gitee.com/lh-her-team/common@v1.5.1/crypto/bulletproofs/bulletproofs_fast.go (about) 1 //go:build linux && amd64 2 // +build linux,amd64 3 4 package bulletproofs 5 6 import "C" 7 import ( 8 "gitee.com/lh-her-team/common/crypto/bulletproofs/bulletproofs_cgo" 9 ) 10 11 // ProveRandomOpening Generate proof with randomly pick opening 12 // x: prove x is in the range [0, 2^64) 13 // return 1: proof in []byte 14 // return 2: commitment of x: xB + rB' 15 // return 3: opening, the randomness r used to commit x (secret key) 16 func ProveRandomOpening(x uint64) ([]byte, []byte, []byte, error) { 17 return bulletproofs_cgo.ProveRandomOpening(x) 18 } 19 20 // ProveSpecificOpening Generate proof with a chosen opening 21 // x: prove x is in the range [0, 2^64) 22 // opening: the chosen randomness to commit x (secret key) 23 // return 1: proof in []byte 24 // return 2: commitment of x using opening 25 func ProveSpecificOpening(x uint64, opening []byte) ([]byte, []byte, error) { 26 return bulletproofs_cgo.ProveSpecificOpening(x, opening) 27 } 28 29 // Verify Verify the validity of a proof 30 // proof: the zero-knowledge proof proving the number committed in commitment is in the range [0, 2^64) 31 // commitment: commitment bindingly hiding the number x 32 // return: true on valid proof, false otherwise 33 func Verify(proof []byte, commitment []byte) (bool, error) { 34 return bulletproofs_cgo.Verify(proof, commitment) 35 } 36 37 // ProveAfterAddNum Update a commitment of x (xB + rB') to x + y and generate a proof of it with the same opening 38 // x, y: prove x + y is in the range [0, 2^64) 39 // openingX: the randomness r used to commit x, also used in the new proof 40 // commitmentX: commitment of x: xB + rB' 41 // return 1: proof in []byte 42 // return 2: commitment of x + y: (x + y)B + rB' 43 func ProveAfterAddNum(x, y uint64, openingX, commitmentX []byte) ([]byte, []byte, error) { 44 return bulletproofs_cgo.ProveAfterAddNum(x, y, openingX, commitmentX) 45 } 46 47 // ProveAfterAddCommitment Update commitments of x (xB + rB') and y (yB + sB') to x + y and generate a proof of it with the sum of the two opening 48 // x, y: prove x + y is in the range [0, 2^64) 49 // openingX: the randomness r used to commit x 50 // openingY: the randomness s used to commit y 51 // commitmentX: commitment of x: xB + rB' 52 // commitmentX: commitment of y: yB + sB' 53 // return 1: proof in []byte 54 // return 2: commitment of x + y: (x + y)B + (r + s)B' 55 // return 3: new opening for the result commitment (r + s) 56 func ProveAfterAddCommitment(x, y uint64, openingX, openingY, commitmentX, commitmentY []byte) ([]byte, []byte, []byte, error) { 57 return bulletproofs_cgo.ProveAfterAddCommitment(x, y, openingX, openingY, commitmentX, commitmentY) 58 } 59 60 // ProveAfterSubNum Update a commitment of x (xB + rB') to x - y and generate a proof of it with the same opening 61 // x, y: prove x - y is in the range [0, 2^64) 62 // openingX: the randomness r used to commit x, also used in the new proof 63 // commitmentX: commitment of x (old commitment) 64 // return 1: proof in []byte 65 // return 2: commitment of x - y: (x - y)B + rB' 66 func ProveAfterSubNum(x, y uint64, openingX, commitmentX []byte) ([]byte, []byte, error) { 67 return bulletproofs_cgo.ProveAfterSubNum(x, y, openingX, commitmentX) 68 } 69 70 // ProveAfterSubCommitment Update commitments of x (xB + rB') and y (yB + sB') to x - y and generate a proof of it with the subtraction of the two openings 71 // x, y: prove x + y is in the range [0, 2^64) 72 // openingX: the randomness r used to commit x 73 // openingY: the randomness s used to commit y 74 // commitmentX: commitment of x: xB + rB' 75 // commitmentX: commitment of y: yB + sB' 76 // return 1: proof in []byte 77 // return 2: commitment of x - y: (x - y)B + (r - s)B' 78 // return 3: new opening for the result commitment (r - s) 79 func ProveAfterSubCommitment(x, y