Skip to content

Commit

Permalink
Revert a change
Browse files Browse the repository at this point in the history 
Signed-off-by: lovesh <[email protected]>
  • Loading branch information
@lovesh
lovesh committed Jul 18, 2024
1 parent afd78fe commit 0405015
Show file tree
Hide file tree
Showing 8 changed files with 78 additions and 65 deletions.
2 changes: 2 additions & 0 deletions bbs_plus/src/proof.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,8 @@ pub struct PoKOfSignatureG1Proof<E: Pairing> {
/// Proof of relation `g1 + h1*m1 + h2*m2 +.... + h_i*m_i` = `d*r3 + {h_0}*{-s'} + h1*{-m1} + h2*{-m2} + .... + h_j*{-m_j}` for all disclosed messages `m_i` and for all undisclosed messages `m_j`
#[serde_as(as = "ArkObjectBytes")]
pub T2: E::G1Affine,
/// The following could be achieved by using Either<SchnorrResponse, PartialSchnorrResponse> but serialization
/// for Either is not supported out of the box and had to be implemented
pub sc_resp_2: Option<SchnorrResponse<E::G1Affine>>,
pub sc_partial_resp_2: Option<PartialSchnorrResponse<E::G1Affine>>,
}
Expand Down
2 changes: 2 additions & 0 deletions bbs_plus/src/proof_23_cdl.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,8 @@ pub struct PoKOfSignature23G1Proof<E: Pairing> {
/// Proof of relation `g1 + h1*m1 + h2*m2 +.... + h_i*m_i` = `d*r3 + h1*{-m1} + h2*{-m2} + .... + h_j*{-m_j}` for all disclosed messages `m_i` and for all undisclosed messages `m_j`
#[serde_as(as = "ArkObjectBytes")]
pub T2: E::G1Affine,
/// The following could be achieved by using Either<SchnorrResponse, PartialSchnorrResponse> but serialization
/// for Either is not supported out of the box and had to be implemented
pub sc_resp_2: Option<SchnorrResponse<E::G1Affine>>,
pub sc_partial_resp_2: Option<PartialSchnorrResponse<E::G1Affine>>,
}
Expand Down
2 changes: 2 additions & 0 deletions bbs_plus/src/proof_23_ietf.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,8 @@ pub struct PoKOfSignature23G1Proof<E: Pairing> {
/// Proof of relation `\sum_{j \notin D}{h_j * m_j} - B_bar * 1/r - A_bar * e * 1/r = g + \sum_{i \in D}{h_i * m_i}`
#[serde_as(as = "ArkObjectBytes")]
pub T: E::G1Affine,
/// The following could be achieved by using Either<SchnorrResponse, PartialSchnorrResponse> but serialization
/// for Either is not supported out of the box and had to be implemented
pub sc_resp: Option<SchnorrResponse<E::G1Affine>>,
pub sc_partial_resp: Option<PartialSchnorrResponse<E::G1Affine>>,
}
Expand Down
2 changes: 2 additions & 0 deletions kvac/src/bbdt_2016/proof_cdh.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,8 @@ pub struct PoKOfMAC<G: AffineRepr> {
pub sc_C: PokTwoDiscreteLogs<G>,
#[serde_as(as = "ArkObjectBytes")]
pub t_msgs: G,
/// The following could be achieved by using Either<SchnorrResponse, PartialSchnorrResponse> but serialization
/// for Either is not supported out of the box and had to be implemented
pub sc_resp_msgs: Option<SchnorrResponse<G>>,
pub sc_partial_resp_msgs: Option<PartialSchnorrResponse<G>>,
}
Expand Down
1 change: 1 addition & 0 deletions proof_system/src/error.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,7 @@ pub enum ProofSystemError {
UnequalCiphertextChunksAndSchnorrResponses(usize, usize),
UnequalResponseOfSaverCiphertextAndChunk(usize),
ResponseForWitnessNotFoundForStatement(usize),
NoResponseFoundForWitnessRef(usize, usize),
}

impl From<SchnorrError> for ProofSystemError {
Expand Down
20 changes: 18 additions & 2 deletions proof_system/src/statement_proof.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,10 +284,17 @@ pub struct BoundCheckLegoGroth16ProofWhenAggregatingSnarks<E: Pairing> {
pub struct R1CSLegoGroth16Proof<E: Pairing> {
#[serde_as(as = "ArkObjectBytes")]
pub snark_proof: legogroth16::Proof<E>,
pub sp: PedersenCommitmentPartialProof<E::G1Affine>,
pub sp: PedersenCommitmentProof<E::G1Affine>,
}

