zei 0.0.10

Zei: Confidential Assets
Documentation 
//! Defines a `TranscriptProtocol` trait for using a Merlin transcript.

use mohan::dalek::{
    ristretto::CompressedRistretto,
    traits::IsIdentity
};
use bacteria::Transcript;
use crate::errors::{
    ZeiError,
    ProofError
};


pub trait TranscriptProtocol {
    /// Append a domain separator for an `n`-bit, `m`-party range proof.
    fn rangeproof_domain_sep(&mut self, n: u64, m: u64);

    /// Append a domain separator for a length-`n` inner product proof.
    fn innerproduct_domain_sep(&mut self, n: u64);

    /// Check that a point is not the identity, then append it to the
    /// transcript.  Otherwise, return an error.
    fn validate_and_commit_point(
        &mut self,
        label: &'static [u8],
        point: &CompressedRistretto,
    ) -> Result<(), ZeiError>;
}

impl TranscriptProtocol for Transcript {
    fn rangeproof_domain_sep(&mut self, n: u64, m: u64) {
        self.append_message(b"dom-sep", b"rangeproof v1");
        self.append_u64(b"n", n);
        self.append_u64(b"m", m);
    }

    fn innerproduct_domain_sep(&mut self, n: u64) {
        self.append_message(b"dom-sep", b"ipp v1");
        self.append_u64(b"n", n);
    }

    fn validate_and_commit_point(
        &mut self,
        label: &'static [u8],
        point: &CompressedRistretto,
    ) -> Result<(), ZeiError> {
        if point.is_identity() {
            Err(ZeiError::from(ProofError::VerificationError))
        } else {
            Ok(self.append_message(label, point.as_bytes()))
        }
    }

}