| Line 28... |
Line 28... |
NONCE_LENGTH : integer := 81; -- HASH_LENGTH / 3;
|
NONCE_LENGTH : integer := 81; -- HASH_LENGTH / 3;
|
NUMBER_OF_ROUNDS : integer := 81;
|
NUMBER_OF_ROUNDS : integer := 81;
|
PARALLEL : integer := 7;
|
PARALLEL : integer := 7;
|
INTERN_NONCE_LENGTH : integer := 32;
|
INTERN_NONCE_LENGTH : integer := 32;
|
BITS_MIN_WEIGHT_MAGINUTE_MAX : integer := 26;
|
BITS_MIN_WEIGHT_MAGINUTE_MAX : integer := 26;
|
DATA_WIDTH : integer := 9
|
DATA_WIDTH : integer := 9;
|
|
NONCE_OFFSET : integer := 162 -- we hope it nevery changes
|
);
|
);
|
|
|
port
|
port
|
(
|
(
|
clk : in std_logic;
|
clk : in std_logic;
|
| Line 51... |
Line 52... |
|
|
architecture behv of curl is
|
architecture behv of curl is
|
|
|
subtype state_vector_type is std_logic_vector(PARALLEL-1 downto 0);
|
subtype state_vector_type is std_logic_vector(PARALLEL-1 downto 0);
|
subtype mid_state_vector_type is std_logic_vector(DATA_WIDTH-1 downto 0);
|
subtype mid_state_vector_type is std_logic_vector(DATA_WIDTH-1 downto 0);
|
|
subtype min_weight_magnitude_type is std_logic_vector(BITS_MIN_WEIGHT_MAGINUTE_MAX-1 downto 0);
|
|
|
type curl_state_array is array(integer range <>) of state_vector_type;
|
type curl_state_array is array(integer range <>) of state_vector_type;
|
type mid_state_array is array(integer range <>) of mid_state_vector_type;
|
type mid_state_array is array(integer range <>) of mid_state_vector_type;
|
|
type min_weight_magnitude_array is array(integer range<>) of min_weight_magnitude_type;
|
|
|
signal curl_state_low : curl_state_array(STATE_LENGTH-1 downto 0);
|
signal curl_state_low : curl_state_array(STATE_LENGTH-1 downto 0);
|
signal curl_state_high : curl_state_array(STATE_LENGTH-1 downto 0);
|
signal curl_state_high : curl_state_array(STATE_LENGTH-1 downto 0);
|
|
|
-- mid state data in 9bit packed format
|
-- mid state data in 9bit packed format
|
| Line 69... |
Line 72... |
signal flag_found : std_logic := '0';
|
signal flag_found : std_logic := '0';
|
signal flag_start : std_logic := '0';
|
signal flag_start : std_logic := '0';
|
|
|
signal binary_nonce : unsigned(INTERN_NONCE_LENGTH-1 downto 0);
|
signal binary_nonce : unsigned(INTERN_NONCE_LENGTH-1 downto 0);
|
signal mask : state_vector_type;
|
signal mask : state_vector_type;
|
signal min_weight_magnitude : std_logic_vector(BITS_MIN_WEIGHT_MAGINUTE_MAX-1 downto 0);
|
signal min_weight_magnitude : min_weight_magnitude_type;
|
|
|
|
function expand(b : std_logic)
|
|
return state_vector_type is
|
|
begin
|
|
if b = '1' then
|
|
return (others => '1');
|
|
else
|
|
return (others => '0');
|
|
end if;
|
|
end expand;
|
|
|
begin
|
begin
|
overflow <= flag_overflow;
|
overflow <= flag_overflow;
|
running <= flag_running;
|
running <= flag_running;
|
found <= flag_found;
|
found <= flag_found;
|
|
|
process (clk_slow)
|
process (clk_slow)
|
-- because it looks prettier
|
-- because it looks prettier
|
variable spi_cmd : std_logic_vector(5 downto 0);
|
variable spi_cmd : std_logic_vector(5 downto 0);
|
variable wraddr : integer range 0 to 127 := 0;
|
variable addrptr : unsigned(7 downto 0) := x"00";
|
begin
|
begin
|
if rising_edge(clk_slow) then
|
if rising_edge(clk_slow) then
|
if reset='1' then
|
if reset='1' then
|
-- binary_nonce <= (others => '0');
|
|
min_weight_magnitude <= (others => '0');
|
min_weight_magnitude <= (others => '0');
|
flag_start <= '0';
|
flag_start <= '0';
|
|
spi_data_tx <= (others => '0');
|
|
-- curl_mid_state_low <= (others => (others => '0'));
|
|
-- curl_mid_state_high <= (others => (others => '0'));
|
|
addrptr := x"00";
|
else
|
else
|
flag_start <= '0';
|
flag_start <= '0';
|
-- new spi data received
|
-- new spi data received
|
if spi_data_rxen = '1' then
|
if spi_data_rxen = '1' then
|
spi_cmd := spi_data_rx(31 downto 26);
|
spi_cmd := spi_data_rx(31 downto 26);
|
case spi_cmd is
|
case spi_cmd is
|
when "000000" => -- nop
|
when "000000" => -- nop (mainly for reading back data)
|
when "100001" => -- start / stop
|
when "100001" => -- start / stop
|
if spi_data_rx(0) = '1' then
|
flag_start <= spi_data_rx(0);
|
flag_start <= '1';
|
|
end if;
|
|
when "100101" => -- write to wr address
|
when "100101" => -- write to wr address
|
wraddr := 0;
|
addrptr := unsigned(spi_data_rx(7 downto 0));
|
when "100010" => -- write to mid state
|
when "100010" => -- write to mid state
|
curl_mid_state_low(wraddr) <= std_logic_vector(spi_data_rx(DATA_WIDTH-1 downto 0));
|
if (addrptr <= (STATE_LENGTH/9)-1) then
|
curl_mid_state_high(wraddr) <= std_logic_vector(spi_data_rx(DATA_WIDTH+8 downto DATA_WIDTH));
|
curl_mid_state_low(to_integer(addrptr)) <= spi_data_rx(DATA_WIDTH-1 downto 0);
|
wraddr := wraddr + 1;
|
curl_mid_state_high(to_integer(addrptr)) <= spi_data_rx(DATA_WIDTH+8 downto DATA_WIDTH);
|
|
end if;
|
|
spi_data_tx <= spi_data_rx;
|
|
addrptr := addrptr + 1;
|
when "100100" =>
|
when "100100" =>
|
min_weight_magnitude <= spi_data_rx(BITS_MIN_WEIGHT_MAGINUTE_MAX-1 downto 0);
|
min_weight_magnitude <= spi_data_rx(BITS_MIN_WEIGHT_MAGINUTE_MAX-1 downto 0);
|
|
|
when "000001" => -- read flags
|
when "000001" => -- read flags
|
spi_data_tx <= "00000000000000000000000000000" & flag_overflow & flag_found & flag_running;
|
spi_data_tx(2 downto 0) <= flag_overflow & flag_found & flag_running;
|
|
|
-- this costs an extreme amount of resources
|
-- for debugging onle ... read back curl_state
|
-- interesting only for debugging
|
|
-- when "000010" =>
|
-- when "000010" =>
|
-- spi_addr := spi_data_rx(25 downto 16);
|
-- spi_addr := spi_data_rx(25 downto 16);
|
-- spi_data_tx(0+PARALLEL-1 downto 0) <= curl_state_low(to_integer(unsigned(spi_addr)));
|
-- spi_data_tx(0+PARALLEL-1 downto 0) <= curl_state_low(to_integer(unsigned(spi_addr)));
|
-- spi_data_tx(8+PARALLEL-1 downto 8) <= curl_state_high(to_integer(unsigned(spi_addr)));
|
-- spi_data_tx(8+PARALLEL-1 downto 8) <= curl_state_high(to_integer(unsigned(spi_addr)));
|
|
|
|
-- for debugging only ... read back mid_state
|
|
-- when "000111" =>
|
|
-- if (addrptr <= (STATE_LENGTH/9)-1) then
|
|
-- spi_data_tx(DATA_WIDTH-1 downto 0) <= curl_mid_state_low(to_integer(addrptr));
|
|
-- spi_data_tx(DATA_WIDTH+8 downto DATA_WIDTH) <= curl_mid_state_high(to_integer(addrptr));
|
|
-- else
|
|
-- spi_data_tx <= (others => '0');
|
|
-- end if;
|
|
-- addrptr := addrptr + 1; -- dual-used for debugging purposes
|
when "000011" => -- read nonce
|
when "000011" => -- read nonce
|
spi_data_tx(31 downto INTERN_NONCE_LENGTH) <= (others => '0');
|
|
spi_data_tx(INTERN_NONCE_LENGTH-1 downto 0) <= std_logic_vector(binary_nonce);
|
spi_data_tx(INTERN_NONCE_LENGTH-1 downto 0) <= std_logic_vector(binary_nonce);
|
when "000100" => -- read mask
|
when "000100" => -- read mask
|
spi_data_tx(PARALLEL-1 downto 0) <= mask;
|
spi_data_tx(PARALLEL-1 downto 0) <= mask;
|
spi_data_tx(31 downto PARALLEL) <= (others => '0');
|
|
when "010101" => -- loop back read test inverted bits
|
when "010101" => -- loop back read test inverted bits
|
spi_data_tx <= not spi_data_rx;
|
spi_data_tx <= not spi_data_rx;
|
when "000110" => -- read back parallel-level
|
when "000110" => -- read back parallel-level
|
spi_data_tx <= std_logic_vector(to_unsigned(PARALLEL, spi_data_tx'length));
|
spi_data_tx(3 downto 0) <= std_logic_vector(to_unsigned(PARALLEL, 4));
|
when others =>
|
when others =>
|
spi_data_tx <= (others => '1');
|
spi_data_tx <= (others => '1');
|
end case;
|
end case;
|
end if;
|
end if;
|
end if;
|
end if;
|
end if;
|
end if;
|
end process;
|
end process;
|
|
|
|
|
|
|
process (clk)
|
process (clk)
|
variable state : integer range 0 to 31 := 0;
|
variable state : integer range 0 to 31 := 0;
|
variable round : integer range 0 to 127 := 0;
|
variable round : integer range 0 to 127 := 0;
|
|
|
variable imask : state_vector_type;
|
variable imask : state_vector_type;
|
|
|
variable i_min_weight_magnitude : std_logic_vector(BITS_MIN_WEIGHT_MAGINUTE_MAX-1 downto 0);
|
variable i_min_weight_magnitude : min_weight_magnitude_type;
|
|
variable tmp_weight_magnitude : min_weight_magnitude_array(0 to PARALLEL-1);
|
|
variable i_binary_nonce : unsigned(INTERN_NONCE_LENGTH-1 downto 0);
|
|
|
-- temporary registers get optimized away
|
-- temporary registers get optimized away
|
variable alpha : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable alpha : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable beta : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable beta : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable gamma : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable gamma : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable delta : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable delta : curl_state_array(STATE_LENGTH-1 downto 0);
|
variable epsilon : curl_state_array(STATE_LENGTH-1 downto 0);
|
|
|
|
variable tmp_index : integer range 0 to 1023;
|
variable tmp_index : integer range 0 to 1023;
|
variable tmp_mod : integer range 0 to 31;
|
variable tmp_highest_bit : integer range 0 to 31;
|
begin
|
begin
|
if rising_edge(clk) then
|
if rising_edge(clk) then
|
if reset='1' then
|
if reset='1' then
|
state := 0;
|
state := 0;
|
|
round := 0;
|
flag_found <= '0';
|
flag_found <= '0';