uint64, openingX, openingY, commitmentX, commitmentY []byte) ([]byte, []byte, []byte, error) { 80 return bulletproofs_cgo.ProveAfterSubCommitment(x, y, openingX, openingY, commitmentX, commitmentY) 81 } 82 83 // ProveAfterMulNum Update commitment of x (xB + rB') to commitment of x * y and generate a proof of it with the an updated opening, where y is a value 84 // x, y: prove x * y is in the range [0, 2^64) 85 // openingX: the randomness r used to commit x 86 // commitmentX: commitment of x: xB + rB' 87 // return 1: proof in []byte 88 // return 2: commitment of x * y: (x * y)B + (r * y)B' 89 // return 3: new opening for the result commitment: r * y 90 func ProveAfterMulNum(x, y uint64, openingX, commitmentX []byte) ([]byte, []byte, []byte, error) { 91 return bulletproofs_cgo.ProveAfterMulNum(x, y, openingX, commitmentX) 92 } 93 94 // PedersenRNG generate a truly random scalar (which can be used as an opening to generate a commitment). 95 // return: a random scalar in []byte format 96 func PedersenRNG() ([]byte, error) { 97 return bulletproofs_cgo.PedersenRNG() 98 } 99 100 // PedersenCommitRandomOpening compute Pedersen commitment on a value x with a randomly chosen opening 101 // x: the value to commit 102 // return1: commitment C = xB + rB' 103 // return2: opening r (randomly picked) 104 func PedersenCommitRandomOpening(x uint64) ([]byte, []byte, error) { 105 return bulletproofs_cgo.PedersenCommitRandomOpening(x) 106 } 107 108 // PedersenCommitSpecificOpening compute Pedersen commitment on a value x with a given opening 109 // x: the value to commit 110 // return1: commitment C = xB + rB' 111 func PedersenCommitSpecificOpening(x uint64, r []byte) ([]byte, error) { 112 return bulletproofs_cgo.PedersenCommitSpecificOpening(x, r) 113 } 114 115 // PedersenVerify verify the validity of a commitment with respect to a value-opening pair 116 // commitment: the commitment to be opened or verified: xB + rB' 117 // opening: the opening of the commitment: r 118 // value: the value claimed being binding to commitment: x 119 // return1: true if commitment is valid, false otherwise 120 func PedersenVerify(commitment, opening []byte, value uint64) (bool, error) { 121 return bulletproofs_cgo.PedersenVerify(commitment, opening, value) 122 } 123 124 // PedersenNeg Compute a commitment to -x from a commitment to x without revealing the value x 125 // commitment: C = xB + rB' 126 // value: the value y 127 // return1: the new commitment to x + y: C' = (x + y)B + rB' 128 func PedersenNeg(commitment []byte) ([]byte, error) { 129 return bulletproofs_cgo.PedersenNeg(commitment) 130 } 131 132 // PedersenNegOpening Compute the negation of opening. Openings are big numbers with 256 bits. 133 // opening: the opening r to be negated 134 // return: the result opening: -r 135 func PedersenNegOpening(opening []byte) ([]byte, error) { 136 return bulletproofs_cgo.PedersenNegOpening(opening) 137 } 138 139 // PedersenAddNum Compute a commitment to x + y from a commitment to x without revealing the value x, where y is a scalar 140 // commitment: C = xB + rB' 141 // value: the value y 142 // return1: the new commitment to x + y: C' = (x + y)B + rB' 143 func PedersenAddNum(commitment []byte, value uint64) ([]byte, error) { 144 return bulletproofs_cgo.PedersenAddNum(commitment, value) 145 } 146 147 // PedersenAddCommitment Compute a commitment to x + y from commitments to x and y, without revealing the value x and y 148 // commitment1: commitment to x: Cx = xB + rB' 149 // commitment2: commitment to y: Cy = yB + sB' 150 // return: commitment to x + y: C = (x + y)B + (r + s)B' 151 func PedersenAddCommitment(commitment1, commitment2 []byte) ([]byte, error) { 152 return bulletproofs_cgo.PedersenAddCommitment(commitment1, commitment2) 153 } 154 155 // PedersenAddOpening Compute the sum of two openings. Openings are big numbers with 256 bits. 156 // opening1, opening2: the two openings