trie_kzg_bn256

package
v0.0.0-...-2b1eae4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 13, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

README

Package trie_kzg_bn256

Package contain implementation of commitment model for the 256+ trie based on KZG (Kate) polynomial commitments. The underlying math can be found in Formulas for polynomial KZG commitments in Lagrange basis.

Documentation

Index

Constants

View Source 
const FACTOR = 5743

factor of order-1

Variables

View Source 
var Model = New()

Model is a singleton

Functions

func GenRootOfUnityQuasiPrimitive 

func GenRootOfUnityQuasiPrimitive(suite *bn256.Suite, d uint16) (kyber.Scalar, []kyber.Scalar)

GenRootOfUnityQuasiPrimitive generates random roots of unity based on FACTOR until all its powers up to D-1 are long enough thus excluding also 1. Note that the generated root of unity may not be primitive wrt FACTOR

func GetTrustedSetupBin 

func GetTrustedSetupBin() []byte

Types

type CommitmentModel 

type CommitmentModel struct {
	TrustedSetup
}

CommitmentModel implements 256+ trie based on blake2b hashing

func New 

func New() *CommitmentModel

func (*CommitmentModel) CalcNodeCommitment 

func (m *CommitmentModel) CalcNodeCommitment(data *trie.NodeData) trie.VCommitment

func (*CommitmentModel) CommitToData 

func (m *CommitmentModel) CommitToData(data []byte) trie.TCommitment

func (*CommitmentModel) Description 

func (m *CommitmentModel) Description() string

func (*CommitmentModel) EqualCommitments 

func (m *CommitmentModel) EqualCommitments(c1, c2 trie.Serializable) bool

func (*CommitmentModel) ForceStoreTerminalWithNode 

func (m *CommitmentModel) ForceStoreTerminalWithNode(_ trie.TCommitment) bool

func (*CommitmentModel) NewTerminalCommitment 

func (m *CommitmentModel) NewTerminalCommitment() trie.TCommitment

func (*CommitmentModel) NewVectorCommitment 

func (m *CommitmentModel) NewVectorCommitment() trie.VCommitment

func (*CommitmentModel) PathArity 

func (m *CommitmentModel) PathArity() trie.PathArity

func (*CommitmentModel) ProofOfInclusion 

func (m *CommitmentModel) ProofOfInclusion(key []byte, tr trie.NodeStore) (*ProofOfInclusion, bool)

ProofOfInclusion converts generic proof path of existing key to the verifiable proof path Returns nil, false if path does not exist

func (*CommitmentModel) ProofOfPath 

func (m *CommitmentModel) ProofOfPath(key []byte, tr trie.NodeStore) (*ProofOfPath, bool)

ProofOfPath returns proof of path along the key, if key is absent. If key is present, it returns nil, false, The proof of path can be used as a proof of absence of the key in the state, i.e. to prove that something else is committed in the state instead of what should be committed if the key would be present

func (*CommitmentModel) ShortName 

func (m *CommitmentModel) ShortName() string

func (*CommitmentModel) UpdateNodeCommitment 

func (m *CommitmentModel) UpdateNodeCommitment(mutate *trie.NodeData, childUpdates map[byte]trie.VCommitment, calcDelta bool, terminal trie.TCommitment, update *trie.VCommitment)

UpdateNodeCommitment updates mutated part of node's data and, optionaly, upper

func (*CommitmentModel) UpdateVCommitment 

func (m *CommitmentModel) UpdateVCommitment(c *trie.VCommitment, delta trie.VCommitment)

type ProofElement 

type ProofElement struct {
	// commitment to the vector (node)
	C kyber.Point
	// index of the vector element. 256 mean terminal, 257 means path fragment
	VectorIndex uint16
	// proof that the committed value is at the position VectorIndex of the committed vector
	// If 0 <= VectorIndex <= 255 the value will be of the commitment to the next vector in the path
	// If VectorIndex == 256, the value is the commitment to the terminal value of the key. It is valid only in the
	// last element of the proof path
	// values >=257 are not correct for the proof of inclusion
	Proof kyber.Point
}

func (*ProofElement) Read 

func (e *ProofElement) Read(r io.Reader) error

func (*ProofElement) String 

func (e *ProofElement) String() string

func (*ProofElement) Write 

func (e *ProofElement) Write(w io.Writer) error

type ProofOfInclusion 

type ProofOfInclusion struct {
	// key of the proof
	Key []byte
	// commitment to the terminal value
	Terminal kyber.Scalar
	// path of proof elements
	Path []*ProofElement
}

