coconut

package
v0.8.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 11, 2019 License: AGPL-3.0 Imports: 13 Imported by: 0

Documentation

Overview

Package coconut provides the functionalities required by the Coconut Scheme.

Package coconut provides the functionalities required by the Coconut Scheme.

Package coconut provides the functionalities required by the Coconut Scheme.

Package coconut provides the functionalities required by the Coconut Scheme.

Package coconut provides the functionalities required by the Coconut Scheme.

Package coconut provides the functionalities required by the Coconut Scheme.

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrConstructSignerCiphertexts indicates that invalid ciphertexts were provided for construction of
	// proofs for corectness of ciphertexts and cm.
	ErrConstructSignerCiphertexts = errors.New("invalid ciphertexts provided")

	// ErrConstructSignerAttrs indicates that invalid attributes (either attributes to sign or params generated at setup)
	// were provided for construction of proofs for corectness of ciphertexts and cm.
	ErrConstructSignerAttrs = errors.New("more than specified number of attributes provided")
)
View Source
var (
	// ErrSetupParams indicates incorrect parameters provided for Setup.
	ErrSetupParams = errors.New("can't generate params for less than 1 attribute")

	// ErrSignParams indicates inconsistent parameters provided for Sign.
	ErrSignParams = errors.New("invalid attributes/secret key provided")

	// ErrKeygenParams indicates incorrect parameters provided for Keygen.
	ErrKeygenParams = errors.New("can't generate keys for less than 1 attribute")

	// ErrTTPKeygenParams indicates incorrect parameters provided for TTPKeygen.
	ErrTTPKeygenParams = errors.New("invalid set of parameters provided to keygen")

	// ErrPrepareBlindSignParams indicates that number of attributes to sign is larger than q specified in Setup.
	ErrPrepareBlindSignParams = errors.New("too many attributes to sign")

	// ErrPrepareBlindSignPrivate indicates lack of private attributes to blindly sign.
	ErrPrepareBlindSignPrivate = errors.New("no private attributes to sign")

	// ErrBlindSignParams indicates that number of attributes to sign is larger than q specified in Setup.
	ErrBlindSignParams = errors.New("too many attributes to sign")

	// ErrBlindSignProof indicates that proof of corectness of ciphertext and cm was invalid
	ErrBlindSignProof = errors.New("failed to verify the proof")

	// ErrShowBlindAttr indicates that either there were no private attributes provided
	// or their number was larger than the verification key supports
	ErrShowBlindAttr = errors.New("invalid attributes provided")
)

Functions

func BigSliceFromByteSlices

func BigSliceFromByteSlices(b [][]byte) ([]*Curve.BIG, error)

BigSliceFromByteSlices recovers a slice of BIG nums from a slice of slices of bytes.

func BigSliceToByteSlices

func BigSliceToByteSlices(s []*Curve.BIG) ([][]byte, error)

BigSliceToByteSlices converts a slice of BIG nums to slice of slices of bytes.

func BlindVerify

func BlindVerify(params *Params, vk *VerificationKey, sig *Signature, theta *Theta, pubM []*Curve.BIG) bool

BlindVerify verifies the Coconut credential on the private and optional public attributes. nolint: lll

func BlindVerifyTumbler

func BlindVerifyTumbler(params *Params,
	vk *VerificationKey,
	sig *Signature,
	theta *ThetaTumbler,
	pubM []*Curve.BIG,
	address []byte,
) bool

BlindVerifyTumbler verifies the Coconut credential on the private and optional public attributes. It also checks the attached proof. It is designed to work for the tumbler system.

func CompressedBytesToECPSlice

func CompressedBytesToECPSlice(b []byte) []*Curve.ECP

CompressedBytesToECPSlice takes bytes of combined bytes representation of compressed EC points and returns their proper objects.

func ConstructChallenge

func ConstructChallenge(elems []utils.Printable) (*Curve.BIG, error)

ConstructChallenge construct a BIG num challenge by hashing a number of Eliptic Curve points It's based on the original Python implementation: https://github.com/asonnino/coconut/blob/master/coconut/proofs.py#L9.

func ConstructKappaNu

func ConstructKappaNu(vk *VerificationKey, sig *Signature, privM []*Curve.BIG, t *Curve.BIG) (*Curve.ECP2, *Curve.ECP, error)

ConstructKappaNu creates Kappa and Nu based on values in the signature to allow for proofs with different application-specific predicates by not tying it to Show protocol nolint: lll

func CreateBinding

func CreateBinding(seq []byte) (*Curve.ECP, error)

CreateBinding creates a binding to given byte sequence by either recovering it's direct value as ECP or by hashing it onto G1.

func CreateWitnessResponses

func CreateWitnessResponses(p *Curve.BIG, ws []*Curve.BIG, c *Curve.BIG, xs []*Curve.BIG) []*Curve.BIG

CreateWitnessResponses creates responses for the witnesses for the proofs of knowledge, where p is the curve order ws are the witnesses c is the challenge xs are the secrets

func ECPSliceToCompressedBytes

func ECPSliceToCompressedBytes(s []*Curve.ECP) []byte

ECPSliceToCompressedBytes takes slice of EC points and returns their combined compressed bytes representation.

func GetRandomNums

func GetRandomNums(params *Params, n int) []*Curve.BIG

GetRandomNums generates n random numbers.

func Keygen

func Keygen(params *Params) (*SecretKey, *VerificationKey, error)

Keygen generates a single Coconut keypair ((x, y1, y2...), (g2, g2^x, g2^y1, ...)). It is not suitable for threshold credentials as all generated keys are independent of each other.

func PairingWrapper

func PairingWrapper(g1 *Curve.ECP, g2 *Curve.ECP2) *Curve.FP12

PairingWrapper basically performs what bpgroup.Pair does, however, it does not require the object. This is desirable as the function is called by Tendermint ABCI and bpgroup object is undetereministic due to rng.

func TTPKeygen

func TTPKeygen(params *Params, t int, n int) ([]*ThresholdSecretKey, []*ThresholdVerificationKey, error)

TTPKeygen generates a set of n Coconut keypairs [((x, y1, y2...), (g2, g2^x, g2^y1, ...)), ...], such that they support threshold aggregation of t parties. It is expected that this procedure is executed by a Trusted Third Party.

func ValidateBigSlice

func ValidateBigSlice(s []*Curve.BIG) bool

ValidateBigSlice checks if the slice of BIG nums contain no nil elements.

