nizk: simplify range proof
This commit is contained in:
parent
e400b5d11b
commit
54a15061ae
|
@ -6,7 +6,6 @@ package main
|
||||||
import "C"
|
import "C"
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"log"
|
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -233,7 +233,7 @@ impl<E: Engine> ParamsUL<E> {
|
||||||
self.prove_ul_response(r, C, &proofUlState, c, k, otherM)
|
self.prove_ul_response(r, C, &proofUlState, c, k, otherM)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn prove_ul_commitment<R: Rng>(&self, rng: &mut R, x: i32, k: usize, sOptional: Option<Vec<E::Fr>>, mOptional: Option<E::Fr>) -> ProofULState<E> {
|
pub fn prove_ul_commitment<R: Rng>(&self, rng: &mut R, x: i32, k: usize, sOptional: Option<Vec<E::Fr>>, mOptional: Option<E::Fr>) -> ProofULState<E> {
|
||||||
if x > self.u.pow(self.l as u32) || x < 0 {
|
if x > self.u.pow(self.l as u32) || x < 0 {
|
||||||
panic!("x is not within the range.");
|
panic!("x is not within the range.");
|
||||||
}
|
}
|
||||||
|
@ -286,7 +286,7 @@ impl<E: Engine> ParamsUL<E> {
|
||||||
ProofULState { decx, proofStates, V, D, m, s }
|
ProofULState { decx, proofStates, V, D, m, s }
|
||||||
}
|
}
|
||||||
|
|
||||||
fn prove_ul_response(&self, r: E::Fr, C: Commitment<E>, proofUlState: &ProofULState<E>, c: E::Fr, k: usize, otherM: Vec<E::Fr>) -> ProofUL<E> {
|
pub fn prove_ul_response(&self, r: E::Fr, C: Commitment<E>, proofUlState: &ProofULState<E>, c: E::Fr, k: usize, otherM: Vec<E::Fr>) -> ProofUL<E> {
|
||||||
let mut sigProofs = Vec::<SignatureProof<E>>::with_capacity(self.l as usize);
|
let mut sigProofs = Vec::<SignatureProof<E>>::with_capacity(self.l as usize);
|
||||||
let mut zr = proofUlState.m.clone();
|
let mut zr = proofUlState.m.clone();
|
||||||
let mut rc = r.clone();
|
let mut rc = r.clone();
|
||||||
|
|
37
src/nizk.rs
37
src/nizk.rs
|
@ -7,7 +7,7 @@ use cl::{Signature, PublicParams, setup, BlindKeyPair, SignatureProof, PublicKey
|
||||||
use ped92::{Commitment, CSMultiParams, CommitmentProof};
|
use ped92::{Commitment, CSMultiParams, CommitmentProof};
|
||||||
use pairing::{Engine, CurveProjective};
|
use pairing::{Engine, CurveProjective};
|
||||||
use wallet::Wallet;
|
use wallet::Wallet;
|
||||||
use ccs08::{RPPublicParams, RPSecretParams, RangeProof};
|
use ccs08::{SecretParamsUL, ParamsUL, ProofUL};
|
||||||
use serde::{Serialize, Deserialize};
|
use serde::{Serialize, Deserialize};
|
||||||
use util;
|
use util;
|
||||||
use std::borrow::BorrowMut;
|
use std::borrow::BorrowMut;
|
||||||
|
@ -28,8 +28,8 @@ pub struct NIZKProof<E: Engine> {
|
||||||
pub sig: Signature<E>,
|
pub sig: Signature<E>,
|
||||||
pub sigProof: SignatureProof<E>,
|
pub sigProof: SignatureProof<E>,
|
||||||
pub comProof: CommitmentProof<E>,
|
pub comProof: CommitmentProof<E>,
|
||||||
pub rpBC: RangeProof<E>,
|
pub rpBC: ProofUL<E>,
|
||||||
pub rpBM: RangeProof<E>,
|
pub rpBM: ProofUL<E>,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// NIZKPublicParams are public parameters to perform a NIZK Proof of Knowledge during the payment and closing protocol
|
/// NIZKPublicParams are public parameters to perform a NIZK Proof of Knowledge during the payment and closing protocol
|
||||||
|
@ -46,7 +46,7 @@ pub struct NIZKPublicParams<E: Engine> {
|
||||||
pub mpk: PublicParams<E>,
|
pub mpk: PublicParams<E>,
|
||||||
pub pk: BlindPublicKey<E>,
|
pub pk: BlindPublicKey<E>,
|
||||||
pub comParams: CSMultiParams<E>,
|
pub comParams: CSMultiParams<E>,
|
||||||
pub rpParams: RPPublicParams<E>,
|