|
flag_running <= '0';
|
flag_running <= '0';
|
flag_overflow <= '0';
|
flag_overflow <= '0';
|
binary_nonce <= (others => '0');
|
binary_nonce <= (others => '0');
|
|
mask <= (others => '0');
|
|
-- curl_state_low <= (others => (others => '0'));
|
|
-- curl_state_high <= (others => (others => '0'));
|
|
-- tmp_weight_magnitude := (others => (others => '0'));
|
|
i_binary_nonce := (others => '0');
|
|
imask := (others => '0');
|
|
i_min_weight_magnitude := (others => '0');
|
|
alpha := (others => (others => '0'));
|
|
beta := (others => (others => '0'));
|
|
gamma := (others => (others => '0'));
|
|
delta := (others => (others => '0'));
|
|
tmp_index := 0;
|
else
|
else
|
case state is
|
case state is
|
when 0 =>
|
when 0 =>
|
|
mask <= imask;
|
|
binary_nonce <= i_binary_nonce;
|
flag_running <= '0';
|
flag_running <= '0';
|
if flag_start = '1' then
|
if flag_start = '1' then
|
|
i_binary_nonce := x"00000000";
|
i_min_weight_magnitude := min_weight_magnitude;
|
i_min_weight_magnitude := min_weight_magnitude;
|
state := 1;
|
state := 1;
|
end if;
|
end if;
|
-- nop until start from spi
|
-- nop until start from spi
|
when 1 =>
|
when 1 =>
|
binary_nonce <= (others => '0');
|
|
flag_found <= '0';
|
flag_found <= '0';
|
flag_running <= '1';
|
flag_running <= '1';
|
flag_overflow <= '0';
|
flag_overflow <= '0';
|
state := 8;
|
state := 8;
|
when 8 => -- copy mid state and insert nonce
|
when 8 => -- copy mid state and insert nonce
|
-- pipeline adder for speed
|
|
binary_nonce <= binary_nonce + 1;
|
|
|
|
-- copy and fully expand mid-state to curl-state
|
-- copy and fully expand mid-state to curl-state
|
for I in 0 to (STATE_LENGTH/DATA_WIDTH)-1 loop
|
for I in 0 to (STATE_LENGTH/DATA_WIDTH)-1 loop
|
for J in 0 to DATA_WIDTH-1 loop
|
for J in 0 to DATA_WIDTH-1 loop
|
tmp_index := I*DATA_WIDTH+J;
|
tmp_index := I*DATA_WIDTH+J;
|
if tmp_index < 162 or tmp_index > HASH_LENGTH-1 then
|
if tmp_index < NONCE_OFFSET or tmp_index > NONCE_OFFSET + NONCE_LENGTH - 1 then
|
if curl_mid_state_low(I)(J) = '1' then
|
curl_state_low(tmp_index) <= expand(curl_mid_state_low(I)(J));
|
curl_state_low(tmp_index) <= (others => '1');
|
curl_state_high(tmp_index) <= expand(curl_mid_state_high(I)(J));
|
else
|
|
curl_state_low(tmp_index) <= (others => '0');
|
|
end if;
|
end if;
|
|
end loop;
|
|
end loop;
|
|
|
if curl_mid_state_high(I)(J) = '1' then
|
-- fill all ... synthesizer is smart enough to optimize away what is not needed
|
curl_state_high(tmp_index) <= (others => '1');
|
for I in NONCE_OFFSET to NONCE_OFFSET + NONCE_LENGTH - 1 loop
|
else
|
curl_state_low(I) <= expand('1');
|
curl_state_high(tmp_index) <= (others => '0');
|
curl_state_high(I) <= expand('1');
|
end if;
|
|
end if;
|
|
end loop;
|
end loop;
|
|
|
|
-- calculate log2(x) by determining the place of highest set bit
|
|
-- this is calculated on constants, so no logic needed
|
|
tmp_highest_bit := 0;
|
|
for I in 0 to 31 loop -- 32 is enough ...^^
|
|
if to_unsigned(PARALLEL-1, 32)(I) = '1' then
|
|
tmp_highest_bit := I;
|
|
end if;
|
end loop;
|
end loop;