func ValidateKeyPair

func ValidateKeyPair(sk *SecretKey, vk *VerificationKey) bool

ValidateKeyPair checks if the coconut keypair was correctly formed.

func Verify

func Verify(params *Params, vk *VerificationKey, pubM []*Curve.BIG, sig *Signature) bool

Verify verifies the Coconut credential that has been either issued exlusiviely on public attributes or all private attributes have been publicly revealed

func VerifySignerProof

func VerifySignerProof(params *Params, gamma *Curve.ECP, signMats *Lambda) bool

VerifySignerProof verifies non-interactive zero-knowledge proofs in order to check corectness of ciphertexts and cm. It's based on the original Python implementation: https://github.com/asonnino/coconut/blob/master/coconut/proofs.py#L41

func VerifyTumblerProof

func VerifyTumblerProof(params *Params, vk *VerificationKey, sig *Signature, theta *ThetaTumbler, address []byte) bool

VerifyTumblerProof verifies non-interactive zero-knowledge proofs in order to check corectness of kappa, nu and zeta.

func VerifyVerifierProof

func VerifyVerifierProof(params *Params, vk *VerificationKey, sig *Signature, theta *Theta) bool

VerifyVerifierProof verifies non-interactive zero-knowledge proofs in order to check corectness of kappa and nu. It's based on the original Python implementation: https://github.com/asonnino/coconut/blob/master/coconut/proofs.py#L75

Types

type BlindSignMaterials

type BlindSignMaterials struct {
	// contains filtered or unexported fields
}

func NewBlindSignMaterials

func NewBlindSignMaterials(lambda *Lambda, egPub *elgamal.PublicKey, pubM []*Curve.BIG) *BlindSignMaterials

NewBlindSignMaterials returns instance of BlindSignMaterials from the provided attributes.

func (*BlindSignMaterials) EgPub

func (bsm *BlindSignMaterials) EgPub() *elgamal.PublicKey

EgPub returns the ElGamal Public key.

func (*BlindSignMaterials) FromProto

func (bsm *BlindSignMaterials) FromProto(pbsm *ProtoBlindSignMaterials) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*BlindSignMaterials) Lambda

func (bsm *BlindSignMaterials) Lambda() *Lambda

Lambda returns materials created during PrepareBlindSign.

func (*BlindSignMaterials) MarshalBinary

func (bsm *BlindSignMaterials) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*BlindSignMaterials) PubM

func (bsm *BlindSignMaterials) PubM() []*Curve.BIG

PubM returns all public attributes to be encoded in the credential.

func (*BlindSignMaterials) ToProto

ToProto creates a protobuf representation of the object.

func (*BlindSignMaterials) UnmarshalBinary

func (bsm *BlindSignMaterials) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

type BlindedSignature

type BlindedSignature struct {
	// contains filtered or unexported fields
}

BlindedSignature represents blinded version of a normal Coconut signature

func BlindSign

func BlindSign(params *Params, sk *SecretKey, lambda *Lambda, egPub *elgamal.PublicKey, pubM []*Curve.BIG) (*BlindedSignature, error)

BlindSign creates a blinded Coconut credential on the attributes provided to PrepareBlindSign. nolint: lll

func NewBlindedSignature

func NewBlindedSignature(sig1 *Curve.ECP, sig2Tilda *elgamal.Encryption) *BlindedSignature

NewBlindedSignature returns instance of BlindedSignature from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*BlindedSignature) FromProto

func (bs *BlindedSignature) FromProto(pbs *ProtoBlindedSignature) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*BlindedSignature) MarshalBinary

func (bs *BlindedSignature) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*BlindedSignature) Sig1

func (bs *BlindedSignature) Sig1() *Curve.ECP

Sig1 returns first ECP group of the signature

func (*BlindedSignature) Sig2Tilda

func (bs *BlindedSignature) Sig2Tilda() *elgamal.Encryption

Sig2Tilda returns the elgamal encryption of the second ECP group of the signature

func (*BlindedSignature) ToProto

func (bs *BlindedSignature) ToProto() (*ProtoBlindedSignature, error)

ToProto creates a protobuf representation of the object.

func (*BlindedSignature) UnmarshalBinary

func (bs *BlindedSignature) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*BlindedSignature) Validate

func (bs *BlindedSignature) Validate() bool

Validate checks for nil elements in the signature.

type Lambda

type Lambda struct {
	// contains filtered or unexported fields
}

Lambda encapsulates data created by PrepareBlindSign function.

func NewLambda

func NewLambda(cm *Curve.ECP, enc []*elgamal.Encryption, proof *SignerProof) *Lambda

NewLambda returns instance of Lambda from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func PrepareBlindSign

func PrepareBlindSign(params *Params, egPub *elgamal.PublicKey, pubM []*Curve.BIG, privM []*Curve.BIG) (*Lambda, error)

PrepareBlindSign builds cryptographic material for blind sign. It returns commitment to the private and public attributes, encryptions of the private attributes and zero-knowledge proof asserting corectness of the above. nolint: lll

func (*Lambda) Cm

func (l *Lambda) Cm() *Curve.ECP

Cm returns the commitment part of the Lambda.

func (*Lambda) Enc

func (l *Lambda) Enc() []*elgamal.Encryption

Enc returns the encryptions part of the Lambda.

func (*Lambda) FromProto

func (lambda *Lambda) FromProto(protoLambda *ProtoLambda) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*Lambda) MarshalBinary

func (lambda *Lambda) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*Lambda) Proof

func (l *Lambda) Proof() *SignerProof

Proof returns the proof part of the Lambda.

func (*Lambda) ToProto

func (lambda *Lambda) ToProto() (*ProtoLambda, error)

ToProto creates a protobuf representation of the object.

func (*Lambda) UnmarshalBinary

func (lambda *Lambda) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*Lambda) Validate

func (l *Lambda) Validate() bool

Validate checks for nil elements in lambda.

type Params

type Params struct {
	G *bpgroup.BpGroup // represents G1, G2, GT
	// contains filtered or unexported fields
}

Params represent public system-wide parameters.

func NewParams

func NewParams(G *bpgroup.BpGroup, p *Curve.BIG, g1 *Curve.ECP, g2 *Curve.ECP2, hs []*Curve.ECP) *Params

NewParams returns instance of params from the provided attributes. Created for tendermint ABCI to create params without the bpgroup.

