Struct proof_system::sub_protocols::saver::SaverProtocol
source · pub struct SaverProtocol<'a, E: Pairing> {
pub id: usize,
pub chunk_bit_size: u8,
pub encryption_gens: &'a EncryptionGens<E>,
pub chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>,
pub encryption_key: &'a EncryptionKey<E>,
pub snark_proving_key: Option<&'a ProvingKey<E>>,
pub snark_verifying_key: Option<&'a VerifyingKey<E>>,
pub ciphertext: Option<Ciphertext<E>>,
pub snark_proof: Option<Proof<E>>,
pub sp_ciphertext: Option<SchnorrProtocol<'a, E::G1Affine>>,
pub sp_chunks: Option<SchnorrProtocol<'a, E::G1Affine>>,
pub sp_combined: Option<SchnorrProtocol<'a, E::G1Affine>>,
}
Expand description
Apart from the SAVER protocol (encryption and snark proof), this also runs 3 Schnorr proof of knowledge protocols
Fields§
§id: usize
§chunk_bit_size: u8
§encryption_gens: &'a EncryptionGens<E>
§chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>
§encryption_key: &'a EncryptionKey<E>
§snark_proving_key: Option<&'a ProvingKey<E>>
The SNARK proving key, will be None
if invoked by verifier.
snark_verifying_key: Option<&'a VerifyingKey<E>>
The SNARK verifying key, will be None
if invoked by prover.
ciphertext: Option<Ciphertext<E>>
§snark_proof: Option<Proof<E>>
§sp_ciphertext: Option<SchnorrProtocol<'a, E::G1Affine>>
Schnorr protocol for proving knowledge of message chunks in ciphertext’s commitment
sp_chunks: Option<SchnorrProtocol<'a, E::G1Affine>>
Schnorr protocol for proving knowledge of message chunks in the chunked commitment
sp_combined: Option<SchnorrProtocol<'a, E::G1Affine>>
Schnorr protocol for proving knowledge of the whole message in the combined commitment
Implementations§
source§impl<'a, E: Pairing> SaverProtocol<'a, E>
impl<'a, E: Pairing> SaverProtocol<'a, E>
sourcepub fn new_for_prover(
id: usize,
chunk_bit_size: u8,
encryption_gens: &'a EncryptionGens<E>,
chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>,
encryption_key: &'a EncryptionKey<E>,
snark_proving_key: &'a ProvingKey<E>
) -> Self
pub fn new_for_prover( id: usize, chunk_bit_size: u8, encryption_gens: &'a EncryptionGens<E>, chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>, encryption_key: &'a EncryptionKey<E>, snark_proving_key: &'a ProvingKey<E> ) -> Self
Create an instance of this protocol for the prover.
sourcepub fn new_for_verifier(
id: usize,
chunk_bit_size: u8,
encryption_gens: &'a EncryptionGens<E>,
chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>,
encryption_key: &'a EncryptionKey<E>,
snark_verifying_key: &'a VerifyingKey<E>
) -> Self
pub fn new_for_verifier( id: usize, chunk_bit_size: u8, encryption_gens: &'a EncryptionGens<E>, chunked_commitment_gens: &'a ChunkedCommitmentGens<E::G1Affine>, encryption_key: &'a EncryptionKey<E>, snark_verifying_key: &'a VerifyingKey<E> ) -> Self
Create an instance of this protocol for the verifier.
