Documentation ¶
Index ¶
- Variables
- func AggBpProve_s(instance *AggBpStatement, wit []*big.Int) (string, error)
- func AggBpVerify(proof *AggBulletProof, instance *AggBpStatement) (bool, error)
- func AggBpVerify_s(proof string, instance *AggBpStatement) (bool, error)
- func AggProofMarshal(proof *AggBulletProof) (string, error)
- func BN256() param
- func Bij(i, j uint64) (int64, error)
- func CXtilde(v, bTf *big.Int, P0 [][]*big.Int, P1 [][]*big.Int, N, m int64, ...) ([]*bn256.G1, error)
- func CalculatetEval(T1, T2 *bn256.G1, x *big.Int) *bn256.G1
- func ComputeAR(x []*big.Int) []*big.Int
- func ComputeAggDelta(y, z *big.Int, n, m int64) *big.Int
- func ComputeAggLx(aL, sL []*big.Int, x, z *big.Int, nMulm int64) (lx []*big.Int, err error)
- func ComputeAggRx(aR, sR []*big.Int, x, y, z *big.Int, n, m int64) (rx []*big.Int, err error)
- func ComputeAt(aggBp *AggBpStatement, c, omega, tHat, stau, delta, sb, x *big.Int, m int64, ...) *bn256.G1
- func ComputeDelta(y, z *big.Int, n int64) *big.Int
- func ComputeLx(aL, sL []*big.Int, z, x *big.Int) ([]*big.Int, error)
- func ComputeRx(aR, sR []*big.Int, z, y, x *big.Int) ([]*big.Int, error)
- func Computet0(aL, aR, sR []*big.Int, y, z *big.Int, n, m int64) (*big.Int, error)
- func Computet1(aL, aR, sL, sR []*big.Int, y, z *big.Int, n, m int64) (*big.Int, error)
- func Computet2(sL, aR, sR []*big.Int, y, z *big.Int, n, m int64) (*big.Int, error)
- func Dec(c *Ciphertext, sk *big.Int) *bn256.G1
- func Decompose(v *big.Int, u int64, l int64) []*big.Int
- func GenerateAggA(instance *AggBpStatement, witness *AggBpWitness) (aL, aR []*big.Int, alpha *big.Int, A *bn256.G1, err error)
- func GenerateAggS(instance *AggBpStatement) (sL, sR []*big.Int, rho *big.Int, S *bn256.G1, err error)
- func GenerateAggT1T2(instance *AggBpStatement, aL, aR, sL, sR []*big.Int, y, z *big.Int) (T1, T2 *bn256.G1, tau1, tau2 *big.Int, err error)
- func GenerateAggTaux(tau1, tau2, x, z *big.Int, m int64, vectorGamma []*big.Int) (tauX *big.Int)
- func GenerateAggtHat(aL, aR, sL, sR []*big.Int, x, y, z *big.Int, n, m int64) (lx, rx []*big.Int, tHat *big.Int, err error)
- func GenerateAggyz(A, S *bn256.G1) (y, z *big.Int)
- func GenerateBurnyz(A, S, cLn, cRn, pub *bn256.G1, epoch *big.Int, sender []byte) (y, z *big.Int)
- func GenerateChallenge(msg []byte, order *big.Int) *big.Int
- func GenerateHprime(h []*bn256.G1, y *big.Int) []*bn256.G1
- func GenerateKexi(v *big.Int, N int64) []*big.Int
- func GenerateKey(p param, rand io.Reader) (*big.Int, error)
- func GenerateTFv(tfStatement *TransferStatement, BpA, BpS, A, B *bn256.G1) (*big.Int, error)
- func GenerateTfC(x *big.Int, Ay, AD, Ab, AX, At, Au *bn256.G1) *big.Int
- func GenerateTfOmega(v *big.Int, ...) *big.Int
- func GenerateWithdrawCh(x *big.Int, Rpub, Rb, RtHat, Ru *bn256.G1) *big.Int
- func Generatex(T1, T2 *bn256.G1, z *big.Int) *big.Int
- func Generateyz(A, S *bn256.G1) (y, z *big.Int)
- func GetGenerator(param AggBpStatement) (*bn256.G1, *bn256.G1, []*bn256.G1, []*bn256.G1)
- func InnerProductVerifier(instance *InnerProductStatement, proof *InnerProductProof, c *big.Int, ...) (bool, error)
- func IpVerify(n int64, gVector, hVector []*bn256.G1, p, u *bn256.G1, ...) (bool, error)
