Struct proof_system::sub_protocols::saver::SaverProtocol

source · 
pub struct SaverProtocol<'a, E: Pairing> {
    pub id: usize,
    pub chunk_bit_size: u8,
    pub encryption_gens: &'a EncryptionGens<E>,
    pub chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>,
    pub encryption_key: &'a EncryptionKey<E>,
    pub snark_proving_key: Option<&'a ProvingKey<E>>,
    pub snark_verifying_key: Option<&'a VerifyingKey<E>>,
    pub ciphertext: Option<Ciphertext<E>>,
    pub snark_proof: Option<Proof<E>>,
    pub sp_ciphertext: Option<SchnorrProtocol<'a, E::G1Affine>>,
    pub sp_chunks: Option<SchnorrProtocol<'a, E::G1Affine>>,
    pub sp_combined: Option<SchnorrProtocol<'a, E::G1Affine>>,
}
Expand description

Apart from the SAVER protocol (encryption and snark proof), this also runs 3 Schnorr proof of knowledge protocols

Fields§

§id: usize§chunk_bit_size: u8§encryption_gens: &'a EncryptionGens<E>§chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>§encryption_key: &'a EncryptionKey<E>§snark_proving_key: Option<&'a ProvingKey<E>>

The SNARK proving key, will be None if invoked by verifier.

§snark_verifying_key: Option<&'a VerifyingKey<E>>

The SNARK verifying key, will be None if invoked by prover.

§ciphertext: Option<Ciphertext<E>>§snark_proof: Option<Proof<E>>§sp_ciphertext: Option<SchnorrProtocol<'a, E::G1Affine>>

Schnorr protocol for proving knowledge of message chunks in ciphertext’s commitment

§sp_chunks: Option<SchnorrProtocol<'a, E::G1Affine>>

Schnorr protocol for proving knowledge of message chunks in the chunked commitment

§sp_combined: Option<SchnorrProtocol<'a, E::G1Affine>>

Schnorr protocol for proving knowledge of the whole message in the combined commitment

Implementations§

source§

impl<'a, E: Pairing> SaverProtocol<'a, E>

source

pub fn new_for_prover( id: usize, chunk_bit_size: u8, encryption_gens: &'a EncryptionGens<E>, chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>, encryption_key: &'a EncryptionKey<E>, snark_proving_key: &'a ProvingKey<E> ) -> Self

Create an instance of this protocol for the prover.

source

pub fn new_for_verifier( id: usize, chunk_bit_size: u8, encryption_gens: &'a EncryptionGens<E>, chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>, encryption_key: &'a EncryptionKey<E>, snark_verifying_key: &'a VerifyingKey<E> ) -> Self

Create an instance of this protocol for the verifier.

source

pub fn init<R: RngCore>( &mut self, rng: &mut R, ck_comm_ct: &'a [E::G1Affine], ck_comm_chunks: &'a [E::G1Affine], ck_comm_combined: &'a [E::G1Affine], message: E::ScalarField, blinding_combined_message: Option<E::ScalarField> ) -> Result<(), ProofSystemError>

Encrypt the message and create proof using SAVER. Then initialize 3 Schnorr proof of knowledge protocols

source

pub fn init_with_ciphertext_and_proof<R: RngCore>( &mut self, rng: &mut R, ck_comm_ct: &'a [E::G1Affine], ck_comm_chunks: &'a [E::G1Affine], ck_comm_combined: &'a [E::G1Affine], message: E::ScalarField, blinding_combined_message: Option<E::ScalarField>, old_randomness: E::ScalarField, ciphertext: Ciphertext<E>, proof: Proof<E> ) -> Result<(), ProofSystemError>

source

pub fn challenge_contribution<W: Write>( &self, writer: W ) -> Result<(), ProofSystemError>

source

pub fn gen_proof_contribution( &mut self, challenge: &E::ScalarField ) -> Result<StatementProof<E>, ProofSystemError>

Generate responses for the 3 Schnorr protocols

source

pub fn verify_proof_contribution( &self, challenge: &E::ScalarField, proof: &SaverProof<E>, ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine], pvk: &PreparedVerifyingKey<E>, pgens: impl Into<PreparedEncryptionGens<E>>, pek: impl Into<PreparedEncryptionKey<E>>, pairing_checker: &mut Option<RandomizedPairingChecker<E>> ) -> Result<(), ProofSystemError>

Verify that the snark proof is valid, the commitment in the ciphertext is correct, the commitment to the chunks and the combined message are equal, the chunks committed in ciphertext are same as the ones committed in the chunked commitment and all the 3 Schnorr proofs are valid.

