systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp
Go to the documentation of this file.
1 //---------------------------------------------------------------------------//
2 // Copyright (c) 2018-2021 Mikhail Komarov <nemo@nil.foundation>
3 // Copyright (c) 2020-2021 Nikita Kaskov <nbering@nil.foundation>
4 // Copyright (c) 2020-2021 Ilias Khairullin <ilias@nil.foundation>
5 //
6 // MIT License
7 //
8 // Permission is hereby granted, free of charge, to any person obtaining a copy
9 // of this software and associated documentation files (the "Software"), to deal
10 // in the Software without restriction, including without limitation the rights
11 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 // copies of the Software, and to permit persons to whom the Software is
13 // furnished to do so, subject to the following conditions:
14 //
15 // The above copyright notice and this permission notice shall be included in all
16 // copies or substantial portions of the Software.
17 //
18 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24 // SOFTWARE.
25 //---------------------------------------------------------------------------//
26 
27 #ifndef CRYPTO3_R1CS_GG_PPZKSNARK_AGGREGATE_IPP2_TRANSCRIPT_HPP
28 #define CRYPTO3_R1CS_GG_PPZKSNARK_AGGREGATE_IPP2_TRANSCRIPT_HPP
29 
30 #include <vector>
31 #include <type_traits>
32 #include <iterator>
33 
35 
38 
40 
41 namespace nil {
42  namespace crypto3 {
43  namespace zk {
44  namespace snark {
45  template<typename CurveType = algebra::curves::bls12<381>, typename Hash = hashes::sha2<256>>
46  struct transcript {
47  typedef CurveType curve_type;
48  typedef Hash hash_type;
49 
50  typedef nil::marshalling::curve_bincode<curve_type> bincode;
51 
52  std::vector<std::uint8_t> buffer;
54 
55  template<
56  typename InputIterator,
57  typename std::enable_if<
58  std::is_same<std::uint8_t, typename std::iterator_traits<InputIterator>::value_type>::value,
59  bool>::type = true>
60  transcript(InputIterator first, InputIterator last) {
61  buffer.insert(buffer.end(), first, last);
62  hash<hash_type>(buffer, hasher_acc);
63  buffer.clear();
64  }
65 
66  template<
67  typename InputIterator,
68  typename std::enable_if<
69  std::is_same<std::uint8_t, typename std::iterator_traits<InputIterator>::value_type>::value,
70  bool>::type = true>
71  inline void write_domain_separator(InputIterator first, InputIterator last) {
72  buffer.insert(buffer.end(), first, last);
73  hash<hash_type>(buffer, hasher_acc);
74  buffer.clear();
75  }
76 
77  template<typename FieldType>
78  inline typename std::enable_if<
79  std::is_same<typename curve_type::base_field_type, FieldType>::value ||
80  std::is_same<typename curve_type::scalar_field_type, FieldType>::value ||
81  std::is_same<typename curve_type::gt_type, FieldType>::value>::type
82  write(const typename FieldType::value_type &x) {
83  buffer.resize(bincode::template get_element_size<FieldType>());
84  bincode::template field_element_to_bytes<FieldType>(x, buffer.begin(), buffer.end());
85  hash<hash_type>(buffer, hasher_acc);
86  buffer.clear();
87  }
88 
89  template<typename GroupType>
90  inline typename std::enable_if<
91  std::is_same<typename curve_type::template g1_type<>, GroupType>::value ||
92  std::is_same<typename curve_type::template g2_type<>, GroupType>::value>::type
93  write(const typename GroupType::value_type &x) {
94  buffer.resize(bincode::template get_element_size<GroupType>());
95  bincode::template point_to_bytes<GroupType>(x, buffer.begin(), buffer.end());
96  hash<hash_type>(buffer, hasher_acc);
97  buffer.clear();
98  }
99 
100  template<typename InputIterator>
101  inline typename std::enable_if<
102  std::is_same<std::uint8_t,
103  typename std::iterator_traits<InputIterator>::value_type>::value>::type
104  write(InputIterator first, InputIterator last) {
105  std::array<std::uint8_t, sizeof(std::uint64_t)> len_bytes;
108  sizeof(std::uint64_t) * 8,
109  8>(
110  std::vector<std::uint64_t> {
111  static_cast<std::uint64_t>(std::distance(first, last)),
112  },
113  len_bytes);
114  buffer.insert(buffer.end(), len_bytes.begin(), len_bytes.end());
115  buffer.insert(buffer.end(), first, last);
116  hash<hash_type>(buffer, hasher_acc);
117  buffer.clear();
118  }
119 
120  inline typename curve_type::scalar_field_type::value_type read_challenge() {
121  auto hasher_state = hasher_acc;
122  std::size_t counter_nonce = 0;
123  std::array<std::uint8_t, sizeof(std::size_t)> counter_nonce_bytes;
124  while (true) {
125  ++counter_nonce;
128  sizeof(std::size_t) * 8,
129  8>(
130  std::vector<std::size_t> {
131  counter_nonce,
132  },
133  counter_nonce_bytes);
134 
135  hash<hash_type>(counter_nonce_bytes, hasher_state);
136  typename hash_type::digest_type hasher_res =
137  boost::accumulators::extract_result<typename boost::mpl::front<
138  typename ::nil::crypto3::accumulator_set<Hash>::features_type>::type>(hasher_state);
139  std::pair<bool, typename curve_type::scalar_field_type::value_type> hasher_res_deser =
140  bincode::template field_element_from_bytes<typename curve_type::scalar_field_type>(
141  hasher_res.begin(), hasher_res.end());
142 
143  if (!hasher_res_deser.first ||
144  hasher_res_deser.second == curve_type::scalar_field_type::value_type::zero() ||
145  hasher_res_deser.second == curve_type::scalar_field_type::value_type::one()) {
146  continue;
147  }
148  return hasher_res_deser.second;
149  }
150  }
151  };
152  } // namespace snark
153  } // namespace zk
154  } // namespace crypto3
155 } // namespace nil
156 
157 #endif // CRYPTO3_R1CS_GG_PPZKSNARK_AGGREGATE_IPP2_TRANSCRIPT_HPP
void pack(InputIterator first, InputIterator last, std::random_access_iterator_tag, OutputIterator out)
Packs elements from the range [first, last) into elements starting from out. Works for input containe...
Definition: block/include/nil/crypto3/detail/pack.hpp:835
big_unit_big_bit< CHAR_BIT > big_byte_big_bit
Definition: algebra/include/nil/crypto3/detail/stream_endian.hpp:54
little_unit_big_bit< CHAR_BIT > little_byte_big_bit
Definition: algebra/include/nil/crypto3/detail/stream_endian.hpp:64
Definition: pair.hpp:31
Definition: hash_state.hpp:43
Transcript policy. Assumed to be inherited by particular algorithms.
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:46
std::vector< std::uint8_t > buffer
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:52
std::enable_if< std::is_same< typename curve_type::template g1_type<>, GroupType >::value||std::is_same< typename curve_type::template g2_type<>, GroupType >::value >::type write(const typename GroupType::value_type &x)
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:93
curve_type::scalar_field_type::value_type read_challenge()
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:120
std::enable_if< std::is_same< std::uint8_t, typename std::iterator_traits< InputIterator >::value_type >::value >::type write(InputIterator first, InputIterator last)
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:104
nil::marshalling::curve_bincode< curve_type > bincode
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:50
std::enable_if< std::is_same< typename curve_type::base_field_type, FieldType >::value||std::is_same< typename curve_type::scalar_field_type, FieldType >::value||std::is_same< typename curve_type::gt_type, FieldType >::value >::type write(const typename FieldType::value_type &x)
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:82
transcript(InputIterator first, InputIterator last)
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:60
Hash hash_type
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:48
::nil::crypto3::accumulator_set< Hash > hasher_acc
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:53
void write_domain_separator(InputIterator first, InputIterator last)
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:71
CurveType curve_type
Definition: systems/ppzksnark/r1cs_gg_ppzksnark/ipp2/transcript.hpp:47