Safe Haskell | None |
---|---|
Language | Haskell2010 |
Synopsis
- data RangeProof = RangeProof {}
- data RangeProofError
- data LRPolys = LRPolys {}
- data TPoly = TPoly {}
- delta :: Integer -> Fq -> Fq -> Fq
- checkRange :: Integer -> Integer -> Bool
- reversedEncodeBit :: Integer -> Fq -> [Fq]
- complementaryVector :: Num a => [a] -> [a]
- chooseBlindingVectors :: MonadRandom m => Integer -> m ([Fq], [Fq])
- commitBitVectors :: MonadRandom m => Fq -> Fq -> [Fq] -> [Fq] -> [Fq] -> [Fq] -> m (Point, Point)
- computeLRCommitment :: Integer -> Point -> Point -> Fq -> Fq -> Fq -> Fq -> Fq -> Fq -> [Point] -> Point
- obfuscateEncodedBits :: Integer -> [Fq] -> [Fq] -> Fq -> Fq -> Fq
- obfuscateEncodedBitsSingle :: Integer -> [Fq] -> [Fq] -> Fq -> Fq -> Fq
Documentation
data RangeProof Source #
RangeProof | |
|
Instances
Eq RangeProof Source # | |
Defined in Bulletproofs.RangeProof.Internal (==) :: RangeProof -> RangeProof -> Bool # (/=) :: RangeProof -> RangeProof -> Bool # | |
Show RangeProof Source # | |
Defined in Bulletproofs.RangeProof.Internal showsPrec :: Int -> RangeProof -> ShowS # show :: RangeProof -> String # showList :: [RangeProof] -> ShowS # |
data RangeProofError Source #
UpperBoundTooLarge Integer | The upper bound of the range is too large |
ValueNotInRange Integer | Value is not within the range required |
NNotPowerOf2 Integer | Dimension n is required to be a power of 2 |
Instances
Show RangeProofError Source # | |
Defined in Bulletproofs.RangeProof.Internal showsPrec :: Int -> RangeProofError -> ShowS # show :: RangeProofError -> String # showList :: [RangeProofError] -> ShowS # |
checkRange :: Integer -> Integer -> Bool Source #
Check that a value is in aCommit sCommitpecific range
reversedEncodeBit :: Integer -> Fq -> [Fq] Source #
Bits of v reversed. v = 2^n = a_0 * 2^0 + ... + a_n-1 * 2^(n-1)
complementaryVector :: Num a => [a] -> [a] Source #
In order to prove that v is in range, each element of aL is either 0 or 1. We construct a “complementary” vector aR = aL − 1^n and require that aL ◦ aR = 0 hold.
chooseBlindingVectors :: MonadRandom m => Integer -> m ([Fq], [Fq]) Source #
commitBitVectors :: MonadRandom m => Fq -> Fq -> [Fq] -> [Fq] -> [Fq] -> [Fq] -> m (Point, Point) Source #
We need to blind the vectors aL, aR to make the proof zero knowledge. The Prover creates randomly vectors sL and sR. On creating these, the Prover can send commitments to these vectors; these are properly blinded vector Pedersen commitments:
computeLRCommitment :: Integer -> Point -> Point -> Fq -> Fq -> Fq -> Fq -> Fq -> Fq -> [Point] -> Point Source #
Compute commitment of linear vector polynomials l and r P = A + xS − zG + (z*y^n + z^2 * 2^n) * hs'
obfuscateEncodedBits :: Integer -> [Fq] -> [Fq] -> Fq -> Fq -> Fq Source #
Obfuscate encoded bits with challenges y and z. z^2 * 2^n + z * − 1^n − aR, y^n + aR · y^n = (z^2) * v The property holds because − 1^n − aR, y^n = 0 and · aR, y^n = 0