Safe Haskell | None |
---|---|
Language | Haskell2010 |
The Pedersen commitment scheme has three operations:
- Setup
- Commit
- Open
- data Pedersen = Pedersen {
- commitment :: Commitment
- reveal :: Reveal
- data CommitParams = CommitParams {
- pedersenSPF :: SPF
- pedersenH :: Integer
- newtype Commitment = Commitment {}
- data Reveal = Reveal {}
- setup :: MonadRandom m => Int -> m (Integer, CommitParams)
- commit :: MonadRandom m => Integer -> CommitParams -> m Pedersen
- open :: CommitParams -> Commitment -> Reveal -> Bool
- addCommitments :: CommitParams -> Commitment -> Commitment -> Commitment
- verifyAddCommitments :: CommitParams -> Pedersen -> Pedersen -> Pedersen
- verifyCommitParams :: Integer -> CommitParams -> Bool
- data ECPedersen = ECPedersen {}
- data ECCommitParams = ECCommitParams {}
- data ECCommitment = ECCommitment {}
- data ECReveal = ECReveal {}
- ecSetup :: MonadRandom m => Maybe CurveName -> m (PrivateNumber, ECCommitParams)
- ecCommit :: MonadRandom m => Integer -> ECCommitParams -> m ECPedersen
- ecOpen :: ECCommitParams -> ECCommitment -> ECReveal -> Bool
- ecAddCommitments :: ECCommitParams -> ECCommitment -> ECCommitment -> ECCommitment
- ecVerifyAddCommitments :: ECCommitParams -> ECPedersen -> ECPedersen -> ECPedersen
- ecAddInteger :: ECCommitParams -> ECCommitment -> Integer -> ECCommitment
- ecVerifyAddInteger :: ECCommitParams -> ECPedersen -> Integer -> ECPedersen
- verifyECCommitParams :: Integer -> ECCommitParams -> Bool
Safe Prime Field Pedersen Commitments
Pedersen | |
|
data CommitParams Source #
CommitParams | |
|
setup :: MonadRandom m => Int -> m (Integer, CommitParams) Source #
Generates a Safe Prime Field (p,q,g) and a random value `a in Zq` such that `g^a = h`, where g and h are the bases to be used in the pedersen commit function.
commit :: MonadRandom m => Integer -> CommitParams -> m Pedersen Source #
Commit a value by generating a random number `r in Zq` and computing `C(x) = g^x * h^r` where x is the value to commit
open :: CommitParams -> Commitment -> Reveal -> Bool Source #
Open the commit by supplying the value commited, x
, the
random value r
and the pedersen bases g
and h
, and
verifying that `C(x) == g^x * h^r`
addCommitments :: CommitParams -> Commitment -> Commitment -> Commitment Source #
This addition should be recorded as the previous commits are unable to be extracted from this new commitment. The only way to open this commiment is to tell the committing party the two commitments that were added so that the commitment can be validated and opening parameters can be created.
verifyAddCommitments :: CommitParams -> Pedersen -> Pedersen -> Pedersen Source #
This function validates a homomorphic addition of two commitments using the original pedersen commits and reveals to compute the new commitment without homomorphic addition.
verifyCommitParams :: Integer -> CommitParams -> Bool Source #
Check that `g^a = h` to verify integrity of a counterparty's commitment
Elliptic Curve Pedersen Commitments
data ECPedersen Source #
ecSetup :: MonadRandom m => Maybe CurveName -> m (PrivateNumber, ECCommitParams) Source #
Setup EC Pedersen commit params, defaults to curve secp256k1
ecCommit :: MonadRandom m => Integer -> ECCommitParams -> m ECPedersen Source #
ecOpen :: ECCommitParams -> ECCommitment -> ECReveal -> Bool Source #
ecAddCommitments :: ECCommitParams -> ECCommitment -> ECCommitment -> ECCommitment Source #
In order for this resulting commitment to be opened, the commiter must construct a new set of reveal parameters. The new reveal is then sent to the counterparty to open the homomorphically added commitment.
ecVerifyAddCommitments :: ECCommitParams -> ECPedersen -> ECPedersen -> ECPedersen Source #
Verify the addition of two EC Pedersen Commitments by constructing the new Pedersen commitment on the uncommitted values.
ecAddInteger :: ECCommitParams -> ECCommitment -> Integer -> ECCommitment Source #
Add an integer to the committed value. The committer should be informed of the integer added to the commitment so that a valid pedersen reveal can be constructed and the resulting commitment can be opened
ecVerifyAddInteger :: ECCommitParams -> ECPedersen -> Integer -> ECPedersen Source #
verifyECCommitParams :: Integer -> ECCommitParams -> Bool Source #