nizk: i32 instead of i64
This commit is contained in:
parent
48980fd64c
commit
e0f82b28a6
34
src/ccs08.rs
34
src/ccs08.rs
|
@ -31,16 +31,16 @@ struct ParamsUL<E: Engine> {
|
|||
// u determines the amount of signatures we need in the public params.
|
||||
// Each signature can be compressed to just 1 field element of 256 bits.
|
||||
// Then the parameters have minimum size equal to 256*u bits.
|
||||
u: i64,
|
||||
u: i32,
|
||||
// l determines how many pairings we need to compute, then in order to improve
|
||||
// verifier`s performance we want to minize it.
|
||||
// Namely, we have 2*l pairings for the prover and 3*l for the verifier.
|
||||
l: i64,
|
||||
l: i32,
|
||||
}
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct ProofULState<E: Engine> {
|
||||
pub decx: Vec<i64>,
|
||||
pub decx: Vec<i32>,
|
||||
pub proofStates: Vec<ProofState<E>>,
|
||||
pub V: Vec<Signature<E>>,
|
||||
pub D: E::G1,
|
||||
|
@ -85,8 +85,8 @@ This must be computed in a trusted setup.
|
|||
#[derive(Clone)]
|
||||
pub struct RPPublicParams<E: Engine> {
|
||||
p: ParamsUL<E>,
|
||||
a: i64,
|
||||
b: i64,
|
||||
a: i32,
|
||||
b: i32,
|
||||
}
|
||||
|
||||
impl<E: Engine> ParamsUL<E> {
|
||||
|
@ -95,7 +95,7 @@ impl<E: Engine> ParamsUL<E> {
|
|||
The value of u should be roughly b/log(b), but we can choose smaller values in
|
||||
order to get smaller parameters, at the cost of having worse performance.
|
||||
*/
|
||||
pub fn setup_ul<R: Rng>(rng: &mut R, u: i64, l: i64, csParams: CSMultiParams<E>) -> Self {
|
||||
pub fn setup_ul<R: Rng>(rng: &mut R, u: i32, l: i32, csParams: CSMultiParams<E>) -> Self {
|
||||
let mpk = setup(rng);
|
||||
let kp = BlindKeyPair::<E>::generate(rng, &mpk, 1);
|
||||
|
||||
|
@ -111,7 +111,7 @@ impl<E: Engine> ParamsUL<E> {
|
|||
/**
|
||||
prove_ul method is used to produce the ZKRP proof that secret x belongs to the interval [0,U^L).
|
||||
*/
|
||||
pub fn prove_ul<R: Rng>(&self, rng: &mut R, x: i64, r: E::Fr, C: Commitment<E>, k: usize, otherM: Vec<E::Fr>) -> ProofUL<E> {
|
||||
pub fn prove_ul<R: Rng>(&self, rng: &mut R, x: i32, r: E::Fr, C: Commitment<E>, k: usize, otherM: Vec<E::Fr>) -> ProofUL<E> {
|
||||
let proofUlState = self.prove_ul_commitment(rng, x, k);
|
||||
|
||||
// Fiat-Shamir heuristic
|
||||
|
@ -124,7 +124,7 @@ impl<E: Engine> ParamsUL<E> {
|
|||
self.prove_ul_response(r, C, &proofUlState, c, k, otherM)
|
||||
}
|
||||
|
||||
fn prove_ul_commitment<R: Rng>(&self, rng: &mut R, x: i64, k: usize) -> ProofULState<E> {
|
||||
fn prove_ul_commitment<R: Rng>(&self, rng: &mut R, x: i32, k: usize) -> ProofULState<E> {
|
||||
if x > self.u.pow(self.l as u32) || x < 0 {
|
||||
panic!("x is not within the range.");
|
||||
}
|
||||
|
@ -284,7 +284,7 @@ fn hash<E: Engine>(a: Vec<E::Fqk>, D: Vec<E::G1>) -> E::Fr {
|
|||
Decompose receives as input an integer x and outputs an array of integers such that
|
||||
x = sum(xi.u^i), i.e. it returns the decomposition of x into base u.
|
||||
*/
|
||||
fn decompose(x: i64, u: i64, l: i64) -> Vec<i64> {
|
||||
fn decompose(x: i32, u: i32, l: i32) -> Vec<i32> {
|
||||
let mut result = Vec::with_capacity(l as usize);
|
||||
let mut decomposer = x.clone();
|
||||
for _i in 0..l {
|
||||
|
@ -298,20 +298,20 @@ impl<E: Engine> RPPublicParams<E> {
|
|||
/**
|
||||
Setup receives integers a and b, and configures the parameters for the rangeproof scheme.