- func IsPowOfTwo(n int64) bool
- func LPolyCoeff(aL []*big.Int, z *big.Int, nm int64) (lZero []*big.Int, err error)
- func MapIntoGroup(s string) *bn256.G1
- func MultiVectorT(vector [][]*big.Int) [][]*big.Int
- func PointToInt(p *bn256.G1) *big.Int
- func PolyCoefficientsT1(sL, sR, aL, aR []*big.Int, y, z *big.Int) (*big.Int, error)
- func PolyCoefficientsT2(sL, sR []*big.Int, y *big.Int) *big.Int
- func PolyEvaluate(coefficients []*big.Int, x *big.Int) *big.Int
- func PolyEvaluateField(coefficients []*big.Int, x *big.Int) *big.Int
- func PolyProduct(a, b []*big.Int, field *big.Int) []*big.Int
- func PowerOf(a *big.Int, n int64) []*big.Int
- func ReadBalance(m *bn256.G1, a, b *big.Int) (*big.Int, error)
- func RpolyCoeff(aR, sR []*big.Int, y, z *big.Int, n, m int64) (rZero []*big.Int, rOne []*big.Int, err error)
- func SchnorrVerify(pub *bn256.G1, msg []byte, sigma *Signature) bool
- func SigmaProve(g, h, cRn *bn256.G1, epoch, x, z, taux *big.Int, wit *WithdrawWitness) (c, ssk, sb, stau *big.Int, err error)
- func SignMarshal(sigma *Signature) ([]byte, error)
- func SignMarshal1(sigma *Signature) ([]byte, []byte, error)
- func TFf(F1Coeff [][2]*big.Int, omega *big.Int) (f []*big.Int)
- func TfPolyCoeffF0(a []*big.Int, lBits []*big.Int, m int64) ([][2]*big.Int, error)
- func TfPolyCoeffF1(a []*big.Int, lBits []*big.Int, m int64) ([][2]*big.Int, error)
- func TfPolyP(Flk0Coeff, Flk1Coeff [][2]*big.Int, N, m int64) [][]*big.Int
- func TfProofMarshal(TfProof *TransferProof) string
- func TfSampleRandomVector(m int64) (phi, chi, psi, omega []*big.Int)
- func TfStatmentMarshal(tfStatment *TransferStatement) ([]byte, error)
- func TfVerifier(AnonPk, CLnNew, CRnNew, CVector []*bn256.G1, D, NonceU *bn256.G1, ...) (bool, error)
- func TfyXline(PolyP0Coeff [][]*big.Int, PolyP1Coeff [][]*big.Int, N, m int64, ...) (*bn256.G1, error)
- func TransferVerify(tfStatement *TransferStatement, tfProof *TransferProof) (bool, error)
- func UpdateAggP(A, S, h *bn256.G1, gVector, hprime []*bn256.G1, x, y, z, mu *big.Int, ...) (*bn256.G1, error)
- func UpdateP(A, S *bn256.G1, g, hprime []*bn256.G1, h *bn256.G1, x, z, y, mu *big.Int) *bn256.G1
- func VectorAdd(a, b []*big.Int) ([]*big.Int, error)
- func VectorCommitMuliExp(P0 [][]*big.Int, Cipher []*bn256.G1, m int64, Publ0 *bn256.G1, phi []*big.Int) ([]*bn256.G1, error)
- func VectorDecompose(v []*big.Int, u, n, m int64) []*big.Int
- func VectorEcAdd(a, b []*bn256.G1) ([]*bn256.G1, error)
- func VectorHadamard(a, b []*big.Int) ([]*big.Int, error)
- func VectorInnerProduct(a, b []*big.Int) (*big.Int, error)
- func VectorInv(sVector []*big.Int) (sInv []*big.Int)
- func VectorLine(point *bn256.G1, pub *bn256.G1, r []*big.Int, w *big.Int, m int64) (*bn256.G1, error)
- func VectorMuliExpShift(vectorPoint []*bn256.G1, kexi, polyP0, polyP1 []*big.Int, N int64) (*bn256.G1, error)
- func VectorNeg(a []*big.Int) []*big.Int
- func VectorPolyEvaluate(PolyCoeff [][]*big.Int, x *big.Int) []*big.Int
- func VectorScalarExp(gVector []*bn256.G1, x *big.Int) []*bn256.G1
- func VectorScalarMul(a []*big.Int, b *big.Int) []*big.Int
- func VectorScalarMulG(G *bn256.G1, randNum []*big.Int) []*bn256.G1
- func VectorScalarMulSum(aVector []*big.Int, gVector []*bn256.G1) (*bn256.G1, error)
- func VectorShift(vector []*big.Int, shift int64) []*big.Int
- func VectorSub(a, b []*big.Int) ([]*big.Int, error)
- func VerifierCommit(f []*big.Int, A, B *bn256.G1, m int64, zA, challOmega *big.Int, ...) (bool, error)
- func VerifierF0Coeff(f []*big.Int, challOmega *big.Int) []*big.Int
- func VerifierPolyCoeff(flk0, flk1 []*big.Int, N, m int64) []*big.Int
- func VerifierVectorLine(vectorPoint, vectorTilde []*bn256.G1, coeff []*big.Int, omega *big.Int) (*bn256.G1, error)
- func VerifierVectorTilde(vectorTilde []*bn256.G1, omega *big.Int) (*bn256.G1, error)
- func VerifyAggIpp(proof *AggBulletProof, instance *AggBpStatement) (bool, error)
- func VerifyThat(proof *BulletProof, params BulletProofParams) bool
- func WdPointMarshal(point []*bn256.G1) []byte
- func WdPointUnMarshal(res []byte) ([]*bn256.G1, error)
- func WithdrawVerify(statement *WithdrawStatement, proof *WithdrawProof) (bool, error)
- type ABProofMarshal
- type AggBpStatement
- type AggBpWitness
- type AggBulletProof
- type BulletProof
- type BulletProofParams
- type Ciphertext
- type IPproofMarshal
- type InnerProductProof
- func GenerateAggIpp(instance *AggBpStatement, A, S *bn256.G1, x, y, z, mu, tHat *big.Int, ...) (*InnerProductProof, error)
- func InnerProductProver(instance *InnerProductStatement, witness *InnerProductWitness, tHat *big.Int, ...) (proof *InnerProductProof, err error)
- func IpProve(n int64, GVector, HVector []*bn256.G1, p, u *bn256.G1, l, r []*big.Int, ...) (proof *InnerProductProof, err error)
- type InnerProductStatement
- type InnerProductWitness
- type KeyPair
- type PedersenCommitment
- type Signature
- type TfPMarshal
- type TfSMarshal
- type TransferProof
- type TransferStatement
- type TransferWitness
- type VectorCommitment
- type WdProofMarshal
- type WithdrawProof
- type WithdrawStatement
- type WithdrawWitness
Constants ¶
This section is empty.
Variables ¶
var Bn256 param
var G = MapIntoGroup("g")
compute a global generator G instead of BN128 generator g
var MAX = new(big.Int).SetInt64(4294967296)
var ORDER = BN256().N
Functions ¶
func AggBpProve_s ¶
func AggBpProve_s(instance *AggBpStatement, wit []*big.Int) (string, error)
generate string proof
func AggBpVerify ¶
func AggBpVerify(proof *AggBulletProof, instance *AggBpStatement) (bool, error)
verify proof.tHat is valid
func AggBpVerify_s ¶
func AggBpVerify_s(proof string, instance *AggBpStatement) (bool, error)
the proof input is string
func AggProofMarshal ¶
func AggProofMarshal(proof *AggBulletProof) (string, error)
aggproof marshal and unmarshal method
func CXtilde ¶
func CXtilde(v, bTf *big.Int, P0 [][]*big.Int, P1 [][]*big.Int, N, m int64, omega []*big.Int, D *bn256.G1, l0, l1 int64) ([]*bn256.G1, error)
compute proof CXk
func CalculatetEval ¶
tEval = T1^x T2^{x^2}
func ComputeAggDelta ¶
compute delta = (z-z^2)*<1^nm,y^nm>- sum[z^(j+2)*<1^n,2^n>]
func ComputeAggLx ¶
compute l(x)
func ComputeAggRx ¶
compute r(x)
func ComputeDelta ¶
delta(y,z) = (z-z^2) . < 1^n, y^n > - z^3 . < 1^n, 2^n >
func Decompose ¶
Decompose receives as input a bigint x and outputs an array of integers such that x = sum(xi.u^i), i.e. it returns the decomposition of x into base u.
