zecfoundation
/
reddsa
mirror of https://github.com/ZcashFoundation/reddsa.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix batch equation

This commit is contained in:
Conrado Gouvea 2023-04-14 14:23:51 -03:00 committed by Deirdre Connolly
parent 28e8f23d81
commit dca09a3897
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/batch.rs
View File

@ -158,13 +158,10 @@ impl<S: SpendAuth, B: Binding<Scalar = S::Scalar, Point = S::Point>> Verifier<S,
///
/// The batch verification equation is:
///
/// h_G * -[sum(z_i * s_i)]P_G + sum(\[z_i\]R_i + [z_i * c_i]VK_i) = 0_G
/// h_G * ( -[sum(z_i * s_i)]P_G + sum(\[z_i\]R_i) + sum([z_i * c_i]VK_i) ) = 0_G
///
/// which we split out into:
///
/// h_G * -[sum(z_i * s_i)]P_G + sum(\[z_i\]R_i) + sum([z_i * c_i]VK_i) = 0_G
///
/// so that we can use multiscalar multiplication speedups.
/// as given in https://zips.z.cash/protocol/protocol.pdf#reddsabatchvalidate
/// (the terms are split out so that we can use multiscalar multiplication speedups).
///
/// where for each signature i,
/// - VK_i is the verification key;