54 #ifndef CRYPTO3_R1CS_GG_PPZKSNARK_AGGREGATE_IPP2_COMMITMENT_HPP
55 #define CRYPTO3_R1CS_GG_PPZKSNARK_AGGREGATE_IPP2_COMMITMENT_HPP
59 #include <type_traits>
61 #include <boost/assert.hpp>
62 #include <boost/iterator/zip_iterator.hpp>
63 #include <boost/accumulators/accumulators.hpp>
74 template<
typename CurveType>
76 std::pair<typename CurveType::gt_type::value_type, typename CurveType::gt_type::value_type>;
80 template<
typename GroupType>
84 typedef typename curve_type::scalar_field_type
field_type;
90 std::vector<group_value_type>
a;
92 std::vector<group_value_type>
b;
99 return a.size() == n && n ==
b.size();
105 typename InputIterator,
106 typename ValueType =
typename std::iterator_traits<InputIterator>::value_type,
107 typename std::enable_if<std::is_same<field_value_type, ValueType>::value,
bool>::type =
true>
109 InputIterator s_last)
const {
113 std::for_each(boost::make_zip_iterator(boost::make_tuple(s_first,
a.begin(),
b.begin())),
114 boost::make_zip_iterator(boost::make_tuple(s_last,
a.end(),
b.end())),
117 result.a.emplace_back(t.template get<1>() * t.template get<0>());
118 result.b.emplace_back(t.template get<2>() * t.template get<0>());
125 std::pair<r1cs_gg_ppzksnark_ipp2_commitment_key<group_type>,
128 BOOST_ASSERT(
a.size() ==
b.size());
129 BOOST_ASSERT(at > 0 && at <
a.size());
134 auto a_it =
a.begin();
135 auto b_it =
b.begin();
136 while (a_it !=
a.begin() + at && b_it !=
b.begin() + at) {
137 result_l.
a.emplace_back(*a_it);
138 result_l.
b.emplace_back(*b_it);
142 while (a_it !=
a.end() && b_it !=
b.end()) {
143 result_r.
a.emplace_back(*a_it);
144 result_r.
b.emplace_back(*b_it);
149 return std::make_pair(result_l, result_r);
158 BOOST_ASSERT(
a.size() == right.
a.size());
159 BOOST_ASSERT(
b.size() == right.
b.size());
160 BOOST_ASSERT(
a.size() ==
b.size());
165 boost::make_zip_iterator(
166 boost::make_tuple(
a.begin(),
b.begin(), right.
a.begin(), right.
b.begin())),
167 boost::make_zip_iterator(boost::make_tuple(
a.end(),
b.end(), right.
a.end(), right.
b.end())),
170 result.a.emplace_back(t.template get<0>() + t.template get<2>() * scale);
171 result.b.emplace_back(t.template get<1>() + t.template get<3>() * scale);
180 std::pair<group_value_type, group_value_type>
first()
const {
181 return std::make_pair(
a.front(),
b.front());
188 template<
typename CurveType>
195 template<
typename CurveType>
199 template<
typename CurveType>
217 template<
typename InputG1Iterator,
typename InputG2Iterator,
218 typename ValueType1 =
typename std::iterator_traits<InputG1Iterator>::value_type,
219 typename ValueType2 =
typename std::iterator_traits<InputG2Iterator>::value_type,
220 typename std::enable_if<std::is_same<g1_value_type, ValueType1>::value,
bool>::type =
true,
221 typename std::enable_if<std::is_same<g2_value_type, ValueType2>::value,
bool>::type =
true>
223 InputG1Iterator a_last, InputG2Iterator b_first, InputG2Iterator b_last) {
226 BOOST_ASSERT(std::distance(a_first, a_last) == std::distance(b_first, b_last));
230 std::for_each(boost::make_zip_iterator(boost::make_tuple(a_first, vkey.
a.begin())),
231 boost::make_zip_iterator(boost::make_tuple(a_last, vkey.
a.end())),
232 [&](
const boost::tuple<const g1_value_type &, const g2_value_type &> &t) {
233 t1 = t1 * algebra::pair<curve_type>(t.template get<0>(), t.template get<1>());
238 std::for_each(boost::make_zip_iterator(boost::make_tuple(wkey.
a.begin(), b_first)),
239 boost::make_zip_iterator(boost::make_tuple(wkey.
a.end(), b_last)),
240 [&](
const boost::tuple<const g1_value_type &, const g2_value_type &> &t) {
241 t2 = t2 * algebra::pair<curve_type>(t.template get<0>(), t.template get<1>());
245 std::for_each(boost::make_zip_iterator(boost::make_tuple(a_first, vkey.
b.begin())),
246 boost::make_zip_iterator(boost::make_tuple(a_last, vkey.
