mirror of
https://github.com/arnaucube/schnorr.git
synced 2026-01-12 08:51:33 +01:00
Merge pull request #1 from arnaucube/master
make structs&methods public for external usage
This commit is contained in:
tideofwords
GitHub
@@ -1,3 +1,3 @@
|
|||||||
mod mod65537;
|
pub mod mod65537;
|
||||||
mod schnorr;
|
pub mod schnorr;
|
||||||
mod schnorr_prover;
|
pub mod schnorr_prover;
|
||||||
|
|||||||
@@ -1,18 +1,12 @@
|
|||||||
use anyhow::Result;
|
use anyhow::Result;
|
||||||
|
|
||||||
|
use plonky2::field::{goldilocks_field::GoldilocksField, types::Field};
|
||||||
|
use plonky2::hash::poseidon::PoseidonHash;
|
||||||
use plonky2::iop::{
|
use plonky2::iop::{
|
||||||
target::{BoolTarget, Target},
|
target::{BoolTarget, Target},
|
||||||
witness::{PartialWitness, WitnessWrite},
|
witness::{PartialWitness, WitnessWrite},
|
||||||
};
|
};
|
||||||
use plonky2::field::{
|
use plonky2::plonk::{circuit_builder::CircuitBuilder, config::GenericConfig};
|
||||||
goldilocks_field::GoldilocksField,
|
|
||||||
types::Field,
|
|
||||||
};
|
|
||||||
use plonky2::hash::poseidon::PoseidonHash;
|
|
||||||
use plonky2::plonk::{
|
|
||||||
circuit_builder::CircuitBuilder,
|
|
||||||
config::GenericConfig,
|
|
||||||
};
|
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
mod65537::Mod65537Builder,
|
mod65537::Mod65537Builder,
|
||||||
@@ -28,17 +22,17 @@ type GoldF = GoldilocksField;
|
|||||||
// This is intended solely as a proof of concept.
|
// This is intended solely as a proof of concept.
|
||||||
|
|
||||||
pub struct MessageTarget {
|
pub struct MessageTarget {
|
||||||
msg: Vec<Target>,
|
pub msg: Vec<Target>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl MessageTarget {
|
impl MessageTarget {
|
||||||
fn new_with_size(builder: &mut CircuitBuilder<GoldF, 2>, n: usize) -> Self {
|
pub fn new_with_size(builder: &mut CircuitBuilder<GoldF, 2>, n: usize) -> Self {
|
||||||
Self {
|
Self {
|
||||||
msg: builder.add_virtual_targets(n),
|
msg: builder.add_virtual_targets(n),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn set_witness(&self, pw: &mut PartialWitness<GoldF>, msg: &Vec<GoldF>) -> Result<()> {
|
pub fn set_witness(&self, pw: &mut PartialWitness<GoldF>, msg: &Vec<GoldF>) -> Result<()> {
|
||||||
assert!(msg.len() == self.msg.len());
|
assert!(msg.len() == self.msg.len());
|
||||||
for (&t, &x) in self.msg.iter().zip(msg.iter()) {
|
for (&t, &x) in self.msg.iter().zip(msg.iter()) {
|
||||||
pw.set_target(t, x)?;
|
pw.set_target(t, x)?;
|
||||||
@@ -54,13 +48,17 @@ pub struct SchnorrSignatureTarget {
|
|||||||
}
|
}
|
||||||
|
|
||||||
impl SchnorrSignatureTarget {
|
impl SchnorrSignatureTarget {
|
||||||
fn new_virtual(builder: &mut CircuitBuilder<GoldF, 2>) -> Self {
|
pub fn new_virtual(builder: &mut CircuitBuilder<GoldF, 2>) -> Self {
|
||||||
let s = builder.add_virtual_target();
|
let s = builder.add_virtual_target();
|
||||||
let e = builder.add_virtual_target();
|
let e = builder.add_virtual_target();
|
||||||
Self{ s, e }
|
Self { s, e }
|
||||||
}
|
}
|
||||||
|
|
||||||
fn set_witness(&self, pw: &mut PartialWitness<GoldF>, sig: &SchnorrSignature) -> Result<()> {
|
pub fn set_witness(
|
||||||
|
&self,
|
||||||
|
pw: &mut PartialWitness<GoldF>,
|
||||||
|
sig: &SchnorrSignature,
|
||||||
|
) -> Result<()> {
|
||||||
pw.set_target(self.s, GoldilocksField::from_canonical_u64(sig.s))?;
|
pw.set_target(self.s, GoldilocksField::from_canonical_u64(sig.s))?;
|
||||||
