Trait poly_commitment::SRS

pub trait SRS<G: CommitmentCurve>: Clone + Sized {
    // Required methods
    fn max_poly_size(&self) -> usize;
    fn blinding_commitment(&self) -> G;
    fn mask_custom(
        &self,
        com: PolyComm<G>,
        blinders: &PolyComm<G::ScalarField>
    ) -> Result<BlindedCommitment<G>, CommitmentError>;
    fn commit_non_hiding(
        &self,
        plnm: &DensePolynomial<G::ScalarField>,
        num_chunks: usize
    ) -> PolyComm<G>;
    fn commit(
        &self,
        plnm: &DensePolynomial<G::ScalarField>,
        num_chunks: usize,
        rng: &mut impl RngCore + CryptoRng
    ) -> BlindedCommitment<G>;
    fn commit_custom(
        &self,
        plnm: &DensePolynomial<G::ScalarField>,
        num_chunks: usize,
        blinders: &PolyComm<G::ScalarField>
    ) -> Result<BlindedCommitment<G>, CommitmentError>;
    fn commit_evaluations_non_hiding(
        &self,
        domain: D<G::ScalarField>,
        plnm: &Evaluations<G::ScalarField, D<G::ScalarField>>
    ) -> PolyComm<G>;
    fn commit_evaluations(
        &self,
        domain: D<G::ScalarField>,
        plnm: &Evaluations<G::ScalarField, D<G::ScalarField>>,
        rng: &mut impl RngCore + CryptoRng
    ) -> BlindedCommitment<G>;
    fn commit_evaluations_custom(
        &self,
        domain: D<G::ScalarField>,
        plnm: &Evaluations<G::ScalarField, D<G::ScalarField>>,
        blinders: &PolyComm<G::ScalarField>
    ) -> Result<BlindedCommitment<G>, CommitmentError>;
    fn create(depth: usize) -> Self;
    fn get_lagrange_basis(&self, domain: D<G::ScalarField>) -> &Vec<PolyComm<G>>;
    fn get_lagrange_basis_from_domain_size(
        &self,
        domain_size: usize
    ) -> &Vec<PolyComm<G>>;
    fn size(&self) -> usize;

    // Provided method
    fn mask(
        &self,
        comm: PolyComm<G>,
        rng: &mut impl RngCore + CryptoRng
    ) -> BlindedCommitment<G> { ... }
}

Required Methods

fn max_poly_size(&self) -> usize

The maximum polynomial degree that can be committed to

fn blinding_commitment(&self) -> G

Get the group element used for blinding commitments

fn mask_custom( &self, com: PolyComm<G>, blinders: &PolyComm<G::ScalarField> ) -> Result<BlindedCommitment<G>, CommitmentError>

Same as SRS::mask except that you can pass the blinders manually. A BlindedCommitment object is returned instead of a PolyComm object to keep the blinding factors and the commitment together. The blinded commitment is saved in the commitment field of the output. The output is wrapped into a Result to handle the case the blinders are not the same length than the number of chunks commitments have.

fn commit_non_hiding( &self, plnm: &DensePolynomial<G::ScalarField>, num_chunks: usize ) -> PolyComm<G>

This function commits a polynomial using the SRS’ basis of size n.

• plnm: polynomial to commit to. The polynomial can be of any degree, including higher than n.
• num_chunks: the minimal number of commitments to be included in the output polynomial commitment.

The function returns the commitments to the chunks (of size at most n) of the polynomials.

The function will also pad with zeroes if the polynomial has a degree smaller than n * num_chunks.

Note that if the polynomial has a degree higher than n * num_chunks, the output will contain more than num_chunks commitments as it will also contain the additional chunks.