func Setup

func Setup(q int) (*Params, error)

Setup generates the public parameters required by the Coconut scheme. q indicates the maximum number of attributes that can be embed in the credentials.

func (*Params) FromProto

func (params *Params) FromProto(pp *ProtoParams) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*Params) G1

func (p *Params) G1() *Curve.ECP

G1 returns generator of G1 in params

func (*Params) G2

func (p *Params) G2() *Curve.ECP2

G2 returns generator of G2 in params

func (*Params) Hs

func (p *Params) Hs() []*Curve.ECP

Hs returns generators of G1 in params

func (*Params) MarshalBinary

func (params *Params) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*Params) P

func (p *Params) P() *Curve.BIG

P returns order of the group in params

func (*Params) ToProto

func (params *Params) ToProto() (*ProtoParams, error)

ToProto creates a protobuf representation of the object.

func (*Params) UnmarshalBinary

func (params *Params) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*Params) Validate

func (p *Params) Validate() bool

Validate checks for nil elements in the params.

type PolynomialPoints

type PolynomialPoints struct {
	// contains filtered or unexported fields
}

PolynomialPoints (tmp) represents x values of points on polynomial of degree t - 1 generated during TTPKeygen.

func NewPP

func NewPP(xs []*Curve.BIG) *PolynomialPoints

NewPP returns instance of PolynomialPoints from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*PolynomialPoints) Validate

func (pp *PolynomialPoints) Validate() bool

Validate checks for nil elements in the struct.

func (*PolynomialPoints) Xs

func (pp *PolynomialPoints) Xs() []*Curve.BIG

Xs returns slice of x coordinates of Polynomial Points

type ProtoBlindSignMaterials

type ProtoBlindSignMaterials struct {
	Lambda               *ProtoLambda            `protobuf:"bytes,1,opt,name=lambda,proto3" json:"lambda,omitempty"`
	EgPub                *elgamal.ProtoPublicKey `protobuf:"bytes,2,opt,name=egPub,proto3" json:"egPub,omitempty"`
	PubM                 [][]byte                `protobuf:"bytes,3,rep,name=pubM,proto3" json:"pubM,omitempty"`
	XXX_NoUnkeyedLiteral struct{}                `json:"-"`
	XXX_unrecognized     []byte                  `json:"-"`
	XXX_sizecache        int32                   `json:"-"`
}

encapsulates everything required by IAs to issue credential

func (*ProtoBlindSignMaterials) Descriptor

func (*ProtoBlindSignMaterials) Descriptor() ([]byte, []int)

func (*ProtoBlindSignMaterials) GetEgPub

func (*ProtoBlindSignMaterials) GetLambda

func (m *ProtoBlindSignMaterials) GetLambda() *ProtoLambda

func (*ProtoBlindSignMaterials) GetPubM

func (m *ProtoBlindSignMaterials) GetPubM() [][]byte

func (*ProtoBlindSignMaterials) OneWayToBytes

func (pbsm *ProtoBlindSignMaterials) OneWayToBytes() ([]byte, error)

TODO: perhaps similar code for all other structs? We don't care about being able to recover original data. Treat it as a one-way function. Used to sign and verify the underlying data.

func (*ProtoBlindSignMaterials) ProtoMessage

func (*ProtoBlindSignMaterials) ProtoMessage()

func (*ProtoBlindSignMaterials) Reset

func (m *ProtoBlindSignMaterials) Reset()

func (*ProtoBlindSignMaterials) String

func (m *ProtoBlindSignMaterials) String() string

func (*ProtoBlindSignMaterials) XXX_DiscardUnknown

func (m *ProtoBlindSignMaterials) XXX_DiscardUnknown()

func (*ProtoBlindSignMaterials) XXX_Marshal

func (m *ProtoBlindSignMaterials) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoBlindSignMaterials) XXX_Merge

func (m *ProtoBlindSignMaterials) XXX_Merge(src proto.Message)

func (*ProtoBlindSignMaterials) XXX_Size

func (m *ProtoBlindSignMaterials) XXX_Size() int

func (*ProtoBlindSignMaterials) XXX_Unmarshal

func (m *ProtoBlindSignMaterials) XXX_Unmarshal(b []byte) error

type ProtoBlindedSignature

type ProtoBlindedSignature struct {
	Sig1                 []byte                   `protobuf:"bytes,1,opt,name=sig1,proto3" json:"sig1,omitempty"`
	Sig2Tilda            *elgamal.ProtoEncryption `protobuf:"bytes,2,opt,name=sig2Tilda,proto3" json:"sig2Tilda,omitempty"`
	XXX_NoUnkeyedLiteral struct{}                 `json:"-"`
	XXX_unrecognized     []byte                   `json:"-"`
	XXX_sizecache        int32                    `json:"-"`
}

func (*ProtoBlindedSignature) Descriptor

func (*ProtoBlindedSignature) Descriptor() ([]byte, []int)

func (*ProtoBlindedSignature) GetSig1

func (m *ProtoBlindedSignature) GetSig1() []byte

func (*ProtoBlindedSignature) GetSig2Tilda

func (m *ProtoBlindedSignature) GetSig2Tilda() *elgamal.ProtoEncryption

func (*ProtoBlindedSignature) ProtoMessage

func (*ProtoBlindedSignature) ProtoMessage()

func (*ProtoBlindedSignature) Reset

func (m *ProtoBlindedSignature) Reset()

func (*ProtoBlindedSignature) String

func (m *ProtoBlindedSignature) String() string

func (*ProtoBlindedSignature) XXX_DiscardUnknown

func (m *ProtoBlindedSignature) XXX_DiscardUnknown()

func (*ProtoBlindedSignature) XXX_Marshal

func (m *ProtoBlindedSignature) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoBlindedSignature) XXX_Merge

func (m *ProtoBlindedSignature) XXX_Merge(src proto.Message)

func (*ProtoBlindedSignature) XXX_Size

func (m *ProtoBlindedSignature) XXX_Size() int

func (*ProtoBlindedSignature) XXX_Unmarshal

func (m *ProtoBlindedSignature) XXX_Unmarshal(b []byte) error

type ProtoLambda

type ProtoLambda struct {
	Cm                   []byte                     `protobuf:"bytes,1,opt,name=cm,proto3" json:"cm,omitempty"`
	Enc                  []*elgamal.ProtoEncryption `protobuf:"bytes,2,rep,name=enc,proto3" json:"enc,omitempty"`
	Proof                *ProtoSignerProof          `protobuf:"bytes,3,opt,name=proof,proto3" json:"proof,omitempty"`
	XXX_NoUnkeyedLiteral struct{}                   `json:"-"`
	XXX_unrecognized     []byte                     `json:"-"`
	XXX_sizecache        int32                      `json:"-"`
}