func GenerateAggA ¶
func GenerateAggA(instance *AggBpStatement, witness *AggBpWitness) (aL, aR []*big.Int, alpha *big.Int, A *bn256.G1, err error)
compute aggregate bulletproof A
func GenerateAggS ¶
func GenerateAggS(instance *AggBpStatement) (sL, sR []*big.Int, rho *big.Int, S *bn256.G1, err error)
compute aggregate bulletproof S
func GenerateAggT1T2 ¶
func GenerateAggT1T2(instance *AggBpStatement, aL, aR, sL, sR []*big.Int, y, z *big.Int) (T1, T2 *bn256.G1, tau1, tau2 *big.Int, err error)
compute aggregate bulletproof T1 and T2
func GenerateAggTaux ¶
compute aggregate bulletproof taux
func GenerateAggtHat ¶
func GenerateAggtHat(aL, aR, sL, sR []*big.Int, x, y, z *big.Int, n, m int64) (lx, rx []*big.Int, tHat *big.Int, err error)
compute aggregate bulletproof tHat
func GenerateAggyz ¶
compute aggregate bulletproof challenge y and z
func GenerateBurnyz ¶
func GenerateChallenge ¶
compute challenge
func GenerateHprime ¶
GenerateHprime is responsible for computing generators in the following format: [h_1, h_2^(y^-1), ..., h_n^(y^(-n+1))], where [h_1, h_2, ..., h_n] is the original vector of generators. This method is used both by prover and verifier.
func GenerateKexi ¶
generate kexi = [1,1,v,v^2,..,v^(N-2)]
func GenerateKey ¶
GenerateKey generates private key
func GenerateTFv ¶
generate challenge v = H(statementHash||BpA||BpS||A||B)
func GenerateTfC ¶
generate transfer proof c
func GenerateTfOmega ¶
func GenerateTfOmega(v *big.Int, CLnTilde, CRnTilde, C0Tilde, Dtilde, Tfy0Tilde, TfgTilde, CXtilde, TfyXtilde []*bn256.G1) *big.Int
generate omega
func GenerateWithdrawCh ¶
func Generateyz ¶
compute bulletproof challenge y and z
func GetGenerator ¶
func InnerProductVerifier ¶
func InnerProductVerifier(instance *InnerProductStatement, proof *InnerProductProof, c *big.Int, previousChallenge *big.Int) (bool, error)
func LPolyCoeff ¶
compute polynomial l(X) coefficients l0, since l1 = sL, we do not add into this function
func MapIntoGroup ¶
MapIntoGroup returns a valid elliptic curve point given as input a string.
https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/?include_text=1
func MultiVectorT ¶
multidimensional vector transpose
func PolyCoefficientsT1 ¶
t1: < aL - z.1^n, y^n 。 sR > + < sL, y^n 。 (aR + z . 1^n) > + <sL, z^2 * 2^n >
func PolyCoefficientsT2 ¶
compute t2: < sL, y^n 。 sR >
func PolyEvaluate ¶
PolyEvaluate returns a polynomial: c[0]+c[1]*x + c[2]*x^2 +...
func PolyEvaluateField ¶
PolyEvaluateField returns a polynomial: c[0]+c[1]*x + c[2]*x^2 +...
