ark_poly_commit

Trait PolynomialCommitment

Source 
pub trait PolynomialCommitment<F: PrimeField, P: Polynomial<F>>: Sized {
    type UniversalParams: PCUniversalParams;
    type CommitterKey: PCCommitterKey;
    type VerifierKey: PCVerifierKey;
    type Commitment: PCCommitment + Default;
    type CommitmentState: PCCommitmentState;
    type Proof: Clone;
    type BatchProof: Clone + From<Vec<Self::Proof>> + Into<Vec<Self::Proof>> + CanonicalSerialize + CanonicalDeserialize;
    type Error: Error + From<Error>;

    // Required methods
    fn setup<R: RngCore>(
        max_degree: usize,
        num_vars: Option<usize>,
        rng: &mut R,
    ) -> Result<Self::UniversalParams, Self::Error>;
    fn trim(
        pp: &Self::UniversalParams,
        supported_degree: usize,
        supported_hiding_bound: usize,
        enforced_degree_bounds: Option<&[usize]>,
    ) -> Result<(Self::CommitterKey, Self::VerifierKey), Self::Error>;
    fn commit<'a>(
        ck: &Self::CommitterKey,
        polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>,
        rng: Option<&mut dyn RngCore>,
    ) -> Result<(Vec<LabeledCommitment<Self::Commitment>>, Vec<Self::CommitmentState>), Self::Error>
       where P: 'a;
    fn open<'a>(
        ck: &Self::CommitterKey,
        labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>,
        commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
        point: &'a P::Point,
        sponge: &mut impl CryptographicSponge,
        states: impl IntoIterator<Item = &'a Self::CommitmentState>,
        rng: Option<&mut dyn RngCore>,
    ) -> Result<Self::Proof, Self::Error>
       where P: 'a,
             Self::CommitmentState: 'a,
             Self::Commitment: 'a;
    fn check<'a>(
        vk: &Self::VerifierKey,
        commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
        point: &'a P::Point,
        values: impl IntoIterator<Item = F>,
        proof: &Self::Proof,
        sponge: &mut impl CryptographicSponge,
        rng: Option<&mut dyn RngCore>,
    ) -> Result<bool, Self::Error>
       where Self::Commitment: 'a;

    // Provided methods
    fn batch_open<'a>(
        ck: &Self::CommitterKey,
        labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>,
        commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
        query_set: &QuerySet<P::Point>,
        sponge: &mut impl CryptographicSponge,
        states: impl IntoIterator<Item = &'a Self::CommitmentState>,
        rng: Option<&mut dyn RngCore>,
    ) -> Result<Self::BatchProof, Self::Error>
       where P: 'a,
             Self::CommitmentState: 'a,
             Self::Commitment: 'a { ... }
    fn batch_check<'a, R: RngCore>(
        vk: &Self::VerifierKey,
        commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
        query_set: &QuerySet<P::Point>,
        evaluations: &Evaluations<P::Point, F>,
        proof: &Self::BatchProof,
        sponge: &mut impl CryptographicSponge,
        rng: &mut R,
    ) -> Result<bool, Self::Error>
       where Self::Commitment: 'a { ... }
    fn open_combinations<'a>(
        ck: &Self::CommitterKey,
        linear_combinations: impl IntoIterator<Item = &'a LinearCombination<F>>,
        polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>,
        commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
        query_set: &QuerySet<P::Point>,
        sponge: &mut impl CryptographicSponge,
        states: impl IntoIterator<Item = &'a Self::CommitmentState>,
        rng: Option<&mut dyn RngCore>,
    ) -> Result<BatchLCProof<F, Self::BatchProof>, Self::Error>
       where Self::CommitmentState: 'a,
             Self::Commitment: 'a,
             P: 'a { ... }
    fn check_combinations<'a, R: RngCore>(
        vk: &Self::VerifierKey,
        linear_combinations: impl IntoIterator<Item = &'a LinearCombination<F>>,
        commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
        eqn_query_set: &QuerySet<P::Point>,
        eqn_evaluations: &Evaluations<P::Point, F>,
        proof: &BatchLCProof<F, Self::BatchProof>,
        sponge: &mut impl CryptographicSponge,
        rng: &mut R,
    ) -> Result<bool, Self::Error>
       where Self::Commitment: 'a { ... }
}
Expand description