|
|
|
-- -- generate bitmuster in first two trit-arrays of counter depending from PARALLEL setting
|
-- -- generate bitmuster in first trit-arrays of nonce depending on PARALLEL setting
|
-- -- doesn't need additional resources for pow or division because everything is constant
|
-- this is calculated on constants, so no logic needed
|
for J in 0 to 1 loop -- TODO make adjustable ... it's okay up to PARALLEL = 9
|
|
for I in 0 to PARALLEL-1 loop
|
for I in 0 to PARALLEL-1 loop
|
tmp_mod := (I/(3**J)) mod 3;
|
for J in 0 to tmp_highest_bit loop
|
if tmp_mod = 0 then
|
curl_state_low(NONCE_OFFSET+J)(I) <= to_unsigned(I, tmp_highest_bit+1)(J);
|
curl_state_low(162+J)(I) <= '1';
|
curl_state_high(NONCE_OFFSET+J)(I) <= not to_unsigned(I, tmp_highest_bit+1)(J);
|
curl_state_high(162+J)(I) <= '1';
|
|
elsif tmp_mod = 1 then
|
|
curl_state_low(162+J)(I) <= '0';
|
|
curl_state_high(162+J)(I) <= '1';
|
|
elsif tmp_mod = 2 then
|
|
curl_state_low(162+J)(I) <= '1';
|
|
curl_state_high(162+J)(I) <= '0';
|
|
end if;
|
|
end loop;
|
end loop;
|
end loop;
|
end loop;
|
|
|
|
-- insert and convert binary nonce to ternary nonce
|
-- lowest trits for counter from 0 to 4 (for 5bit)
|
-- It's a fake ternary nonce but integer-values are strictly monotonously rising
|
-- curl_state_low(162) <= "01101";
|
|
-- curl_state_high(162) <= "11011";
|
|
-- curl_state_low(163) <= "00111";
|
|
-- curl_state_high(163) <= "11111";
|
|
|
|
-- insert and convert binary nonce to trinary nonce
|
|
-- It's a fake trinary nonce but integer-values are strictly monotonously rising
|
|
-- with integer values of binary nonce.
|
-- with integer values of binary nonce.
|
-- Doesn't bring the exact same result like reference implementation with real
|
-- Doesn't bring the exact same result like reference implementation with real
|
-- trinary adder - but it doesn't matter and it is way faster.
|
-- ternary adder - but it doesn't matter and it is way faster.
|
for I in 164 to 164+INTERN_NONCE_LENGTH-1 loop
|
-- conveniently put nonce counter at the end of nonce
|
if binary_nonce(I-164) = '1' then
|
for I in 0 to INTERN_NONCE_LENGTH-1 loop
|
curl_state_low(I) <= (others => '1');
|
curl_state_low(NONCE_OFFSET + NONCE_LENGTH - INTERN_NONCE_LENGTH + I) <= expand(i_binary_nonce(I));
|
curl_state_high(I) <= (others => '0');
|
curl_state_high(NONCE_OFFSET + NONCE_LENGTH - INTERN_NONCE_LENGTH + I) <= not expand(i_binary_nonce(I));
|
else
|
|
curl_state_low(I) <= (others => '0');
|
|
curl_state_high(I) <= (others => '1');
|
|
end if;
|
|
end loop;
|
|
|
|
-- fill remaining trits with '11' (=0)
|
|
for I in 164+INTERN_NONCE_LENGTH to HASH_LENGTH-1 loop
|
|
curl_state_low(I) <= (others => '1');
|
|
curl_state_high(I) <= (others => '1');
|
|
end loop;
|
end loop;
|
|
|
-- initialize round-counter
|
-- initialize round-counter
|
round := NUMBER_OF_ROUNDS;
|
round := NUMBER_OF_ROUNDS;
|
|
|
state := 10;
|
state := 10;
|
when 10 => -- do the curl hash round without any copying needed
|
when 10 => -- do the curl hash round without any copying needed
|
|
if round = 1 then