pub rpParams: ParamsUL<E>,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// NIZKSecretParams are secret parameters to perform the verification of a NIZK Proof of Knowledge during the payment and closing protocol
|
/// NIZKSecretParams are secret parameters to perform the verification of a NIZK Proof of Knowledge during the payment and closing protocol
|
||||||
|
@ -62,7 +62,7 @@ pub struct NIZKPublicParams<E: Engine> {
|
||||||
pub struct NIZKSecretParams<E: Engine> {
|
pub struct NIZKSecretParams<E: Engine> {
|
||||||
pub pubParams: NIZKPublicParams<E>,
|
pub pubParams: NIZKPublicParams<E>,
|
||||||
pub keypair: BlindKeyPair<E>,
|
pub keypair: BlindKeyPair<E>,
|
||||||
pub rpParams: RPSecretParams<E>,
|
pub rpParams: SecretParamsUL<E>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<E: Engine> NIZKSecretParams<E> {
|
impl<E: Engine> NIZKSecretParams<E> {
|
||||||
|
@ -72,7 +72,9 @@ impl<E: Engine> NIZKSecretParams<E> {
|
||||||
let mpk = setup(rng);
|
let mpk = setup(rng);
|
||||||
let keypair = BlindKeyPair::<E>::generate(rng, &mpk, messageLength);
|
let keypair = BlindKeyPair::<E>::generate(rng, &mpk, messageLength);
|
||||||
let comParams = keypair.generate_cs_multi_params(&mpk);
|
let comParams = keypair.generate_cs_multi_params(&mpk);
|
||||||
let rpParams = RPSecretParams::setup(rng, 0, std::i16::MAX as i32, comParams.clone());
|
let u = 57; //TODO: optimize u?
|
||||||
|
let l = (std::i16::MAX as f32).log(u as f32).floor() as i32;
|
||||||
|
let rpParams = SecretParamsUL::setup_ul(rng, u, l, comParams.clone());
|
||||||
let pubParams = NIZKPublicParams { mpk, pk: keypair.public.clone(), comParams, rpParams: rpParams.pubParams.clone() };
|
let pubParams = NIZKPublicParams { mpk, pk: keypair.public.clone(), comParams, rpParams: rpParams.pubParams.clone() };
|
||||||
|
|
||||||
NIZKSecretParams { pubParams, keypair, rpParams }
|
NIZKSecretParams { pubParams, keypair, rpParams }
|
||||||
|
@ -91,7 +93,7 @@ impl<E: Engine> NIZKSecretParams<E> {
|
||||||
let r0 = proof.sig.h != E::G1::one();
|
let r0 = proof.sig.h != E::G1::one();
|
||||||
|
|
||||||
//compute challenge
|
//compute challenge
|
||||||
let challenge = NIZKPublicParams::<E>::hash(proof.sigProof.a, vec! {proof.comProof.T, proof.rpBC.p1.D, proof.rpBC.p2.D, proof.rpBM.p1.D, proof.rpBM.p2.D});
|
let challenge = NIZKPublicParams::<E>::hash(proof.sigProof.a, vec! {proof.comProof.T, proof.rpBC.D, proof.rpBM.D});
|
||||||
|
|
||||||
//verify knowledge of signature
|
//verify knowledge of signature
|
||||||
let mut r1 = self.keypair.public.verify_proof(&self.pubParams.mpk, proof.sig, proof.sigProof.clone(), challenge);
|
let mut r1 = self.keypair.public.verify_proof(&self.pubParams.mpk, proof.sig, proof.sigProof.clone(), challenge);
|
||||||
|
@ -103,8 +105,8 @@ impl<E: Engine> NIZKSecretParams<E> {
|
||||||
let r2 = proof.comProof.verify_proof(&self.pubParams.comParams, &com.c.clone(), &challenge);
|
let r2 = proof.comProof.verify_proof(&self.pubParams.comParams, &com.c.clone(), &challenge);
|
||||||
|
|
||||||
//verify range proofs
|
//verify range proofs
|
||||||
let r3 = self.rpParams.verify(proof.rpBC.clone(), challenge.clone(), 3);
|
let r3 = self.rpParams.verify_ul(&proof.rpBC.clone(), challenge.clone(), 3);
|
||||||
let r4 = self.rpParams.verify(proof.rpBM.clone(), challenge.clone(), 4);
|
let r4 = self.rpParams.verify_ul(&proof.rpBM.clone(), challenge.clone(), 4);
|
||||||
|
|
||||||
//verify linear relationship
|
//verify linear relationship
|
||||||
let mut r5 = proof.comProof.z[1] == proof.sigProof.zsig[0];
|
