Documentation
¶
Index ¶
- func NewIPAProver(innerProduct *mathlib.Zr, leftVector, rightVector []*mathlib.Zr, Q *mathlib.G1, ...) *ipaProver
- func NewIPAVerifier(innerProduct *mathlib.Zr, Q *mathlib.G1, leftGens, rightGens []*mathlib.G1, ...) *ipaVerifier
- func NewRangeProver(com *math.G1, value uint64, commitmentGen []*math.G1, blindingFactor *math.Zr, ...) *rangeProver
- func NewRangeVerifier(com *math.G1, commitmentGen []*math.G1, leftGen []*math.G1, ...) *rangeVerifier
- type IPA
- type RangeCorrectness
- type RangeCorrectnessProver
- type RangeCorrectnessVerifier
- type RangeProof
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewIPAProver ¶
func NewIPAProver( innerProduct *mathlib.Zr, leftVector, rightVector []*mathlib.Zr, Q *mathlib.G1, leftGens, rightGens []*mathlib.G1, Commitment *mathlib.G1, rounds uint64, c *mathlib.Curve, ) *ipaProver
NewIPAProver returns an ipaProver as a function of the passed arguments
func NewIPAVerifier ¶
func NewIPAVerifier( innerProduct *mathlib.Zr, Q *mathlib.G1, leftGens, rightGens []*mathlib.G1, Commitment *mathlib.G1, rounds uint64, c *mathlib.Curve, ) *ipaVerifier
NewIPAVerifier returns an ipaVerifier as a function of the passed arguments
func NewRangeProver ¶
func NewRangeProver( com *math.G1, value uint64, commitmentGen []*math.G1, blindingFactor *math.Zr, leftGen []*math.G1, rightGen []*math.G1, P, Q *math.G1, numberOfRounds, bitLength uint64, curve *math.Curve, ) *rangeProver
NewRangeProver returns a rangeProver based on the passed arguments
Types ¶
type IPA ¶
type IPA struct {
// Left is the result of the reduction protocol of the left vector
Left *mathlib.Zr
// Right is the result of the reduction protocol of the right vector
Right *mathlib.Zr
// L is an array that contains commitments to the intermediary values
// of the reduction protocol. The size of L is logarithmic in the size
// of the left/right vector
L []*mathlib.G1
// R is an array that contains commitments to the intermediary values
// of the reduction protocol. The size of R is logarithmic in the size
// of the left/right vector
R []*mathlib.G1
}
IPA contains the proof that the inner product argument prover sends to the verifier
type RangeCorrectness ¶
type RangeCorrectness struct {
Proofs []*RangeProof
}
type RangeCorrectnessProver ¶
type RangeCorrectnessProver struct {
Commitments []*math.G1
Values []uint64
BlindingFactors []*math.Zr
PedersenParameters []*math.G1
LeftGenerators []*math.G1
RightGenerators []*math.G1
BitLength uint64
NumberOfRounds uint64
P *math.G1
Q *math.G1
Curve *math.Curve
}
func (*RangeCorrectnessProver) Prove ¶
func (p *RangeCorrectnessProver) Prove() (*RangeCorrectness, error)
type RangeCorrectnessVerifier ¶
type RangeCorrectnessVerifier struct {
Commitments []*math.G1
PedersenParameters []*math.G1
LeftGenerators []*math.G1
RightGenerators []*math.G1
BitLength uint64
NumberOfRounds uint64
P *math.G1
Q *math.G1
Curve *math.Curve
}
func (*RangeCorrectnessVerifier) Verify ¶
func (v *RangeCorrectnessVerifier) Verify(rc *RangeCorrectness) error
type RangeProof ¶
type RangeProof struct {
// T1 is a Pedersen commitment to a random tau1
T1 *math.G1
// T2 is a Pedersen commitment a random tau2
T2 *math.G1
// Tau = tau1x + tau2x^2 for a random challenge x
Tau *math.Zr
// C is a hiding Pedersen commitment to vectors left = (b_0, ...,b_{n-1})
// and right = (b_0 - 1, ..., b_{n-1}-1) with randomness rho, where
// v = \sum_{i=0}^{n-1} b_i 2^i, and n = BitLength
C *math.G1
// D is a hiding Pedersen commitment to two random vectors
// with randomness eta
D *math.G1
// Delta = rho + x eta
Delta *math.Zr
// InnerProduct is the value of the inner product of the vectors committed in the non-hiding
// commitment C*D^x/P^Delta
InnerProduct *math.Zr
// IPA is the proof that shows that InnerProduct is correct
IPA *IPA
}
RangeProof proves that a committed value < max
Source Files
Click to show internal directories.
Click to hide internal directories.