wrap prove_multiple and verify_multiple

initc3 · Jun 23, 2022 · 5f5493c · 5f5493c
1 parent d58e985
commit 5f5493c
Showing 1 changed file with 59 additions and 3 deletions.
diff --git a/src/lib.rs b/src/lib.rs
@@ -148,7 +148,6 @@ fn zkrp_prove(secret_value: u64, bits: usize) -> PyResult<(Vec<u8>, [u8; 32], [u
     Ok((proof.to_bytes(), committed_value.to_bytes(), blinding.to_bytes()))
 }
 
-// TODO: return the blinding as bytes using as_bytes (returns &[u8; 32])
 #[pyfunction]
 fn zkrp_prove_blind(secret_value: u64, blinding_bytes: [u8; 32], bits: usize) -> PyResult<(Vec<u8>, [u8; 32], [u8; 32])> {
     // Generators for Pedersen commitments.  These can be selected
@@ -160,7 +159,6 @@ fn zkrp_prove_blind(secret_value: u64, blinding_bytes: [u8; 32], bits: usize) ->
     let bp_gens = BulletproofGens::new(64, 1);
 
     // The API takes a blinding factor for the commitment.
-    // let blinding = Scalar::random(&mut rand::thread_rng());
     let blinding = Scalar::from_bytes_mod_order(blinding_bytes);
 
     // The proof can be chained to an existing transcript.
@@ -177,7 +175,43 @@ fn zkrp_prove_blind(secret_value: u64, blinding_bytes: [u8; 32], bits: usize) ->
         bits,
     ).expect("A real program could handle errors");
 
-    Ok((proof.to_bytes(), committed_value.to_bytes(), blinding.to_bytes()))
+    Ok((proof.to_bytes(), committed_value.to_bytes(), blinding_bytes))
+}
+
+#[pyfunction]
+fn zkrp_prove_multiple_blind(secret_values: Vec<u64>, blindings_bytes: Vec<[u8; 32]>, bits: usize) -> PyResult<(Vec<u8>, Vec<[u8; 32]>, Vec<[u8; 32]>)> {
+    // Generators for Pedersen commitments.  These can be selected
+    // independently of the Bulletproofs generators.
+    let pc_gens = PedersenGens::default();
+
+    // Generators for Bulletproofs, valid for proofs up to bitsize 64
+    // and aggregation size up to |commited_values|.
+    let bp_gens = BulletproofGens::new(64, secret_values.len());
+
+    // The API takes a blinding factor for the commitment.
+    let blindings: Vec<Scalar> = blindings_bytes.iter()
+    .map(|v| Scalar::from_bytes_mod_order(*v))
+    .collect();
+
+    // The proof can be chained to an existing transcript.
+    // Here we create a transcript with a doctest domain separator.
+    let mut prover_transcript = Transcript::new(b"zkrp");
+
+    // Create a 32-bit rangeproof.
+    let (proof, committed_values) = RangeProof::prove_multiple(
+        &bp_gens,
+        &pc_gens,
+        &mut prover_transcript,
+        secret_values.as_slice(),
+        &blindings,
+        bits,
+    ).expect("A real program could handle errors");
+
+    let committed_values_bytes: Vec<_> = committed_values.iter()
+    .map(|v| v.to_bytes())
+    .collect();
+
+    Ok((proof.to_bytes(), committed_values_bytes, blindings_bytes))
 }
 
 #[pyfunction]
@@ -197,6 +231,26 @@ fn zkrp_verify(proof_bytes: Vec<u8>, committed_value_bytes: [u8; 32], bits: usiz
     Ok(proof.verify_single(&bp_gens, &pc_gens, &mut verifier_transcript, &committed_value, bits).is_ok())
 }
 
+#[pyfunction]
+fn zkrp_verify_multiple(proof_bytes: Vec<u8>, committed_values_bytes: Vec<[u8; 32]>, bits: usize) -> PyResult<bool> {
+    // Generators for Pedersen commitments.  These can be selected
+    // independently of the Bulletproofs generators.
+    let pc_gens = PedersenGens::default();
+
+    // Generators for Bulletproofs, valid for proofs up to bitsize 64
+    // and aggregation size up to |commited_values|.
+    let bp_gens = BulletproofGens::new(64, committed_values_bytes.len());
+
+	let proof = RangeProof::from_bytes(proof_bytes.as_slice()).expect("Error: Proof deserialization failed!");
+    let committed_values : Vec<CompressedRistretto> = committed_values_bytes.iter()
+    .map(|v| CompressedRistretto(read32(v)))
+    .collect();
+
+    // Verification requires a transcript with identical initial state:
+    let mut verifier_transcript = Transcript::new(b"zkrp");
+    Ok(proof.verify_multiple(&bp_gens, &pc_gens, &mut verifier_transcript, &committed_values, bits).is_ok())
+}
+
 /// A Python module implemented in Rust.
 #[pymodule]
 fn pybulletproofs(_py: Python, m: &PyModule) -> PyResult<()> {
@@ -209,6 +263,8 @@ fn pybulletproofs(_py: Python, m: &PyModule) -> PyResult<()> {
     m.add_function(wrap_pyfunction!(pedersen_compare, m)?)?;
     m.add_function(wrap_pyfunction!(zkrp_prove, m)?)?;
     m.add_function(wrap_pyfunction!(zkrp_prove_blind, m)?)?;
+    m.add_function(wrap_pyfunction!(zkrp_prove_multiple_blind, m)?)?;
     m.add_function(wrap_pyfunction!(zkrp_verify, m)?)?;
+    m.add_function(wrap_pyfunction!(zkrp_verify_multiple, m)?)?;
     Ok(())
 }