pub trait Sigma: Writable {
type Witness: Debug;
type Statement: Debug;
type AnnounceSecret: Debug;
type Announcement: Eq + Debug;
type Response: Debug;
type ChallengeLength: ArrayLength<u8>;
fn announce(
&self,
statement: &Self::Statement,
announce_secret: &Self::AnnounceSecret
) -> Self::Announcement;
fn gen_announce_secret<Rng: CryptoRng + RngCore>(
&self,
witness: &Self::Witness,
rng: &mut Rng
) -> Self::AnnounceSecret;
fn sample_response<Rng: CryptoRng + RngCore>(
&self,
rng: &mut Rng
) -> Self::Response;
fn respond(
&self,
witness: &Self::Witness,
statement: &Self::Statement,
announce_secret: Self::AnnounceSecret,
announce: &Self::Announcement,
challenge: &GenericArray<u8, Self::ChallengeLength>
) -> Self::Response;
fn implied_announcement(
&self,
statement: &Self::Statement,
challenge: &GenericArray<u8, Self::ChallengeLength>,
response: &Self::Response
) -> Option<Self::Announcement>;
fn hash_statement<H: Update>(&self, hash: &mut H, statement: &Self::Statement);
fn hash_announcement<H: Update>(
&self,
hash: &mut H,
announcement: &Self::Announcement
);
fn hash_witness<H: Update>(&self, hash: &mut H, witness: &Self::Witness);
}Expand description
The Sigma trait is used to define a Sigma protocol.
You will need to implement this yourself if you are unable to build your sigma protocol by composing it from existing sigma protocols.
The role of the main functions of the trait are depicted below:
ⓘ
Prover(witness, statement, rng) Verifier(statement)
======
announce_secret = gen_announce_secret(rng)
announcement = announce(statement, announce_secret)
announcement
+------------------->
challenge *uniformly sample ChallengeLength bytes*
<-------------------+
response = respond(witness, statement,
announce_secret, announcement,
challenge)
response
+------------------->
check
implied_announcement(statement, challenge, response)
==
announcementThe values taken and returned by the functions are all defined as associated types. In addition
there is ChallengeLength associated type which defines the length of the challenge. Usually
the trait is implemented for a sigma protocol for all lengths less than some maximum like so:
ⓘ
use sigma_fun::generic_array::{
typenum::{self, type_operators::IsLessOrEqual, U32},
ArrayLength, GenericArray,
};
use sigma_fun::Sigma;
struct MySigma<L> {
// store the typenum in our type
challenge_len: core::marker::PhantomData<L>,
}
// implement Sigma for any length less than or eqaul to 32-bytes.
impl<L: ArrayLength<u8>> Sigma for MySigma<L>
where
L: IsLessOrEqual<U32>,
<L as IsLessOrEqual<U32>>::Output: typenum::marker_traits::NonZero
{
// ...
}Required Associated Types§
sourcetype AnnounceSecret: Debug
type AnnounceSecret: Debug
The type for the secret the prover creates when generating the proof.
sourcetype Announcement: Eq + Debug
type Announcement: Eq + Debug
The type for the public announcement the prover sends in the first round of the protocol.
sourcetype Response: Debug
type Response: Debug
The type for the response the prover sends in the last round of the protocol.
sourcetype ChallengeLength: ArrayLength<u8>
type ChallengeLength: ArrayLength<u8>
The length as a typenum
Required Methods§
sourcefn announce(
&self,
statement: &Self::Statement,
announce_secret: &Self::AnnounceSecret
) -> Self::Announcement
fn announce(
&self,
statement: &Self::Statement,
announce_secret: &Self::AnnounceSecret
) -> Self::Announcement
Generates the prover’s announcement message.
sourcefn gen_announce_secret<Rng: CryptoRng + RngCore>(
&self,
witness: &Self::Witness,
rng: &mut Rng
) -> Self::AnnounceSecret
fn gen_announce_secret<Rng: CryptoRng + RngCore>(
&self,
witness: &Self::Witness,
rng: &mut Rng
) -> Self::AnnounceSecret
Generates the secret data to create the announcement
sourcefn sample_response<Rng: CryptoRng + RngCore>(
&self,
rng: &mut Rng
) -> Self::Response
fn sample_response<Rng: CryptoRng + RngCore>(
&self,
rng: &mut Rng
) -> Self::Response
Uniformly samples a response from the response space of the Sigma protocol.
sourcefn respond(
&self,
witness: &Self::Witness,
statement: &Self::Statement,
announce_secret: Self::AnnounceSecret,
announce: &Self::Announcement,
challenge: &GenericArray<u8, Self::ChallengeLength>
) -> Self::Response
fn respond(
&self,
witness: &Self::Witness,
statement: &Self::Statement,
announce_secret: Self::AnnounceSecret,
announce: &Self::Announcement,
challenge: &GenericArray<u8, Self::ChallengeLength>
) -> Self::Response
Generates the prover’s response for the verifier’s challenge.
sourcefn implied_announcement(
&self,
statement: &Self::Statement,
challenge: &GenericArray<u8, Self::ChallengeLength>,
response: &Self::Response
) -> Option<Self::Announcement>
fn implied_announcement(
&self,
statement: &Self::Statement,
challenge: &GenericArray<u8, Self::ChallengeLength>,
response: &Self::Response
) -> Option<Self::Announcement>
Computes what the announcement must be for the response to be valid.
sourcefn hash_statement<H: Update>(&self, hash: &mut H, statement: &Self::Statement)
fn hash_statement<H: Update>(&self, hash: &mut H, statement: &Self::Statement)
Hashes the statement.
sourcefn hash_announcement<H: Update>(
&self,
hash: &mut H,
announcement: &Self::Announcement
)
fn hash_announcement<H: Update>(
&self,
hash: &mut H,
announcement: &Self::Announcement
)
Hashes the announcement.
sourcefn hash_witness<H: Update>(&self, hash: &mut H, witness: &Self::Witness)
fn hash_witness<H: Update>(&self, hash: &mut H, witness: &Self::Witness)
Hashes the witness.