[][src]Trait zkp::toolbox::TranscriptProtocol

pub trait TranscriptProtocol {
    fn domain_sep(&mut self, label: &'static [u8]);
fn append_scalar_var(&mut self, label: &'static [u8]);
fn append_point_var(
        &mut self,
        label: &'static [u8],
        point: &RistrettoPoint
    ) -> CompressedRistretto;
fn validate_and_append_point_var(
        &mut self,
        label: &'static [u8],
        point: &CompressedRistretto
    ) -> Result<(), ProofError>;
fn append_blinding_commitment(
        &mut self,
        label: &'static [u8],
        point: &RistrettoPoint
    ) -> CompressedRistretto;
fn validate_and_append_blinding_commitment(
        &mut self,
        label: &'static [u8],
        point: &CompressedRistretto
    ) -> Result<(), ProofError>;
fn get_challenge(&mut self, label: &'static [u8]) -> Scalar; }

This trait defines the wire format for how the constraint system interacts with the proof transcript.

Required methods

fn domain_sep(&mut self, label: &'static [u8])

Appends label to the transcript as a domain separator.

fn append_scalar_var(&mut self, label: &'static [u8])

Append the label for a scalar variable to the transcript.

Note: this does not commit its assignment, which is secret, and only serves to bind the proof to the variable allocations.

fn append_point_var(
    &mut self,
    label: &'static [u8],
    point: &RistrettoPoint
) -> CompressedRistretto

Append a point variable to the transcript, for use by a prover.

Returns the compressed point encoding to allow reusing the result of the encoding computation; the return value can be discarded if it's unused.

fn validate_and_append_point_var(
    &mut self,
    label: &'static [u8],
    point: &CompressedRistretto
) -> Result<(), ProofError>

Check that point variable is not the identity and append it to the transcript, for use by a verifier.

Returns Ok(()) if the point is not the identity point (and therefore generates the full ristretto255 group).

Using this function prevents small-subgroup attacks.

fn append_blinding_commitment(
    &mut self,
    label: &'static [u8],
    point: &RistrettoPoint
) -> CompressedRistretto

Append a blinding factor commitment to the transcript, for use by a prover.

Returns the compressed point encoding to allow reusing the result of the encoding computation; the return value can be discarded if it's unused.

fn validate_and_append_blinding_commitment(
    &mut self,
    label: &'static [u8],
    point: &CompressedRistretto
) -> Result<(), ProofError>

Check that a blinding factor commitment is not the identity and commit it to the transcript, for use by a verifier.

Returns Ok(()) if the point is not the identity point (and therefore generates the full ristretto255 group).

Using this function prevents small-subgroup attacks.

fn get_challenge(&mut self, label: &'static [u8]) -> Scalar

Get a scalar challenge from the transcript.

Loading content...

Implementors

impl TranscriptProtocol for Transcript[src]

Loading content...