coconut_crypto/setup/keypair/
public.rs

1use alloc::vec::Vec;
2
3use ark_ec::{pairing::Pairing, AffineRepr};
4use ark_ff::PrimeField;
5
6use utils::serde_utils::ArkObjectBytes;
7
8use ark_serialize::*;
9use core::iter::once;
10use serde::{Deserialize, Serialize};
11use serde_with::serde_as;
12
13use crate::{helpers::points, setup::SignatureParams};
14use utils::join;
15
16use super::SecretKey;
17
18/// `PublicKey` used in the modified Pointcheval-Sanders signature scheme and PoKs.
19#[serde_as]
20#[derive(
21    Clone, Debug, PartialEq, Eq, CanonicalSerialize, CanonicalDeserialize, Serialize, Deserialize,
22)]
23pub struct PublicKey<E: Pairing> {
24    #[serde_as(as = "ArkObjectBytes")]
25    pub alpha_tilde: E::G2Affine,
26    #[serde_as(as = "Vec<ArkObjectBytes>")]
27    pub beta: Vec<E::G1Affine>,
28    #[serde_as(as = "Vec<ArkObjectBytes>")]
29    pub beta_tilde: Vec<E::G2Affine>,
30}
31
32impl<E: Pairing> PublicKey<E> {
33    /// Derives `PublicKey` from supplied secret key and params.
34    pub fn new(
35        SecretKey { x, y }: &SecretKey<E::ScalarField>,
36        SignatureParams { g, g_tilde, .. }: &SignatureParams<E>,
37    ) -> Self {
38        let (alpha_tilde, beta, beta_tilde) = join!(
39            g_tilde.mul_bigint(x.into_bigint()).into(),
40            points(g, y),
41            points(g_tilde, y)
42        );
43
44        PublicKey {
45            alpha_tilde,
46            beta,
47            beta_tilde,
48        }
49    }
50
51    /// Returns max amount of messages supported by this public key.
52    pub fn supported_message_count(&self) -> usize {
53        self.beta.len()
54    }
55
56    /// Returns `true` if the public key is valid, i.e don't have zero elements
57    /// and have `beta` length equal to `beta_tilde` length.
58    pub fn valid(&self) -> bool {
59        self.beta.len() == self.beta_tilde.len()
60            && !once(&self.alpha_tilde)
61                .chain(&self.beta_tilde)
62                .any(AffineRepr::is_zero)
63            && !self.beta.iter().any(AffineRepr::is_zero)
64    }
65}
66
67pub type PreparedPublicKey<E> = PublicKey<E>;