bulletproofs

package
v0.0.0-...-84e2b5b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2022 License: GPL-3.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var MAX_RANGE_END int64 = 4294967296 // 2**32
View Source 
var MAX_RANGE_END_EXPONENT = 32 // 2**32
View Source 
var ORDER = p256.CURVE.N
View Source 
var SEEDH = "BulletproofsDoesNotNeedTrustedSetupH"
View Source 
var SEEDU = "BulletproofsDoesNotNeedTrustedSetupU"

Functions

func HashBP 

func HashBP(A, S *p256.P256) (*big.Int, *big.Int, error)

Hash is responsible for the computing a Zp element given elements from GT and G1.

func IsPowerOfTwo 

func IsPowerOfTwo(x int64) bool

IsPowerOfTwo returns true for arguments that are a power of 2, false otherwise. https://stackoverflow.com/a/600306/844313

func ScalarProduct 

func ScalarProduct(a, b []*big.Int) (*big.Int, error)

ScalarProduct return the inner product between a and b.

func SetupGeneric 

func SetupGeneric(a, b int64) (*bprp, error)

SetupGeneric is responsible for calling the Setup algorithm for each BulletProof.

func VectorAdd 

func VectorAdd(a, b []*big.Int) ([]*big.Int, error)

VectorAdd computes vector addition componentwisely.

func VectorConvertToBig 

func VectorConvertToBig(a []int64, n int64) ([]*big.Int, error)

VectorConvertToBig converts an array of int64 to an array of big.Int.

func VectorCopy 

func VectorCopy(a *big.Int, n int64) ([]*big.Int, error)

VectorCopy returns a vector composed by copies of a.

func VectorECAdd 

func VectorECAdd(a, b []*p256.P256) ([]*p256.P256, error)

VectorECMul computes vector EC addition componentwisely.

func VectorExp 

func VectorExp(a []*p256.P256, b []*big.Int) (*p256.P256, error)

VectorExp computes Prod_i^n{a[i]^b[i]}.

func VectorMul 

func VectorMul(a, b []*big.Int) ([]*big.Int, error)

VectorMul computes vector multiplication componentwisely.

func VectorScalarMul 

func VectorScalarMul(a []*big.Int, b *big.Int) ([]*big.Int, error)

VectorScalarMul computes vector scalar multiplication componentwisely.

func VectorSub 

func VectorSub(a, b []*big.Int) ([]*big.Int, error)

VectorSub computes vector addition componentwisely.

Types

type BulletProof 

type BulletProof struct {
	V                 *p256.P256
	A                 *p256.P256
	S                 *p256.P256
	T1                *p256.P256
	T2                *p256.P256
	Taux              *big.Int
	Mu                *big.Int
	Tprime            *big.Int
	InnerProductProof InnerProductProof
	Commit            *p256.P256
	Params            BulletProofSetupParams
}

BulletProofs structure contains the elements that are necessary for the verification of the Zero Knowledge Proof.

func Prove 

func Prove(secret *big.Int, params BulletProofSetupParams) (BulletProof, error)

Prove computes the ZK rangeproof. The documentation and comments are based on eprint version of Bulletproofs papers: https://eprint.iacr.org/2017/1066.pdf

func (*BulletProof) Verify 

func (proof *BulletProof) Verify() (bool, error)

Verify returns true if and only if the proof is valid.

type BulletProofSetupParams 

type BulletProofSetupParams struct {
	// N is the bit-length of the range.
	N int64
	// G is the Elliptic Curve generator.
	G *p256.P256
	// H is a new generator, computed using MapToGroup function,
	// such that there is no discrete logarithm relation with G.
	H *p256.P256
	// Gg and Hh are sets of new generators obtained using MapToGroup.
	// They are used to compute Pedersen Vector Commitments.
	Gg []*p256.P256
	Hh []*p256.P256
	// InnerProductParams is the setup parameters for the inner product proof.
	InnerProductParams InnerProductParams
}

BulletProofSetupParams is the structure that stores the parameters for the Zero Knowledge Proof system.

func Setup 

func Setup(b int64) (BulletProofSetupParams, error)

SetupInnerProduct is responsible for computing the common parameters. Only works for ranges to 0 to 2^n, where n is a power of 2 and n <= 32 TODO: allow n > 32 (need uint64 for that).

type InnerProductParams 

type InnerProductParams struct {
	N  int64
	Cc *big.Int
	Uu *p256.P256
	H  *p256.P256
	Gg []*p256.P256
	Hh []*p256.P256
	P  *p256.P256
}

InnerProductParams contains elliptic curve generators used to compute Pedersen commitments.

type InnerProductProof 

type InnerProductProof struct {
	N      int64
	Ls     []*p256.P256
	Rs     []*p256.P256
	U      *p256.P256
	P      *p256.P256
	Gg     *p256.P256
	Hh     *p256.P256
	A      *big.Int
	B      *big.Int
	Params InnerProductParams
}

InnerProductProof contains the elements used to verify the Inner Product Proof.

func (InnerProductProof) Verify 

func (proof InnerProductProof) Verify() (bool, error)

Verify is responsible for the verification of the Inner Product Proof.

type ProofBPRP 

type ProofBPRP struct {
	P1 BulletProof
	P2 BulletProof
}

ProofBPRP stores the generic ZKRP.

func ProveGeneric 

func ProveGeneric(secret *big.Int, params *bprp) (ProofBPRP, error)

BulletProof only works for interval in the format [0, 2^N). In order to allow generic intervals in the format [A, B) it is necessary to use 2 BulletProofs, as explained in Section 4.3 from the following paper: https://infoscience.epfl.ch/record/128718/files/CCS08.pdf

func (ProofBPRP) Verify 

func (proof ProofBPRP) Verify() (bool, error)

Verify call the Verification algorithm for each BulletProof argument.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.