Trait SigmaProtocolSimulator

Source

pub trait SigmaProtocolSimulator: SigmaProtocol {
    // Required methods
    fn simulate_response<R: Rng + CryptoRng>(
        &self,
        rng: &mut R,
    ) -> Self::Response;
    fn simulate_commitment(
        &self,
        challenge: &Self::Challenge,
        response: &Self::Response,
    ) -> Result<Self::Commitment, Error>;
    fn simulate_transcript<R: Rng + CryptoRng>(
        &self,
        rng: &mut R,
    ) -> Result<(<Self as SigmaProtocol>::Commitment, <Self as SigmaProtocol>::Challenge, <Self as SigmaProtocol>::Response), Error>;
}

Expand description

A trait defining the behavior of a Sigma protocol for which simulation of transcripts is necessary.

Every Sigma protocol can be simulated, but in practice, this is primarily used for proving security properties (zero-knowledge, soundness, etc.).

Some protocols (e.g. OR compositions) require simulation capabilities during actual proof generation.

§Minimal Implementation

Types implementing SigmaProtocolSimulator must define:

simulate_proof
simulate_transcript

Required Methods§

Source

fn simulate_response<R: Rng + CryptoRng>(&self, rng: &mut R) -> Self::Response

Generates a random response (e.g. for simulation or OR composition).

Typically used to simulate a proof without a witness.

Source

fn simulate_commitment( &self, challenge: &Self::Challenge, response: &Self::Response, ) -> Result<Self::Commitment, Error>

Simulates a commitment for which (‘commitment’, ‘challenge’, ‘response’) is a valid transcript.

This function allows to omit commitment in compact proofs of the type (‘challenge’, ‘response’).

Source

fn simulate_transcript<R: Rng + CryptoRng>( &self, rng: &mut R, ) -> Result<(<Self as SigmaProtocol>::Commitment, <Self as SigmaProtocol>::Challenge, <Self as SigmaProtocol>::Response), Error>

Generates a full simulated proof transcript (commitment, challenge, response) without requiring knowledge of a witness.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors§

Source §

impl<G> SigmaProtocolSimulator for SchnorrProof<G>
where G: Group + GroupEncoding,

Source §

Trait SigmaProtocolSimulatorCopy item path

§Minimal Implementation

Required Methods§

fn simulate_response<R: Rng + CryptoRng>(&self, rng: &mut R) -> Self::Response

fn simulate_commitment( &self, challenge: &Self::Challenge, response: &Self::Response, ) -> Result<Self::Commitment, Error>

fn simulate_transcript<R: Rng + CryptoRng>( &self, rng: &mut R, ) -> Result<(<Self as SigmaProtocol>::Commitment, <Self as SigmaProtocol>::Challenge, <Self as SigmaProtocol>::Response), Error>

Dyn Compatibility§

Implementors§

impl<G> SigmaProtocolSimulator for SchnorrProof<G>where G: Group + GroupEncoding,

impl<G: Group + GroupEncoding> SigmaProtocolSimulator for Protocol<G>

Trait SigmaProtocolSimulator

impl<G> SigmaProtocolSimulator for SchnorrProof<G>
where G: Group + GroupEncoding,