Expand description
Dory is the commitment scheme described in https://eprint.iacr.org/2020/1274.pdf.
This module contains the implementation of the Dory inner product argument for the BLS12-381 curve.
Note: We use nu = m and k = m-i or m-j. This indexing is more convenient for coding because lengths of the arrays used are typically 2^k rather than 2^i or 2^j.
Note: from the paper:
In our initial presentation of the protocols, and discussions of completeness and soundness, we will highlight that which is required only to achieve hiding in commitments and zero-knowledge in the protocols in blue.
This implementation only implements the computational integrity component of Dory. This can be extended in the future to achieve hiding, but that isn’t needed for our initial use-case.
Structs§
- Dory
Commitment - The Dory commitment type.
- Dory
Prover Public Setup - The public setup required for the Dory PCS by the prover and the commitment computation.
- Dory
Verifier Public Setup - The verifier’s public setup for the Dory PCS.
- Dynamic
Dory Commitment - The Dory commitment type.
- Dynamic
Dory Evaluation Proof - The
CommitmentEvaluationProoffor the Dory PCS. - Prover
Setup - The transparent setup information that the prover must know to create a proof. This is public knowledge and must match with the verifier’s setup information. See Section 3.3 of https://eprint.iacr.org/2020/1274.pdf for details.
- Public
Parameters - The public parameters for the Dory protocol. See section 5 of https://eprint.iacr.org/2020/1274.pdf for details.
- Verifier
Setup - The transparent setup information that the verifier must know to verify a proof. This is public knowledge and must match with the prover’s setup information. See Section 3.3 of https://eprint.iacr.org/2020/1274.pdf for details.
Type Aliases§
- Dory
Evaluation Proof - The
CommitmentEvaluationProoffor the Dory PCS. - Dory
Scalar - The Dory scalar type. (alias for
MontScalar<ark_bls12_381::FrConfig>)