Describes the interface for a polynomial commitment scheme that allows a sender to commit to multiple polynomials and later provide a succinct proof of evaluation for the corresponding commitments at a query set Q, while enforcing per-polynomial degree bounds.

Required Associated Types§

Source

type UniversalParams: PCUniversalParams

The universal parameters for the commitment scheme. These are “trimmed” down to Self::CommitterKey and Self::VerifierKey by Self::trim.

Source

type CommitterKey: PCCommitterKey

The committer key for the scheme; used to commit to a polynomial and then open the commitment to produce an evaluation proof.

Source

type VerifierKey: PCVerifierKey

The verifier key for the scheme; used to check an evaluation proof.

Source

type Commitment: PCCommitment + Default

The commitment to a polynomial.

Source

type CommitmentState: PCCommitmentState

Auxiliary state of the commitment, output by the commit phase. It contains information that can be reused by the committer during the open phase, such as the commitment randomness. Not to be shared with the verifier.

Source

type Proof: Clone

The evaluation proof for a single point.

Source

type BatchProof: Clone + From<Vec<Self::Proof>> + Into<Vec<Self::Proof>> + CanonicalSerialize + CanonicalDeserialize

The evaluation proof for a query set.

Source

type Error: Error + From<Error>

The error type for the scheme.

Required Methods§

Source

fn setup<R: RngCore>( max_degree: usize, num_vars: Option<usize>, rng: &mut R, ) -> Result<Self::UniversalParams, Self::Error>

Constructs public parameters when given as input the maximum degree degree for the polynomial commitment scheme. num_vars specifies the number of variables for multivariate setup

Source

fn trim( pp: &Self::UniversalParams, supported_degree: usize, supported_hiding_bound: usize, enforced_degree_bounds: Option<&[usize]>, ) -> Result<(Self::CommitterKey, Self::VerifierKey), Self::Error>

Specializes the public parameters for polynomials up to the given supported_degree and for enforcing degree bounds in the range 1..=supported_degree.

Source

fn commit<'a>( ck: &Self::CommitterKey, polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>, rng: Option<&mut dyn RngCore>, ) -> Result<(Vec<LabeledCommitment<Self::Commitment>>, Vec<Self::CommitmentState>), Self::Error>
where P: 'a,

Outputs a list of commitments to polynomials. If polynomials[i].is_hiding(), then the i-th commitment is hiding up to polynomials.hiding_bound() queries. rng should not be None if polynomials[i].is_hiding() == true for any i.

If for some i, polynomials[i].is_hiding() == false, then the corresponding randomness is Self::Randomness::empty().

If for some i, polynomials[i].degree_bound().is_some(), then that polynomial will have the corresponding degree bound enforced.

Source

fn open<'a>( ck: &Self::CommitterKey, labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, point: &'a P::Point, sponge: &mut impl CryptographicSponge, states: impl IntoIterator<Item = &'a Self::CommitmentState>, rng: Option<&mut dyn RngCore>, ) -> Result<Self::Proof, Self::Error>
where P: 'a, Self::CommitmentState: 'a, Self::Commitment: 'a,

open but with individual challenges

Source

fn check<'a>( vk: &Self::VerifierKey, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, point: &'a P::Point, values: impl IntoIterator<Item = F>, proof: &Self::Proof, sponge: &mut impl CryptographicSponge, rng: Option<&mut dyn RngCore>, ) -> Result<bool, Self::Error>
where Self::Commitment: 'a,

check but with individual challenges

Provided Methods§

Source

fn batch_open<'a>( ck: &Self::CommitterKey, labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, query_set: &QuerySet<P::Point>, sponge: &mut impl CryptographicSponge, states: impl IntoIterator<Item = &'a Self::CommitmentState>, rng: Option<&mut dyn RngCore>, ) -> Result<Self::BatchProof, Self::Error>
where P: 'a, Self::CommitmentState: 'a, Self::Commitment: 'a,

Open several polynomials at one or more points each (possibly different for each polynomial). Each entry in the in the query set of points contains the label of the polynomial which should be queried at that point.