ProofOfInclusion is valid only if the key is present in the trie.

func ProofOfInclusionFromBytes 

func ProofOfInclusionFromBytes(data []byte) (*ProofOfInclusion, error)

func (*ProofOfInclusion) Bytes 

func (p *ProofOfInclusion) Bytes() []byte

func (*ProofOfInclusion) Read 

func (p *ProofOfInclusion) Read(r io.Reader) error

func (*ProofOfInclusion) String 

func (p *ProofOfInclusion) String() string

func (*ProofOfInclusion) Validate 

func (p *ProofOfInclusion) Validate(root trie.VCommitment, value ...[]byte) error

Validate check the proof against the provided root commitments if 'value' is specified, checks if commitment to that value is the terminal of the last element in path

func (*ProofOfInclusion) Write 

func (p *ProofOfInclusion) Write(w io.Writer) error

type ProofOfPath 

type ProofOfPath struct {
}

ProofOfPath is a proof of some existing path in the state, which also proves absence of some key

type TrustedSetup 

type TrustedSetup struct {
	Suite         *bn256.Suite
	D             uint16
	Omega         kyber.Scalar  // persistent
	LagrangeBasis []kyber.Point // persistent. TLi = [l<i>(secret)]1
	Diff2         []kyber.Point // persistent
	// auxiliary, precalculated values
	Domain        []kyber.Scalar // non-persistent. if omega != 0, domain_i =  omega^i, otherwise domain_i = i.
	AprimeDomainI []kyber.Scalar // A'(i)

	ZeroG1 kyber.Scalar // aux
	OneG1  kyber.Scalar // aux
	// contains filtered or unexported fields
}

TrustedSetup is a trusted setup for KZG calculations with degree D. The domain of Lagrange polynomials is either defined by powers of omega, assuming omega^i != 1 for any 0<=i<D or, of omega == 0, it is 0, 1, 2, ..., D-1 The secret itself must be destroyed immediately after trusted setup is generated. The trusted setup is a public value stored for examples in a file. It is impossible to restore secret from the trusted setup [x]1 means a projection of scalar x to the G1 curve. [x]1 = xG, where G is the generating element [x]2 means a projection of scalar x to the G2 curve. [x]2 = xH, where H is the generating element

func TrustedSetupFromBytes 

func TrustedSetupFromBytes(suite *bn256.Suite, data []byte) (*TrustedSetup, error)

TrustedSetupFromBytes unmarshals trusted setup from binary representation

func TrustedSetupFromFile 

func TrustedSetupFromFile(suite *bn256.Suite, fname string) (*TrustedSetup, error)

TrustedSetupFromFile restores trusted setup from file

func TrustedSetupFromSecretNaturalDomain 

func TrustedSetupFromSecretNaturalDomain(suite *bn256.Suite, d uint16, secret kyber.Scalar) (*TrustedSetup, error)

TrustedSetupFromSecretNaturalDomain uses 0,1,2,.. domain instead of omega

func TrustedSetupFromSecretPowers 

func TrustedSetupFromSecretPowers(suite *bn256.Suite, d uint16, omega, secret kyber.Scalar) (*TrustedSetup, error)

TrustedSetupFromSecretPowers calculates TrustedSetup from secret and omega It uses powers of the omega as a domain for Lagrange basis Only used once after what secret must be destroyed

func TrustedSetupFromSeed 

func TrustedSetupFromSeed(suite *bn256.Suite, d uint16, seed []byte) (*TrustedSetup, error)

TrustedSetupFromSeed for testing only

func (*TrustedSetup) Bytes 

func (sd *TrustedSetup) Bytes() []byte

Bytes marshals the trusted setup

Source Files

View all Source files

Directories

Path Synopsis
the program kzg_setup generates new trusted setup for the KZG calculations from the secret entered from the keyboard and saves generated setup into the file Usage: kzg_setup <file name>
 the program kzg_setup generates new trusted setup for the KZG calculations from the secret entered from the keyboard and saves generated setup into the file Usage: kzg_setup <file name>

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.