func (*ProtoLambda) Descriptor

func (*ProtoLambda) Descriptor() ([]byte, []int)

func (*ProtoLambda) GetCm

func (m *ProtoLambda) GetCm() []byte

func (*ProtoLambda) GetEnc

func (m *ProtoLambda) GetEnc() []*elgamal.ProtoEncryption

func (*ProtoLambda) GetProof

func (m *ProtoLambda) GetProof() *ProtoSignerProof

func (*ProtoLambda) ProtoMessage

func (*ProtoLambda) ProtoMessage()

func (*ProtoLambda) Reset

func (m *ProtoLambda) Reset()

func (*ProtoLambda) String

func (m *ProtoLambda) String() string

func (*ProtoLambda) XXX_DiscardUnknown

func (m *ProtoLambda) XXX_DiscardUnknown()

func (*ProtoLambda) XXX_Marshal

func (m *ProtoLambda) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoLambda) XXX_Merge

func (m *ProtoLambda) XXX_Merge(src proto.Message)

func (*ProtoLambda) XXX_Size

func (m *ProtoLambda) XXX_Size() int

func (*ProtoLambda) XXX_Unmarshal

func (m *ProtoLambda) XXX_Unmarshal(b []byte) error

type ProtoParams

type ProtoParams struct {
	P                    []byte   `protobuf:"bytes,2,opt,name=p,proto3" json:"p,omitempty"`
	G1                   []byte   `protobuf:"bytes,3,opt,name=g1,proto3" json:"g1,omitempty"`
	G2                   []byte   `protobuf:"bytes,4,opt,name=g2,proto3" json:"g2,omitempty"`
	Hs                   [][]byte `protobuf:"bytes,5,rep,name=hs,proto3" json:"hs,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ProtoParams) Descriptor

func (*ProtoParams) Descriptor() ([]byte, []int)

func (*ProtoParams) GetG1

func (m *ProtoParams) GetG1() []byte

func (*ProtoParams) GetG2

func (m *ProtoParams) GetG2() []byte

func (*ProtoParams) GetHs

func (m *ProtoParams) GetHs() [][]byte

func (*ProtoParams) GetP

func (m *ProtoParams) GetP() []byte

func (*ProtoParams) ProtoMessage

func (*ProtoParams) ProtoMessage()

func (*ProtoParams) Reset

func (m *ProtoParams) Reset()

func (*ProtoParams) String

func (m *ProtoParams) String() string

func (*ProtoParams) XXX_DiscardUnknown

func (m *ProtoParams) XXX_DiscardUnknown()

func (*ProtoParams) XXX_Marshal

func (m *ProtoParams) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoParams) XXX_Merge

func (m *ProtoParams) XXX_Merge(src proto.Message)

func (*ProtoParams) XXX_Size

func (m *ProtoParams) XXX_Size() int

func (*ProtoParams) XXX_Unmarshal

func (m *ProtoParams) XXX_Unmarshal(b []byte) error

type ProtoSecretKey

type ProtoSecretKey struct {
	X                    []byte   `protobuf:"bytes,1,opt,name=X,json=x,proto3" json:"X,omitempty"`
	Y                    [][]byte `protobuf:"bytes,2,rep,name=Y,json=y,proto3" json:"Y,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

in principle should never be used as secret key would never be sent over the wire, but the definition is included for completion sake

func (*ProtoSecretKey) Descriptor

func (*ProtoSecretKey) Descriptor() ([]byte, []int)

func (*ProtoSecretKey) GetX

func (m *ProtoSecretKey) GetX() []byte

func (*ProtoSecretKey) GetY

func (m *ProtoSecretKey) GetY() [][]byte

func (*ProtoSecretKey) ProtoMessage

func (*ProtoSecretKey) ProtoMessage()

func (*ProtoSecretKey) Reset

func (m *ProtoSecretKey) Reset()

func (*ProtoSecretKey) String

func (m *ProtoSecretKey) String() string

func (*ProtoSecretKey) XXX_DiscardUnknown

func (m *ProtoSecretKey) XXX_DiscardUnknown()

func (*ProtoSecretKey) XXX_Marshal

func (m *ProtoSecretKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoSecretKey) XXX_Merge

func (m *ProtoSecretKey) XXX_Merge(src proto.Message)

func (*ProtoSecretKey) XXX_Size

func (m *ProtoSecretKey) XXX_Size() int

func (*ProtoSecretKey) XXX_Unmarshal

func (m *ProtoSecretKey) XXX_Unmarshal(b []byte) error

type ProtoSignature

type ProtoSignature struct {
	Sig1                 []byte   `protobuf:"bytes,1,opt,name=sig1,proto3" json:"sig1,omitempty"`
	Sig2                 []byte   `protobuf:"bytes,2,opt,name=sig2,proto3" json:"sig2,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ProtoSignature) Descriptor

func (*ProtoSignature) Descriptor() ([]byte, []int)

func (*ProtoSignature) GetSig1

func (m *ProtoSignature) GetSig1() []byte

func (*ProtoSignature) GetSig2

func (m *ProtoSignature) GetSig2() []byte

func (*ProtoSignature) ProtoMessage

func (*ProtoSignature) ProtoMessage()

func (*ProtoSignature) Reset

func (m *ProtoSignature) Reset()

func (*ProtoSignature) String

func (m *ProtoSignature) String() string

func (*ProtoSignature) XXX_DiscardUnknown

func (m *ProtoSignature) XXX_DiscardUnknown()

func (*ProtoSignature) XXX_Marshal

func (m *ProtoSignature) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoSignature) XXX_Merge

func (m *ProtoSignature) XXX_Merge(src proto.Message)

