credx/presentation/
commitment.rs1use crate::knox::short_group_sig_core::short_group_traits::ShortGroupSignatureScheme;
2use crate::presentation::{PresentationBuilder, PresentationProofs};
3use crate::statement::CommitmentStatement;
4use crate::CredxResult;
5use blsful::inner_types::{G1Projective, Scalar};
6use elliptic_curve::{group::Curve, Field};
7use merlin::Transcript;
8use rand_core::{CryptoRng, RngCore};
9use serde::{Deserialize, Serialize};
10
11#[derive(Debug)]
13pub(crate) struct CommitmentBuilder<'a> {
14 pub(crate) commitment: G1Projective,
15 pub(crate) statement: &'a CommitmentStatement<G1Projective>,
16 pub(crate) b: Scalar,
17 pub(crate) r: Scalar,
18}
19
20impl<S: ShortGroupSignatureScheme> PresentationBuilder<S> for CommitmentBuilder<'_> {
21 fn gen_proof(self, challenge: Scalar) -> PresentationProofs<S> {
22 let blinder_proof = self.r + challenge * self.b;
23 CommitmentProof {
24 id: self.statement.id.clone(),
25 commitment: self.commitment,
26 blinder_proof,
27 }
28 .into()
29 }
30}
31
32impl<'a> CommitmentBuilder<'a> {
33 pub fn commit(
35 statement: &'a CommitmentStatement<G1Projective>,
36 message: Scalar,
37 b: Scalar,
38 mut rng: impl RngCore + CryptoRng,
39 transcript: &mut Transcript,
40 ) -> CredxResult<Self> {
41 let r = Scalar::random(&mut rng);
42 let commitment = statement.message_generator * message + statement.blinder_generator * b;
43 let blind_commitment = statement.message_generator * b + statement.blinder_generator * r;
44
45 transcript.append_message(b"", statement.id.as_bytes());
46 transcript.append_message(
47 b"commitment",
48 commitment.to_affine().to_compressed().as_slice(),
49 );
50 transcript.append_message(
51 b"blind commitment",
52 blind_commitment.to_affine().to_compressed().as_slice(),
53 );
54 Ok(Self {
55 commitment,
56 statement,
57 b,
58 r,
59 })
60 }
61}
62
63#[derive(Clone, Debug, Deserialize, Serialize)]
65pub struct CommitmentProof {
66 pub id: String,
68 pub commitment: G1Projective,
70 pub blinder_proof: Scalar,
72}