small interface update, add example in readme

2026-01-12 00:41:35 +01:00 · 2022-07-10 19:24:12 +02:00
parent 4f9b0a4baf
commit 0dce0668ce
2 changed files with 57 additions and 11 deletions
--- a/README.md
+++ b/README.md
@@ -4,3 +4,45 @@ Inner Product Argument (IPA) version from Halo paper (https://eprint.iacr.org/20


 > Warning: do not use this code in production.
+
+### Example
+
+```rust
+let mut ipa = IPA::new(8);
+
+let a = vec![
+    F::from(1 as u32),
+    F::from(2 as u32),
+    F::from(3 as u32),
+    F::from(4 as u32),
+    F::from(5 as u32),
+    F::from(6 as u32),
+    F::from(7 as u32),
+    F::from(8 as u32),
+];
+
+
+let r = F::rand(&mut ipa.rng);
+
+// prover commits
+let P = ipa.commit(&a, r).unwrap();
+
+
+// verifier sets challenges
+let U = EdwardsProjective::rand(&mut ipa.rng);
+let k = (f64::from(ipa.d as u32).log2()) as usize;
+let mut u: Vec<F> = vec![F::zero(); k];
+for j in 0..k {
+    u[j] = F::rand(&mut ipa.rng);
+}
+let x = F::from(3 as u32);
+
+// prover opens at the challenges
+let b = powers_of(x, ipa.d);
+let v = inner_product_field(&a, &b).unwrap();
+let proof = ipa.prove(&a, &b, &u, &U).unwrap();
+
+// verifier
+let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
+assert!(verif);
+```
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -44,7 +44,7 @@ impl IPA {
        Ok(inner_product_point(a, &self.Gs)? + self.H.mul(r.into_repr()))
    }

-    pub fn ipa(
+    pub fn prove(
        &mut self,
        a: &[Fr],
        b: &[Fr],
@@ -118,13 +118,16 @@ impl IPA {
    pub fn verify(
        &self,
        x: &Fr,
+        v: &Fr,
        P: &EdwardsProjective,
        p: &Proof,
        r: &Fr,
        u: &[Fr],
        U: &EdwardsProjective,
    ) -> Result<bool, String> {
-        let mut q_0 = *P;
+        let P = *P + U.mul(v.into_repr());
+
+        let mut q_0 = P;
        let mut r = *r;

        // compute b & G from s
@@ -333,26 +336,27 @@ mod tests {
            Fr::from(8 as u32),
        ];

-        let x = Fr::from(3 as u32);
-        let b = powers_of(x, ipa.d);
-
        let r = Fr::rand(&mut ipa.rng);

-        let mut P = ipa.commit(&a, r).unwrap();
-        let v = inner_product_field(&a, &b).unwrap();
+        // prover commits
+        let P = ipa.commit(&a, r).unwrap();

+        // verifier sets challenges
        let U = EdwardsProjective::rand(&mut ipa.rng);
-
        let k = (f64::from(ipa.d as u32).log2()) as usize;
        let mut u: Vec<Fr> = vec![Fr::zero(); k];
        for j in 0..k {
            u[j] = Fr::rand(&mut ipa.rng);
        }
+        let x = Fr::from(3 as u32);

-        P = P + U.mul(v.into_repr());
+        // prover opens at the challenges
+        let b = powers_of(x, ipa.d);
+        let v = inner_product_field(&a, &b).unwrap();
+        let proof = ipa.prove(&a, &b, &u, &U).unwrap();

-        let proof = ipa.ipa(&a, &b, &u, &U).unwrap();
-        let verif = ipa.verify(&x, &P, &proof, &r, &u, &U).unwrap();
+        // verifier
+        let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
        assert!(verif);
    }
 }