sourcepub fn init<R: RngCore>(
&mut self,
rng: &mut R,
ck_comm_ct: &'a [E::G1Affine],
ck_comm_chunks: &'a [E::G1Affine],
ck_comm_combined: &'a [E::G1Affine],
message: E::ScalarField,
blinding_combined_message: Option<E::ScalarField>
) -> Result<(), ProofSystemError>
pub fn init<R: RngCore>( &mut self, rng: &mut R, ck_comm_ct: &'a [E::G1Affine], ck_comm_chunks: &'a [E::G1Affine], ck_comm_combined: &'a [E::G1Affine], message: E::ScalarField, blinding_combined_message: Option<E::ScalarField> ) -> Result<(), ProofSystemError>
Encrypt the message and create proof using SAVER. Then initialize 3 Schnorr proof of knowledge protocols
pub fn init_with_ciphertext_and_proof<R: RngCore>( &mut self, rng: &mut R, ck_comm_ct: &'a [E::G1Affine], ck_comm_chunks: &'a [E::G1Affine], ck_comm_combined: &'a [E::G1Affine], message: E::ScalarField, blinding_combined_message: Option<E::ScalarField>, old_randomness: E::ScalarField, ciphertext: Ciphertext<E>, proof: Proof<E> ) -> Result<(), ProofSystemError>
pub fn challenge_contribution<W: Write>( &self, writer: W ) -> Result<(), ProofSystemError>
sourcepub fn gen_proof_contribution(
&mut self,
challenge: &E::ScalarField
) -> Result<StatementProof<E>, ProofSystemError>
pub fn gen_proof_contribution( &mut self, challenge: &E::ScalarField ) -> Result<StatementProof<E>, ProofSystemError>
Generate responses for the 3 Schnorr protocols
sourcepub fn verify_proof_contribution(
&self,
challenge: &E::ScalarField,
proof: &SaverProof<E>,
ck_comm_ct: &[E::G1Affine],
ck_comm_chunks: &[E::G1Affine],
ck_comm_combined: &[E::G1Affine],
pvk: &PreparedVerifyingKey<E>,
pgens: impl Into<PreparedEncryptionGens<E>>,
pek: impl Into<PreparedEncryptionKey<E>>,
pairing_checker: &mut Option<RandomizedPairingChecker<E>>
) -> Result<(), ProofSystemError>
pub fn verify_proof_contribution( &self, challenge: &E::ScalarField, proof: &SaverProof<E>, ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine], pvk: &PreparedVerifyingKey<E>, pgens: impl Into<PreparedEncryptionGens<E>>, pek: impl Into<PreparedEncryptionKey<E>>, pairing_checker: &mut Option<RandomizedPairingChecker<E>> ) -> Result<(), ProofSystemError>
Verify that the snark proof is valid, the commitment in the ciphertext is correct, the commitment to the chunks and the combined message are equal, the chunks committed in ciphertext are same as the ones committed in the chunked commitment and all the 3 Schnorr proofs are valid.
pub fn verify_ciphertext_and_commitment( &self, challenge: &E::ScalarField, ciphertext: &Ciphertext<E>, comm_combined: E::G1Affine, comm_chunks: E::G1Affine, s_pr_ciphertext: &PedersenCommitmentProof<E::G1Affine>, s_pr_chunks: &PedersenCommitmentProof<E::G1Affine>, s_pr_combined: &PedersenCommitmentProof<E::G1Affine>, ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine] ) -> Result<(), ProofSystemError>
pub fn verify_ciphertext_commitments_in_batch<R: Rng>( rng: &mut R, ciphertexts: &[Ciphertext<E>], pgens: impl Into<PreparedEncryptionGens<E>>, pek: impl Into<PreparedEncryptionKey<E>>, pairing_checker: &mut Option<RandomizedPairingChecker<E>> ) -> Result<(), ProofSystemError>
pub fn compute_challenge_contribution<W: Write>( ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine], proof: &SaverProof<E>, writer: W ) -> Result<(), ProofSystemError>
pub fn compute_challenge_contribution_when_aggregating_snark<W: Write>( ck_comm_ct: &[E::G1Affine], ck_comm_chunks: &[E::G1Affine], ck_comm_combined: &[E::G1Affine], proof: &SaverProofWhenAggregatingSnarks<E>, writer: W ) -> Result<(), ProofSystemError>
pub fn validate_encryption_key( chunk_bit_size: u8, encryption_key: &EncryptionKey<E> ) -> Result<(), ProofSystemError>
sourcepub fn encryption_comm_key(
encryption_key: &EncryptionKey<E>
) -> Vec<E::G1Affine>
pub fn encryption_comm_key( encryption_key: &EncryptionKey<E> ) -> Vec<E::G1Affine>
Commitment key for the commitment in ciphertext
sourcepub fn chunked_comm_keys(
chunked_commitment_gens: &ChunkedCommitmentGens<E::G1Affine>,
chunk_bit_size: u8
) -> (Vec<E::G1Affine>, Vec<E::G1Affine>)
pub fn chunked_comm_keys( chunked_commitment_gens: &ChunkedCommitmentGens<E::G1Affine>, chunk_bit_size: u8 ) -> (Vec<E::G1Affine>, Vec<E::G1Affine>)
Commitment key for chunked commitment
Trait Implementations§
source§impl<'a, E: Clone + Pairing> Clone for SaverProtocol<'a, E>
impl<'a, E: Clone + Pairing> Clone for SaverProtocol<'a, E>
source§fn clone(&self) -> SaverProtocol<'a, E>
fn clone(&self) -> SaverProtocol<'a, E>
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl<'a, E: PartialEq + Pairing> PartialEq for SaverProtocol<'a, E>
impl<'a, E: PartialEq + Pairing> PartialEq for SaverProtocol<'a, E>
source§fn eq(&self, other: &SaverProtocol<'a, E>) -> bool
fn eq(&self, other: &SaverProtocol<'a, E>) -> bool
self
and other
values to be equal, and is used
by ==
.