Documentation
¶
Index ¶
Constants ¶
const ( MaxReveals = 640 // MaxReveals is a bound on allocation and on numReveals to limit log computation // VersionForCoinGenerator is used as part of the seed for Fiat-Shamir. We would change this // value if the state proof verifier algorithm changes. This will allow us to make different coins for different state proof verification algorithms VersionForCoinGenerator = byte(0) // MaxTreeDepth defines the maximal size of a merkle tree depth the state proof allows. MaxTreeDepth = 20 )
const StateProofCoin stateproofcrypto.HashID = "spc"
const StateProofPart stateproofcrypto.HashID = "spp"
const StateProofSig stateproofcrypto.HashID = "sps"
Variables ¶
var ( ErrCoinNotInRange = errors.New("coin is not within slot weight range") ErrNoRevealInPos = errors.New("no reveal for position") ErrTreeDepthTooLarge = errors.New("tree depth is too large") )
Errors for the StateProof verifier
var ( ErrTooManyReveals = errors.New("too many reveals in state proof") ErrZeroSignedWeight = errors.New("signed weight cannot be zero") ErrInsufficientSingedWeight = errors.New("the number of reveals is not large enough to prove that the desired weight signed, with the desired security level") )
errors for the weights verification
Functions ¶
This section is empty.
Types ¶
type Participant ¶
type Participant struct {
// PK is the identifier used to verify the signature for a specific participant
PK merklesignature.Verifier `codec:"p"`
// Weight is AccountData.MicroAlgos.
Weight uint64 `codec:"w"`
// contains filtered or unexported fields
}
A Participant corresponds to an account whose AccountData.Status is Online, and for which the expected sigRound satisfies AccountData.VoteFirstValid <= sigRound <= AccountData.VoteLastValid.
In the Algorand ledger, it is possible for multiple accounts to have the same PK. Thus, the PK is not necessarily unique among Participants. However, each account will produce a unique Participant struct, to avoid potential DoS attacks where one account claims to have the same VoteID PK as another account.
func (Participant) ToBeHashed ¶
func (p Participant) ToBeHashed() (stateproofcrypto.HashID, []byte)
ToBeHashed implements the crypto.Hashable interface. In order to create a more SNARK-friendly commitments on the signature we must avoid using the msgpack infrastructure. msgpack creates a compressed representation of the struct which might be varied in length, which will be bad for creating SNARK
type Reveal ¶
type Reveal struct {
SigSlot sigslotCommit `codec:"s"`
Part Participant `codec:"p"`
// contains filtered or unexported fields
}
Reveal is a single array position revealed as part of a state proof. It reveals an element of the signature array and the corresponding element of the participants array.
type StateProof ¶
type StateProof struct {
SigCommit stateproofcrypto.GenericDigest `codec:"c"`
SignedWeight uint64 `codec:"w"`
SigProofs merklearray.Proof `codec:"S"`
PartProofs merklearray.Proof `codec:"P"`
MerkleSignatureSaltVersion byte `codec:"v"`
// Reveals is a sparse map from the position being revealed
// to the corresponding elements from the sigs and participants
// arrays.
Reveals map[uint64]Reveal `codec:"r,allocbound=MaxReveals"`
PositionsToReveal []uint64 `codec:"pr,allocbound=MaxReveals"`
// contains filtered or unexported fields
}
StateProof represents a proof on Algorand's state.
type Verifier ¶
type Verifier struct {
// contains filtered or unexported fields
}
Verifier is used to verify a state proof. those fields represent all the verifier's trusted data
func MkVerifierWithLnProvenWeight ¶
func MkVerifierWithLnProvenWeight(partcom stateproofcrypto.GenericDigest, lnProvenWt uint64) *Verifier
MkVerifierWithLnProvenWeight constructs a verifier to check the state proof. the arguments for this function represent all the verifier's trusted data. This function uses the Ln(provenWeight) approximation value
func (*Verifier) Verify ¶
func (v *Verifier) Verify(round uint64, data stateproofcrypto.MessageHash, s *StateProof) error
Verify checks if s is a valid state proof for the data on a round. it uses the trusted data from the Verifier struct
Source Files