pw.set_target(self.e, GoldilocksField::from_canonical_u64(sig.e))?;
|
pw.set_target(self.e, GoldilocksField::from_canonical_u64(sig.e))?;
|
||||||
Ok(())
|
Ok(())
|
||||||
@@ -72,11 +70,13 @@ pub struct SchnorrPublicKeyTarget {
|
|||||||
}
|
}
|
||||||
|
|
||||||
impl SchnorrPublicKeyTarget {
|
impl SchnorrPublicKeyTarget {
|
||||||
fn new_virtual(builder: &mut CircuitBuilder<GoldF, 2>) -> Self {
|
pub fn new_virtual(builder: &mut CircuitBuilder<GoldF, 2>) -> Self {
|
||||||
Self{ pk: builder.add_virtual_target() }
|
Self {
|
||||||
|
pk: builder.add_virtual_target(),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn set_witness(&self, pw: &mut PartialWitness<GoldF>, pk: &SchnorrPublicKey) -> Result<()> {
|
pub fn set_witness(&self, pw: &mut PartialWitness<GoldF>, pk: &SchnorrPublicKey) -> Result<()> {
|
||||||
pw.set_target(self.pk, pk.pk)?;
|
pw.set_target(self.pk, pk.pk)?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
@@ -85,21 +85,17 @@ impl SchnorrPublicKeyTarget {
|
|||||||
pub struct SchnorrBuilder {}
|
pub struct SchnorrBuilder {}
|
||||||
|
|
||||||
pub trait SignatureVerifierBuilder {
|
pub trait SignatureVerifierBuilder {
|
||||||
fn constrain_sig <
|
fn constrain_sig<C: GenericConfig<2, F = GoldF>>(
|
||||||
C: GenericConfig<2, F = GoldF>,
|
|
||||||
> (
|
|
||||||
&self,
|
&self,
|
||||||
builder: &mut CircuitBuilder::<GoldF, 2>,
|
builder: &mut CircuitBuilder<GoldF, 2>,
|
||||||
sig: &SchnorrSignatureTarget,
|
sig: &SchnorrSignatureTarget,
|
||||||
msg: &MessageTarget,
|
msg: &MessageTarget,
|
||||||
pk: &SchnorrPublicKeyTarget,
|
pk: &SchnorrPublicKeyTarget,
|
||||||
);
|
);
|
||||||
|
|
||||||
fn verify_sig <
|
fn verify_sig<C: GenericConfig<2, F = GoldF>>(
|
||||||
C: GenericConfig<2, F = GoldF>,
|
|
||||||
> (
|
|
||||||
&self,
|
&self,
|
||||||
builder: &mut CircuitBuilder::<GoldF, 2>,
|
builder: &mut CircuitBuilder<GoldF, 2>,
|
||||||
sig: &SchnorrSignatureTarget,
|
sig: &SchnorrSignatureTarget,
|
||||||
msg: &MessageTarget,
|
msg: &MessageTarget,
|
||||||
pk: &SchnorrPublicKeyTarget,
|
pk: &SchnorrPublicKeyTarget,
|
||||||
@@ -107,11 +103,9 @@ pub trait SignatureVerifierBuilder {
|
|||||||
}
|
}
|
||||||
|
|
||||||
impl SignatureVerifierBuilder for SchnorrBuilder {
|
impl SignatureVerifierBuilder for SchnorrBuilder {
|
||||||
fn constrain_sig <
|
fn constrain_sig<C: GenericConfig<2, F = GoldF>>(
|
||||||
C: GenericConfig<2, F = GoldF>,
|
|
||||||
> (
|
|
||||||
&self,
|
&self,
|
||||||
builder: &mut CircuitBuilder::<GoldF, 2>,
|
builder: &mut CircuitBuilder<GoldF, 2>,
|
||||||
sig: &SchnorrSignatureTarget,
|
sig: &SchnorrSignatureTarget,
|
||||||
msg: &MessageTarget,
|
msg: &MessageTarget,
|
||||||
pk: &SchnorrPublicKeyTarget,
|
pk: &SchnorrPublicKeyTarget,
|
||||||
@@ -121,16 +115,15 @@ impl SignatureVerifierBuilder for SchnorrBuilder {
|
|||||||
builder.connect(verification_output.target, true_target.target);
|
builder.connect(verification_output.target, true_target.target);
|
||||||
}
|
}
|
||||||
|
|
||||||
fn verify_sig <
|
fn verify_sig<C: GenericConfig<2, F = GoldF>>(
|
||||||
C: GenericConfig<2, F = GoldF>,
|
|
||||||
> (
|
|
||||||
&self,
|
&self,
|
||||||
builder: &mut CircuitBuilder::<GoldF, 2>,
|
builder: &mut CircuitBuilder<GoldF, 2>,
|
||||||
sig: &SchnorrSignatureTarget,
|
sig: &SchnorrSignatureTarget,
|
||||||
msg: &MessageTarget,
|
msg: &MessageTarget,
|
||||||
pk: &SchnorrPublicKeyTarget,
|
pk: &SchnorrPublicKeyTarget,
|
