Black Box Functions

Black box functions are functions in Noir that rely on backends implementing support for specialized constraints. This makes certain zk-snark unfriendly computations cheaper than if they were implemented in Noir.

danger

It is likely that not all backends will support a particular black box function.

Because it is not guaranteed that all backends will support black box functions, it is possible that certain Noir programs won't compile against a particular backend if they use an unsupported black box function. It is possible to fallback to less efficient implementations written in Noir/ACIR in some cases.

Black box functions are specified with the #[foreign(black_box_fn)] attribute. For example, the SHA256 function in the Noir source code looks like:

#[foreign(sha256)]
fn sha256<N>(_input : [u8; N]) -> [u8; 32] {}

Function list

Here is a list of the current black box functions that are supported by UltraPlonk:

• AES
• SHA256
• Schnorr signature verification
• Blake2s
• Pedersen Hash
• Pedersen Commitment
• HashToField128Security
• ECDSA signature verification
• Fixed base scalar multiplication
• Compute merkle root
• AND
• XOR
• RANGE
• Keccak256
• Recursive proof verification

Most black box functions are included as part of the Noir standard library, however AND, XOR and RANGE are used as part of the Noir language syntax. For instance, using the bitwise operator & will invoke the AND black box function. To ensure compatibility across backends, the ACVM has fallback implementations of AND, XOR and RANGE defined in its standard library which it can seamlessly fallback to if the backend doesn't support them.

You can view the black box functions defined in the ACVM code here.