sigma_protocol_proof - [devnet]

此内容尚不支持你的语言。

use 0x1::option;
use 0x1::ristretto255;
use 0x1::sigma_protocol_witness;
use 0x1::vector;

Constants

When creating a Proof, the # of commitment points must match the # of compressed commitment points.

const E_MISMATCHED_NUMBER_OF_COMPRESSED_POINTS: u64 = 1;

Structs

`Proof`

A sigma protocol proof always consists of:

a commitment $A \in \mathbb{G}^m$
a compressed commitment (redundant, for faster Fiat-Shamir)
a response $\sigma \in \mathbb{F}^k$

struct Proof has drop

Fields

comm_A: vector<ristretto255::RistrettoPoint>
compressed_comm_A: vector<ristretto255::CompressedRistretto>
resp_sigma: vector<ristretto255::Scalar>

Functions

`new_proof`

Creates a new proof consisting of the commitment $A \in \mathbb{G}^m$ and the scalars $\sigma \in \mathbb{F}^k$ .

public(friend) fun new_proof(_A: vector<ristretto255::RistrettoPoint>, compressed_A: vector<ristretto255::CompressedRistretto>, sigma: vector<ristretto255::Scalar>): sigma_protocol_proof::Proof

Implementation

public(friend) fun new_proof(
    _A: vector<RistrettoPoint>,
    compressed_A: vector<CompressedRistretto>,
    sigma: vector<Scalar>
): Proof {
    assert!(_A.length() == compressed_A.length(), error::invalid_argument(E_MISMATCHED_NUMBER_OF_COMPRESSED_POINTS));

    Proof {
        comm_A: _A,
        compressed_comm_A: compressed_A,
        resp_sigma: sigma,
    }
}

`new_proof_from_bytes`

Deserializes the elliptic curve points and scalars and then calls new_proof.

public(friend) fun new_proof_from_bytes(_A_bytes: vector<vector<u8>>, sigma_bytes: vector<vector<u8>>): sigma_protocol_proof::Proof

Implementation

public(friend) fun new_proof_from_bytes(
    _A_bytes: vector<vector<u8>>,
    sigma_bytes: vector<vector<u8>>
): Proof {
    let (_A, compressed_A) = sigma_protocol_utils::deserialize_points(_A_bytes);

    new_proof(_A, compressed_A, sigma_protocol_utils::deserialize_scalars(sigma_bytes))
}

`response_to_witness`

Returns a Witness with the w field set to the proof’s $\sigma$ field. This is needed during proof verification: when calling the homomorphism on the Proof’s $\sigma$ , it expects a Witness not a vector<Scalar>.

public(friend) fun response_to_witness(self: &sigma_protocol_proof::Proof): sigma_protocol_witness::Witness

Implementation

public(friend) fun response_to_witness(self: &Proof): Witness {
    new_secret_witness(self.resp_sigma)
}

`get_commitment`

public(friend) fun get_commitment(self: &sigma_protocol_proof::Proof): &vector<ristretto255::RistrettoPoint>

Implementation

public(friend) fun get_commitment(self: &Proof): &vector<RistrettoPoint> {
    &self.comm_A
}

`get_compressed_commitment`

public(friend) fun get_compressed_commitment(self: &sigma_protocol_proof::Proof): &vector<ristretto255::CompressedRistretto>

Implementation

public(friend) fun get_compressed_commitment(self: &Proof): &vector<CompressedRistretto> {
    &self.compressed_comm_A
}

`get_response_length`

public(friend) fun get_response_length(self: &sigma_protocol_proof::Proof): u64

Implementation

public(friend) fun get_response_length(self: &Proof): u64 {
    self.resp_sigma.length()
}