impl<E: Pairing> R1CSLegoGroth16Proof<E> {
pub fn get_schnorr_response_for_message(
&self,
index: usize,
) -> Result<&E::ScalarField, ProofSystemError> {
self.sp.response.get_response(index).map_err(|e| e.into())
}

pub fn for_aggregation(&self) -> R1CSLegoGroth16ProofWhenAggregatingSnarks<E> {
R1CSLegoGroth16ProofWhenAggregatingSnarks {
commitment: self.snark_proof.d,
Expand All @@ -304,7 +311,16 @@ impl<E: Pairing> R1CSLegoGroth16Proof<E> {
pub struct R1CSLegoGroth16ProofWhenAggregatingSnarks<E: Pairing> {
#[serde_as(as = "ArkObjectBytes")]
pub commitment: E::G1Affine,
pub sp: PedersenCommitmentPartialProof<E::G1Affine>,
pub sp: PedersenCommitmentProof<E::G1Affine>,
}

impl<E: Pairing> R1CSLegoGroth16ProofWhenAggregatingSnarks<E> {
pub fn get_schnorr_response_for_message(
&self,
index: usize,
) -> Result<&E::ScalarField, ProofSystemError> {
self.sp.response.get_response(index).map_err(|e| e.into())
}
}

#[serde_as]
Expand Down
18 changes: 4 additions & 14 deletions proof_system/src/sub_protocols/r1cs_legogorth16.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,7 @@ use crate::{
};
use ark_ec::pairing::Pairing;
use ark_serialize::CanonicalSerialize;
use ark_std::{
collections::{BTreeMap, BTreeSet},
io::Write,
rand::RngCore,
vec::Vec,
UniformRand,
};
use ark_std::{collections::BTreeMap, io::Write, rand::RngCore, vec::Vec, UniformRand};
use dock_crypto_utils::randomized_pairing_check::RandomizedPairingChecker;
use legogroth16::{
calculate_d,
Expand Down Expand Up @@ -156,15 +150,13 @@ impl<'a, E: Pairing> R1CSLegogroth16Protocol<'a, E> {
self.id,
));
}
let comm_wit_count = self.proving_key.as_ref().unwrap().vk.commit_witness_count as usize;
let skip_responses_for = BTreeSet::from_iter(0..comm_wit_count);
Ok(StatementProof::R1CSLegoGroth16(R1CSLegoGroth16Proof {
snark_proof: self.snark_proof.take().unwrap(),
sp: self
.sp
.take()
.unwrap()
.gen_partial_proof_contribution_as_struct(challenge, &skip_responses_for)?,
.gen_proof_contribution_as_struct(challenge)?,
}))
}

Expand All @@ -177,7 +169,6 @@ impl<'a, E: Pairing> R1CSLegogroth16Protocol<'a, E> {
comm_key: &[E::G1Affine],
pvk: &PreparedVerifyingKey<E>,
pairing_checker: &mut Option<RandomizedPairingChecker<E>>,
missing_responses: BTreeMap<usize, E::ScalarField>,
) -> Result<(), ProofSystemError> {
let snark_proof = &proof.snark_proof;
match pairing_checker {
Expand All @@ -201,7 +192,7 @@ impl<'a, E: Pairing> R1CSLegogroth16Protocol<'a, E> {
// NOTE: value of id is dummy
let sp = SchnorrProtocol::new(10000, comm_key, proof.snark_proof.d);

sp.verify_partial_proof_contribution(challenge, &proof.sp, missing_responses)
sp.verify_proof_contribution(challenge, &proof.sp)
.map_err(|e| ProofSystemError::SchnorrProofContributionFailed(self.id as u32, e))
}

Expand All @@ -210,11 +201,10 @@ impl<'a, E: Pairing> R1CSLegogroth16Protocol<'a, E> {
challenge: &E::ScalarField,
proof: &R1CSLegoGroth16ProofWhenAggregatingSnarks<E>,
comm_key: &[E::G1Affine],
missing_responses: BTreeMap<usize, E::ScalarField>,
) -> Result<(), ProofSystemError> {
// NOTE: value of id is dummy
let sp = SchnorrProtocol::new(10000, comm_key, proof.commitment);
sp.verify_partial_proof_contribution(challenge, &proof.sp, missing_responses)
sp.verify_proof_contribution(challenge, &proof.sp)
.map_err(|e| ProofSystemError::SchnorrProofContributionFailed(self.id as u32, e))
}

