Documentation ¶
Overview ¶
Copyright © 2019 Annchain Authors <EMAIL ADDRESS>
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Package vrf implements a verifiable random function using the Edwards form of Curve25519, SHA3 and the Elligator map.
E is Curve25519 (in Edwards coordinates), h is SHA3. f is the elligator map (bytes->E) that covers half of E. 8 is the cofactor of E, the group order is 8*l for prime l. Setup : the prover publicly commits to a public key (P : E) H : names -> E H(n) = f(h(n))^8 VRF : keys -> names -> vrfs VRF_x(n) = h(n, H(n)^x)) Prove : keys -> names -> proofs Prove_x(n) = tuple(c=h(n, g^r, H(n)^r), t=r-c*x, ii=H(n)^x) where r = h(x, n) is used as a source of randomness Check : E -> names -> vrfs -> proofs -> bool Check(P, n, vrf, (c,t,ii)) = vrf == h(n, ii) && c == h(n, g^t*P^c, H(n)^t*ii^c)
Index ¶
Constants ¶
const ( PublicKeySize = 32 PrivateKeySize = 64 Size = 32 ProofSize = 32 + 32 + intermediateSize )
Variables ¶
var (
ErrGetPubKey = errors.New("[vrf] Couldn't get corresponding public-key from private-key")
)
Functions ¶
This section is empty.
Types ¶
type PrivateKey ¶
type PrivateKey []byte
func GenerateKey ¶
func GenerateKey(rnd io.Reader) (sk PrivateKey, err error)
GenerateKey creates a public/private key pair using rnd for randomness. If rnd is nil, ogcrypto/rand is used.
func (PrivateKey) Compute ¶
func (sk PrivateKey) Compute(m []byte) []byte
Compute generates the vrf value for the byte slice m using the underlying private key sk.
func (PrivateKey) Prove ¶
func (sk PrivateKey) Prove(m []byte) (vrf, proof []byte)
Prove returns the vrf value and a proof such that Verify(m, vrf, proof) == true. The vrf value is the same as returned by Compute(m).
func (PrivateKey) Public ¶
func (sk PrivateKey) Public() (PublicKey, bool)
Public extracts the public VRF key from the underlying private-key and returns a boolean indicating if the operation was successful.