9d9, 0x33fd96c4, 0x69975a21, 0x1448aab1, 0x2021b32d, 0x02761f78,
        0x36d32b9a, 0x49f27e6b, 0x6b3c0905, 0x3ec37660, 0x294b9aef, 0x6f91b6ca, 0x72916b26,
        0x05f0a48a, 0x00625502, 0x15fdb305, 0x167d5214, 0x4679ee70, 0x746d93b3, 0x3df48789,
        0x4f5e66f6, 0x57100659, 0x6d511c3f,
    ],
    [
        0x41446816, 0x34a9a45e, 0x11789802, 0x0e6e7543, 0x3543a894, 0x271aa58f, 0x6c18fabe,
        0x6716e081, 0x4e7ebd9f, 0x6ac3f192, 0x5b81c87d, 0x4d5994fd, 0x0b1de23a, 0x57a1ab89,
        0x2d651a8f, 0x1cee7cf3, 0x2ebacc98, 0x0f627a88, 0x10df6935, 0x0e71678d, 0x34d4613a,
        0x677b1b3c, 0x47812824, 0x41c6a57e,
    ],
    [
        0x151419e4, 0x4f91c429, 0x5ef4f800, 0x666ef479, 0x32a1775a, 0x720ce960, 0x1e3f9af6,
        0x718d884d, 0x1a15cd27, 0x335d850c, 0x49c98fa3, 0x69cc0acb, 0x1cff3339, 0x5408e304,
        0x4e6e866e, 0x3be35d35, 0x3e1f2905, 0x23f1d80d, 0x662e279f, 0x1435e4a3, 0x75e2dd05,
        0x0988624a, 0x377a1b05, 0x7628ec95,
    ],
    [
        0x61010841, 0x42bbccb9, 0x078cfd5b, 0x494f7cbd, 0x67e80643, 0x29c7d710, 0x346f1642,
        0x5e50b089, 0x683a9d1c, 0x6d85d09f, 0x74c82186, 0x2a09cc00, 0x57035a44, 0x5851c292,
        0x032bf1f1, 0x29920074, 0x11b31845, 0x3a6424f5, 0x15d2972b, 0x3f3fcaf7, 0x03eb9631,
        0x67a5df9c, 0x6bb87fbf, 0x4ad8f8b6,
    ],
]);

/// Create a default width-16 Poseidon1 permutation for BabyBear.
pub fn default_babybear_poseidon1_16() -> Poseidon1BabyBear<16> {
    Poseidon1::new(&Poseidon1Constants {
        rounds_f: 2 * BABYBEAR_POSEIDON1_HALF_FULL_ROUNDS,
        rounds_p: BABYBEAR_POSEIDON1_PARTIAL_ROUNDS_16,
        mds_circ_col: MDSBabyBearData::MATRIX_CIRC_MDS_16_COL,
        round_constants: BABYBEAR_POSEIDON1_RC_16.to_vec(),
    })
}

/// Create a default width-24 Poseidon1 permutation for BabyBear.
pub fn default_babybear_poseidon1_24() -> Poseidon1BabyBear<24> {
    Poseidon1::new(&Poseidon1Constants {
        rounds_f: 2 * BABYBEAR_POSEIDON1_HALF_FULL_ROUNDS,
        rounds_p: BABYBEAR_POSEIDON1_PARTIAL_ROUNDS_24,
        mds_circ_col: MDSBabyBearData::MATRIX_CIRC_MDS_24_COL,
        round_constants: BABYBEAR_POSEIDON1_RC_24.to_vec(),
    })
}

#[cfg(test)]
mod tests {
    use p3_symmetric::Permutation;

    use super::*;

    type F = BabyBear;

    #[test]
    fn test_poseidon_width_16() {
        let perm = default_babybear_poseidon1_16();

        let mut input: [F; 16] =
            F::new_array([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]);

        let expected: [F; 16] = F::new_array([
            0x1c054a3c, 0x4d897543, 0x4f6d849c, 0x22c40722, 0x27f28fcc, 0x12630ff8, 0x0b6a636e,
            0x540fb34e, 0x3fb75b3b, 0x0fff080e, 0x6c933709, 0x0fcfaae1, 0x6dbe9950, 0x214714db,
            0x4b965dbe, 0x40463a0a,
        ]);

        perm.permute_mut(&mut input);
        assert_eq!(input, expected);
    }

    #[test]
    fn test_poseidon_width_24() {
        let perm = default_babybear_poseidon1_24();

        let mut input: [F; 24] = F::new_array([
            0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
        ]);

        let expected: [F; 24] = F::new_array([
            0x40b67a9b, 0x3afac7c1, 0x47dbd6a8, 0x0a3b4d79, 0x523db303, 0x6923f645, 0x5bd0d804,
            0x0e7a5427, 0x11922397, 0x11069510, 0x37cea88c, 0x1a517b5b, 0x23af9e49, 0x3eb980aa,
            0x16cc95ea, 0x0a3d946a, 0x2af57402, 0x6a03a639, 0x40e25240, 0x3ef0aced, 0x470873cb,
            0x5be93b79, 0x53f650c3, 0x6c7624cd,
        ]);

        perm.permute_mut(&mut input);
        assert_eq!(input, expected);
    }
}