b.end())),
247 [&](
const boost::tuple<const g1_value_type &, const g2_value_type &> &t) {
248 u1 = u1 * algebra::pair<curve_type>(t.template get<0>(), t.template get<1>());
252 std::for_each(boost::make_zip_iterator(boost::make_tuple(wkey.
b.begin(), b_first)),
253 boost::make_zip_iterator(boost::make_tuple(wkey.
b.end(), b_last)),
254 [&](
const boost::tuple<const g1_value_type &, const g2_value_type &> &t) {
255 u2 = u2 * algebra::pair<curve_type>(t.template get<0>(), t.template get<1>());
259 return std::make_pair(algebra::final_exponentiation<curve_type>(t1 * t2),
260 algebra::final_exponentiation<curve_type>(u1 * u2));
267 template<
typename InputG1Iterator,
268 typename ValueType1 =
typename std::iterator_traits<InputG1Iterator>::value_type,
269 typename std::enable_if<std::is_same<g1_value_type, ValueType1>::value,
bool>::type =
true>
274 std::for_each(boost::make_zip_iterator(boost::make_tuple(a_first, vkey.
a.begin())),
275 boost::make_zip_iterator(boost::make_tuple(a_last, vkey.
a.end())),
276 [&](
const boost::tuple<const g1_value_type &, const g2_value_type &> &t) {
277 t1 = t1 * algebra::pair<curve_type>(t.template get<0>(), t.template get<1>());
281 std::for_each(boost::make_zip_iterator(boost::make_tuple(a_first, vkey.
b.begin())),
282 boost::make_zip_iterator(boost::make_tuple(a_last, vkey.
b.end())),
283 [&](
const boost::tuple<const g1_value_type &, const g2_value_type &> &t) {
284 u1 = u1 * algebra::pair<curve_type>(t.template get<0>(), t.template get<1>());
287 return std::make_pair(algebra::final_exponentiation<curve_type>(t1),
288 algebra::final_exponentiation<curve_type>(u1));
typename std::iterator_traits< Iterator >::value_type ValueType
Definition: algebra/include/nil/crypto3/detail/make_array.hpp:50
std::pair< typename CurveType::gt_type::value_type, typename CurveType::gt_type::value_type > r1cs_gg_ppzksnark_ipp2_commitment_output
Both commitment outputs a pair of $F_q^k$ element.
Definition: commitment.hpp:76
Definition: pairing_policy.hpp:35
Definition: commitment.hpp:81
std::pair< r1cs_gg_ppzksnark_ipp2_commitment_key< group_type >, r1cs_gg_ppzksnark_ipp2_commitment_key< group_type > > split(std::size_t at) const
Returns the left and right commitment key part. It makes copy.
Definition: commitment.hpp:127
curve_type::scalar_field_type field_type
Definition: commitment.hpp:84
group_type::value_type group_value_type
Definition: commitment.hpp:86
std::vector< group_value_type > a
Exponent is a.
Definition: commitment.hpp:90
GroupType group_type
Definition: commitment.hpp:82
r1cs_gg_ppzksnark_ipp2_commitment_key< group_type > scale(InputIterator s_first, InputIterator s_last) const
Definition: commitment.hpp:108
r1cs_gg_ppzksnark_ipp2_commitment_key< group_type > compress(const r1cs_gg_ppzksnark_ipp2_commitment_key< group_type > &right, const field_value_type &scale) const
Definition: commitment.hpp:156
std::pair< group_value_type, group_value_type > first() const
Definition: commitment.hpp:180
std::vector< group_value_type > b
Exponent is b.
Definition: commitment.hpp:92
group_type::curve_type curve_type
Definition: commitment.hpp:83
bool has_correct_len(std::size_t n) const
Definition: commitment.hpp:98
field_type::value_type field_value_type
Definition: commitment.hpp:87
Definition: commitment.hpp:200
wkey_type::group_value_type g1_value_type
Definition: commitment.hpp:207
r1cs_gg_ppzksnark_ipp2_wkey< curve_type > wkey_type
Definition: commitment.hpp:204
curve_type::gt_type::value_type gt_value_type
Definition: commitment.hpp:209
r1cs_gg_ppzksnark_ipp2_vkey< curve_type > vkey_type
Definition: commitment.hpp:205
static output_type pair(const vkey_type &vkey, const wkey_type &wkey, InputG1Iterator a_first, InputG1Iterator a_last, InputG2Iterator b_first, InputG2Iterator b_last)
Definition: commitment.hpp:222
algebra::pairing::pairing_policy< curve_type > pairing
Definition: commitment.hpp:202
static output_type single(const vkey_type &vkey, InputG1Iterator a_first, InputG1Iterator a_last)
Definition: commitment.hpp:270
r1cs_gg_ppzksnark_ipp2_commitment_output< curve_type > output_type
Definition: commitment.hpp:211
CurveType curve_type
Definition: commitment.hpp:201
vkey_type::group_value_type g2_value_type
Definition: commitment.hpp:208