sigma_rs::linear_relation

Struct LinearRelation

Source 
pub struct LinearRelation<G>
where
    G: Group + GroupEncoding,
{
    pub linear_map: LinearMap<G>,
    pub image: Vec<GroupVar<G>>,
}
Expand description

A wrapper struct coupling a LinearMap with the corresponding expected output (image) elements.

This structure represents the preimage problem for a group linear map: given a set of scalar inputs, determine whether their image under the linear map matches a target set of group elements.

Internally, the constraint system is defined through:

  • A list of group elements and linear equations (held in the LinearMap field),
  • A list of GroupVar indices (image) that specify the expected output for each constraint.

Fields§

§linear_map: LinearMap<G>

The underlying linear map describing the structure of the statement.

§image: Vec<GroupVar<G>>

Indices pointing to elements representing the “target” images for each constraint.

Implementations§

Source§

impl<G> LinearRelation<G>
where G: Group + GroupEncoding,

Source

pub fn new() -> Self

Create a new empty LinearRelation.

Source

pub fn append_equation( &mut self, lhs: GroupVar<G>, rhs: impl Into<LinearCombination<G>>, )

Adds a new equation to the statement of the form: lhs = Σ weight_i * (scalar_i * point_i).

§Parameters
  • lhs: The image group element variable (left-hand side of the equation).
  • rhs: An instance of LinearCombination representing the linear combination on the right-hand side.
Source

pub fn allocate_eq( &mut self, rhs: impl Into<LinearCombination<G>>, ) -> GroupVar<G>

Adds a new equation to the statement of the form: lhs = Σ weight_i * (scalar_i * point_i) without allocating lhs.

§Parameters
  • rhs: An instance of LinearCombination representing the linear combination on the right-hand side.
Source

pub fn allocate_scalar(&mut self) -> ScalarVar<G>

Allocates a scalar variable for use in the linear map.

Source

pub fn allocate_scalars<const N: usize>(&mut self) -> [ScalarVar<G>; N]

Allocates space for N new scalar variables.

§Returns

An array of ScalarVar representing the newly allocated scalar indices.

§Example
use curve25519_dalek::RistrettoPoint as G;

let mut relation = LinearRelation::<G>::new();
let [var_x, var_y] = relation.allocate_scalars();
let vars = relation.allocate_scalars::<10>();
Source

pub fn allocate_element(&mut self) -> GroupVar<G>

Allocates a point variable (group element) for use in the linear map.

Source

pub fn allocate_elements<const N: usize>(&mut self) -> [GroupVar<G>; N]

Allocates N point variables (group elements) for use in the linear map.

§Returns

An array of GroupVar representing the newly allocated group element indices.

§Example
use curve25519_dalek::RistrettoPoint as G;

let mut relation = LinearRelation::<G>::new();
let [var_g, var_h] = relation.allocate_elements();
let vars = relation.allocate_elements::<10>();
Source

pub fn set_element(&mut self, var: GroupVar<G>, element: G)

Assign a group element value to a point variable.

§Parameters
  • var: The variable to assign.
  • element: The value to assign to the variable.
§Panics

Panics if the given assignment conflicts with the existing assignment.

Source

pub fn set_elements( &mut self, assignments: impl IntoIterator<Item = (GroupVar<G>, G)>, )

Assigns specific group elements to point variables (indices).

§Parameters
  • assignments: A collection of (GroupVar, GroupElement) pairs that can be iterated over.
§Panics

Panics if the collection contains two conflicting assignments for the same variable.

Source

pub fn compute_image( &mut self, scalars: &[<G as Group>::Scalar], ) -> Result<(), Error>

Evaluates all linear combinations in the linear map with the provided scalars, computing the left-hand side of this constraints (i.e. the image).

After calling this function, all point variables will be assigned.

§Parameters
  • scalars: A slice of scalar values corresponding to the scalar variables.
§Returns

Return Ok on success, and an error if unassigned elements prevent the image from being computed. Modifies the group elements assigned in the LinearRelation.

Source

pub fn image(&self) -> Result<Vec<G>, Error>

Returns the current group elements corresponding to the image variables.

§Returns

A vector of group elements (Vec<G>) representing the linear map’s image.

Source

pub fn label(&self) -> Vec<u8>

Returns a binary label describing the linear map.

The format is:

  • [Ne: u32] number of equations
  • For each equation:
    • [output_point_index: u32]
    • [Nt: u32] number of terms
    • Nt × [scalar_index: u32, point_index: u32] term entries
Source

pub fn into_nizk( self, session_identifier: &[u8], ) -> NISigmaProtocol<SchnorrProof<G>, ShakeCodec<G>>
where G: GroupEncoding,

Convert this LinearRelation into a non-interactive zero-knowledge protocol using the ShakeCodec and a specified context/domain separator.

