zerocaf/
lib.rs

1#![doc(html_logo_url = "https://lh3.googleusercontent.com/SmwswGxtgIANTbDrCOn5EKcRBnVdHjmYsHYxLq2HZNXWCQ9-fZyaea-bNgdX9eR0XGSqiMFi=w128-h128-e365")]
2#![doc(html_favicon_url = "https://dusk.network/lib/img/favicon-16x16.png")]
3//! <a href="https://codecov.io/gh/dusk-network/Dusk-Zerocaf">
4//! <img src="https://codecov.io/gh/dusk-network/Dusk-Zerocaf/branch/master/graph/badge.svg" />
5//! </a>
6//! <a href="https://travis-ci.com/dusk-network/dusk-zerocaf">
7//! <img src="https://travis-ci.com/dusk-network/dusk-zerocaf.svg?branch=master" />
8//! </a>
9//! <a href="https://github.com/dusk-network/dusk-zerocaf">
10//! <img alt="GitHub closed issues" src="https://img.shields.io/github/issues-closed/dusk-network/dusk-zerocaf.svg?color=4C4CFF">
11//! </a>
12//! <a href="https://crates.io/crates/zerocaf">
13//! <img alt="Crates.io" src="https://img.shields.io/crates/v/zerocaf.svg?color=f07900">
14//! </a>
15//! </hr>
16//! 
17//! <div>
18//! <img src="https://camo.githubusercontent.com/db129d98b9686d0db27a9fd27c8e54086b14a6a7/68747470733a2f2f692e696d6775722e636f6d2f496a61645a50592e6a7067" width="100%" />
19//! </div>
20//! <br>
21//! 
22//! # What is Zerocaf?
23//! Zerocaf is a pure Rust cryptographic library constructed to define operations for an elliptic curve embedded
24//! into the Ristretto scalar field, which allows the construction of prime order groups
25//! from an otherwise non prime order curve. <br>
26//! 
27//! The ultimate purpose of defining operations is for set inclusion proofs - where it is shown, in zero-knowledge, 
28//! that a private key exists in a set of many public keys. <br>
29//! 
30//! Additionally, the zero-knowledge proofs use Bulletproofs as the argument for arithmetic circuits
31//! that are used to form arbitrary constraint systems.
32//! 
33//! # What can it be used for?
34//! The main goal of the library, as said before, is to be the base of operations over set inclusion proofs
35//! and other Zero-Knowledge protocols.<br>
36//! 
37//! But since Zerocaf is build upon the Doppio Curve using the Ristretto protocol, it allows other devs to build
38//! cryptographic protocols over it without needing to take care about the co-factor of the curve. <br>
39//! 
40//! This, brings to developers, a good mathematical backend library which can be used as a `mid-level` API
41//! for building all kinds of cryptographic protocols over it such as key agreement, signatures, 
42//! anonymous credentials, rangeproofs... <br>
43//! 
44//! # Usage
45//! To import the library as a dependency of your project, just add on your `Cargo.toml`s project file:
46//! ```toml
47//! zerocaf = "0.1.1"
48//! ```
49//! 
50//! Then import the crate as:
51//! ```rust
52//! extern crate zerocaf;
53//! ```
54//! 
55//! # Backends.
56//! Zerocaf has been built following the [Curve25519-dalek](https://docs.rs/curve25519-dalek/1.2.1/curve25519_dalek/) library structure, which allows for multiple
57//! backend implementations. All of the works are built to enable modularity.<br>
58//! 
59//! Currently, `Zerocaf` has implemented the u64 backend.
60//! By default, the `u64` backend is the one which is used to perform all of
61//! the operations.
62//! Additionly, for future works, we would like to implement a `u32` backend aswell. <br>
63//! 
64//! To select a backend type, the following method can be used:
65//! ```sh
66//! // For unoptimized builds:
67//! cargo build --features "u64_backend"
68//! 
69//! // For optimized/release builds:
70//! cargo build --release --features "u64_backend"
71//! ``` 
72//! <br>
73//! 
74//! NOTE: If no backend is selected, the compilation will fail!<br>
75//! 
76//! # Security and features of Zerocaf
77//! 
78//! As is previously mentioned, zerocaf is designed to host the fastest possible curve operations whilst
79//! simultaneously avoiding all of the drawbacks associated with having a cofactor such that h > 1.<br>
80//! 