See the test crate::pbt_srs::test_regression_commit_non_hiding_expected_number_of_chunks for an example of the number of chunks returned.

fn commit( &self, plnm: &DensePolynomial<G::ScalarField>, num_chunks: usize, rng: &mut impl RngCore + CryptoRng ) -> BlindedCommitment<G>

Commits a polynomial, potentially splitting the result in multiple commitments. It is analogous to SRS::commit_evaluations but for polynomials. A BlindedCommitment object is returned instead of a PolyComm object to keep the blinding factors and the commitment together. The blinded commitment is saved in the commitment field of the output.

fn commit_custom( &self, plnm: &DensePolynomial<G::ScalarField>, num_chunks: usize, blinders: &PolyComm<G::ScalarField> ) -> Result<BlindedCommitment<G>, CommitmentError>

Commit to a polynomial, with custom blinding factors. It is a combination of SRS::commit and SRS::mask_custom. It is analogous to SRS::commit_evaluations_custom but for polynomials. A BlindedCommitment object is returned instead of a PolyComm object to keep the blinding factors and the commitment together. The blinded commitment is saved in the commitment field of the output. The output is wrapped into a Result to handle the case the blinders are not the same length than the number of chunks commitments have.

fn commit_evaluations_non_hiding( &self, domain: D<G::ScalarField>, plnm: &Evaluations<G::ScalarField, D<G::ScalarField>> ) -> PolyComm<G>

Commit to evaluations, without blinding factors. It is analogous to SRS::commit_non_hiding but for evaluations.

fn commit_evaluations( &self, domain: D<G::ScalarField>, plnm: &Evaluations<G::ScalarField, D<G::ScalarField>>, rng: &mut impl RngCore + CryptoRng ) -> BlindedCommitment<G>

Commit to evaluations with blinding factors, generated using the random number generator rng. It is analogous to SRS::commit but for evaluations. A BlindedCommitment object is returned instead of a PolyComm object to keep the blinding factors and the commitment together. The blinded commitment is saved in the commitment field of the output.

fn commit_evaluations_custom( &self, domain: D<G::ScalarField>, plnm: &Evaluations<G::ScalarField, D<G::ScalarField>>, blinders: &PolyComm<G::ScalarField> ) -> Result<BlindedCommitment<G>, CommitmentError>

Commit to evaluations with custom blinding factors. It is a combination of SRS::commit_evaluations and SRS::mask_custom. It is analogous to SRS::commit_custom but for evaluations. A BlindedCommitment object is returned instead of a PolyComm object to keep the blinding factors and the commitment together. The blinded commitment is saved in the commitment field of the output. The output is wrapped into a Result to handle the case the blinders are not the same length than the number of chunks commitments have.

fn create(depth: usize) -> Self

Create an SRS of size depth.

Warning: in the case of a trusted setup, as it is required for a polynomial commitment scheme like KZG, a toxic waste is generated using rand::thread_rng(). This is not the behavior you would expect in a production environment. However, we do accept this behavior for the sake of simplicity in the interface, and this method will only be supposed to be used in tests in this case.

fn get_lagrange_basis(&self, domain: D<G::ScalarField>) -> &Vec<PolyComm<G>>

Compute commitments to the lagrange basis corresponding to the given domain and cache them in the SRS

fn get_lagrange_basis_from_domain_size( &self, domain_size: usize ) -> &Vec<PolyComm<G>>

Same as get_lagrange_basis but only using the domain size.

fn size(&self) -> usize

Provided Methods

fn mask( &self, comm: PolyComm<G>, rng: &mut impl RngCore + CryptoRng ) -> BlindedCommitment<G>

Turns a non-hiding polynomial commitment into a hidding polynomial commitment. Transforms each given <a, G> into (<a, G> + wH, w) with a random w per commitment. A BlindedCommitment object is returned instead of a PolyComm object to keep the blinding factors and the commitment together. The blinded commitment is saved in the commitment field of the output.

Implementors

impl<F: PrimeField, G: CommitmentCurve<ScalarField = F>, G2: CommitmentCurve<ScalarField = F>, Pair: Pairing<G1Affine = G, G2Affine = G2>> SRS<G> for PairingSRS<Pair>

impl<G> SRS<G> for SRS<G>where G: CommitmentCurve,