Expand description
Zero-knowledge proof (ZKP) functions based on DLP construction.
Functions§
- get_
random_ u8 - prove_
either_ equality_ relationship_ proof - Proves three commitments satisfying either or equality relationships, i.e. the values embedded in c1_point = c1_value * c_basepoint + c1_blinding * blinding_basepoint c2_point = c2_value * c_basepoint + c2_blinding * blinding_basepoint c3_point = c3_blinding * blinding_basepoint where c1_value = c2_value or 0, It returns a proof for the above equality relationship.
- prove_
equality_ relationship_ proof - Proves two commitments satisfying an equality relationship, i.e. the values embedded in c1_point and c2_point satisfying c1_value = c2_value, where c1_point = c1_value * basepoint1, c2_point = c2_value * basepoint2. It returns a proof for the above equality relationship.
- prove_
format_ proof - Proves two commitments satisfying an equality relationship, i.e. the values embedded in c1_point and c2_point satisfying c1_blinding = c2_blinding, where c1_point = c1_value * c1_basepoint + c1_blinding * blinding_basepoint, c2_point = c2_blinding * c2_basepoint. It returns a proof for the above equality relationship.
- prove_
knowledge_ proof - Proves owner know a commitment’s secret value c_value and c_blinding, i.e. the values embedded in c_point = c_value * c_basepoint + c_blinding * blinding_basepoint It returns a proof for the above balance relationship.
- prove_
product_ relationship - Proves three commitments satisfying a product relationship, i.e. the values embedded in them satisfying c1_value * c2_value = c3_value. c3_value is not in the argument list, and will be directly computed from c1_value * c2_value. c?_blinding are random blinding values used in the commitments. The commitments (c?_valuevalue_basepoint+c?_blindingblinding_basepoint) are not in the argument list, as they are not directly used by the proof generation. It returns a proof for the above product relationship.
- prove_
sum_ relationship - Proves three commitments satisfying a sum relationship, i.e. the values embedded in them satisfying c1_value + c2_value = c3_value. c3_value is not in the argument list, and will be directly computed from c1_value + c2_value. c?_blinding are random blinding values used in the commitments. The commitments (c?_valuevalue_basepoint+c?_blindingblinding_basepoint) are not in the argument list, as they are not directly used by the proof generation. It returns a proof for the above sum relationship.
- verify_
either_ equality_ relationship_ proof - Verifies owner know a commitment’s secret value c_value and c_blinding, i.e. the values embedded in c_point = c_value * c_basepoint + c_blinding * blinding_basepoint
- verify_
equality_ relationship_ proof - Verifies two commitments satisfying an equality relationship, i.e. the values embedded in c1_point, c2_point satisfying c1_value = c2_value, where c1_point = c1_value * basepoint1, c2_point = c2_value * basepoint2.
- verify_
equality_ relationship_ proof_ in_ batch - Verifies all commitment pairs satisfying equality relationships, where each commitment pair contains two commitment points, c1_point = c1_point_list[i], c2_point = c2_point_list[i], and the values embedded in c1_point, c2_point satisfying c1_value = c2_value.
- verify_
format_ proof - Verifies two commitments satisfying an equality relationship, i.e. the values embedded in c1_point and c2_point satisfying c1_blinding = c2_blinding, where c1_point = c1_value * c1_basepoint + c1_blinding * blinding_basepoint, c2_point = c2_blinding * c2_basepoint.
- verify_
format_ proof_ in_ batch - Verifies all commitment pairs satisfying equality relationships, where each commitment pair contains two commitment points, c1_point = c1_point_list[i], c2_point = c2_point_list[i], and the values embedded in c1_point, c2_point satisfying c1_blinding = c2_blinding.
- verify_
knowledge_ proof - Verifies owner know a commitment’s secret value c_value and c_blinding, i.e. the values embedded in c_point = c_value * c_basepoint + c_blinding * blinding_basepoint
- verify_
knowledge_ proof_ in_ batch - Verifies all commitment pairs satisfying knowledge relationships, where each commitment pair contains one commitment points, c_point = c_point_list[i], the values embedded in c_point = c_value * c_basepoint + c_blinding * blinding_basepoint
- verify_
product_ relationship - Verifies three commitments satisfying a product relationship, i.e. the values embedded in c1_point, c2_point, c3_point satisfying c1_value * c2_value = c3_value.
- verify_
product_ relationship_ in_ batch - Verifies all commitment tuples satisfying product relationships, where each commitment tuple contains three commitment points, c1_point = c1_point_list[i], c2_point = c2_point_list[i], c3_point = c3_point_list[i], and the values embedded in c1_point, c2_point, c3_point satisfying c1_value * c2_value = c3_value.
- verify_
sum_ relationship - Verifies three commitments satisfying a sum relationship, i.e. the values embedded in c1_point, c2_point, c3_point satisfying c1_value + c2_value = c3_value.
- verify_
sum_ relationship_ in_ batch - Verifies all commitment tuples satisfying sum relationships, where each commitment tuple contains three commitment points, c1_point = c1_point_list[i], c2_point = c2_point_list[i], c3_point = c3_point_list[i], and the values embedded in c1_point, c2_point, c3_point satisfying c1_value + c2_value = c3_value.