func (*ProtoSignature) XXX_Size

func (m *ProtoSignature) XXX_Size() int

func (*ProtoSignature) XXX_Unmarshal

func (m *ProtoSignature) XXX_Unmarshal(b []byte) error

type ProtoSignerProof

type ProtoSignerProof struct {
	C                    []byte   `protobuf:"bytes,1,opt,name=c,proto3" json:"c,omitempty"`
	Rr                   []byte   `protobuf:"bytes,2,opt,name=rr,proto3" json:"rr,omitempty"`
	Rk                   [][]byte `protobuf:"bytes,3,rep,name=rk,proto3" json:"rk,omitempty"`
	Rm                   [][]byte `protobuf:"bytes,4,rep,name=rm,proto3" json:"rm,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ProtoSignerProof) Descriptor

func (*ProtoSignerProof) Descriptor() ([]byte, []int)

func (*ProtoSignerProof) GetC

func (m *ProtoSignerProof) GetC() []byte

func (*ProtoSignerProof) GetRk

func (m *ProtoSignerProof) GetRk() [][]byte

func (*ProtoSignerProof) GetRm

func (m *ProtoSignerProof) GetRm() [][]byte

func (*ProtoSignerProof) GetRr

func (m *ProtoSignerProof) GetRr() []byte

func (*ProtoSignerProof) ProtoMessage

func (*ProtoSignerProof) ProtoMessage()

func (*ProtoSignerProof) Reset

func (m *ProtoSignerProof) Reset()

func (*ProtoSignerProof) String

func (m *ProtoSignerProof) String() string

func (*ProtoSignerProof) XXX_DiscardUnknown

func (m *ProtoSignerProof) XXX_DiscardUnknown()

func (*ProtoSignerProof) XXX_Marshal

func (m *ProtoSignerProof) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoSignerProof) XXX_Merge

func (m *ProtoSignerProof) XXX_Merge(src proto.Message)

func (*ProtoSignerProof) XXX_Size

func (m *ProtoSignerProof) XXX_Size() int

func (*ProtoSignerProof) XXX_Unmarshal

func (m *ProtoSignerProof) XXX_Unmarshal(b []byte) error

type ProtoTheta

type ProtoTheta struct {
	Kappa                []byte              `protobuf:"bytes,1,opt,name=kappa,proto3" json:"kappa,omitempty"`
	Nu                   []byte              `protobuf:"bytes,2,opt,name=nu,proto3" json:"nu,omitempty"`
	Proof                *ProtoVerifierProof `protobuf:"bytes,3,opt,name=proof,proto3" json:"proof,omitempty"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

func (*ProtoTheta) Descriptor

func (*ProtoTheta) Descriptor() ([]byte, []int)

func (*ProtoTheta) GetKappa

func (m *ProtoTheta) GetKappa() []byte

func (*ProtoTheta) GetNu

func (m *ProtoTheta) GetNu() []byte

func (*ProtoTheta) GetProof

func (m *ProtoTheta) GetProof() *ProtoVerifierProof

func (*ProtoTheta) ProtoMessage

func (*ProtoTheta) ProtoMessage()

func (*ProtoTheta) Reset

func (m *ProtoTheta) Reset()

func (*ProtoTheta) String

func (m *ProtoTheta) String() string

func (*ProtoTheta) XXX_DiscardUnknown

func (m *ProtoTheta) XXX_DiscardUnknown()

func (*ProtoTheta) XXX_Marshal

func (m *ProtoTheta) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoTheta) XXX_Merge

func (m *ProtoTheta) XXX_Merge(src proto.Message)

func (*ProtoTheta) XXX_Size

func (m *ProtoTheta) XXX_Size() int

func (*ProtoTheta) XXX_Unmarshal

func (m *ProtoTheta) XXX_Unmarshal(b []byte) error

type ProtoThetaTumbler

type ProtoThetaTumbler struct {
	Theta                *ProtoTheta `protobuf:"bytes,1,opt,name=theta,proto3" json:"theta,omitempty"`
	Zeta                 []byte      `protobuf:"bytes,2,opt,name=zeta,proto3" json:"zeta,omitempty"`
	XXX_NoUnkeyedLiteral struct{}    `json:"-"`
	XXX_unrecognized     []byte      `json:"-"`
	XXX_sizecache        int32       `json:"-"`
}

func (*ProtoThetaTumbler) Descriptor

func (*ProtoThetaTumbler) Descriptor() ([]byte, []int)

func (*ProtoThetaTumbler) GetTheta

func (m *ProtoThetaTumbler) GetTheta() *ProtoTheta

func (*ProtoThetaTumbler) GetZeta

func (m *ProtoThetaTumbler) GetZeta() []byte

func (*ProtoThetaTumbler) ProtoMessage

func (*ProtoThetaTumbler) ProtoMessage()

func (*ProtoThetaTumbler) Reset

func (m *ProtoThetaTumbler) Reset()

func (*ProtoThetaTumbler) String

func (m *ProtoThetaTumbler) String() string

func (*ProtoThetaTumbler) XXX_DiscardUnknown

func (m *ProtoThetaTumbler) XXX_DiscardUnknown()

func (*ProtoThetaTumbler) XXX_Marshal

func (m *ProtoThetaTumbler) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoThetaTumbler) XXX_Merge

func (m *ProtoThetaTumbler) XXX_Merge(src proto.Message)

func (*ProtoThetaTumbler) XXX_Size

func (m *ProtoThetaTumbler) XXX_Size() int

func (*ProtoThetaTumbler) XXX_Unmarshal

func (m *ProtoThetaTumbler) XXX_Unmarshal(b []byte) error

type ProtoVerificationKey

type ProtoVerificationKey struct {
	G2                   []byte   `protobuf:"bytes,1,opt,name=G2,json=g2,proto3" json:"G2,omitempty"`
	Alpha                []byte   `protobuf:"bytes,2,opt,name=Alpha,json=alpha,proto3" json:"Alpha,omitempty"`
	Beta                 [][]byte `protobuf:"bytes,3,rep,name=Beta,json=beta,proto3" json:"Beta,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ProtoVerificationKey) Descriptor

func (*ProtoVerificationKey) Descriptor() ([]byte, []int)

func (*ProtoVerificationKey) GetAlpha

func (m *ProtoVerificationKey) GetAlpha() []byte

func (*ProtoVerificationKey) GetBeta

func (m *ProtoVerificationKey) GetBeta() [][]byte

func (*ProtoVerificationKey) GetG2

func (m *ProtoVerificationKey) GetG2() []byte

func (*ProtoVerificationKey) ProtoMessage

func (*ProtoVerificationKey) ProtoMessage()

func (*ProtoVerificationKey) Reset

func (m *ProtoVerificationKey) Reset()

