gipakzg

package
v0.0.0-...-63bedb4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AssembleProverVerifier

func AssembleProverVerifier(m uint64, ck *cm.Ck, kzg1 *kzg.KZG1Settings, kzg2 *kzg.KZG2Settings, A []mcl.G1, B []mcl.G2) (Prover, Verifier)

Run GenerateGipaKzgInstance to get ck, A, and B. Using that create a prover and verifier.

func BuildHaloPoly

func BuildHaloPoly(RandomChallenges []mcl.Fr, invert bool) []mcl.Fr

func EvaluateHaloPoly

func EvaluateHaloPoly(RandomChallenges []mcl.Fr, evaluationPoint mcl.Fr, invert bool) mcl.Fr

Evaluate the halo poly at evaluationPoint.

func GenerateGipaKzgInstance

func GenerateGipaKzgInstance(mn uint64, alpha mcl.Fr, beta mcl.Fr, g mcl.G1, h mcl.G2) (*cm.Ck, *kzg.KZG1Settings, *kzg.KZG2Settings, []mcl.G1, []mcl.G2)

Given alpha, beta, G, H, this will return ck, A, and B.

func GipaKzgTestSetup

func GipaKzgTestSetup(mn uint64, alpha mcl.Fr, beta mcl.Fr, g mcl.G1, h mcl.G2) (Prover, Verifier)

Calls the above two functions at once for simple ease. Nothing fancy.

Types

type Proof

type Proof struct {
	L   []cm.Com  // Left commitments at each level
	R   []cm.Com  // Right Commitments at each level
	A   [1]mcl.G1 // Final value of A after log M rounds
	B   [1]mcl.G2 // Final value of B after log M rounds
	W   mcl.G1    // Left commitment key
	V   mcl.G2    // Right commitment key
	Pi1 mcl.G1    // Proof of correct evaluation of Halo poly W
	Pi2 mcl.G2    // Proof of correct evaluation of Halo poly V
}

func (*Proof) Append

func (self *Proof) Append(ComL cm.Com, ComR cm.Com)

func (*Proof) At

func (self *Proof) At(i uint64) (cm.Com, cm.Com)

type Prover

type Prover struct {
	M  uint64
	A  []mcl.G1
	B  []mcl.G2
	Ck cm.Ck

	MPrime uint64
	A_L    []mcl.G1
	A_R    []mcl.G1
	B_L    []mcl.G2
	B_R    []mcl.G2
	Z_L    mcl.GT
	Z_R    mcl.GT
	Ck1    cm.Ck
	Ck2    cm.Ck

	ComL cm.Com
	ComR cm.Com
	X    []mcl.Fr

	KZG1 kzg.KZG1Settings
	KZG2 kzg.KZG2Settings

	Transcript       [32]byte
	RandomChallenges []mcl.Fr
}

Prover is a struct to manage the prover state.

func (*Prover) Clone

func (self *Prover) Clone(prover *Prover)

func (*Prover) FiatShamir

func (self *Prover) FiatShamir() mcl.Fr

func (*Prover) Fold

func (self *Prover) Fold(x mcl.Fr)

Fold is a member function of Prover It computes: - A', B' - ck' Parameters ---------- x, Fr the random challenge posed by the verifier

Returns ------- None Updates the data members A, B, and ck.

func (*Prover) Init

func (self *Prover) Init(M uint64, ck *cm.Ck, kzg1 *kzg.KZG1Settings, kzg2 *kzg.KZG2Settings, A []mcl.G1, B []mcl.G2)

func (*Prover) Prove

func (self *Prover) Prove() Proof

func (*Prover) Transform

func (self *Prover) Transform() (cm.Com, cm.Com)

Transform is a member function of Prover It performs the following operations: - Breaks the vector A into two equal parts (A_L, A_R) - Breaks the vector B into two equal parts (B_L, B_R) - Computes z_L, z_R - Breaks the commitment key into half - Computes the left and right commitment Parameters ---------- None

Returns ------- Updates the data members ComL and ComR. Returns ComL, ComR so that verifier can pose the challenge

type Verifier

type Verifier struct {
	M   uint64
	Com cm.Com

	MPrime uint64

	ComL cm.Com
	ComR cm.Com

	X []mcl.Fr

	KZG1 kzg.KZG1Settings
	KZG2 kzg.KZG2Settings

	Transcript       [32]byte
	RandomChallenges []mcl.Fr
}

Verifier is a struct to manage the prover state.

func (*Verifier) Challenge

func (self *Verifier) Challenge() mcl.Fr

Challenge is a member function of Verifier. Will be defunct after adding Fiat-Shamir It poses a random challenge to the prover based on ComL and ComR Parameters ---------- ComL, type Com ComR, type Com

Returns ------- x, Fr a random challenge Updates the data members, ComR and ComL

func (*Verifier) Check

func (self *Verifier) Check(A []mcl.G1, B []mcl.G2, W mcl.G1, V mcl.G2) bool

Check is a member function of Verifier It performs the final pairing and commitment check. Parameters ---------- A, slice mcl.G1 should be of size 1 B, slice mcl.G2 should be of size 1

Returns ------- bool, true if the verification is successful.

func (*Verifier) Clone

func (self *Verifier) Clone(verifier *Verifier)

func (*Verifier) FiatShamir

func (self *Verifier) FiatShamir() mcl.Fr

func (*Verifier) Fold

func (self *Verifier) Fold(x mcl.Fr)

Fold is a member function of Verifier Verifier computes the ck' and com' Inner product of A', B' (prover state) should be equal to com' Parameters ---------- x, Fr challenge posed to the prover

Returns ------- None Updates the data members, com and ck

func (*Verifier) Init

func (self *Verifier) Init(M uint64, kzg1 *kzg.KZG1Settings, kzg2 *kzg.KZG2Settings, com cm.Com)

func (*Verifier) Transform

func (self *Verifier) Transform()

Transform is a member function of Verifier Verifier updates the MPrime Parameters ---------- None

Returns ------- None Updates the data member, MPrime

func (*Verifier) Update

func (self *Verifier) Update(ComL cm.Com, ComR cm.Com)

func (*Verifier) Verify

func (self *Verifier) Verify(proof Proof) bool

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL