umbral_pre

Struct ReencryptionEvidence

Source 
pub struct ReencryptionEvidence {
Show 16 fields
    pub e: CurvePoint,
    pub ez: CurvePoint,
    pub e1: CurvePoint,
    pub e1h: CurvePoint,
    pub e2: CurvePoint,
    pub v: CurvePoint,
    pub vz: CurvePoint,
    pub v1: CurvePoint,
    pub v1h: CurvePoint,
    pub v2: CurvePoint,
    pub uz: CurvePoint,
    pub u1: CurvePoint,
    pub u1h: CurvePoint,
    pub u2: CurvePoint,
    pub kfrag_validity_message_hash: GenericArray<u8, <Sha256 as OutputSizeUser>::OutputSize>,
    pub kfrag_signature_v: bool,

}
Expand description

A collection of data to prove the validity of reencryption.

In combination with the return values of Capsule::to_bytes_simple and CapsuleFrag::to_bytes_simple, it can be used to perform the following checks:

  1. Check that Alice’s verifying key (or the corresponding Ethereum address) can be derived from CapsuleFrag::kfrag_signature, kfrag_validity_message_hash, and the recovery byte kfrag_signature_v (true corresponds to 0x01 and false to 0x00).

  2. Zero-knowledge verification (performed in CapsuleFrag::verify):

    • z * e == h * e1 + e2 (correct re-encryption of e);
    • z * v == h * v1 + v2 (correct re-encryption of v);
    • z * u == h * u1 + u2 (correct re-encryption key commitment).

Here z == CapsuleFrag::signature, u is the constant scheme parameter (can be hardcoded in the contract performing the check, see Parameters::u for the value), e and v are from Capsule::to_bytes_simple, and e1, e2, v1, v2, u1, u2 are from CapsuleFrag::to_bytes_simple.

The serialized capsule and cfrag have these points in the compressed form, so this struct provides both coordinates to let the user avoid uncompressing the point. Instead one can just check that the the y coordinate corresponds to the sign in the compressed point, and that the whole point is on the curve.

h is the challenge scalar, see hash_to_cfrag_verification for the details on how to reproduce its calculation.

Fields§

§e: CurvePoint

Same as e in Capsule::to_bytes_simple.

§ez: CurvePoint

Precalculated z * e, where z == CapsuleFrag::signature in CapsuleFrag::to_bytes_simple.

§e1: CurvePoint

Same as e1 in CapsuleFrag::to_bytes_simple.

§e1h: CurvePoint

Precalculated h * e1, where h is obtained from hash_to_cfrag_verification.

§e2: CurvePoint

Same as e2 in CapsuleFrag::to_bytes_simple.

§v: CurvePoint

Same as v in Capsule::to_bytes_simple.

§vz: CurvePoint

Precalculated z * v, where z == CapsuleFrag::signature in CapsuleFrag::to_bytes_simple.

§v1: CurvePoint

Same as v1 in CapsuleFrag::to_bytes_simple.

§v1h: CurvePoint

Precalculated h * v1, where h is obtained from hash_to_cfrag_verification.

§v2: CurvePoint

Same as v2 in CapsuleFrag::to_bytes_simple.

§uz: CurvePoint

Precalculated z * u, where z == CapsuleFrag::signature in CapsuleFrag::to_bytes_simple, and u is Parameters::u.

§u1: CurvePoint

Same as u1 in CapsuleFrag::to_bytes_simple.

§u1h: CurvePoint

Precalculated h * u1, where h is obtained from hash_to_cfrag_verification.

§u2: CurvePoint

Same as u2 in CapsuleFrag::to_bytes_simple.

§kfrag_validity_message_hash: GenericArray<u8, <Sha256 as OutputSizeUser>::OutputSize>

The hashed message used to create kfrag_signature in CapsuleFrag::to_bytes_simple.

§kfrag_signature_v: bool

The recovery byte corresponding to kfrag_signature in CapsuleFrag::to_bytes_simple (true corresponds to 0x01 and false to 0x00).

Implementations§

Source§

impl ReencryptionEvidence

Source

pub fn new( capsule: &Capsule, vcfrag: &VerifiedCapsuleFrag, verifying_pk: &PublicKey, delegating_pk: &PublicKey, receiving_pk: &PublicKey, ) -> Result<Self, String>

Creates the new evidence given the capsule and the reencrypted capsule frag.

Trait Implementations§

Source§

impl Clone for ReencryptionEvidence

Source§

fn clone(&self) -> ReencryptionEvidence

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for ReencryptionEvidence

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> DefaultDeserialize<'de> for ReencryptionEvidence

Available on crate feature default-serialization only.
Source§

fn from_bytes(bytes: &'de [u8]) -> Result<Self, Error>

Deserializes a bytestring into this object.
Source§

impl DefaultSerialize for ReencryptionEvidence

Available on crate feature default-serialization only.
Source§

fn to_bytes(&self) -> Result<Box<[u8]>, Error>

Serializes this object.
Source§

impl<'de> Deserialize<'de> for ReencryptionEvidence

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Serialize for ReencryptionEvidence

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,