func (*ProtoVerificationKey) String

func (m *ProtoVerificationKey) String() string

func (*ProtoVerificationKey) XXX_DiscardUnknown

func (m *ProtoVerificationKey) XXX_DiscardUnknown()

func (*ProtoVerificationKey) XXX_Marshal

func (m *ProtoVerificationKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoVerificationKey) XXX_Merge

func (m *ProtoVerificationKey) XXX_Merge(src proto.Message)

func (*ProtoVerificationKey) XXX_Size

func (m *ProtoVerificationKey) XXX_Size() int

func (*ProtoVerificationKey) XXX_Unmarshal

func (m *ProtoVerificationKey) XXX_Unmarshal(b []byte) error

type ProtoVerifierProof

type ProtoVerifierProof struct {
	C                    []byte   `protobuf:"bytes,1,opt,name=c,proto3" json:"c,omitempty"`
	Rm                   [][]byte `protobuf:"bytes,2,rep,name=rm,proto3" json:"rm,omitempty"`
	Rt                   []byte   `protobuf:"bytes,3,opt,name=rt,proto3" json:"rt,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ProtoVerifierProof) Descriptor

func (*ProtoVerifierProof) Descriptor() ([]byte, []int)

func (*ProtoVerifierProof) GetC

func (m *ProtoVerifierProof) GetC() []byte

func (*ProtoVerifierProof) GetRm

func (m *ProtoVerifierProof) GetRm() [][]byte

func (*ProtoVerifierProof) GetRt

func (m *ProtoVerifierProof) GetRt() []byte

func (*ProtoVerifierProof) ProtoMessage

func (*ProtoVerifierProof) ProtoMessage()

func (*ProtoVerifierProof) Reset

func (m *ProtoVerifierProof) Reset()

func (*ProtoVerifierProof) String

func (m *ProtoVerifierProof) String() string

func (*ProtoVerifierProof) XXX_DiscardUnknown

func (m *ProtoVerifierProof) XXX_DiscardUnknown()

func (*ProtoVerifierProof) XXX_Marshal

func (m *ProtoVerifierProof) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProtoVerifierProof) XXX_Merge

func (m *ProtoVerifierProof) XXX_Merge(src proto.Message)

func (*ProtoVerifierProof) XXX_Size

func (m *ProtoVerifierProof) XXX_Size() int

func (*ProtoVerifierProof) XXX_Unmarshal

func (m *ProtoVerifierProof) XXX_Unmarshal(b []byte) error

type SchemeParams

type SchemeParams interface {
	P() *Curve.BIG
	G1() *Curve.ECP
	G2() *Curve.ECP2
	Hs() []*Curve.ECP
}

SchemeParams interface allows for interchangeably using Params and MuxParams (where applicable)

type SecretKey

type SecretKey struct {
	// contains filtered or unexported fields
}

SecretKey represents secret key of a Coconut signing authority.

func NewSk

func NewSk(x *Curve.BIG, y []*Curve.BIG) *SecretKey

NewSk returns instance of secret key from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*SecretKey) FromPEMFile

func (sk *SecretKey) FromPEMFile(f string) error

FromPEMFile reads out the secret key from a PEM file at path f.

func (*SecretKey) FromProto

func (sk *SecretKey) FromProto(psk *ProtoSecretKey) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*SecretKey) MarshalBinary

func (sk *SecretKey) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*SecretKey) ToPEMFile

func (sk *SecretKey) ToPEMFile(f string) error

ToPEMFile writes out the secret key to a PEM file at path f.

func (*SecretKey) ToProto

func (sk *SecretKey) ToProto() (*ProtoSecretKey, error)

ToProto creates a protobuf representation of the object.

func (*SecretKey) UnmarshalBinary

func (sk *SecretKey) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*SecretKey) Validate

func (sk *SecretKey) Validate() bool

Validate checks for nil elements in the key.

func (*SecretKey) X

func (sk *SecretKey) X() *Curve.BIG

X returns appropriate part of the the secret key

func (*SecretKey) Y

func (sk *SecretKey) Y() []*Curve.BIG

Y returns appropriate part of the the secret key

type Signature

type Signature struct {
	// contains filtered or unexported fields
}

Signature represents signature/credential issued by a Coconut signing authority. sig1 = h, sig2 = h * (x + (m[0] * y[0]) + ... + (m[i] * y[i])).

func AggregateSignatures

func AggregateSignatures(params *Params, sigs []*Signature, pp *PolynomialPoints) *Signature

AggregateSignatures aggregates Coconut credentials on the same set of attributes that were produced by multiple signing authorities. Optionally it does so in a threshold manner.

func NewSignature

func NewSignature(sig1 *Curve.ECP, sig2 *Curve.ECP) *Signature

NewSignature returns instance of signature from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func Randomize

func Randomize(params *Params, sig *Signature) *Signature

FIXME: spelling Randomize randomizes the Coconut credential such that it becomes indistinguishable from a fresh credential on different attributes

func Sign

func Sign(params *Params, sk *SecretKey, pubM []*Curve.BIG) (*Signature, error)

Sign creates a Coconut credential under a given secret key on a set of public attributes only.

func Unblind

func Unblind(params *Params, blindedSignature *BlindedSignature, egPub *elgamal.PrivateKey) *Signature

Unblind unblinds the blinded Coconut credential.

func (*Signature) FromProto

func (sig *Signature) FromProto(psig *ProtoSignature) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*Signature) MarshalBinary

func (sig *Signature) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*Signature) Sig1

func (s *Signature) Sig1() *Curve.ECP

Sig1 returns first ECP group of the signature

func (*Signature) Sig2

func (s *Signature) Sig2() *Curve.ECP

Sig2 returns second ECP group of the signature

func (*Signature) ToProto

func (sig *Signature) ToProto() (*ProtoSignature, error)

ToProto creates a protobuf representation of the object.

func (*Signature) UnmarshalBinary

func (sig *Signature) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*Signature) Validate

func (s *Signature) Validate() bool

Validate checks for nil elements in the signature.

type SignerProof

type SignerProof struct {
	// contains filtered or unexported fields
}

SignerProof (name to be confirmed) represents all the fields contained within the said proof.

func ConstructSignerProof

func ConstructSignerProof(params *Params,
	gamma *Curve.ECP,
	encs []*elgamal.Encryption,
	cm *Curve.ECP,
	k []*Curve.BIG,
	r *Curve.BIG,
	pubM []*Curve.BIG,
	privM []*Curve.BIG,
) (*SignerProof, error)