source

pub fn verify_ciphertext_and_commitment( &self, challenge: &E::ScalarField, ciphertext: &Ciphertext<E>, comm_combined: E::G1Affine, comm_chunks: E::G1Affine, s_pr_ciphertext: &PedersenCommitmentProof<E::G1Affine>, s_pr_chunks: &PedersenCommitmentProof<E::G1Affine>, s_pr_combined: &PedersenCommitmentProof<E::G1Affine>, ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine] ) -> Result<(), ProofSystemError>

source

pub fn verify_ciphertext_commitments_in_batch<R: Rng>( rng: &mut R, ciphertexts: &[Ciphertext<E>], pgens: impl Into<PreparedEncryptionGens<E>>, pek: impl Into<PreparedEncryptionKey<E>>, pairing_checker: &mut Option<RandomizedPairingChecker<E>> ) -> Result<(), ProofSystemError>

source

pub fn compute_challenge_contribution<W: Write>( ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine], proof: &SaverProof<E>, writer: W ) -> Result<(), ProofSystemError>

source

pub fn compute_challenge_contribution_when_aggregating_snark<W: Write>( ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine], proof: &SaverProofWhenAggregatingSnarks<E>, writer: W ) -> Result<(), ProofSystemError>

source

pub fn validate_encryption_key( chunk_bit_size: u8, encryption_key: &EncryptionKey<E> ) -> Result<(), ProofSystemError>

source

pub fn encryption_comm_key( encryption_key: &EncryptionKey<E> ) -> Vec<E::G1Affine>

Commitment key for the commitment in ciphertext

source

pub fn chunked_comm_keys( chunked_commitment_gens: &ChunkedCommitmentGens<E::G1Affine>, chunk_bit_size: u8 ) -> (Vec<E::G1Affine>, Vec<E::G1Affine>)

Commitment key for chunked commitment

Trait Implementations§

source§

impl<'a, E: Clone + Pairing> Clone for SaverProtocol<'a, E>
where E::G1Affine: Clone,

source§

fn clone(&self) -> SaverProtocol<'a, E>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<'a, E: Debug + Pairing> Debug for SaverProtocol<'a, E>
where E::G1Affine: Debug,

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<'a, E: PartialEq + Pairing> PartialEq for SaverProtocol<'a, E>
where E::G1Affine: PartialEq,

source§

fn eq(&self, other: &SaverProtocol<'a, E>) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl<'a, E: Pairing> StructuralPartialEq for SaverProtocol<'a, E>

Auto Trait Implementations§

§

impl<'a, E> Freeze for SaverProtocol<'a, E>
where <E as Pairing>::G1Affine: Freeze, <E as Pairing>::G2Affine: Freeze,

§

impl<'a, E> RefUnwindSafe for SaverProtocol<'a, E>
where <E as Pairing>::G1Affine: RefUnwindSafe, <E as Pairing>::G2Affine: RefUnwindSafe, <E as Pairing>::ScalarField: RefUnwindSafe,

§

impl<'a, E> Send for SaverProtocol<'a, E>

§

impl<'a, E> Sync for SaverProtocol<'a, E>

§

impl<'a, E> Unpin for SaverProtocol<'a, E>
where <E as Pairing>::G1Affine: Unpin, <E as Pairing>::G2Affine: Unpin, <E as Pairing>::ScalarField: Unpin,

§

impl<'a, E> UnwindSafe for SaverProtocol<'a, E>
where <E as Pairing>::G1Affine: RefUnwindSafe + UnwindSafe, <E as Pairing>::G2Affine: RefUnwindSafe + UnwindSafe, <E as Pairing>::ScalarField: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> ArchivePointee for T

§

type ArchivedMetadata = ()

The archived version of the pointer metadata for this type.
source§

fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata ) -> <T as Pointee>::Metadata

Converts some archived metadata to the pointer metadata for itself.
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<F, W, T, D> Deserialize<With<T, W>, D> for F
where W: DeserializeWith<F, T, D>, D: Fallible + ?Sized, F: ?Sized,

source§

fn deserialize( &self, deserializer: &mut D ) -> Result<With<T, W>, <D as Fallible>::Error>

Deserializes using the given deserializer
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> LayoutRaw for T

source§

fn layout_raw(_: <T as Pointee>::Metadata) -> Result<Layout, LayoutError>

Gets the layout of the type.
source§

impl<T> Pointable for T

source§

const ALIGN: usize = _

The alignment of pointer.
§

type Init = T

The type for initializers.
source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
source§

impl<T> Pointee for T

§

type Metadata = ()

The type for metadata in pointers and references to Self.
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> Upcastable for T
where T: Any + Send + Sync + 'static,

source§

fn upcast_any_ref(&self) -> &(dyn Any + 'static)

upcast ref
source§

fn upcast_any_mut(&mut self) -> &mut (dyn Any + 'static)

upcast mut ref
source§

fn upcast_any_box(self: Box<T>) -> Box<dyn Any>

upcast boxed dyn
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> SendIfParallel for T
where T: Send,

source§

impl<T> SyncIfParallel for T
where T: Sync,