Behaviour is undefined if query_set contains the entries with the same point label but different actual points.

The opening challenges are independent for each batch of polynomials.

Source

fn batch_check<'a, R: RngCore>( vk: &Self::VerifierKey, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, query_set: &QuerySet<P::Point>, evaluations: &Evaluations<P::Point, F>, proof: &Self::BatchProof, sponge: &mut impl CryptographicSponge, rng: &mut R, ) -> Result<bool, Self::Error>
where Self::Commitment: 'a,

Verify opening proofs for several polynomials at one or more points each (possibly different for each polynomial). Each entry in the query set of points contains the label of the polynomial which was queried at that point.

Behaviour is undefined if query_set contains the entries with the same point label but different points.

Behaviour is also undefined if proofs are not ordered the same way as queries in query_to_labels_map (this is the outcome of calling batch_open for the same commitment list and query set).H

The opening challenges are independent for each batch of polynomials.

Source

fn open_combinations<'a>( ck: &Self::CommitterKey, linear_combinations: impl IntoIterator<Item = &'a LinearCombination<F>>, polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<F, P>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, query_set: &QuerySet<P::Point>, sponge: &mut impl CryptographicSponge, states: impl IntoIterator<Item = &'a Self::CommitmentState>, rng: Option<&mut dyn RngCore>, ) -> Result<BatchLCProof<F, Self::BatchProof>, Self::Error>
where Self::CommitmentState: 'a, Self::Commitment: 'a, P: 'a,

Open commitments to all polynomials involved in a number of linear combinations (LC) simultaneously.

Source

fn check_combinations<'a, R: RngCore>( vk: &Self::VerifierKey, linear_combinations: impl IntoIterator<Item = &'a LinearCombination<F>>, commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>, eqn_query_set: &QuerySet<P::Point>, eqn_evaluations: &Evaluations<P::Point, F>, proof: &BatchLCProof<F, Self::BatchProof>, sponge: &mut impl CryptographicSponge, rng: &mut R, ) -> Result<bool, Self::Error>
where Self::Commitment: 'a,

Verify opening proofs for all polynomials involved in a number of linear combinations (LC) simultaneously.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors§

Source§

impl<E, P> PolynomialCommitment<<E as Pairing>::ScalarField, P> for MarlinKZG10<E, P>
where E: Pairing, P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>, for<'a, 'b> &'a P: Div<&'b P, Output = P>,

Source§

type UniversalParams = UniversalParams<E>

Source§

type CommitterKey = CommitterKey<E>

Source§

type VerifierKey = VerifierKey<E>

Source§

type Commitment = Commitment<E>

Source§

type CommitmentState = Randomness<<E as Pairing>::ScalarField, P>

Source§

type Proof = Proof<E>

Source§

type BatchProof = Vec<<MarlinKZG10<E, P> as PolynomialCommitment<<E as Pairing>::ScalarField, P>>::Proof>

Source§

type Error = Error

Source§

impl<E, P> PolynomialCommitment<<E as Pairing>::ScalarField, P> for MarlinPST13<E, P>
where E: Pairing, P: DenseMVPolynomial<E::ScalarField> + Sync, P::Point: Index<usize, Output = E::ScalarField>,