|
||||
*/
|
||||
pub fn setup<R: Rng>(rng: &mut R, a: i64, b: i64, csParams: CSMultiParams<E>) -> Self {
|
||||
pub fn setup<R: Rng>(rng: &mut R, a: i32, b: i32, csParams: CSMultiParams<E>) -> Self {
|
||||
// Compute optimal values for u and l
|
||||
if a > b {
|
||||
panic!("a must be less than or equal to b");
|
||||
}
|
||||
//TODO: optimize u?
|
||||
let logb = (b as f64).log2();
|
||||
let logb = (b as f32).log2();
|
||||
let loglogb = logb.log2();
|
||||
if loglogb > 0.0 {
|
||||
let mut u = (logb / loglogb) as i64;
|
||||
let mut u = (logb / loglogb) as i32;
|
||||
if u < 2 {
|
||||
u = 2;
|
||||
}
|
||||
let l = (b as f64).log(u as f64).ceil() as i64;
|
||||
let l = (b as f32).log(u as f32).ceil() as i32;
|
||||
|
||||
let params_out: ParamsUL<E> = ParamsUL::<E>::setup_ul(rng, u, l, csParams.clone());
|
||||
return RPPublicParams { p: params_out, a, b };
|
||||
|
@ -323,7 +323,7 @@ impl<E: Engine> RPPublicParams<E> {
|
|||
/**
|
||||
Prove method is responsible for generating the zero knowledge range proof.
|
||||
*/
|
||||
pub fn prove<R: Rng>(&self, rng: &mut R, x: i64, C: Commitment<E>, r: E::Fr, k: usize, otherM: Vec<E::Fr>) -> RangeProof<E> {
|
||||
pub fn prove<R: Rng>(&self, rng: &mut R, x: i32, C: Commitment<E>, r: E::Fr, k: usize, otherM: Vec<E::Fr>) -> RangeProof<E> {
|
||||
let rpState = self.prove_commitment(rng, x, C, k);
|
||||
|
||||
let mut a = Vec::<E::Fqk>::with_capacity(self.p.l as usize);
|
||||
|
@ -336,7 +336,7 @@ impl<E: Engine> RPPublicParams<E> {
|
|||
self.prove_response(r, &rpState, ch, k, otherM)
|
||||
}
|
||||
|
||||
pub fn prove_commitment<R: Rng>(&self, rng: &mut R, x: i64, C: Commitment<E>, k: usize) -> RangeProofState<E> {
|
||||
pub fn prove_commitment<R: Rng>(&self, rng: &mut R, x: i32, C: Commitment<E>, k: usize) -> RangeProofState<E> {
|
||||
if x > self.b || x < self.a {
|
||||
panic!("x is not within the range.");
|
||||
}
|
||||
|
@ -590,14 +590,14 @@ mod tests {
|
|||
let vec1 = decompose(25, 3, 5);
|
||||
let mut result = 0;
|
||||
for i in 0..5 {
|
||||
result += vec1[i] * 3i64.pow(i as u32);
|
||||
result += vec1[i] * 3i32.pow(i as u32);
|
||||
}
|
||||
assert_eq!(result, 25);
|
||||
|
||||
let vec1 = decompose(143225, 6, 7);
|
||||
let mut result = 0;
|
||||
for i in 0..7 {
|
||||
result += vec1[i] * 6i64.pow(i as u32);
|
||||
result += vec1[i] * 6i32.pow(i as u32);
|
||||
}
|
||||
assert_eq!(result, 143225);
|
||||
}
|
||||
|
|
|
@ -53,10 +53,10 @@ fn prove<R: Rng, E: Engine>(rng: &mut R, comParams: &CSMultiParams<E>, r: E::Fr,
|
|||
}
|
||||
|
||||
//commit range proof
|
||||
let rpParamsBC = RPPublicParams::setup(rng, 0, std::i32::MAX as i64, comParams.clone());
|
||||
let rpParamsBM = RPPublicParams::setup(rng, 0, std::i32::MAX as i64, comParams.clone());
|
||||
let rpStateBC = rpParamsBC.prove_commitment(rng, newWallet.bc.clone() as i64, newWalletCom.clone(), 3);
|
||||
let rpStateBM = rpParamsBM.prove_commitment(rng, newWallet.bm.clone() as i64, newWalletCom.clone(), 4);
|
||||
let rpParamsBC = RPPublicParams::setup(rng, 0, std::i16::MAX as i32, comParams.clone());
|
||||
let rpParamsBM = RPPublicParams::setup(rng, 0, std::i16::MAX as i32, comParams.clone());
|
||||
let rpStateBC = rpParamsBC.prove_commitment(rng, newWallet.bc.clone(), newWalletCom.clone(), 3);
|
||||
let rpStateBM = rpParamsBM.prove_commitment(rng, newWallet.bm.clone(), newWalletCom.clone(), 4);
|
||||
|
||||
//Compute challenge
|
||||
//TODO: add commitment of range proofs
|
||||
|
|
Loading…
Reference in New Issue