small interface update, add example in readme

2 years ago · 0dce0668ce
2 changed files with 57 additions and 11 deletions
--- a/README.md
+++ b/README.md
@ -4,3 +4,45 @@ Inner Product Argument (IPA) version from Halo paper (https://eprint.iacr.org/20


 > Warning: do not use this code in production.

 ### Example

 ```rust
 let mut ipa = IPA::new(8);

 let a = vec![
    F::from(1 as u32),
    F::from(2 as u32),
    F::from(3 as u32),
    F::from(4 as u32),
    F::from(5 as u32),
    F::from(6 as u32),
    F::from(7 as u32),
    F::from(8 as u32),
 ];


 let r = F::rand(&mut ipa.rng);

 // prover commits
 let P = ipa.commit(&a, r).unwrap();


 // verifier sets challenges
 let U = EdwardsProjective::rand(&mut ipa.rng);
 let k = (f64::from(ipa.d as u32).log2()) as usize;
 let mut u: Vec<F> = vec![F::zero(); k];
 for j in 0..k {
    u[j] = F::rand(&mut ipa.rng);
 }
 let x = F::from(3 as u32);

 // prover opens at the challenges
 let b = powers_of(x, ipa.d);
 let v = inner_product_field(&a, &b).unwrap();
 let proof = ipa.prove(&a, &b, &u, &U).unwrap();

 // verifier
 let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
 assert!(verif);
 ```
--- a/src/lib.rs
+++ b/src/lib.rs
@ -44,7 +44,7 @@ impl IPA {
        Ok(inner_product_point(a, &self.Gs)? + self.H.mul(r.into_repr()))
    }

    pub fn ipa(
    pub fn prove(
        &mut self,
        a: &[Fr],
        b: &[Fr],
@ -118,13 +118,16 @@ impl IPA {
    pub fn verify(
        &self,
        x: &Fr,
        v: &Fr,
        P: &EdwardsProjective,
        p: &Proof,
        r: &Fr,
        u: &[Fr],
        U: &EdwardsProjective,
    ) -> Result<bool, String> {
        let mut q_0 = *P;
        let P = *P + U.mul(v.into_repr());

        let mut q_0 = P;
        let mut r = *r;

        // compute b & G from s
@ -333,26 +336,27 @@ mod tests {
            Fr::from(8 as u32),
        ];

        let x = Fr::from(3 as u32);
        let b = powers_of(x, ipa.d);

        let r = Fr::rand(&mut ipa.rng);

        let mut P = ipa.commit(&a, r).unwrap();
        let v = inner_product_field(&a, &b).unwrap();
        // prover commits
        let P = ipa.commit(&a, r).unwrap();

        // verifier sets challenges
        let U = EdwardsProjective::rand(&mut ipa.rng);

        let k = (f64::from(ipa.d as u32).log2()) as usize;
        let mut u: Vec<Fr> = vec![Fr::zero(); k];
        for j in 0..k {
            u[j] = Fr::rand(&mut ipa.rng);
        }
        let x = Fr::from(3 as u32);

        P = P + U.mul(v.into_repr());
        // prover opens at the challenges
        let b = powers_of(x, ipa.d);
        let v = inner_product_field(&a, &b).unwrap();
        let proof = ipa.prove(&a, &b, &u, &U).unwrap();

        let proof = ipa.ipa(&a, &b, &u, &U).unwrap();
        let verif = ipa.verify(&x, &P, &proof, &r, &u, &U).unwrap();
        // verifier
        let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
        assert!(verif);
    }
 }