Source§

type UniversalParams = UniversalParams<E, P>

Source§

type CommitterKey = CommitterKey<E, P>

Source§

type VerifierKey = VerifierKey<E>

Source§

type Commitment = Commitment<E>

Source§

type CommitmentState = Randomness<E, P>

Source§

type Proof = Proof<E>

Source§

type BatchProof = Vec<<MarlinPST13<E, P> as PolynomialCommitment<<E as Pairing>::ScalarField, P>>::Proof>

Source§

type Error = Error

Source§

impl<E, P> PolynomialCommitment<<E as Pairing>::ScalarField, P> for SonicKZG10<E, P>
where E: Pairing, P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>, for<'a, 'b> &'a P: Div<&'b P, Output = P>,

Source§

type UniversalParams = UniversalParams<E>

Source§

type CommitterKey = CommitterKey<E>

Source§

type VerifierKey = VerifierKey<E>

Source§

type Commitment = Commitment<E>

Source§

type CommitmentState = Randomness<<E as Pairing>::ScalarField, P>

Source§

type Proof = Proof<E>

Source§

type BatchProof = Vec<<SonicKZG10<E, P> as PolynomialCommitment<<E as Pairing>::ScalarField, P>>::Proof>

Source§

type Error = Error

Source§

impl<G, D, P> PolynomialCommitment<<G as AffineRepr>::ScalarField, P> for InnerProductArgPC<G, D, P>
where G: AffineRepr, G::Group: VariableBaseMSM<MulBase = G>, D: Digest, P: DenseUVPolynomial<G::ScalarField, Point = G::ScalarField>,

Source§

type UniversalParams = UniversalParams<G>

Source§

type CommitterKey = CommitterKey<G>

Source§

type VerifierKey = CommitterKey<G>

Source§

type Commitment = Commitment<G>

Source§

type CommitmentState = Randomness<G>

Source§

type Proof = Proof<G>

Source§

type BatchProof = Vec<<InnerProductArgPC<G, D, P> as PolynomialCommitment<<G as AffineRepr>::ScalarField, P>>::Proof>

Source§

type Error = Error

Source§

impl<G, P> PolynomialCommitment<<G as AffineRepr>::ScalarField, P> for HyraxPC<G, P>
where G: AffineRepr, G::ScalarField: Absorb, P: MultilinearExtension<G::ScalarField>,

Source§

type UniversalParams = HyraxUniversalParams<G>

Source§

type CommitterKey = HyraxUniversalParams<G>

Source§

type VerifierKey = HyraxUniversalParams<G>

Source§

type Commitment = HyraxCommitment<G>

Source§

type CommitmentState = HyraxCommitmentState<<G as AffineRepr>::ScalarField>

Source§

type Proof = Vec<HyraxProof<G>>

Source§

type BatchProof = Vec<<HyraxPC<G, P> as PolynomialCommitment<<G as AffineRepr>::ScalarField, P>>::Proof>

Source§

type Error = Error

Source§

impl<L, F, P, C, H> PolynomialCommitment<F, P> for LinearCodePCS<L, F, P, C, H>
where L: LinearEncode<F, C, P, H>, F: PrimeField + Absorb, P: Polynomial<F>, C: Config + 'static, Vec<F>: Borrow<<H as CRHScheme>::Input>, H::Output: Into<C::Leaf> + Send, C::Leaf: Sized + Clone + Default + Send + AsRef<C::Leaf>, H: CRHScheme + 'static,

Source§

type UniversalParams = <L as LinearEncode<F, C, P, H>>::LinCodePCParams

Source§

type CommitterKey = <L as LinearEncode<F, C, P, H>>::LinCodePCParams

Source§

type VerifierKey = <L as LinearEncode<F, C, P, H>>::LinCodePCParams

Source§

type Commitment = LinCodePCCommitment<C>

Source§

type CommitmentState = LinCodePCCommitmentState<F, H>

Source§

type Proof = Vec<LinCodePCProof<F, C>>

Source§

type BatchProof = Vec<<LinearCodePCS<L, F, P, C, H> as PolynomialCommitment<F, P>>::Proof>

Source§

type Error = Error