||||||
) -> BoolTarget {
|
) -> BoolTarget {
|
||||||
let PRIME_GROUP_GEN: Target = builder.constant(GoldF::from_canonical_u64(6612579038192137166));
|
let PRIME_GROUP_GEN: Target =
|
||||||
|
builder.constant(GoldF::from_canonical_u64(6612579038192137166));
|
||||||
let PRIME_GROUP_ORDER: Target = builder.constant(GoldF::from_canonical_u64(65537));
|
let PRIME_GROUP_ORDER: Target = builder.constant(GoldF::from_canonical_u64(65537));
|
||||||
const num_bits_exp: usize = 32;
|
const num_bits_exp: usize = 32;
|
||||||
|
|
||||||
@@ -147,12 +140,10 @@ impl SignatureVerifierBuilder for SchnorrBuilder {
|
|||||||
|
|
||||||
// compute hash
|
// compute hash
|
||||||
// note that it's safe to clone Targets since they just contain indices
|
// note that it's safe to clone Targets since they just contain indices
|
||||||
let hash_input: Vec<Target> = std::iter::once(r)
|
let hash_input: Vec<Target> = std::iter::once(r).chain(msg.msg.iter().cloned()).collect();
|
||||||
.chain(msg.msg.iter().cloned())
|
let hash_output: Target = builder
|
||||||
.collect();
|
.hash_n_to_hash_no_pad::<PoseidonHash>(hash_input)
|
||||||
let hash_output: Target = builder.hash_n_to_hash_no_pad::<PoseidonHash>(
|
.elements[0]; // whoops have to take mod group order;
|
||||||
hash_input,
|
|
||||||
).elements[0]; // whoops have to take mod group order;
|
|
||||||
|
|
||||||
let e: Target = Mod65537Builder::mod_65537(builder, hash_output);
|
let e: Target = Mod65537Builder::mod_65537(builder, hash_output);
|
||||||
|
|
||||||
@@ -162,16 +153,19 @@ impl SignatureVerifierBuilder for SchnorrBuilder {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests{
|
mod tests {
|
||||||
use crate::schnorr::{SchnorrPublicKey, SchnorrSecretKey, SchnorrSigner, SchnorrSignature};
|
use crate::schnorr::{SchnorrPublicKey, SchnorrSecretKey, SchnorrSignature, SchnorrSigner};
|
||||||
use crate::schnorr_prover::{MessageTarget, SchnorrBuilder, SchnorrPublicKeyTarget, SchnorrSignatureTarget, SignatureVerifierBuilder};
|
use crate::schnorr_prover::{
|
||||||
|
MessageTarget, SchnorrBuilder, SchnorrPublicKeyTarget, SchnorrSignatureTarget,
|
||||||
|
SignatureVerifierBuilder,
|
||||||
|
};
|
||||||
|
use plonky2::field::goldilocks_field::GoldilocksField;
|
||||||
use plonky2::iop::witness::PartialWitness;
|
use plonky2::iop::witness::PartialWitness;
|
||||||
use plonky2::plonk::{
|
use plonky2::plonk::{
|
||||||
circuit_builder::CircuitBuilder,
|
circuit_builder::CircuitBuilder,
|
||||||
circuit_data::CircuitConfig,
|
circuit_data::CircuitConfig,
|
||||||
config::{GenericConfig, PoseidonGoldilocksConfig},
|
config::{GenericConfig, PoseidonGoldilocksConfig},
|
||||||
};
|
};
|
||||||
use plonky2::field::goldilocks_field::GoldilocksField;
|
|
||||||
use rand;
|
use rand;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
@@ -185,15 +179,13 @@ mod tests{
|
|||||||
let config = CircuitConfig::standard_recursion_config();
|
let config = CircuitConfig::standard_recursion_config();
|
||||||
let mut builder = CircuitBuilder::<F, D>::new(config);
|
let mut builder = CircuitBuilder::<F, D>::new(config);
|
||||||
|
|
||||||
let sb: SchnorrBuilder = SchnorrBuilder{};
|
let sb: SchnorrBuilder = SchnorrBuilder {};
|
||||||
|
|
||||||
// create keypair, message, signature
|
// create keypair, message, signature
|
||||||
let sk: SchnorrSecretKey = SchnorrSecretKey{ sk: 133 };
|
let sk: SchnorrSecretKey = SchnorrSecretKey { sk: 133 };
|
||||||
let ss = SchnorrSigner::new();
|
let ss = SchnorrSigner::new();
|
||||||
let pk: SchnorrPublicKey = ss.keygen(&sk);
|
let pk: SchnorrPublicKey = ss.keygen(&sk);
|
||||||
let msg: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(
|
let msg: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(vec![1500, 1600, 0, 0, 0]);
|
||||||
vec![1500, 1600, 0, 0, 0]
|
|
||||||
);
|
|
||||||
let msg_size: usize = msg.len();
|
let msg_size: usize = msg.len();
|
||||||
let sig: SchnorrSignature = ss.sign(&msg, &sk, &mut rng);
|
let sig: SchnorrSignature = ss.sign(&msg, &sk, &mut rng);
|
||||||
|
|
||||||
@@ -201,12 +193,7 @@ mod tests{
|
|||||||
let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder);
|
let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder);
|
||||||
let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size);
|
let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size);
|
||||||
|
|
||||||
sb.constrain_sig::<PoseidonGoldilocksConfig> (
|
sb.constrain_sig::<PoseidonGoldilocksConfig>(&mut builder, &sig_targ, &msg_targ, &pk_targ);
|
||||||
&mut builder,
|
|
||||||
&sig_targ,
|
|
||||||
&msg_targ,
|
|
||||||
&pk_targ
|
|
||||||
);
|
|
||||||
|
|
||||||
// assign witnesses for verification
|
// assign witnesses for verification
|
||||||
let mut pw: PartialWitness<F> = PartialWitness::new();
|
let mut pw: PartialWitness<F> = PartialWitness::new();
|
||||||
@@ -214,7 +201,6 @@ mod tests{
|
|||||||
sig_targ.set_witness(&mut pw, &sig).unwrap();
|
sig_targ.set_witness(&mut pw, &sig).unwrap();
|
||||||
msg_targ.set_witness(&mut pw, &msg).unwrap();
|
msg_targ.set_witness(&mut pw, &msg).unwrap();
|
||||||
|
|
||||||
|
|
||||||
let data = builder.build::<C>();
|
let data = builder.build::<C>();
|
||||||
let proof = data.prove(pw).unwrap();
|
let proof = data.prove(pw).unwrap();
|
||||||
}
|
}
|
||||||
@@ -230,32 +216,24 @@ mod tests{
|
|||||||
let config = CircuitConfig::standard_recursion_config();
|
let config = CircuitConfig::standard_recursion_config();
|
||||||
let mut builder = CircuitBuilder::<F, D>::new(config);
|
let mut builder = CircuitBuilder::<F, D>::new(config);
|
||||||
|
|
||||||
let sb: SchnorrBuilder = SchnorrBuilder{};
|
let sb: SchnorrBuilder = SchnorrBuilder {};
|
||||||
|
|
||||||
// create keypair, message, signature
|
// create keypair, message, signature
|
||||||
let sk: SchnorrSecretKey = SchnorrSecretKey{ sk: 133 };
|
let sk: SchnorrSecretKey = SchnorrSecretKey { sk: 133 };
|
||||||
let ss = SchnorrSigner::new();
|
let ss = SchnorrSigner::new();
|
||||||
let pk: SchnorrPublicKey = ss.keygen(&sk);
|
let pk: SchnorrPublicKey = ss.keygen(&sk);
|
||||||
let msg0: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(
|
let msg0: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(vec![1500, 1600, 0, 0, 0]);
|
||||||
vec![1500, 1600, 0, 0, 0]
|
|
||||||
);
|
|
||||||
let msg_size: usize = msg0.len();
|
let msg_size: usize = msg0.len();
|
||||||
let sig: SchnorrSignature = ss.sign(&msg0, &sk, &mut rng);
|
let sig: SchnorrSignature = ss.sign(&msg0, &sk, &mut rng);
|
||||||
|
|
||||||
let msg1: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(
|
let msg1: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(vec![1510, 1600, 0, 0, 0]);
|
||||||
vec![1510, 1600, 0, 0, 0]
|
|
||||||
);
|
|
||||||
|
|
||||||
let pk_targ = SchnorrPublicKeyTarget::new_virtual(&mut builder);
|
let pk_targ = SchnorrPublicKeyTarget::new_virtual(&mut builder);
|
||||||