§Parameters
  • context: Domain separator bytes for the Fiat-Shamir transform
§Returns

A NISigmaProtocol instance ready for proving and verification

§Example

let mut relation = LinearRelation::<G>::new();
let x_var = relation.allocate_scalar();
let g_var = relation.allocate_element();
let p_var = relation.allocate_eq(x_var * g_var);

relation.set_element(g_var, G::generator());
let x = Scalar::random(&mut OsRng);
relation.compute_image(&[x]).unwrap();

// Convert to NIZK with custom context
let nizk = relation.into_nizk(b"my-protocol-v1");
let proof = nizk.prove_batchable(&vec![x], &mut OsRng).unwrap();
assert!(nizk.verify_batchable(&proof).is_ok());

Trait Implementations§

Source§

impl<G> Clone for LinearRelation<G>
where G: Group + GroupEncoding + Clone,

Source§

fn clone(&self) -> LinearRelation<G>

Returns a duplicate of the value. Read more
1.0.0 · Source§

const fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<G> Debug for LinearRelation<G>
where G: Group + GroupEncoding + Debug,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<G> Default for LinearRelation<G>
where G: Group + GroupEncoding + Default,

Source§

fn default() -> LinearRelation<G>

Returns the “default value” for a type. Read more
Source§

impl<G> From<LinearRelation<G>> for Protocol<G>
where G: Group + GroupEncoding,

Source§

fn from(value: LinearRelation<G>) -> Self

Converts to this type from the input type.
Source§

impl<G> From<LinearRelation<G>> for SchnorrProof<G>
where G: Group + GroupEncoding,

Source§

fn from(value: LinearRelation<G>) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

§

impl<G> Freeze for LinearRelation<G>

§

impl<G> RefUnwindSafe for LinearRelation<G>
where G: RefUnwindSafe, <G as Group>::Scalar: RefUnwindSafe,

§

impl<G> Send for LinearRelation<G>

§

impl<G> Sync for LinearRelation<G>

§

impl<G> Unpin for LinearRelation<G>
where G: Unpin, <G as Group>::Scalar: Unpin,

§

impl<G> UnwindSafe for LinearRelation<G>
where G: UnwindSafe, <G as Group>::Scalar: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> Conv for T

Source§

fn conv<T>(self) -> T
where Self: Into<T>,

Converts self into T using Into<T>. Read more
Source§

impl<T> FmtForward for T

Source§

fn fmt_binary(self) -> FmtBinary<Self>
where Self: Binary,

Causes self to use its Binary implementation when Debug-formatted.
Source§

fn fmt_display(self) -> FmtDisplay<Self>
where Self: Display,

Causes self to use its Display implementation when Debug-formatted.
Source§

fn fmt_lower_exp(self) -> FmtLowerExp<Self>
where Self: LowerExp,

Causes self to use its LowerExp implementation when Debug-formatted.
Source§

fn fmt_lower_hex(self) -> FmtLowerHex<Self>
where Self: LowerHex,

Causes self to use its LowerHex implementation when Debug-formatted.
Source§

fn fmt_octal(self) -> FmtOctal<Self>
where Self: Octal,

Causes self to use its Octal implementation when Debug-formatted.
Source§

fn fmt_pointer(self) -> FmtPointer<Self>
where Self: Pointer,

Causes self to use its Pointer implementation when Debug-formatted.
Source§

fn fmt_upper_exp(self) -> FmtUpperExp<Self>
where Self: UpperExp,

Causes self to use its UpperExp implementation when Debug-formatted.
Source§

fn fmt_upper_hex(self) -> FmtUpperHex<Self>
where Self: UpperHex,

Causes self to use its UpperHex implementation when Debug-formatted.
Source§

fn fmt_list(self) -> FmtList<Self>
where &'a Self: for<'a> IntoIterator,

Formats each item in a sequence. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Pipe for T
where T: ?Sized,

Source§

fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> R
where Self: Sized,

Pipes by value. This is generally the method you want to use. Read more
Source§

fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R
where R: 'a,

Borrows self and passes that borrow into the pipe function. Read more
Source§

fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> R
where R: 'a,

Mutably borrows self and passes that borrow into the pipe function. Read more
Source§

fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
where Self: Borrow<B>, B: 'a + ?Sized, R: 'a,

Borrows self, then passes self.borrow() into the pipe function. Read more
Source§

fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
where Self: BorrowMut<B>, B: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more
Source§

fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
where Self: AsRef<U>, U: 'a + ?Sized, R: 'a,

Borrows self, then passes self.as_ref() into the pipe function.
Source§

fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
where Self: AsMut<U>, U: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.as_mut() into the pipe function.
Source§

fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
where Self: Deref<Target = T>, T: 'a + ?Sized, R: 'a,

Borrows self, then passes self.deref() into the pipe function.
Source§

fn pipe_deref_mut<'a, T, R>( &'a mut self, func: impl FnOnce(&'a mut T) -> R, ) -> R
where Self: DerefMut<Target = T> + Deref, T: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.deref_mut() into the pipe function.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> Tap for T

Source§

fn tap(self, func: impl FnOnce(&Self)) -> Self

Immutable access to a value. Read more
Source§

fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self

Mutable access to a value. Read more
Source§

fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Immutable access to the Borrow<B> of a value. Read more
Source§

fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Mutable access to the BorrowMut<B> of a value. Read more
Source§

fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Immutable access to the AsRef<R> view of a value. Read more
Source§

fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Mutable access to the AsMut<R> view of a value. Read more
Source§

fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Immutable access to the Deref::Target of a value. Read more
Source§

fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Mutable access to the Deref::Target of a value. Read more
Source§

fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self

Calls .tap() only in debug builds, and is erased in release builds.
Source§

fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self

Calls .tap_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Calls .tap_borrow() only in debug builds, and is erased in release builds.
Source§

fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Calls .tap_ref() only in debug builds, and is erased in release builds.
Source§

fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Calls .tap_ref_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Calls .tap_deref() only in debug builds, and is erased in release builds.
Source§

fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Calls .tap_deref_mut() only in debug builds, and is erased in release builds.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> TryConv for T

Source§

fn try_conv<T>(self) -> Result<T, Self::Error>
where Self: TryInto<T>,

Attempts to convert self into T using TryInto<T>. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V