pub fn sample_in_ball<P: Params>(c_tilde: &[u8]) -> [i32; 256]Expand description
Sample a sparse challenge polynomial with exactly tau non-zero entries.
Implements Algorithm 29 of FIPS 204 (SampleInBall). The output polynomial
c has exactly P::TAU coefficients equal to +/-1 (the rest are 0).
Signs are determined by squeezing 8 bytes of sign bits from SHAKE256,
and positions are chosen via rejection sampling to ensure uniformity.
c_tilde: commitment hash seed (lambda/4 bytes).
Returns a polynomial with coefficients in {-1, 0, 1}.