r and s to be summed 157 // return: the result opening: r + s 158 func PedersenAddOpening(opening1, opening2 []byte) ([]byte, error) { 159 return bulletproofs_cgo.PedersenAddOpening(opening1, opening2) 160 } 161 162 // PedersenAddCommitmentWithOpening Compute a commitment to x + y without revealing the value x and y 163 // commitment1: commitment to x: Cx = xB + rB' 164 // commitment2: commitment to y: Cy = yB + sB' 165 // return1: the new commitment to x + y: C' = (x + y)B + rB' 166 // return2: the new opening r + s 167 func PedersenAddCommitmentWithOpening(commitment1, commitment2, opening1, opening2 []byte) ([]byte, []byte, error) { 168 return bulletproofs_cgo.PedersenAddCommitmentWithOpening(commitment1, commitment2, opening1, opening2) 169 } 170 171 // PedersenSubNum Compute a commitment to x - y from a commitment to x without revealing the value x, where y is a scalar 172 // commitment: C = xB + rB' 173 // value: the value y 174 // return1: the new commitment to x - y: C' = (x - y)B + rB' 175 func PedersenSubNum(commitment []byte, value uint64) ([]byte, error) { 176 return bulletproofs_cgo.PedersenSubNum(commitment, value) 177 } 178 179 // PedersenSubCommitment Compute a commitment to x - y from commitments to x and y, without revealing the value x and y 180 // commitment1: commitment to x: Cx = xB + rB' 181 // commitment2: commitment to y: Cy = yB + sB' 182 // return: commitment to x - y: C = (x - y)B + (r - s)B' 183 func PedersenSubCommitment(commitment1, commitment2 []byte) ([]byte, error) { 184 return bulletproofs_cgo.PedersenSubCommitment(commitment1, commitment2) 185 } 186 187 // PedersenSubOpening Compute opening1 - opening2. Openings are big numbers with 256 bits. 188 // opening1, opening2: two openings r and s 189 // return: the result opening r - s 190 func PedersenSubOpening(opening1, opening2 []byte) ([]byte, error) { 191 return bulletproofs_cgo.PedersenSubOpening(opening1, opening2) 192 } 193 194 // PedersenSubCommitmentWithOpening Compute a commitment to x - y without from two commitments of x and y respectively 195 // commitment1: commitment to x: Cx = xB + rB' 196 // commitment2: commitment to y: Cy = yB + sB' 197 // return1: the new commitment to x - y: C' = (x - y)B + (r - s)B' 198 // return2: the new opening r - s 199 func PedersenSubCommitmentWithOpening(commitment1, commitment2, opening1, opening2 []byte) ([]byte, []byte, error) { 200 return bulletproofs_cgo.PedersenSubCommitmentWithOpening(commitment1, commitment2, opening1, opening2) 201 } 202 203 // PedersenMulNum Compute a commitment to x * y from a commitment to x and an integer y, without revealing the value x and y 204 // commitment1: commitment to x: Cx = xB + rB' 205 // value: integer value y 206 // return: commitment to x * y: C = (x * y)B + (r * y)B' 207 func PedersenMulNum(commitment1 []byte, value uint64) ([]byte, error) { 208 return bulletproofs_cgo.PedersenMulNum(commitment1, value) 209 } 210 211 // PedersenMulOpening Compute opening1 * integer. Openings are big numbers with 256 bits. 212 // opening1: the input opening r 213 // value: the input integer value y 214 // return: the multiplication r * y as a big number with 256 bits in []byte form 215 func PedersenMulOpening(opening1 []byte, value uint64) ([]byte, error) { 216 return bulletproofs_cgo.PedersenMulOpening(opening1, value) 217 } 218 219 // PedersenMulNumWithOpening Compute a commitment to x * y from a commitment to x and an integer y, without revealing the value x and y 220 // commitment: commitment to x: Cx = xB + rB' 221 // opening: opening to Cx: r 222 // value: integer value y 223 // return1: commitment to x * y: C = (x * y)B + (r * y)B' 224 // return2: opening to the result commitment: r * y 225 func PedersenMulNumWithOpening(commitment []byte, opening []byte, value uint64) ([]byte, []byte, error) { 226 return bulletproofs_cgo.PedersenMulNumWithOpening(commitment, opening, value) 227 }