func RpolyCoeff ¶
func RpolyCoeff(aR, sR []*big.Int, y, z *big.Int, n, m int64) (rZero []*big.Int, rOne []*big.Int, err error)
compute polynomial r(x) coefficients
func SigmaProve ¶
func TfPolyCoeffF0 ¶
compute F0k0 = (1-b0k) * W - a0k or F1k0 where a can be a0 or a1, lBits can be l0Bits or l1Bits
func TfPolyCoeffF1 ¶
F0k1 or F1k1, where a can be a0 or a1, lBits can be l0Bits or l1Bits
func TfPolyP ¶
TfPolyP is to compute Polynomial P0 or P1, where the input is F0k0Coeff and F0k1Coeff or F1k0Coeff and F1k1Coeff, the result is polynomials of length N, and every polynomial coefficient length is m, namely res =[N][m]*big.Int
func TfProofMarshal ¶
func TfProofMarshal(TfProof *TransferProof) string
transferproof marshal and unmarshal method
func TfSampleRandomVector ¶
func TfStatmentMarshal ¶
func TfStatmentMarshal(tfStatment *TransferStatement) ([]byte, error)
Marshal TransferStatement which will be used to generate challenge
func TfVerifier ¶
func TfVerifier(AnonPk, CLnNew, CRnNew, CVector []*bn256.G1, D, NonceU *bn256.G1, epoch *big.Int, proof *TransferProof) (bool, error)
verify transfer proof
func TfyXline ¶
func TfyXline(PolyP0Coeff [][]*big.Int, PolyP1Coeff [][]*big.Int, N, m int64, AnonPk []*bn256.G1, v, challOmega *big.Int, omega []*big.Int) (*bn256.G1, error)
compute TfyXline
func TransferVerify ¶
func TransferVerify(tfStatement *TransferStatement, tfProof *TransferProof) (bool, error)
func UpdateAggP ¶
func UpdateAggP(A, S, h *bn256.G1, gVector, hprime []*bn256.G1, x, y, z, mu *big.Int, n, m int64) (*bn256.G1, error)
compute P, where P = A .S^x. g^(-z).hprime ^{ z.y^nm + sum(hprime[(j-1)*n:jn-1]^(z^(j+1)*2^n))} * h{-mu}
func VectorCommitMuliExp ¶
func VectorCommitMuliExp(P0 [][]*big.Int, Cipher []*bn256.G1, m int64, Publ0 *bn256.G1, phi []*big.Int) ([]*bn256.G1, error)
P0 is N*m, len(C) = N, MultiVectorT(P0) is m*N this function can compute proof CLnk, CRnk, C0k, Tfy0k
func VectorDecompose ¶
compute aL, where <2^n, aL[(j-1)n:jn-1]> = v[j]
func VectorEcAdd ¶
VectorEcAdd computes vector add: a[] + b[],where a[i] is *bn256.G1
func VectorHadamard ¶
VectorHadamard computes vector Hadamard: a[]。b[]
func VectorInnerProduct ¶
VectorInnerProduct computes vector innerproduct: <a[],b[]>
func VectorLine ¶
func VectorLine(point *bn256.G1, pub *bn256.G1, r []*big.Int, w *big.Int, m int64) (*bn256.G1, error)
compute CRnLine, DLine, y0Line, gLine
func VectorMuliExpShift ¶
func VectorMuliExpShift(vectorPoint []*bn256.G1, kexi, polyP0, polyP1 []*big.Int, N int64) (*bn256.G1, error)
compute CXline and yXline left part which includes MultiExp and shift algorithm, where polyP0= P0i, polyP1=P1i
func VectorPolyEvaluate ¶
Given polynomials coefficients, compute polynomial value
func VectorScalarExp ¶
compute res[i] = {gVector[i]}^x, i in [1,n]
func VectorScalarMul ¶
VectorScalarMul computes vector scalar multiplication: b*a[]
func VectorScalarMulG ¶
compute Dtilde or tfgTilde
func VectorScalarMulSum ¶
compute sum(aVector[i] * gVector[i])
func VectorShift ¶
compute circularly Shift vector
func VerifierCommit ¶
func VerifierF0Coeff ¶
given flk1, compute the flk0 = w - flk1, where f is flk1, challOmega is w
func VerifierPolyCoeff ¶
Given flk0 and flk1 where their length is m instead of 2m, the output is polyli = \PI(flkk_i)
func VerifierVectorLine ¶
func VerifierVectorLine(vectorPoint, vectorTilde []*bn256.G1, coeff []*big.Int, omega *big.Int) (*bn256.G1, error)
compute CLnLine which includes MultiExp and VectorTilde algorithms, line 104-109
func VerifierVectorTilde ¶
this function is to compute \Pi(vectorTilde[k] *(-omega^k))
func VerifyAggIpp ¶
func VerifyAggIpp(proof *AggBulletProof, instance *AggBpStatement) (bool, error)
verify the aggregate bulletproof
func VerifyThat ¶
func VerifyThat(proof *BulletProof, params BulletProofParams) bool
Verify g^that h^taux = V^{z^2}g^delta(y,z) T1^x T2^{x^2}
func WdPointMarshal ¶
func WithdrawVerify ¶
func WithdrawVerify(statement *WithdrawStatement, proof *WithdrawProof) (bool, error)
Types ¶
type ABProofMarshal ¶
type ABProofMarshal struct { //a tuple of V[i]=g*v[i] + h*gamma[i] V []byte A []byte S []byte T1 []byte T2 []byte Taux *big.Int //taux []byte Mu *big.Int THat *big.Int InnerProductProof []byte }
aggbulletproof marshal struct
type AggBpStatement ¶
type AggBpStatement struct {
// contains filtered or unexported fields
}
func AggBp ¶
func AggBp() AggBpStatement
func GenerateAggBpStatement ¶
func GenerateAggBpStatement(m, n int64) *AggBpStatement
func GenerateAggBpStatement_range ¶ added in v1.1.0
func GenerateAggBpStatement_range(m, n int64, range_hash []byte) *AggBpStatement
func NewAggBpStatement ¶
func NewAggBpStatement(m int64, aggbppram AggBpStatement) *AggBpStatement
only for withdrawproof
type AggBpWitness ¶
type AggBpWitness struct {
// contains filtered or unexported fields
}
func NewAggBpWitness ¶
func NewAggBpWitness(Wit []*big.Int) *AggBpWitness
only for withdrawproof of clientcmd
type AggBulletProof ¶
type AggBulletProof struct { //a tuple of V[i]=g*v[i] + h*gamma[i] V []*bn256.G1 A *bn256.G1 S *bn256.G1 T1 *bn256.G1 T2 *bn256.G1 // contains filtered or unexported fields }
func AggBpProve ¶
func AggBpProve(instance *AggBpStatement, witness *AggBpWitness) (*AggBulletProof, error)
generate aggregate bulletproof which can be considered as 4 rounds prove phases and 2 rounds of challenge
func AggProofUnMarshal ¶
func AggProofUnMarshal(str string) (*AggBulletProof, error)
func (*AggBulletProof) VectorvCommit ¶
func (aggreBp *AggBulletProof) VectorvCommit(param BulletProofParams, v []*big.Int, m int64) (vectorV []*bn256.G1, vectorGamma []*big.Int, err error)
compute commitment for a tuple of v[i], i in [1,m]
func (*AggBulletProof) VerifyAggtHat ¶
func (proof *AggBulletProof) VerifyAggtHat(instance *AggBpStatement) (bool, error)
verify proof.InnerProductProof is valid
type BulletProof ¶
type BulletProof struct { V *bn256.G1 A *bn256.G1 S *bn256.G1 T1 *bn256.G1 T2 *bn256.G1 // contains filtered or unexported fields }
BulletProof structure contains the elements that are necessary for the verification of the Zero Knowledge Proof.
func Prove ¶
func Prove(witness *big.Int, params BulletProofParams) (*BulletProof, error)
Prove computes the ZK rangeproof.
func (*BulletProof) Verify ¶
func (proof *BulletProof) Verify(param BulletProofParams) (bool, error)
Verify returns true if and only if the proof is valid.
type BulletProofParams ¶
type BulletProofParams struct {
// contains filtered or unexported fields
}
BulletProofParams is the structure that stores the parameters for the Zero Knowledge Proof system.
func Bp ¶
func Bp() BulletProofParams
type Ciphertext ¶
func Newciphertext ¶
func Newciphertext(C, D *bn256.G1) *Ciphertext
func (*Ciphertext) Marshal ¶
func (c *Ciphertext) Marshal() ([]byte, error)
func (*Ciphertext) UnMarshal ¶
func (c *Ciphertext) UnMarshal(res []byte) error
type InnerProductProof ¶
type InnerProductProof struct { //len(LS)=len(RS)=log_2(n) LS []*bn256.G1 RS []*bn256.G1 // contains filtered or unexported fields }
func GenerateAggIpp ¶
func GenerateAggIpp(instance *AggBpStatement, A, S *bn256.G1, x, y, z, mu, tHat *big.Int, lx, rx []*big.Int) (*InnerProductProof, error)
compute aggregate bulletproof InnerProductProof
func InnerProductProver ¶
func InnerProductProver(instance *InnerProductStatement, witness *InnerProductWitness, tHat *big.Int, previousChallenge *big.Int) (proof *InnerProductProof, err error)
type InnerProductStatement ¶