let mut r5 = proof.comProof.z[1] == proof.sigProof.zsig[0];
|
||||||
|
@ -155,11 +157,11 @@ impl<E: Engine> NIZKPublicParams<E> {
|
||||||
let proofState = self.pk.prove_commitment(rng, &self.mpk, &paymentToken, tOptional, None);
|
let proofState = self.pk.prove_commitment(rng, &self.mpk, &paymentToken, tOptional, None);
|
||||||
|
|
||||||
//commit range proof
|
//commit range proof
|
||||||
let rpStateBC = self.rpParams.prove_commitment(rng, newWallet.bc.clone(), newWalletCom.clone(), 3, None, None);
|
let rpStateBC = self.rpParams.prove_ul_commitment(rng, newWallet.bc.clone(), 3, None, None);
|
||||||
let rpStateBM = self.rpParams.prove_commitment(rng, newWallet.bm.clone(), newWalletCom.clone(), 4, None, None);
|
let rpStateBM = self.rpParams.prove_ul_commitment(rng, newWallet.bm.clone(), 4, None, None);
|
||||||
|
|
||||||
//Compute challenge
|
//Compute challenge
|
||||||
let challenge = NIZKPublicParams::<E>::hash(proofState.a, vec! {D, rpStateBC.ps1.D, rpStateBC.ps2.D, rpStateBM.ps1.D, rpStateBM.ps2.D});
|
let challenge = NIZKPublicParams::<E>::hash(proofState.a, vec! {D, rpStateBC.D, rpStateBM.D});
|
||||||
|
|
||||||
//Response phase
|
//Response phase
|
||||||
//response for signature
|
//response for signature
|
||||||
|
@ -181,8 +183,8 @@ impl<E: Engine> NIZKPublicParams<E> {
|
||||||
let mut vec4 = newWalletVec[4..].to_vec();
|
let mut vec4 = newWalletVec[4..].to_vec();
|
||||||
vec01.append(&mut vec4);
|
vec01.append(&mut vec4);
|
||||||
}
|
}
|
||||||
let rpBC = self.rpParams.prove_response(rPrime.clone(), &rpStateBC, challenge.clone(), 3, vecWithout2.to_vec());
|
let rpBC = self.rpParams.prove_ul_response(rPrime.clone(), newWalletCom.clone(), &rpStateBC, challenge.clone(), 3, vecWithout2.to_vec());
|
||||||
let rpBM = self.rpParams.prove_response(rPrime.clone(), &rpStateBM, challenge.clone(), 4, vec01.to_vec());
|
let rpBM = self.rpParams.prove_ul_response(rPrime.clone(), newWalletCom.clone(), &rpStateBM, challenge.clone(), 4, vec01.to_vec());
|
||||||
|
|
||||||
NIZKProof { sig: proofState.blindSig, sigProof, comProof, rpBC, rpBM }
|
NIZKProof { sig: proofState.blindSig, sigProof, comProof, rpBC, rpBM }
|
||||||
}
|
}
|
||||||
|
@ -440,10 +442,11 @@ mod tests {
|
||||||
let mpk = setup(&mut rng);
|
let mpk = setup(&mut rng);
|
||||||
let blindkeypair = BlindKeyPair::<Bls12>::generate(&mut rng, &mpk, l);
|
let blindkeypair = BlindKeyPair::<Bls12>::generate(&mut rng, &mpk, l);
|
||||||
let comParams = blindkeypair.generate_cs_multi_params(&mpk);
|
let comParams = blindkeypair.generate_cs_multi_params(&mpk);
|
||||||
let rpParamsBC = ccs08::RPSecretParams::setup(rng, 0, std::i16::MAX as i32, comParams.clone());
|
let u = 57; //TODO: optimize u?
|
||||||
let rpParamsBM = ccs08::RPSecretParams::setup(rng, 0, std::i16::MAX as i32, comParams.clone());
|
let l = (std::i16::MAX as f32).log(u as f32).floor() as i32;
|
||||||
|
let rpParams = ccs08::SecretParamsUL::setup_ul(rng, u, l, comParams.clone());
|
||||||
|
|
||||||
let nizk_params = NIZKPublicParams { mpk: mpk, pk: blindkeypair.public, comParams: comParams, rpParams: rpParamsBC.pubParams.clone() };
|
let nizk_params = NIZKPublicParams { mpk: mpk, pk: blindkeypair.public, comParams: comParams, rpParams: rpParams.pubParams.clone() };
|
||||||
|
|
||||||
let is_serialized = serde_json::to_vec(&nizk_params).unwrap();
|
let is_serialized = serde_json::to_vec(&nizk_params).unwrap();
|
||||||
println!("NIZK Struct len: {}", is_serialized.len());
|
println!("NIZK Struct len: {}", is_serialized.len());
|
||||||
|
|
Loading…
Reference in New Issue