proof-of-sql 0.129.1

High performance zero knowledge (ZK) prover for SQL.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

use super::{
    dory_reduce_helper::*, DoryMessages, ProverSetup, ProverState, VerifierSetup, VerifierState,
};
use crate::base::proof::Transcript;

/// This is the prover side of the Dory-Reduce algorithm in section 3.2 of <https://eprint.iacr.org/2020/1274.pdf>.
#[cfg(test)]
pub fn dory_reduce_prove(
    messages: &mut DoryMessages,
    transcript: &mut impl Transcript,
    state: &mut ProverState,
    setup: &ProverSetup,
) {
    assert!(state.nu > 0);
    let half_n = 1usize << (state.nu - 1);
    let (D_1L, D_1R, D_2L, D_2R) = dory_reduce_prove_compute_Ds(state, setup, half_n);
    messages.prover_send_GT_message(transcript, D_1L);
    messages.prover_send_GT_message(transcript, D_1R);
    messages.prover_send_GT_message(transcript, D_2L);
    messages.prover_send_GT_message(transcript, D_2R);
    let betas = messages.verifier_F_message(transcript);
    dory_reduce_prove_mutate_v_vecs(state, setup, betas);
    let (C_plus, C_minus) = dory_reduce_prove_compute_Cs(state, half_n);
    messages.prover_send_GT_message(transcript, C_plus);
    messages.prover_send_GT_message(transcript, C_minus);
    let alphas = messages.verifier_F_message(transcript);
    dory_reduce_prove_fold_v_vecs(state, alphas, half_n);
    state.nu -= 1;
}

/// This is the verifier side of the Dory-Reduce algorithm in section 3.2 of <https://eprint.iacr.org/2020/1274.pdf>.
#[cfg(test)]
pub fn dory_reduce_verify(
    messages: &mut DoryMessages,
    transcript: &mut impl Transcript,
    state: &mut VerifierState,
    setup: &VerifierSetup,
) -> bool {
    assert!(state.nu > 0);
    if messages.GT_messages.len() < 6 {
        return false;
    }
    let D_1L = messages.prover_receive_GT_message(transcript);
    let D_1R = messages.prover_receive_GT_message(transcript);
    let D_2L = messages.prover_receive_GT_message(transcript);
    let D_2R = messages.prover_receive_GT_message(transcript);
    let betas = messages.verifier_F_message(transcript);
    let C_plus = messages.prover_receive_GT_message(transcript);
    let C_minus = messages.prover_receive_GT_message(transcript);
    let alphas = messages.verifier_F_message(transcript);
    dory_reduce_verify_update_C(state, setup, (C_plus, C_minus), alphas, betas);
    dory_reduce_verify_update_Ds(state, setup, (D_1L, D_1R, D_2L, D_2R), alphas, betas);
    state.nu -= 1;
    true
}