Expand Down
96 changes: 47 additions & 49 deletions proof_system/src/verifier.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -505,27 +505,6 @@ impl<E: Pairing> Proof<E> {
StatementProof::PoKPSSignature(p) => {
let sig_params = s.get_params(&proof_spec.setup_params, s_idx)?;
let pk = s.get_public_key(&proof_spec.setup_params, s_idx)?;
// // Check witness equalities for this statement.
// let revealed_msg_ids: Vec<_> =
// s.revealed_messages.keys().copied().collect();
// for i in 0..sig_params.supported_message_count() {
// let w_ref = (s_idx, i);
// for j in 0..witness_equalities.len() {
// if witness_equalities[j].contains(&w_ref) {
// let resp = p.response_for_message(
// i,
// revealed_msg_ids.iter().copied(),
// )?;
// Self::check_response_for_equality(
// s_idx,
// i,
// j,
// &mut responses_for_equalities,
// resp,
// )?;
// }
// }
// }
transcript.set_label(PS_LABEL);
p.challenge_contribution(&mut transcript, pk, sig_params)?;
}
Expand Down Expand Up @@ -1295,49 +1274,70 @@ impl<E: Pairing> Proof<E> {
let pub_inp = s
.get_public_inputs(&proof_spec.setup_params, s_idx)?
.to_vec();
let mut resp = BTreeMap::new();
for i in 0..verifying_key.commit_witness_count as usize {
let wit_ref = (s_idx, i);
for (i, eq) in disjoint_equalities.iter().enumerate() {
if eq.has_wit_ref(&wit_ref) {
if let Some(r) = resp_for_equalities.get(&i) {
resp.insert(i, *r);
} else {
return Err(
ProofSystemError::ResponseForWitnessNotFoundForStatement(
s_idx,
),
);
}
// Exit loop because equalities are disjoint
break;
}
}
}

match proof {
StatementProof::R1CSLegoGroth16(ref r1cs_proof) => sp
.verify_proof_contribution(
StatementProof::R1CSLegoGroth16(ref r1cs_proof) => {
for w_id in 0..verifying_key.commit_witness_count as usize {
let w_ref = (s_idx, w_id);
for (i, eq) in disjoint_equalities.iter().enumerate() {
if eq.has_wit_ref(&w_ref) {
let resp =
r1cs_proof.get_schnorr_response_for_message(w_id)?;
if let Some(r) = resp_for_equalities.get(&i) {
if resp != r {
return Err(
ProofSystemError::WitnessResponseNotEqual(
s_idx, w_id,
),
);
}
} else {
resp_for_equalities.insert(i, *resp);
}
}
}
}
sp.verify_proof_contribution(
&challenge,
&pub_inp,
r1cs_proof,
r1cs_comm_keys.get(s_idx).unwrap(),
derived_lego_vk.get(s_idx).unwrap(),
&mut pairing_checker,
resp,
)?,
)?
}
StatementProof::R1CSLegoGroth16WithAggregation(ref r1cs_proof) => {
let agg_idx = agg_lego_stmts.get(&s_idx).ok_or_else(|| {
ProofSystemError::InvalidStatementProofIndex(s_idx)
})?;
agg_lego[*agg_idx].0.push(r1cs_proof.commitment);
agg_lego[*agg_idx].1.push(pub_inp);

for w_id in 0..verifying_key.commit_witness_count as usize {
let w_ref = (s_idx, w_id);
for (i, eq) in disjoint_equalities.iter().enumerate() {
if eq.has_wit_ref(&w_ref) {
let resp =
r1cs_proof.get_schnorr_response_for_message(w_id)?;
if let Some(r) = resp_for_equalities.get(&i) {
if resp != r {
return Err(
ProofSystemError::WitnessResponseNotEqual(
s_idx, w_id,
),
);
}
} else {
resp_for_equalities.insert(i, *resp);
}
}
}
}

sp.verify_proof_contribution_using_prepared_when_aggregating_snark(
&challenge,
r1cs_proof,
r1cs_comm_keys.get(s_idx).unwrap(),
resp,
)?
}
_ => {
Expand Down Expand Up @@ -1774,14 +1774,12 @@ impl<E: Pairing> Proof<E> {
if let Some(r) = resp_for_equalities.get(&i) {
resp = Some(*r);
} else {
return Err(ProofSystemError::ResponseForWitnessNotFoundForStatement(
s_idx,
));
return Err(ProofSystemError::NoResponseFoundForWitnessRef(s_idx, 0));
}
// Exit loop because equalities are disjoint
break;
}
}
resp.ok_or_else(|| ProofSystemError::ResponseForWitnessNotFoundForStatement(s_idx))
resp.ok_or_else(|| ProofSystemError::NoResponseFoundForWitnessRef(s_idx, 0))
}
}

0 comments on commit 0405015

Please sign in to comment.