Module range_proofs 

This file is a modified version of ING bank’s range proofs implementation: https://github.com/ing-bank/threshold-signatures/blob/master/src/algorithms/zkp.rs

Zero knowledge range proofs for MtA protocol are implemented here. Formal description can be found in Appendix A of https://eprint.iacr.org/2019/114.pdf There are some deviations from the original specification:

1. In Bob’s proofs gamma is sampled from [0;q^2 * N] and tau from [0;q^3 * N_tilde].
2. A non-interactive version is implemented, with challenge e computed via Fiat-Shamir.

Structs

AliceProof

Alice’s proof

BobCheck

Additional fields in Bob’s proof if MtA is run with check

BobProof

Bob’s regular proof

BobProofExt

Bob’s extended proof, adds the knowledge of $B = g^b \in \mathcal{G}$

Traits

SampleFromMultiplicativeGroup

sample random value of an element of a multiplicative group