81//! To achieve this we make use of Ristretto, which is a technique to construct prime order elliptic curve groups.
82//! The Ristretto protocol compresses the cofactor by adding a thin abstraction layer to allow small changes
83//! in code to ultimately omit the cofactor issues. <br>
84//! 
85//! This is achieved by having defining the twisted edwards curve over the ristretto scalar field, 
86//! which means to perform every operation on the curve in modulo L, 
87//! where L is the order of the ristretto scalar field. <br>
88//! 
89//! `L =  2^252 + 27742317777372353535851937790883648493`. <br> 
90//! 
91//! By expounding the operations in this manner, we can benefit from the speed of a non-prime order twisted 
92//! edwards curve whilst not suffering the pitfalls of a cofactor greater than one.
93//! 
94//! 
95//! # Performance & Benchmarks
96//! Benchmarks have been implemented using [Criterion.rs](https://docs.rs/criterion/0.2.11/criterion/).
97//! To run them just execute `cargo bench` on the repository root.<br>
98//! 
99//! All of the operatons have been implemented using bit-shifting techniques to allow better performance
100//! and a significant reduction in execution time.  
101//! 
102//! # Examples
103//! We are planning to add some examples about tha basics of the `Zerocaf` library usage.<br>
104//! They will be uploaded to the [examples](https://github.com/dusk-network/dusk-zerocaf/tree/master/docs) folder.<br>
105//! 
106//! This is a very basic usage example of the Zerocaf lib:
107//! ```rust
108//! extern crate zerocaf;
109//! extern crate rand;
110//! 
111//! use zerocaf::field::FieldElement;
112//! use zerocaf::scalar::Scalar;
113//! use zerocaf::edwards::EdwardsPoint;
114//! 
115//! use rand::{Rng, thread_rng};
116//! 
117//! fn main() -> () {
118//! 
119//!     // Let G be an `EdwardsPoint` which is a point over the Twisted Eds Extended Coordinates. 
120//!     let G: EdwardsPoint = EdwardsPoint {
121//!         X: FieldElement([23, 0, 0, 0, 0]),
122//!         Y: FieldElement([1664892896009688, 132583819244870, 812547420185263, 637811013879057, 13284180325998]),
123//!         Z: FieldElement([1, 0, 0, 0, 0]),
124//!         T: FieldElement([4351986304670635, 4020128726404030, 674192131526433, 1158854437106827, 6468984742885])
125//!     };
126//! 
127//!     let scalar: Scalar = rand_scalar_generation();
128//!     println!("{:?}", scalar);
129//! 
130//!     // Perform G*k, Point mul uses the `add_and_double` standard algorithm.
131//!     let P = &G  * &scalar;
132//!     println!("{:?}", P);
133//! }
134//! 
135//! /// Generate a random `Scalar` defined over the sub-group field
136//! /// modulo: `2^249 - 15145038707218910765482344729778085401`
137//! pub fn rand_scalar_generation() -> Scalar {
138//!     // Gen random 32-byte array. 
139//!     let mut bytes = [0u8;32];
140//! 
141//!     // Fill the bytes varible with random bytes. We can use the 32 bytes co give
142//!     // total randomness but then we will need to be aware because we can generate
143//!     // values greater than `L = 2^252 + 27742317777372353535851937790883648493` and
144//!     // the program will panic if we don't catch the error correctly on the 
145//!     // `from_bytes()` Scalar method call.
146//!     thread_rng().try_fill(&mut bytes[..31]).expect("Error getting the random bytes");
147//! 
148//!     Scalar::from_bytes(&bytes)
149//! }
150//! ```
151//! <br>
152//! We will also publish some videos talking about how is the library built and
153//! the maths that are happening behind the scenes.<br>
154//! Videos can also include programming examples using `Zerocaf` as a dependency.<br>
155//! You can check them on the [Dusk Network Youtube Channel](https://www.youtube.com/channel/UCAfY3VcuaxAelPp44B253Rw).
156//! 
157
158
159// Used for traits related to constant-time code.
160extern crate subtle;
161// Used for Ristretto255Scalar trait.
162extern crate curve25519_dalek;
163extern crate num;
164
165
166pub mod backend;
167pub mod constants;
168pub mod edwards;
169pub mod field;
170pub mod montgomery;
171pub mod scalar;
172pub mod traits;