ConstructSignerProof creates a non-interactive zero-knowledge proof to prove corectness of ciphertexts and cm. It's based on the original Python implementation: https://github.com/asonnino/coconut/blob/master/coconut/proofs.py#L16

func NewSignerProof

func NewSignerProof(c *Curve.BIG, rr *Curve.BIG, rk []*Curve.BIG, rm []*Curve.BIG) *SignerProof

NewSignerProof returns instance of SignerProof from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*SignerProof) C

func (sp *SignerProof) C() *Curve.BIG

C returns challenge part of the signer proof

func (*SignerProof) FromProto

func (sp *SignerProof) FromProto(psp *ProtoSignerProof) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*SignerProof) MarshalBinary

func (sp *SignerProof) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*SignerProof) Rk

func (sp *SignerProof) Rk() []*Curve.BIG

Rk returns set of rk responses of the signer proof

func (*SignerProof) Rm

func (sp *SignerProof) Rm() []*Curve.BIG

Rm returns set of rm responses of the signer proof

func (*SignerProof) Rr

func (sp *SignerProof) Rr() *Curve.BIG

Rr returns set of rr responses of the signer proof

func (*SignerProof) ToProto

func (sp *SignerProof) ToProto() (*ProtoSignerProof, error)

ToProto creates a protobuf representation of the object.

func (*SignerProof) UnmarshalBinary

func (sp *SignerProof) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*SignerProof) Validate

func (sp *SignerProof) Validate() bool

Validate checks for nil elements in the proof.

type Theta

type Theta struct {
	// contains filtered or unexported fields
}

Theta encapsulates data created by ShowBlindSignature function.

func NewTheta

func NewTheta(kappa *Curve.ECP2, nu *Curve.ECP, proof *VerifierProof) *Theta

NewTheta returns instance of Theta from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func ShowBlindSignature

func ShowBlindSignature(params *Params, vk *VerificationKey, sig *Signature, privM []*Curve.BIG) (*Theta, error)

ShowBlindSignature builds cryptographic material required for blind verification. It returns kappa and nu - group elements needed to perform verification and zero-knowledge proof asserting corectness of the above.

func (*Theta) FromProto

func (theta *Theta) FromProto(protoTheta *ProtoTheta) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*Theta) Kappa

func (t *Theta) Kappa() *Curve.ECP2

Kappa returns the kappa part of the Theta.

func (*Theta) MarshalBinary

func (theta *Theta) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*Theta) Nu

func (t *Theta) Nu() *Curve.ECP

Nu returns the nu part of the Theta.

func (*Theta) Proof

func (t *Theta) Proof() *VerifierProof

Proof returns the proof part of the Theta.

func (*Theta) ToProto

func (theta *Theta) ToProto() (*ProtoTheta, error)

ToProto creates a protobuf representation of the object.

func (*Theta) UnmarshalBinary

func (theta *Theta) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*Theta) Validate

func (t *Theta) Validate() bool

Validate checks for nil elements in the mats.

type ThetaTumbler

type ThetaTumbler struct {
	*Theta
	// contains filtered or unexported fields
}

ThetaTumbler encapsulates data created by ShowBlindSignatureTumbler function.

func NewThetaTumbler

func NewThetaTumbler(theta *Theta, zeta *Curve.ECP) *ThetaTumbler

NewThetaTumbler returns instance of ThetaTumbler from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func ShowBlindSignatureTumbler

func ShowBlindSignatureTumbler(params *Params,
	vk *VerificationKey,
	sig *Signature,
	privM []*Curve.BIG,
	address []byte,
) (*ThetaTumbler, error)

ShowBlindSignatureTumbler builds cryptographic material required for blind verification for the tumbler. It returns kappa, nu and zeta - group elements needed to perform verification and zero-knowledge proof asserting corectness of the above. The proof is bound to the provided address.

func (*ThetaTumbler) FromProto

func (t *ThetaTumbler) FromProto(protoThetaTumbler *ProtoThetaTumbler) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*ThetaTumbler) MarshalBinary

func (t *ThetaTumbler) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*ThetaTumbler) ToProto

func (t *ThetaTumbler) ToProto() (*ProtoThetaTumbler, error)

ToProto creates a protobuf representation of the object.

func (*ThetaTumbler) UnmarshalBinary

func (t *ThetaTumbler) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*ThetaTumbler) Validate

func (t *ThetaTumbler) Validate() bool

Validate checks for nil elements in the mats.

func (*ThetaTumbler) Zeta

func (t *ThetaTumbler) Zeta() *Curve.ECP

Zeta returns the zeta part of the ThetaTumbler.

type ThresholdSecretKey

type ThresholdSecretKey struct {
	*SecretKey
	// contains filtered or unexported fields
}

ThresholdSecretKey is a special type of coconut secret key. It was generated in a threshold manner and includes ID required for aggregation.

func NewThresholdSk

func NewThresholdSk(x *Curve.BIG, y []*Curve.BIG, id int64) *ThresholdSecretKey

NewThresholdSk returns instance of threshold secret key from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*ThresholdSecretKey) FromPEMFile

func (tsk *ThresholdSecretKey) FromPEMFile(f string) error

FromPEMFile reads out the secret key from a PEM file at path f.

func (*ThresholdSecretKey) ID

func (tsk *ThresholdSecretKey) ID() int64

ID returns the id part of the key.

func (*ThresholdSecretKey) MarshalBinary

func (tsk *ThresholdSecretKey) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*ThresholdSecretKey) ToPEMFile

func (tsk *ThresholdSecretKey) ToPEMFile(f string) error

ToPEMFile writes out the secret key to a PEM file at path f.

func (*ThresholdSecretKey) UnmarshalBinary

func (tsk *ThresholdSecretKey) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

type ThresholdVerificationKey

type ThresholdVerificationKey struct {
	*VerificationKey
	// contains filtered or unexported fields
}

ThresholdVerificationKey is a special type of coconut secret key. It was generated in a threshold manner and includes ID required for aggregation.

func NewThresholdVk

func NewThresholdVk(g2 *Curve.ECP2, alpha *Curve.ECP2, beta []*Curve.ECP2, id int64) *ThresholdVerificationKey

NewThresholdVk returns instance of threshold verification key from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*ThresholdVerificationKey) FromPEMFile

func (tvk *ThresholdVerificationKey) FromPEMFile(f string) error

FromPEMFile reads out the secret key from a PEM file at path f.