|
|
state := 16;
|
|
end if;
|
for I in 0 to STATE_LENGTH-1 loop
|
for I in 0 to STATE_LENGTH-1 loop
|
alpha(I) := curl_state_low(index_table(I));
|
alpha(I) := curl_state_low(index_table(I));
|
beta(I) := curl_state_high(index_table(I));
|
beta(I) := curl_state_high(index_table(I));
|
gamma(I) := curl_state_high(index_table(I+1));
|
gamma(I) := curl_state_high(index_table(I+1));
|
|
|
delta(I) := (alpha(I) or (not gamma(I))) and (curl_state_low(index_table(I+1)) xor beta(I));
|
delta(I) := (alpha(I) or (not gamma(I))) and (curl_state_low(index_table(I+1)) xor beta(I));
|
|
|
curl_state_low(I) <= not delta(I);
|
curl_state_low(I) <= not delta(I);
|
curl_state_high(I) <= (alpha(I) xor gamma(I)) or delta(I);
|
curl_state_high(I) <= (alpha(I) xor gamma(I)) or delta(I);
|
end loop;
|
end loop;
|
|
|
round := round - 1;
|
round := round - 1;
|
if round = 0 then
|
|
state := 16;
|
|
end if;
|
|
when 16 => -- find out which solution - if any
|
when 16 => -- find out which solution - if any
|
imask := (others => '1');
|
imask := (others => '0');
|
|
|
-- doesn't work like the 2nd variant ... why? TODO^^
|
-- transform "vertical" trits to "horizontal" bits
|
|
-- and compare with min weight magnitude mask
|
for I in 0 to PARALLEL-1 loop
|
for I in 0 to PARALLEL-1 loop
|
|
tmp_weight_magnitude(I) := (others => '0');
|
for J in 0 to BITS_MIN_WEIGHT_MAGINUTE_MAX-1 loop
|
for J in 0 to BITS_MIN_WEIGHT_MAGINUTE_MAX-1 loop
|
if i_min_weight_magnitude(J) = '1' and (curl_state_low(HASH_LENGTH - 1 - J)(I) /= '1' or curl_state_high(HASH_LENGTH - 1 - J)(I) /= '1') then
|
tmp_weight_magnitude(I)(J) := curl_state_low(HASH_LENGTH - 1 - J)(I) and curl_state_high(HASH_LENGTH - 1 - J)(I);
|
imask(I) := '0';
|
|
end if;
|
|
end loop;
|
|
end loop;
|
end loop;
|
|
tmp_weight_magnitude(I) := tmp_weight_magnitude(I) and i_min_weight_magnitude; -- only consider used bits
|
-- imask := (others => '1');
|
if tmp_weight_magnitude(I) = i_min_weight_magnitude then
|
-- for I in 0 to BITS_MIN_WEIGHT_MAGINUTE_MAX-1 loop
|
imask(I) := '1';
|
-- if i_min_weight_magnitude(I) = '1' then
|
|
-- imask := imask and not (curl_state_low(HASH_LENGTH - 1 - I) xor curl_state_high(HASH_LENGTH - 1 - I));
|
|
-- end if;
|
|
-- end loop;
|
|
-- mask <= imask;
|
|
|
|
-- no solution found?
|
|
if unsigned(imask) = 0 then
|
|
-- is overflow?
|
|
if binary_nonce = x"ffffffff" then
|
|
flag_overflow <= '1';
|
|
state := 0;
|
|
else
|
|
state := 8; -- and try again
|
|
end if;
|
end if;
|
|
end loop;
|
|
state := 17;
|
|
when 17 =>
|
|
if unsigned(imask) /= 0 then
|
|
state := 30;
|
|
elsif i_binary_nonce = x"ffffffff" then
|
|
state := 31;
|
else
|
else
|
state := 30; -- nonce found
|
i_binary_nonce := i_binary_nonce + 1;
|
|
state := 8;
|
end if;
|
end if;
|
when 30 =>
|
when 30 =>
|
mask <= imask;
|
|
flag_found <= '1';
|
flag_found <= '1';
|
state := 0;
|
state := 0;
|
|
when 31 =>
|
|
flag_overflow <= '1';
|
|
state := 0;
|
when others =>
|
when others =>
|
state := 0;
|
state := 0;
|
end case;
|
end case;
|
end if;
|
end if;
|
end if;
|
end if;
|