let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder);
|
let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder);
|
||||||
let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size);
|
let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size);
|
||||||
|
|
||||||
let verification_result = sb.verify_sig::<PoseidonGoldilocksConfig> (
|
let verification_result =
|
||||||
&mut builder,
|
sb.verify_sig::<PoseidonGoldilocksConfig>(&mut builder, &sig_targ, &msg_targ, &pk_targ);
|
||||||
&sig_targ,
|
|
||||||
&msg_targ,
|
|
||||||
&pk_targ
|
|
||||||
);
|
|
||||||
|
|
||||||
// assign witnesses for verification
|
// assign witnesses for verification
|
||||||
let mut pw: PartialWitness<F> = PartialWitness::new();
|
let mut pw: PartialWitness<F> = PartialWitness::new();
|
||||||
@@ -283,32 +261,24 @@ mod tests{
|
|||||||
let config = CircuitConfig::standard_recursion_config();
|
let config = CircuitConfig::standard_recursion_config();
|
||||||
let mut builder = CircuitBuilder::<F, D>::new(config);
|
let mut builder = CircuitBuilder::<F, D>::new(config);
|
||||||
|
|
||||||
let sb: SchnorrBuilder = SchnorrBuilder{};
|
let sb: SchnorrBuilder = SchnorrBuilder {};
|
||||||
|
|
||||||
// create keypair, message, signature
|
// create keypair, message, signature
|
||||||
let sk: SchnorrSecretKey = SchnorrSecretKey{ sk: 133 };
|
let sk: SchnorrSecretKey = SchnorrSecretKey { sk: 133 };
|
||||||
let ss = SchnorrSigner::new();
|
let ss = SchnorrSigner::new();
|
||||||
let pk: SchnorrPublicKey = ss.keygen(&sk);
|
let pk: SchnorrPublicKey = ss.keygen(&sk);
|
||||||
let msg0: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(
|
let msg0: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(vec![1500, 1600, 0, 0, 0]);
|
||||||
vec![1500, 1600, 0, 0, 0]
|
|
||||||
);
|
|
||||||
let msg_size: usize = msg0.len();
|
let msg_size: usize = msg0.len();
|
||||||
let sig: SchnorrSignature = ss.sign(&msg0, &sk, &mut rng);
|
let sig: SchnorrSignature = ss.sign(&msg0, &sk, &mut rng);
|
||||||
|
|
||||||
let msg1: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(
|
let msg1: Vec<GoldilocksField> = ss.u64_into_goldilocks_vec(vec![1510, 1600, 0, 0, 0]);
|
||||||
vec![1510, 1600, 0, 0, 0]
|
|
||||||
);
|
|
||||||
|
|
||||||
let pk_targ = SchnorrPublicKeyTarget::new_virtual(&mut builder);
|
let pk_targ = SchnorrPublicKeyTarget::new_virtual(&mut builder);
|
||||||
let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder);
|
let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder);
|
||||||
let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size);
|
let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size);
|
||||||
|
|
||||||
let verification_result = sb.verify_sig::<PoseidonGoldilocksConfig> (
|
let verification_result =
|
||||||
&mut builder,
|
sb.verify_sig::<PoseidonGoldilocksConfig>(&mut builder, &sig_targ, &msg_targ, &pk_targ);
|
||||||
&sig_targ,
|
|
||||||
&msg_targ,
|
|
||||||
&pk_targ
|
|
||||||
);
|
|
||||||
|
|
||||||
// assign witnesses for verification
|
// assign witnesses for verification
|
||||||
let mut pw: PartialWitness<F> = PartialWitness::new();
|
let mut pw: PartialWitness<F> = PartialWitness::new();
|
||||||
@@ -323,4 +293,4 @@ mod tests{
|
|||||||
let data = builder.build::<C>();
|
let data = builder.build::<C>();
|
||||||
let proof = data.prove(pw).unwrap();
|
let proof = data.prove(pw).unwrap();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user