func (*ThresholdVerificationKey) ID

func (tvk *ThresholdVerificationKey) ID() int64

ID returns the id part of the key.

func (*ThresholdVerificationKey) MarshalBinary

func (tvk *ThresholdVerificationKey) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*ThresholdVerificationKey) ToPEMFile

func (tvk *ThresholdVerificationKey) ToPEMFile(f string) error

ToPEMFile writes out the verification key to a PEM file at path f.

func (*ThresholdVerificationKey) UnmarshalBinary

func (tvk *ThresholdVerificationKey) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

type TumblerProof

type TumblerProof struct {
	// contains filtered or unexported fields
}

TumblerProof is a special case of VerifierProof that is bound to some address and also encapsulates some zeta (g^s).

func ConstructTumblerProof

func ConstructTumblerProof(params *Params,
	vk *VerificationKey,
	sig *Signature,
	privM []*Curve.BIG,
	t *Curve.BIG,
	address []byte,
) (*TumblerProof, error)

ConstructTumblerProof constructs a zero knowledge proof required to implement Coconut's coin tumbler (https://arxiv.org/pdf/1802.07344.pdf). It proves knowledge of all private attributes in the credential and binds the proof to the address. Note that the first privM parameter HAS TO be coin's sequence number since the zeta is later revealed. loosely based on: https://github.com/asonnino/coconut-chainspace/blob/master/contracts/tumbler_proofs.py TODO: NEED SOMEBODY TO VERIFY CORECTNESS OF IMPLEMENTATION

func NewTumblerProof

func NewTumblerProof(baseProof *VerifierProof, zeta *Curve.ECP) *TumblerProof

NewTumblerProof returns instance of TumblerProof from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*TumblerProof) BaseProof

func (tp *TumblerProof) BaseProof() *VerifierProof

BaseProof returns the base proof containing (c, rm, rt).

func (*TumblerProof) Validate

func (tp *TumblerProof) Validate() bool

Validate checks for nil elements in the proof.

func (*TumblerProof) Zeta

func (tp *TumblerProof) Zeta() *Curve.ECP

Zeta returns zeta used in the proof.

type VerificationKey

type VerificationKey struct {
	// contains filtered or unexported fields
}

VerificationKey represents verification key of a Coconut signing authority.

func AggregateVerificationKeys

func AggregateVerificationKeys(params *Params, vks []*VerificationKey, pp *PolynomialPoints) *VerificationKey

AggregateVerificationKeys aggregates verification keys of the signing authorities. Optionally it does so in a threshold manner.

func NewVk

func NewVk(g2 *Curve.ECP2, alpha *Curve.ECP2, beta []*Curve.ECP2) *VerificationKey

NewVk returns instance of verification key from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*VerificationKey) Alpha

func (vk *VerificationKey) Alpha() *Curve.ECP2

Alpha returns appropriate part of the the verification key

func (*VerificationKey) Beta

func (vk *VerificationKey) Beta() []*Curve.ECP2

Beta returns appropriate part of the the verification key

func (*VerificationKey) FromPEMFile

func (vk *VerificationKey) FromPEMFile(f string) error

FromPEMFile reads out the secret key from a PEM file at path f.

func (*VerificationKey) FromProto

func (vk *VerificationKey) FromProto(pvk *ProtoVerificationKey) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*VerificationKey) G2

func (vk *VerificationKey) G2() *Curve.ECP2

G2 returns generator of G2 that is part of the verification key

func (*VerificationKey) MarshalBinary

func (vk *VerificationKey) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*VerificationKey) ToPEMFile

func (vk *VerificationKey) ToPEMFile(f string) error

ToPEMFile writes out the verification key to a PEM file at path f.

func (*VerificationKey) ToProto

func (vk *VerificationKey) ToProto() (*ProtoVerificationKey, error)

ToProto creates a protobuf representation of the object.

func (*VerificationKey) UnmarshalBinary

func (vk *VerificationKey) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*VerificationKey) Validate

func (vk *VerificationKey) Validate() bool

Validate checks for nil elements in the key.

type VerifierProof

type VerifierProof struct {
	// contains filtered or unexported fields
}

VerifierProof (name to be confirmed) represents all the fields contained within the said proof.

func ConstructVerifierProof

func ConstructVerifierProof(params *Params,
	vk *VerificationKey,
	sig *Signature,
	privM []*Curve.BIG,
	t *Curve.BIG,
) (*VerifierProof, error)

ConstructVerifierProof creates a non-interactive zero-knowledge proof in order to prove corectness of kappa and nu. It's based on the original Python implementation: https://github.com/asonnino/coconut/blob/master/coconut/proofs.py#L57

func NewVerifierProof

func NewVerifierProof(c *Curve.BIG, rm []*Curve.BIG, rt *Curve.BIG) *VerifierProof

NewVerifierProof returns instance of VerifierProof from the provided attributes. Created for coconutclientworker to not repeat the type definition but preserve attributes being private.

func (*VerifierProof) C

func (vp *VerifierProof) C() *Curve.BIG

C returns challenge part of the signer proof.

func (*VerifierProof) FromProto

func (vp *VerifierProof) FromProto(pvp *ProtoVerifierProof) error

FromProto takes a protobuf representation of the object and unmarshals its attributes.

func (*VerifierProof) MarshalBinary

func (vp *VerifierProof) MarshalBinary() ([]byte, error)

MarshalBinary is an implementation of a method on the BinaryMarshaler interface defined in https://golang.org/pkg/encoding/

func (*VerifierProof) Rm

func (vp *VerifierProof) Rm() []*Curve.BIG

Rm returns set of rm responses of the signer proof.

func (*VerifierProof) Rt

func (vp *VerifierProof) Rt() *Curve.BIG

Rt returns set of rt responses of the signer proof.

func (*VerifierProof) ToProto

func (vp *VerifierProof) ToProto() (*ProtoVerifierProof, error)

ToProto creates a protobuf representation of the object.

func (*VerifierProof) UnmarshalBinary

func (vp *VerifierProof) UnmarshalBinary(data []byte) error

UnmarshalBinary is an implementation of a method on the BinaryUnmarshaler interface defined in https://golang.org/pkg/encoding/

func (*VerifierProof) Validate

func (vp *VerifierProof) Validate() bool

Validate checks for nil elements in the proof.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL