Struct nimue::Arthur

source · 
pub struct Arthur<'a, H = DefaultHash, U = u8>
where
    H: DuplexHash<U>,
    U: Unit,
{ /* private fields */ }
Expand description

Arthur contains the verifier state. Internally, it is a wrapper around a SAFE sponge. Given as input an IOPattern and a protocol transcript, it allows to de-serialize elements from the transcript and make them available to the zero-knowledge verifier.

Implementations§

source§

impl<'a, U: Unit, H: DuplexHash<U>> Arthur<'a, H, U>

source

pub fn new(io_pattern: &IOPattern<H, U>, transcript: &'a [u8]) -> Self

Creates a new Arthur instance with the given sponge and IO Pattern.

The resulting object will act as the verifier in a zero-knowledge protocol.


let io = IOPattern::<DefaultHash>::new("📝").absorb(1, "inhale 🫁").squeeze(32, "exhale 🎏");
// A silly transcript for the example.
let transcript = &[0x42];
let mut arthur = io.to_arthur(transcript);
assert_eq!(arthur.next_bytes().unwrap(), [0x42]);
let challenge = arthur.challenge_bytes::<32>();
assert!(challenge.is_ok());
assert_ne!(challenge.unwrap(), [0; 32]);
source

pub fn fill_next_units(&mut self, input: &mut [U]) -> Result<(), IOPatternError>

Read input.len() elements from the transcript.

source

pub fn ratchet(&mut self) -> Result<(), IOPatternError>

Signals the end of the statement.

source

pub fn preprocess(self) -> Result<&'static [U], IOPatternError>

Signals the end of the statement and returns the (compressed) sponge state.

Trait Implementations§

source§

impl<'a, H, C, const N: usize> ByteChallenges for Arthur<'a, H, Fp<C, N>>
where C: FpConfig<N>, H: DuplexHash<Fp<C, N>>,

source§

fn fill_challenge_bytes( &mut self, output: &mut [u8] ) -> Result<(), IOPatternError>

source§

fn challenge_bytes<const N: usize>(&mut self) -> Result<[u8; N], IOPatternError>

source§

impl<'a, H, C, const N: usize> BytePublic for Arthur<'a, H, Fp<C, N>>
where C: FpConfig<N>, H: DuplexHash<Fp<C, N>>,

source§

fn public_bytes(&mut self, input: &[u8]) -> Result<(), IOPatternError>

source§

impl<'a, H: DuplexHash<u8>> ByteReader for Arthur<'a, H, u8>

source§

fn fill_next_bytes(&mut self, input: &mut [u8]) -> Result<(), IOPatternError>

Read the next input.len() bytes from the transcript and return them.

source§

fn next_bytes<const N: usize>(&mut self) -> Result<[u8; N], IOPatternError>

source§

impl<'a, H: DuplexHash<U>, U: Unit> Debug for Arthur<'a, H, U>

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<H, C, const N: usize> FieldPublic<Fp<C, N>> for Arthur<'_, H, Fp<C, N>>
where H: DuplexHash<Fp<C, N>>, C: FpConfig<N>,

§

type Repr = ()

source§

fn public_scalars(&mut self, input: &[Fp<C, N>]) -> ProofResult<Self::Repr>

source§

impl<'a, F, H, const N: usize> FieldReader<F> for Arthur<'a, H>
where H: DuplexHash, F: PrimeField<Repr = [u8; N]>,

source§

fn fill_next_scalars(&mut self, output: &mut [F]) -> ProofResult<()>

source§

fn next_scalars<const N: usize>(&mut self) -> ProofResult<[F; N]>

source§

impl<'a, F, H> FieldReader<F> for Arthur<'a, H>
where F: Field, H: DuplexHash,

source§

fn fill_next_scalars(&mut self, output: &mut [F]) -> ProofResult<()>

source§

fn next_scalars<const N: usize>(&mut self) -> ProofResult<[F; N]>

source§

impl<'a, H, C, const N: usize> FieldReader<Fp<C, N>> for Arthur<'a, H, Fp<C, N>>
where C: FpConfig<N>, H: DuplexHash<Fp<C, N>>,

source§

fn fill_next_scalars(&mut self, output: &mut [Fp<C, N>]) -> ProofResult<()>

source§

fn next_scalars<const N: usize>(&mut self) -> ProofResult<[F; N]>

source§

impl<H, C, const N: usize, G> GroupPublic<G> for Arthur<'_, H, Fp<C, N>>
where C: FpConfig<N>, H: DuplexHash<Fp<C, N>>, G: CurveGroup<BaseField = Fp<C, N>>,

§

type Repr = ()

