Struct elastic_elgamal::ProofOfPossession
source · pub struct ProofOfPossession<G: Group> { /* private fields */ }
Expand description
Zero-knowledge proof of possession of one or more secret scalars.
§Construction
The proof is a generalization of the standard Schnorr protocol for proving knowledge of a discrete log. The difference with the combination of several concurrent Schnorr protocol instances is that the challenge is shared among all instances (which yields a ~2x proof size reduction).
§Implementation notes
- Proof generation is constant-time. Verification is not constant-time.
§Examples
let mut rng = thread_rng();
let keypairs: Vec<_> =
(0..5).map(|_| Keypair::<Ristretto>::generate(&mut rng)).collect();
// Prove possession of the generated key pairs.
let proof = ProofOfPossession::new(
&keypairs,
&mut Transcript::new(b"custom_proof"),
&mut rng,
);
proof.verify(
keypairs.iter().map(Keypair::public),
&mut Transcript::new(b"custom_proof"),
)?;
// If we change the context of the `Transcript`, the proof will not verify.
assert!(proof
.verify(
keypairs.iter().map(Keypair::public),
&mut Transcript::new(b"other_proof"),
)
.is_err());
// Likewise if the public keys are reordered.
assert!(proof
.verify(
keypairs.iter().rev().map(Keypair::public),
&mut Transcript::new(b"custom_proof"),
)
.is_err());
Implementations§
source§impl<G: Group> ProofOfPossession<G>
impl<G: Group> ProofOfPossession<G>
sourcepub fn new<R: CryptoRng + RngCore>(
keypairs: &[Keypair<G>],
transcript: &mut Transcript,
rng: &mut R
) -> Self
pub fn new<R: CryptoRng + RngCore>( keypairs: &[Keypair<G>], transcript: &mut Transcript, rng: &mut R ) -> Self
Creates a proof of possession with the specified keypairs
.
sourcepub fn verify<'a>(
&self,
public_keys: impl Iterator<Item = &'a PublicKey<G>> + Clone,
transcript: &mut Transcript
) -> Result<(), VerificationError>
pub fn verify<'a>( &self, public_keys: impl Iterator<Item = &'a PublicKey<G>> + Clone, transcript: &mut Transcript ) -> Result<(), VerificationError>
Verifies this proof against the provided public_keys
.
§Errors
Returns an error if this proof does not verify.
Trait Implementations§
source§impl<G: Clone + Group> Clone for ProofOfPossession<G>
impl<G: Clone + Group> Clone for ProofOfPossession<G>
source§fn clone(&self) -> ProofOfPossession<G>
fn clone(&self) -> ProofOfPossession<G>
Returns a copy of the value. Read more
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source
. Read moresource§impl<'de, G: Group> Deserialize<'de> for ProofOfPossession<G>
impl<'de, G: Group> Deserialize<'de> for ProofOfPossession<G>
source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
Auto Trait Implementations§
impl<G> Freeze for ProofOfPossession<G>
impl<G> RefUnwindSafe for ProofOfPossession<G>
impl<G> Send for ProofOfPossession<G>
impl<G> Sync for ProofOfPossession<G>
impl<G> Unpin for ProofOfPossession<G>
impl<G> UnwindSafe for ProofOfPossession<G>
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more