type InnerProductStatement struct {
// contains filtered or unexported fields
}
func Protocol1 ¶
func Protocol1(instance *InnerProductStatement, c *big.Int, previousChallenge *big.Int) (*InnerProductStatement, *big.Int)
instance = (gVector, hVector, P, c=<aVector, bVector>); witness = (aVector, bVector) after protocol1: P'= P + x * c * u, where x is challenge, c is the innerproduct instance' = (gVector, hVector, u*x, P'); witness' = (aVector, bVector)
type InnerProductWitness ¶
type InnerProductWitness struct {
// contains filtered or unexported fields
}
type KeyPair ¶
type KeyPair struct {
// contains filtered or unexported fields
}
func (*KeyPair) GetPrivateKey ¶
func (*KeyPair) NewPrivateKey ¶
func (*KeyPair) NewPublicKey ¶
type PedersenCommitment ¶
type PedersenCommitment struct {
// contains filtered or unexported fields
}
PedersenCommitment structure
func NewPedersenCommitment ¶
func NewPedersenCommitment(p BulletProofParams, x *big.Int) *PedersenCommitment
NewPedersenCommitment returns a PedersenCommitment
func (*PedersenCommitment) Commit ¶
func (commit *PedersenCommitment) Commit() *bn256.G1
Commit returns a PedersenCommitment: V = r*h + v*g
type Signature ¶
func SchnorrTest ¶
type TfPMarshal ¶
type TfPMarshal struct { BpA []byte BpS []byte A []byte B []byte CLnTilde []byte CRnTilde []byte C0Tilde []byte Dtilde []byte Tfy0Tilde []byte TfgTilde []byte CXtilde []byte TfyXtilde []byte Tff []*big.Int TfzA *big.Int BpT1 []byte BpT2 []byte BpThat *big.Int BpMu *big.Int Tfc *big.Int TfSsk *big.Int TfSr *big.Int TfSb *big.Int TfStau *big.Int Ia *big.Int Ib *big.Int LS []byte RS []byte }
tfProofMarshal struct
type TfSMarshal ¶
type TransferProof ¶
type TransferProof struct { BpA *bn256.G1 BpS *bn256.G1 A *bn256.G1 B *bn256.G1 CLnTilde []*bn256.G1 CRnTilde []*bn256.G1 C0Tilde []*bn256.G1 Dtilde []*bn256.G1 Tfy0Tilde []*bn256.G1 TfgTilde []*bn256.G1 CXtilde []*bn256.G1 TfyXtilde []*bn256.G1 Tff []*big.Int TfzA *big.Int BpT1 *bn256.G1 BpT2 *bn256.G1 BpThat *big.Int BpMu *big.Int Tfc *big.Int TfSsk *big.Int TfSr *big.Int TfSb *big.Int TfStau *big.Int IpProof *InnerProductProof }
func TfProofUnMarshal ¶
func TfProofUnMarshal(str string) (*TransferProof, error)
func TfProver ¶
func TfProver(AnonPk, CLnNew, CRnNew, CVector []*bn256.G1, D, NonceU *bn256.G1, epoch *big.Int, sk, bTf, bDiff, r, l0, l1 *big.Int) (*TransferProof, error)
generate transfer proof
func TransferProve ¶
func TransferProve(tfStatement *TransferStatement, tfWit *TransferWitness) (*TransferProof, error)
type TransferStatement ¶
type TransferWitness ¶
type TransferWitness struct {
// contains filtered or unexported fields
}
type VectorCommitment ¶
type VectorCommitment struct {
// contains filtered or unexported fields
}
VectorCommitment structure
func NewVectorCommitment ¶
func NewVectorCommitment(p BulletProofParams, a, b []*big.Int) *VectorCommitment
NewVectorCommitment returns a VectorCommitment
type WdProofMarshal ¶
type WithdrawProof ¶
type WithdrawProof struct { A *bn256.G1 S *bn256.G1 T1 *bn256.G1 T2 *bn256.G1 // contains filtered or unexported fields }
func WdProofUnMarshal ¶
func WdProofUnMarshal(str string) (*WithdrawProof, error)
func WithdrawProve ¶
func WithdrawProve(cLn, cRn, pub *bn256.G1, epoch *big.Int, sender []byte, witness *WithdrawWitness) (*WithdrawProof, error)
func (*WithdrawProof) WdProofMarshal ¶
func (wdProof *WithdrawProof) WdProofMarshal() string
type WithdrawStatement ¶
type WithdrawStatement struct {
// contains filtered or unexported fields
}
func NewWithdrawStatement ¶
type WithdrawWitness ¶
type WithdrawWitness struct {
// contains filtered or unexported fields
}
func NewWithdrawWit ¶
func NewWithdrawWit(Priv *big.Int, Vdiff *AggBpWitness) *WithdrawWitness