#include <prover.hpp>
Collaboration diagram for nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >:Static Public Member Functions | |
| static proof_type | process (const proving_key_type &proving_key, const primary_input_type &primary_input, const auxiliary_input_type &auxiliary_input) |
Detailed Description
template<typename CurveType>
class nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >
A prover algorithm for the R1CS SEppzkSNARK.
Given a R1CS primary input X and a R1CS auxiliary input Y, this algorithm produces a proof (of knowledge) that attests to the following statement: `‘there exists Y such that CS(X,Y)=0’'. Above, CS is the R1CS constraint system that was given as input to the generator algorithm.
Member Typedef Documentation
◆ auxiliary_input_type
| typedef policy_type::auxiliary_input_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::auxiliary_input_type |
◆ constraint_system_type
| typedef policy_type::constraint_system_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::constraint_system_type |
◆ keypair_type
| typedef policy_type::keypair_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::keypair_type |
◆ primary_input_type
| typedef policy_type::primary_input_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::primary_input_type |
◆ processed_verification_key_type
| typedef policy_type::processed_verification_key_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::processed_verification_key_type |
◆ proof_type
| typedef policy_type::proof_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::proof_type |
◆ proving_key_type
| typedef policy_type::proving_key_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::proving_key_type |
◆ verification_key_type
| typedef policy_type::verification_key_type nil::crypto3::zk::snark::r1cs_se_ppzksnark_prover< CurveType >::verification_key_type |
Member Function Documentation
◆ process()
|
inlinestatic |
compute A = G^{gamma * (\sum_{i=0}^m input_i * A_i(t) + r * Z(t))} = \prod_{i=0}^m (G^{gamma * A_i(t)})^{input_i)
- (G^{gamma * Z(t)})^r = \prod_{i=0}^m A_query[i]^{input_i} * G_gamma_Z^r
compute B exactly as A, except with H as the base
compute C = G^{f(input) + r^2 * gamma^2 * Z(t)^2 + r * (alpha + beta) * gamma * Z(t) + 2 * r * gamma^2 * Z(t) * \sum_{i=0}^m input_i A_i(t) + gamma^2 * Z(t) * H(t)} where G^{f(input)} = \prod_{i=l+1}^m C_query_1 * input_i and G^{2 * r * gamma^2 * Z(t) * \sum_{i=0}^m input_i A_i(t)} = = \prod_{i=0}^m C_query_2 * input_i
The documentation for this class was generated from the following file: