elastic_elgamal

Struct ProofOfPossession

Source 
pub struct ProofOfPossession<G: Group> { /* private fields */ }
Expand description

Zero-knowledge proof of possession of one or more secret scalars.

§Construction

The proof is a generalization of the standard Schnorr protocol for proving knowledge of a discrete log. The difference with the combination of several concurrent Schnorr protocol instances is that the challenge is shared among all instances (which yields a ~2x proof size reduction).

§Implementation notes

  • Proof generation is constant-time. Verification is not constant-time.

§Examples

let mut rng = thread_rng();
let keypairs: Vec<_> =
    (0..5).map(|_| Keypair::<Ristretto>::generate(&mut rng)).collect();

// Prove possession of the generated key pairs.
let proof = ProofOfPossession::new(
    &keypairs,
    &mut Transcript::new(b"custom_proof"),
    &mut rng,
);
proof.verify(
    keypairs.iter().map(Keypair::public),
    &mut Transcript::new(b"custom_proof"),
)?;

// If we change the context of the `Transcript`, the proof will not verify.
assert!(proof
    .verify(
        keypairs.iter().map(Keypair::public),
        &mut Transcript::new(b"other_proof"),
    )
    .is_err());
// Likewise if the public keys are reordered.
assert!(proof
    .verify(
        keypairs.iter().rev().map(Keypair::public),
        &mut Transcript::new(b"custom_proof"),
    )
    .is_err());

Implementations§

Source§

impl<G: Group> ProofOfPossession<G>

Source

pub fn new<R: CryptoRng + RngCore>( keypairs: &[Keypair<G>], transcript: &mut Transcript, rng: &mut R, ) -> Self

Creates a proof of possession with the specified keypairs.

Source

pub fn verify<'a>( &self, public_keys: impl Iterator<Item = &'a PublicKey<G>> + Clone, transcript: &mut Transcript, ) -> Result<(), VerificationError>

Verifies this proof against the provided public_keys.

§Errors

Returns an error if this proof does not verify.

Trait Implementations§

Source§

impl<G: Clone + Group> Clone for ProofOfPossession<G>
where G::Scalar: Clone,

Source§

fn clone(&self) -> ProofOfPossession<G>

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<G: Debug + Group> Debug for ProofOfPossession<G>
where G::Scalar: Debug,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de, G: Group> Deserialize<'de> for ProofOfPossession<G>

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl<G: Group> Serialize for ProofOfPossession<G>

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

§

impl<G> Freeze for ProofOfPossession<G>
where <G as ScalarOps>::Scalar: Freeze,

§

impl<G> RefUnwindSafe for ProofOfPossession<G>
where <G as ScalarOps>::Scalar: RefUnwindSafe,

§

impl<G> Send for ProofOfPossession<G>
where <G as ScalarOps>::Scalar: Send,

§

impl<G> Sync for ProofOfPossession<G>
where <G as ScalarOps>::Scalar: Sync,

§

impl<G> Unpin for ProofOfPossession<G>
where <G as ScalarOps>::Scalar: Unpin,

§

impl<G> UnwindSafe for ProofOfPossession<G>
where <G as ScalarOps>::Scalar: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,