Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Module 0x1::sigma_protocol_representation 

use 0x1::error;
use 0x1::ristretto255;
use 0x1::sigma_protocol_statement;
use 0x1::vector;

Struct Representation

A representation of a group element $G$ is a list of group elements $G_i$ and scalars $a_i$ such that: $G = \sum_{i \in [n_1]} a_i G_i$ The actual group elements are large, so to indicate that $G_i$ is the $j$th entry from the Statement::points vector, we set Representation::points_idxs[i] to $j$. (Note that $j \in [0, n_1)$.)

Note: Instead of returning $m$ group elements, the Move implementation of a transformation function $f$ (and/or a homomorphism $\psi$) will return $m$ representations. This makes it possible to implement a faster verifier (and prover too) that uses multi-scalar multiplications!

struct Representation has copy, drop
Fields
point_idxs: vector<u64>
scalars: vector<ristretto255::Scalar>

Constants

The number of points and scalars in a Representation needs to be the same.

const E_MISMATCHED_LENGTHS: u64 = 1;

Function new_representation 

public(friend) fun new_representation(points: vector<u64>, scalars: vector<ristretto255::Scalar>): sigma_protocol_representation::Representation
Implementation 
public(friend) fun new_representation(points: vector<u64>, scalars: vector<Scalar>): Representation {
    assert!(points.length() == scalars.length(), error::invalid_argument(E_MISMATCHED_LENGTHS));
    Representation {
        point_idxs: points, scalars
    }
}

Function repr_point

A single statement point scaled by 1 (used extensively in f()).

public(friend) fun repr_point(idx: u64): sigma_protocol_representation::Representation
Implementation 
public(friend) fun repr_point(idx: u64): Representation {
    new_representation(vector[idx], vector[scalar_one()])
}

Function repr_scaled

A single statement point scaled by a witness scalar (used extensively in psi()).

public(friend) fun repr_scaled(idx: u64, scalar: ristretto255::Scalar): sigma_protocol_representation::Representation
Implementation 
public(friend) fun repr_scaled(idx: u64, scalar: Scalar): Representation {
    new_representation(vector[idx], vector[scalar])
}

Function to_points

Given a representation, which only stores locations of group elements within a public statement, returns the actual vector of group elements by “looking up” these elements in the public statement.

public(friend) fun to_points<P>(self: &sigma_protocol_representation::Representation, stmt: &sigma_protocol_statement::Statement<P>): vector<ristretto255::RistrettoPoint>
Implementation 
public(friend) fun to_points<P>(self: &Representation, stmt: &Statement<P>): vector<RistrettoPoint> {
    self.point_idxs.map(|idx| stmt.get_point(idx).point_clone())
}

Function get_scalars

Returns the scalars in the representation.

public(friend) fun get_scalars(self: &sigma_protocol_representation::Representation): &vector<ristretto255::Scalar>
Implementation 
public(friend) fun get_scalars(self: &Representation): &vector<Scalar> {
    &self.scalars
}

Function scale

Multiplies all the scalars in the representation by $e$.

public(friend) fun scale(self: &mut sigma_protocol_representation::Representation, e: &ristretto255::Scalar)
Implementation 
public(friend) fun scale(self: &mut Representation, e: &Scalar) {
    self.scalars.for_each_mut(|scalar| {
        scalar.scalar_mul_assign(e);
    });
}