ark_poly_commit::ipa_pc

Struct InnerProductArgPC

Source 
pub struct InnerProductArgPC<G: AffineRepr, D: Digest, P: DenseUVPolynomial<G::ScalarField>> { /* private fields */ }
Expand description

A polynomial commitment scheme based on the hardness of the discrete logarithm problem in prime-order groups. The construction is described in detail in [BCMS20].

Degree bound enforcement requires that (at least one of) the points at which a committed polynomial is evaluated are from a distribution that is random conditioned on the polynomial. This is because degree bound enforcement relies on checking a polynomial identity at this point. More formally, the points must be sampled from an admissible query sampler, as detailed in [CHMMVW20].

Implementations§

Source§

impl<G, D, P> InnerProductArgPC<G, D, P>
where G: AffineRepr, G::Group: VariableBaseMSM<MulBase = G>, D: Digest, P: DenseUVPolynomial<G::ScalarField>,

Source

pub const PROTOCOL_NAME: &'static [u8] = b"PC-DL-2020"

PROTOCOL_NAME is used as a seed for the setup function.

Trait Implementations§

Source§

impl<G, D, P> PolynomialCommitment<<G as AffineRepr>::ScalarField, P> for InnerProductArgPC<G, D, P>
where G: AffineRepr, G::Group: VariableBaseMSM<MulBase = G>, D: Digest, P: DenseUVPolynomial<G::ScalarField, Point = G::ScalarField>,

Source§

fn commit<'a>( ck: &Self::CommitterKey, polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<G::ScalarField, P>>, rng: Option<&mut dyn RngCore>, ) -> Result<(Vec<LabeledCommitment<Self::Commitment>>, Vec<Self::CommitmentState>), Self::Error>
where P: 'a,

Outputs a commitment to polynomial.

Source§

fn check_combinations<'a, R: RngCore>( vk: &Self::VerifierKey, linear_combinations: impl IntoIterator<Item = &'a LinearCombination<G::ScalarField>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, eqn_query_set: &QuerySet<P::Point>, eqn_evaluations: &Evaluations<P::Point, G::ScalarField>, proof: &BatchLCProof<G::ScalarField, Self::BatchProof>, sponge: &mut impl CryptographicSponge, rng: &mut R, ) -> Result<bool, Self::Error>
where Self::Commitment: 'a,

Checks that values are the true evaluations at query_set of the polynomials committed in labeled_commitments.

Source§

type UniversalParams = UniversalParams<G>

The universal parameters for the commitment scheme. These are “trimmed” down to Self::CommitterKey and Self::VerifierKey by Self::trim.
Source§

type CommitterKey = CommitterKey<G>

The committer key for the scheme; used to commit to a polynomial and then open the commitment to produce an evaluation proof.
Source§

type VerifierKey = CommitterKey<G>

The verifier key for the scheme; used to check an evaluation proof.
Source§

type Commitment = Commitment<G>

The commitment to a polynomial.
Source§

type CommitmentState = Randomness<G>

Auxiliary state of the commitment, output by the commit phase. It contains information that can be reused by the committer during the open phase, such as the commitment randomness. Not to be shared with the verifier.
Source§

type Proof = Proof<G>

The evaluation proof for a single point.
Source§

type BatchProof = Vec<<InnerProductArgPC<G, D, P> as PolynomialCommitment<<G as AffineRepr>::ScalarField, P>>::Proof>

The evaluation proof for a query set.
Source§

type Error = Error

The error type for the scheme.
Source§

fn setup<R: RngCore>( max_degree: usize, _: Option<usize>, _rng: &mut R, ) -> Result<Self::UniversalParams, Self::Error>

Constructs public parameters when given as input the maximum degree degree for the polynomial commitment scheme. num_vars specifies the number of variables for multivariate setup
Source§

fn trim( pp: &Self::UniversalParams, supported_degree: usize, _supported_hiding_bound: usize, _enforced_degree_bounds: Option<&[usize]>, ) -> Result<(Self::CommitterKey, Self::VerifierKey), Self::Error>

Specializes the public parameters for polynomials up to the given supported_degree and for enforcing degree bounds in the range 1..=supported_degree.
Source§

fn open<'a>( ck: &Self::CommitterKey, labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<G::ScalarField, P>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, point: &'a P::Point, sponge: &mut impl CryptographicSponge, states: impl IntoIterator<Item = &'a Self::CommitmentState>, rng: Option<&mut dyn RngCore>, ) -> Result<Self::Proof, Self::Error>
where Self::Commitment: 'a, Self::CommitmentState: 'a, P: 'a,

open but with individual challenges
Source§

fn check<'a>( vk: &Self::VerifierKey, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, point: &'a P::Point, values: impl IntoIterator<Item = G::ScalarField>, proof: &Self::Proof, sponge: &mut impl CryptographicSponge, _rng: Option<&mut dyn RngCore>, ) -> Result<bool, Self::Error>
where Self::Commitment: 'a,

check but with individual challenges
Source§

fn batch_check<'a, R: RngCore>( vk: &Self::VerifierKey, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, query_set: &QuerySet<P::Point>, values: &Evaluations<G::ScalarField, P::Point>, proof: &Self::BatchProof, sponge: &mut impl CryptographicSponge, rng: &mut R, ) -> Result<bool, Self::Error>
where Self::Commitment: 'a,

Verify opening proofs for several polynomials at one or more points each (possibly different for each polynomial). Each entry in the query set of points contains the label of the polynomial which was queried at that point. Read more
Source§

fn open_combinations<'a>( ck: &Self::CommitterKey, linear_combinations: impl IntoIterator<Item = &'a LinearCombination<G::ScalarField>>, polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<G::ScalarField, P>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, query_set: &QuerySet<P::Point>, sponge: &mut impl CryptographicSponge, states: impl IntoIterator<Item = &'a Self::CommitmentState>, rng: Option<&mut dyn RngCore>, ) -> Result<BatchLCProof<G::ScalarField, Self::BatchProof>, Self::Error>
where Self::CommitmentState: 'a, Self::Commitment: 'a, P: 'a,

Open commitments to all polynomials involved in a number of linear combinations (LC) simultaneously.
Source§

fn batch_open<'a>( ck: &Self::CommitterKey, labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, query_set: &QuerySet<P::Point>, sponge: &mut impl CryptographicSponge, states: impl IntoIterator<Item = &'a Self::CommitmentState>, rng: Option<&mut dyn RngCore>, ) -> Result<Self::BatchProof, Self::Error>
where P: 'a, Self::CommitmentState: 'a, Self::Commitment: 'a,

Open several polynomials at one or more points each (possibly different for each polynomial). Each entry in the in the query set of points contains the label of the polynomial which should be queried at that point. Read more

Auto Trait Implementations§

§

impl<G, D, P> Freeze for InnerProductArgPC<G, D, P>

§

impl<G, D, P> RefUnwindSafe for InnerProductArgPC<G, D, P>
where G: RefUnwindSafe, D: RefUnwindSafe, P: RefUnwindSafe,

§

impl<G, D, P> Send for InnerProductArgPC<G, D, P>
where D: Send, P: Send,

§

impl<G, D, P> Sync for InnerProductArgPC<G, D, P>
where D: Sync,

§

impl<G, D, P> Unpin for InnerProductArgPC<G, D, P>
where G: Unpin, D: Unpin, P: Unpin,

§

impl<G, D, P> UnwindSafe for InnerProductArgPC<G, D, P>
where G: UnwindSafe, D: UnwindSafe, P: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V