Skip to main content

dory_pcs/
mode.rs

1//! Mode trait for transparent vs zero-knowledge proofs.
2use crate::primitives::arithmetic::{Field, Group};
3
4/// Determines whether protocol messages are blinded (ZK) or unblinded (transparent).
5pub trait Mode: 'static {
6    /// Whether this mode produces blinding values that callers must retain.
7    const BLINDING: bool;
8    /// Sample a blinding scalar: zero in Transparent mode, random in ZK mode.
9    fn sample<F: Field>() -> F;
10    /// Mask a group element: identity in Transparent mode, `value + base * blind` in ZK mode.
11    fn mask<G: Group>(value: G, base: &G, blind: &G::Scalar) -> G;
12}
13
14/// Transparent mode: no blinding, non-hiding proofs.
15pub struct Transparent;
16impl Mode for Transparent {
17    const BLINDING: bool = false;
18    fn sample<F: Field>() -> F {
19        F::zero()
20    }
21    fn mask<G: Group>(value: G, _base: &G, _blind: &G::Scalar) -> G {
22        value
23    }
24}
25
26/// Zero-knowledge mode: samples blinds from RNG for hiding proofs.
27#[cfg(feature = "zk")]
28pub struct ZK;
29#[cfg(feature = "zk")]
30impl Mode for ZK {
31    const BLINDING: bool = true;
32    fn sample<F: Field>() -> F {
33        F::random()
34    }
35    fn mask<G: Group>(value: G, base: &G, blind: &G::Scalar) -> G {
36        value + base.scale(blind)
37    }
38}