Safe Haskell	None
Language	Haskell2010

Bulletproofs.ArithmeticCircuit

Synopsis

generateProof :: forall p m. (MonadRandom m, KnownNat p) => ArithCircuit (PrimeField p) -> ArithWitness (PrimeField p) -> m (ArithCircuitProof (PrimeField p))
verifyProof :: KnownNat p => [Point] -> ArithCircuitProof (PrimeField p) -> ArithCircuit (PrimeField p) -> Bool
data ArithCircuitProof f = ArithCircuitProof {
- tBlinding :: f
- mu :: f
- t :: f
- aiCommit :: Point
- aoCommit :: Point
- sCommit :: Point
- tCommits :: [Point]
- productProof :: InnerProductProof f
}
data ArithCircuit f = ArithCircuit {
- weights :: GateWeights f
- commitmentWeights :: [[f]]
- cs :: [f]
}
data ArithWitness f = ArithWitness {
- assignment :: Assignment f
- commitments :: [Point]
- commitBlinders :: [f]
}
data GateWeights f = GateWeights {
- wL :: [[f]]
- wR :: [[f]]
- wO :: [[f]]
}
data Assignment f = Assignment {
- aL :: [f]
- aR :: [f]
- aO :: [f]
}

Documentation

generateProof :: forall p m. (MonadRandom m, KnownNat p) => ArithCircuit (PrimeField p) -> ArithWitness (PrimeField p) -> m (ArithCircuitProof (PrimeField p)) Source #

Generate a zero-knowledge proof of computation for an arithmetic circuit with a valid witness

verifyProof :: KnownNat p => [Point] -> ArithCircuitProof (PrimeField p) -> ArithCircuit (PrimeField p) -> Bool Source #

Verify that a zero-knowledge proof holds for an arithmetic circuit given committed input values

data ArithCircuitProof f Source #

Constructors

ArithCircuitProof

Fields

tBlinding :: f
Blinding factor of the T1 and T2 commitments, combined into the form required to make the committed version of the x-polynomial add up
mu :: f
Blinding factor required for the Verifier to verify commitments A, S
t :: f
Dot product of vectors l and r that prove knowledge of the value in range t = t(x) = l(x) · r(x)
aiCommit :: Point
Commitment to vectors aL and aR
aoCommit :: Point
Commitment to vectors aO
sCommit :: Point
Commitment to new vectors sL, sR, created at random by the Prover
tCommits :: [Point]
Commitments to t1, t3, t4, t5, t6
productProof :: InnerProductProof f

Instances

Eq f => Eq (ArithCircuitProof f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods (==) :: ArithCircuitProof f -> ArithCircuitProof f -> Bool # (/=) :: ArithCircuitProof f -> ArithCircuitProof f -> Bool #
Show f => Show (ArithCircuitProof f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods showsPrec :: Int -> ArithCircuitProof f -> ShowS # show :: ArithCircuitProof f -> String # showList :: [ArithCircuitProof f] -> ShowS #
Generic (ArithCircuitProof f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Associated Types type Rep (ArithCircuitProof f) :: Type -> Type # Methods from :: ArithCircuitProof f -> Rep (ArithCircuitProof f) x # to :: Rep (ArithCircuitProof f) x -> ArithCircuitProof f #
NFData f => NFData (ArithCircuitProof f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods rnf :: ArithCircuitProof f -> () #
type Rep (ArithCircuitProof f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal type Rep (ArithCircuitProof f) = D1 (MetaData "ArithCircuitProof" "Bulletproofs.ArithmeticCircuit.Internal" "bulletproofs-1.0.1-19OL1KfDIOwGdlR0HXS25a" False) (C1 (MetaCons "ArithCircuitProof" PrefixI True) (((S1 (MetaSel (Just "tBlinding") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 f) :: S1 (MetaSel (Just "mu") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 f)) :: (S1 (MetaSel (Just "t") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 f) :: S1 (MetaSel (Just "aiCommit") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 Point))) :: ((S1 (MetaSel (Just "aoCommit") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 Point) :: S1 (MetaSel (Just "sCommit") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 Point)) :: (S1 (MetaSel (Just "tCommits") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [Point]) :*: S1 (MetaSel (Just "productProof") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 (InnerProductProof f))))))

data ArithCircuit f Source #

Constructors

ArithCircuit
Fields weights :: GateWeights f Weights for vectors of left and right inputs and for vector of outputs commitmentWeights :: [[f]] Weigths for a commitments V of rank m cs :: [f] Vector of constants of size Q

Instances

Eq f => Eq (ArithCircuit f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods (==) :: ArithCircuit f -> ArithCircuit f -> Bool # (/=) :: ArithCircuit f -> ArithCircuit f -> Bool #
Show f => Show (ArithCircuit f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods showsPrec :: Int -> ArithCircuit f -> ShowS # show :: ArithCircuit f -> String # showList :: [ArithCircuit f] -> ShowS #
Generic (ArithCircuit f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Associated Types type Rep (ArithCircuit f) :: Type -> Type # Methods from :: ArithCircuit f -> Rep (ArithCircuit f) x # to :: Rep (ArithCircuit f) x -> ArithCircuit f #
KnownNat p => Arbitrary (ArithCircuit (PrimeField p)) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods arbitrary :: Gen (ArithCircuit (PrimeField p)) # shrink :: ArithCircuit (PrimeField p) -> [ArithCircuit (PrimeField p)] #
NFData f => NFData (ArithCircuit f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods rnf :: ArithCircuit f -> () #
type Rep (ArithCircuit f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal type Rep (ArithCircuit f) = D1 (MetaData "ArithCircuit" "Bulletproofs.ArithmeticCircuit.Internal" "bulletproofs-1.0.1-19OL1KfDIOwGdlR0HXS25a" False) (C1 (MetaCons "ArithCircuit" PrefixI True) (S1 (MetaSel (Just "weights") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 (GateWeights f)) :: (S1 (MetaSel (Just "commitmentWeights") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [[f]]) :: S1 (MetaSel (Just "cs") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [f]))))

data ArithWitness f Source #

Constructors

ArithWitness
Fields assignment :: Assignment f Vectors of left and right inputs and vector of outputs commitments :: [Point] Vector of commited input values ∈ F^m commitBlinders :: [f] Vector of blinding factors for input values ∈ F^m

Instances

Eq f => Eq (ArithWitness f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods (==) :: ArithWitness f -> ArithWitness f -> Bool # (/=) :: ArithWitness f -> ArithWitness f -> Bool #
Show f => Show (ArithWitness f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods showsPrec :: Int -> ArithWitness f -> ShowS # show :: ArithWitness f -> String # showList :: [ArithWitness f] -> ShowS #
Generic (ArithWitness f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Associated Types type Rep (ArithWitness f) :: Type -> Type # Methods from :: ArithWitness f -> Rep (ArithWitness f) x # to :: Rep (ArithWitness f) x -> ArithWitness f #
KnownNat p => Arbitrary (ArithWitness (PrimeField p)) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods arbitrary :: Gen (ArithWitness (PrimeField p)) # shrink :: ArithWitness (PrimeField p) -> [ArithWitness (PrimeField p)] #
NFData f => NFData (ArithWitness f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods rnf :: ArithWitness f -> () #
type Rep (ArithWitness f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal type Rep (ArithWitness f) = D1 (MetaData "ArithWitness" "Bulletproofs.ArithmeticCircuit.Internal" "bulletproofs-1.0.1-19OL1KfDIOwGdlR0HXS25a" False) (C1 (MetaCons "ArithWitness" PrefixI True) (S1 (MetaSel (Just "assignment") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 (Assignment f)) :: (S1 (MetaSel (Just "commitments") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [Point]) :: S1 (MetaSel (Just "commitBlinders") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [f]))))

data GateWeights f Source #

Constructors

GateWeights
Fields wL :: [[f]] WL ∈ F^(Q x n) wR :: [[f]] WR ∈ F^(Q x n) wO :: [[f]] WO ∈ F^(Q x n)

Instances

Eq f => Eq (GateWeights f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods (==) :: GateWeights f -> GateWeights f -> Bool # (/=) :: GateWeights f -> GateWeights f -> Bool #
Show f => Show (GateWeights f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods showsPrec :: Int -> GateWeights f -> ShowS # show :: GateWeights f -> String # showList :: [GateWeights f] -> ShowS #
Generic (GateWeights f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Associated Types type Rep (GateWeights f) :: Type -> Type # Methods from :: GateWeights f -> Rep (GateWeights f) x # to :: Rep (GateWeights f) x -> GateWeights f #
NFData f => NFData (GateWeights f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods rnf :: GateWeights f -> () #
type Rep (GateWeights f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal type Rep (GateWeights f) = D1 (MetaData "GateWeights" "Bulletproofs.ArithmeticCircuit.Internal" "bulletproofs-1.0.1-19OL1KfDIOwGdlR0HXS25a" False) (C1 (MetaCons "GateWeights" PrefixI True) (S1 (MetaSel (Just "wL") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [[f]]) :: (S1 (MetaSel (Just "wR") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [[f]]) :: S1 (MetaSel (Just "wO") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [[f]]))))

data Assignment f Source #

Constructors

Assignment
Fields aL :: [f] aL ∈ F^n. Vector of left inputs of each multiplication gate aR :: [f] aR ∈ F^n. Vector of right inputs of each multiplication gate aO :: [f] aO ∈ F^n. Vector of outputs of each multiplication gate

Instances

Eq f => Eq (Assignment f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods (==) :: Assignment f -> Assignment f -> Bool # (/=) :: Assignment f -> Assignment f -> Bool #
Show f => Show (Assignment f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods showsPrec :: Int -> Assignment f -> ShowS # show :: Assignment f -> String # showList :: [Assignment f] -> ShowS #
Generic (Assignment f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Associated Types type Rep (Assignment f) :: Type -> Type # Methods from :: Assignment f -> Rep (Assignment f) x # to :: Rep (Assignment f) x -> Assignment f #
KnownNat p => Arbitrary (Assignment (PrimeField p)) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods arbitrary :: Gen (Assignment (PrimeField p)) # shrink :: Assignment (PrimeField p) -> [Assignment (PrimeField p)] #
NFData f => NFData (Assignment f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal Methods rnf :: Assignment f -> () #
type Rep (Assignment f) Source #
Instance details Defined in Bulletproofs.ArithmeticCircuit.Internal type Rep (Assignment f) = D1 (MetaData "Assignment" "Bulletproofs.ArithmeticCircuit.Internal" "bulletproofs-1.0.1-19OL1KfDIOwGdlR0HXS25a" False) (C1 (MetaCons "Assignment" PrefixI True) (S1 (MetaSel (Just "aL") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [f]) :: (S1 (MetaSel (Just "aR") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [f]) :: S1 (MetaSel (Just "aO") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [f]))))