In order to be added to the sponge, elements may be serialize into another format. This associated type represents the format used, so that other implementation can potentially re-use the serialized element.
source§

fn public_points(&mut self, input: &[G]) -> ProofResult<Self::Repr>

Incorporate group elements into the proof without adding them to the final protocol transcript.
source§

impl<'a, G, H> GroupReader<G> for Arthur<'a, H>
where G: CurveGroup, H: DuplexHash,

source§

fn fill_next_points(&mut self, output: &mut [G]) -> ProofResult<()>

Deserialize group elements from the protocol transcript into output.
source§

fn next_points<const N: usize>(&mut self) -> ProofResult<[G; N]>

Deserialize group elements from the protocol transcript and return them.
source§

impl<'a, P, H, C, const N: usize> GroupReader<Projective<P>> for Arthur<'a, H, Fp<C, N>>
where C: FpConfig<N>, H: DuplexHash<Fp<C, N>>, P: TECurveConfig<BaseField = Fp<C, N>>,

source§

fn fill_next_points( &mut self, output: &mut [EdwardsCurve<P>] ) -> ProofResult<()>

Deserialize group elements from the protocol transcript into output.
source§

fn next_points<const N: usize>(&mut self) -> ProofResult<[G; N]>

Deserialize group elements from the protocol transcript and return them.
source§

impl<'a, P, H, C, const N: usize> GroupReader<Projective<P>> for Arthur<'a, H, Fp<C, N>>
where C: FpConfig<N>, H: DuplexHash<Fp<C, N>>, P: SWCurveConfig<BaseField = Fp<C, N>>,

source§

fn fill_next_points(&mut self, output: &mut [SWCurve<P>]) -> ProofResult<()>

Deserialize group elements from the protocol transcript into output.
source§

fn next_points<const N: usize>(&mut self) -> ProofResult<[G; N]>

Deserialize group elements from the protocol transcript and return them.
source§

impl<'a, H: DuplexHash<U>, U: Unit> UnitTranscript<U> for Arthur<'a, H, U>

source§

fn public_units(&mut self, input: &[U]) -> Result<(), IOPatternError>

Add native elements to the sponge without writing them to the protocol transcript.

source§

fn fill_challenge_units( &mut self, input: &mut [U] ) -> Result<(), IOPatternError>

Get a challenge of count elements.

Auto Trait Implementations§

§

impl<'a, H, U> Freeze for Arthur<'a, H, U>
where H: Freeze,

§

impl<'a, H, U> RefUnwindSafe for Arthur<'a, H, U>
where H: RefUnwindSafe, U: RefUnwindSafe,

§

impl<'a, H, U> Send for Arthur<'a, H, U>
where H: Send, U: Send,

§

impl<'a, H, U> Sync for Arthur<'a, H, U>
where H: Sync, U: Sync,

§

impl<'a, H, U> Unpin for Arthur<'a, H, U>
where H: Unpin, U: Unpin,

§

impl<'a, H, U> UnwindSafe for Arthur<'a, H, U>
where H: UnwindSafe, U: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> ByteChallenges for T
where T: UnitTranscript<u8>,

source§

fn fill_challenge_bytes( &mut self, output: &mut [u8] ) -> Result<(), IOPatternError>

source§

fn challenge_bytes<const N: usize>(&mut self) -> Result<[u8; N], IOPatternError>

source§

impl<T> BytePublic for T
where T: UnitTranscript<u8>,

source§

fn public_bytes(&mut self, input: &[u8]) -> Result<(), IOPatternError>

source§

impl<F, T> FieldChallenges<F> for T
where F: PrimeField, T: ByteChallenges,

source§

fn fill_challenge_scalars(&mut self, output: &mut [F]) -> Result<(), ProofError>

source§

fn challenge_scalars<const N: usize>(&mut self) -> ProofResult<[F; N]>

source§

impl<F, T> FieldChallenges<F> for T
where F: PrimeField, T: ByteChallenges,

source§

fn fill_challenge_scalars(&mut self, output: &mut [F]) -> Result<(), ProofError>

source§

fn challenge_scalars<const N: usize>(&mut self) -> ProofResult<[F; N]>

source§

impl<T, F> FieldPublic<F> for T
where F: Field, T: UnitTranscript<u8>,

§

type Repr = Vec<u8>

source§

fn public_scalars( &mut self, input: &[F] ) -> Result<<T as FieldPublic<F>>::Repr, ProofError>

source§

impl<F, T> FieldPublic<F> for T
where F: PrimeField, T: BytePublic,

§

type Repr = Vec<u8>

source§

fn public_scalars( &mut self, input: &[F] ) -> Result<<T as FieldPublic<F>>::Repr, ProofError>

source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, G> GroupPublic<G> for T
where G: CurveGroup, T: UnitTranscript<u8>,

§

type Repr = Vec<u8>

In order to be added to the sponge, elements may be serialize into another format. This associated type represents the format used, so that other implementation can potentially re-use the serialized element.
source§

fn public_points( &mut self, input: &[G] ) -> Result<<T as GroupPublic<G>>::Repr, ProofError>

Incorporate group elements into the proof without adding them to the final protocol transcript.
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V