github.com/jiajun1992/watercarver@v0.0.0-20191031150618-dfc2b17c0c4a/StadiumForWaterCarver/src/SchnorrProof.h

github.com/jiajun1992/watercarver@v0.0.0-20191031150618-dfc2b17c0c4a/StadiumForWaterCarver/src/SchnorrProof.h (about)

     1  #include "CurvePoint.h"
     2  #include "FakeZZ.h"
     3  NTL_CLIENT
     4  
     5  // a proof that the verifier knows alpha given g^alpha = (some) x
     6  // requires alpha, g (implicitly generator of CurvePoint), and parameterized randomness w (implicitly generated)
     7  // outputs nizk proof (a, r) with a = g^w and r = hash(g, a) * alpha + w
     8  class SchnorrProof {
     9  public:
    10    static int size;
    11  
    12    SchnorrProof(const ZZ& alpha);
    13    SchnorrProof(const char *serialized);
    14  
    15    // input: ciphertext this proof was constructed from (x = g^alpha)
    16    // output: returns 1 if the proof succeeds and 0 on failure
    17    int verify(const CurvePoint& x);
    18  
    19    void serialize(char *output); // 128 (a) + 32 (a serialized) + 32 (r) bytes
    20    static const int bytesize = CurvePoint::bytesize + 32 + 32;
    21  
    22  private:
    23    ZZ fiat_shamir();
    24  
    25    CurvePoint a;
    26    ZZ r;
    27    // computed on initialization if not supplied: need it anyway to compute Fiat-Shamir (verify critical path)
    28    char a_canonical[32];
    29  };