small interface update, add example in readme

2026-01-12 08:51:31 +01:00 · 2022-07-10 19:24:12 +02:00
parent 4f9b0a4baf
commit 0dce0668ce
2 changed files with 57 additions and 11 deletions
--- a/README.md
+++ b/README.md
@@ -4,3 +4,45 @@ Inner Product Argument (IPA) version from Halo paper (https://eprint.iacr.org/20
 > Warning: do not use this code in production.
 ### Example
 ```rust
 let mut ipa = IPA::new(8);
 let a = vec![
    F::from(1 as u32),
    F::from(2 as u32),
    F::from(3 as u32),
    F::from(4 as u32),
    F::from(5 as u32),
    F::from(6 as u32),
    F::from(7 as u32),
    F::from(8 as u32),
 ];
 let r = F::rand(&mut ipa.rng);
 // prover commits
 let P = ipa.commit(&a, r).unwrap();
 // verifier sets challenges
 let U = EdwardsProjective::rand(&mut ipa.rng);
 let k = (f64::from(ipa.d as u32).log2()) as usize;
 let mut u: Vec<F> = vec![F::zero(); k];
 for j in 0..k {
    u[j] = F::rand(&mut ipa.rng);
 }
 let x = F::from(3 as u32);
 // prover opens at the challenges
 let b = powers_of(x, ipa.d);
 let v = inner_product_field(&a, &b).unwrap();
 let proof = ipa.prove(&a, &b, &u, &U).unwrap();
 // verifier
 let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
 assert!(verif);
 ```
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -44,7 +44,7 @@ impl IPA {
        Ok(inner_product_point(a, &self.Gs)? + self.H.mul(r.into_repr()))
    }
-    pub fn ipa(
+    pub fn prove(
        &mut self,
        a: &[Fr],
        b: &[Fr],
@@ -118,13 +118,16 @@ impl IPA {
    pub fn verify(
        &self,
        x: &Fr,
        v: &Fr,
        P: &EdwardsProjective,
        p: &Proof,
        r: &Fr,
        u: &[Fr],
        U: &EdwardsProjective,
    ) -> Result<bool, String> {
-        let mut q_0 = *P;
+        let P = *P + U.mul(v.into_repr());
        let mut q_0 = P;
        let mut r = *r;
        // compute b & G from s
@@ -333,26 +336,27 @@ mod tests {
            Fr::from(8 as u32),
        ];
        let x = Fr::from(3 as u32);
        let b = powers_of(x, ipa.d);
        let r = Fr::rand(&mut ipa.rng);
-        let mut P = ipa.commit(&a, r).unwrap();
+        // prover commits
-        let v = inner_product_field(&a, &b).unwrap();
+        let P = ipa.commit(&a, r).unwrap();
        // verifier sets challenges
        let U = EdwardsProjective::rand(&mut ipa.rng);
        let k = (f64::from(ipa.d as u32).log2()) as usize;
        let mut u: Vec<Fr> = vec![Fr::zero(); k];
        for j in 0..k {
            u[j] = Fr::rand(&mut ipa.rng);
        }
        let x = Fr::from(3 as u32);
-        P = P + U.mul(v.into_repr());
+        // prover opens at the challenges
        let b = powers_of(x, ipa.d);
        let v = inner_product_field(&a, &b).unwrap();
        let proof = ipa.prove(&a, &b, &u, &U).unwrap();
-        let proof = ipa.ipa(&a, &b, &u, &U).unwrap();
+        // verifier
-        let verif = ipa.verify(&x, &P, &proof, &r, &u, &U).unwrap();
+        let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
        assert!(verif);
    }
 }