Skip to content

Commit

Permalink
SyRa
Browse files Browse the repository at this point in the history
Signed-off-by: lovesh <[email protected]>
  • Loading branch information
lovesh committed Jul 21, 2024
1 parent 33181f5 commit ed791bb
Show file tree
Hide file tree
Showing 14 changed files with 953 additions and 39 deletions.
5 changes: 3 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ members = [
"merlin",
"bulletproofs_plus_plus",
"smc_range_proof",
"short_group_sig"
"short_group_sig",
"syra"
]
resolver = "2"

Expand Down Expand Up @@ -58,4 +59,4 @@ inherits = "release"
# https://doc.rust-lang.org/rustc/linker-plugin-lto.html
lto = "fat"
# https://doc.rust-lang.org/rustc/codegen-options/index.html#codegen-units
codegen-units = 1
codegen-units = 1
14 changes: 7 additions & 7 deletions delegatable_credentials/src/protego/show/known_signer.rs
Original file line number Diff line number Diff line change
Expand Up @@ -379,10 +379,10 @@ impl<E: Pairing> CredentialShowProtocol<E> {
if let Some(ct) = &self.ct {
P1.serialize_compressed(&mut writer)?;
apk.unwrap().serialize_compressed(&mut writer)?;
ct.ct.enc1.serialize_compressed(&mut writer)?;
ct.ct.encrypted.serialize_compressed(&mut writer)?;
ct.com1.serialize_compressed(&mut writer)?;
ct.ciphertext_rand_protocol
.challenge_contribution(P1, &ct.ct.enc2, &mut writer)?;
.challenge_contribution(P1, &ct.ct.eph_pk, &mut writer)?;
}
Ok(())
}
Expand Down Expand Up @@ -603,7 +603,7 @@ impl<E: Pairing> CredentialShow<E> {
if P1
.mul(ct_proof.z1)
.add(&apk.0.mul(ct_proof.ciphertext_rand_proof.response))
.sub(ct.enc1.mul_bigint(challenge.into_bigint()))
.sub(ct.encrypted.mul_bigint(challenge.into_bigint()))
.into_affine()
!= ct_proof.com1
{
Expand All @@ -612,7 +612,7 @@ impl<E: Pairing> CredentialShow<E> {

if !ct_proof
.ciphertext_rand_proof
.verify(&ct.enc2, P1, challenge)
.verify(&ct.eph_pk, P1, challenge)
{
return Err(DelegationError::InvalidAuditShow);
}
Expand All @@ -622,15 +622,15 @@ impl<E: Pairing> CredentialShow<E> {
let t3_prep = E::G2Prepared::from(ct_proof.t3);

if !E::multi_pairing(
[ct.enc2, (-P1.into_group()).into_affine()],
[ct.eph_pk, (-P1.into_group()).into_affine()],
[t1_prep.clone(), t3_prep.clone()],
)
.is_zero()
{
return Err(DelegationError::InvalidAuditShow);
}
if !E::multi_pairing(
[ct.enc2, (-self.core.C3.into_group()).into_affine()],
[ct.eph_pk, (-self.core.C3.into_group()).into_affine()],
[t2_prep.clone(), t3_prep.clone()],
)
.is_zero()
Expand All @@ -639,7 +639,7 @@ impl<E: Pairing> CredentialShow<E> {
}
if !E::multi_pairing(
[
(-ct.enc1.into_group()).into_affine(),
(-ct.encrypted.into_group()).into_affine(),
ct_proof.C6,
ct_proof.C7,
],
Expand Down
16 changes: 8 additions & 8 deletions schnorr_pok/src/discrete_log_pairing.rs
Original file line number Diff line number Diff line change
Expand Up @@ -132,10 +132,10 @@ macro_rules! impl_protocol {

impl_protocol!(
/// Protocol for proving knowledge of discrete log in group G1, i.e. given public `Y` and `B`, prove knowledge of `A` in `e(A, B) = Y`
PokG1DiscreteLogInPairingProtocol, PokG1DiscreteLogInPairing, E::G1Affine, E::G2Affine, E::G2Prepared, pair_g2_g1
PoKG1DiscreteLogInPairingProtocol, PoKG1DiscreteLogInPairing, E::G1Affine, E::G2Affine, E::G2Prepared, pair_g2_g1
);

impl<E: Pairing> PokG1DiscreteLogInPairing<E> {
impl<E: Pairing> PoKG1DiscreteLogInPairing<E> {
pub fn verify_with_randomized_pairing_checker(
&self,
y: &PairingOutput<E>,
Expand All @@ -149,10 +149,10 @@ impl<E: Pairing> PokG1DiscreteLogInPairing<E> {

impl_protocol!(
/// Protocol for proving knowledge of discrete log in group G2, i.e. given public `Y` and `A`, prove knowledge of `B` in `e(A, B) = Y`
PokG2DiscreteLogInPairingProtocol, PokG2DiscreteLogInPairing, E::G2Affine, E::G1Affine, E::G1Prepared, pair_g1_g2
PoKG2DiscreteLogInPairingProtocol, PoKG2DiscreteLogInPairing, E::G2Affine, E::G1Affine, E::G1Prepared, pair_g1_g2
);

impl<E: Pairing> PokG2DiscreteLogInPairing<E> {
impl<E: Pairing> PoKG2DiscreteLogInPairing<E> {
pub fn verify_with_randomized_pairing_checker(
&self,
y: &PairingOutput<E>,
Expand Down Expand Up @@ -261,16 +261,16 @@ mod tests {
}

check!(
PokG1DiscreteLogInPairingProtocol,
PokG1DiscreteLogInPairing,
PoKG1DiscreteLogInPairingProtocol,
PoKG1DiscreteLogInPairing,
G1Affine,
G2Affine,
G2Prepared,
pair_g2_g1
);
check!(
PokG2DiscreteLogInPairingProtocol,
PokG2DiscreteLogInPairing,
PoKG2DiscreteLogInPairingProtocol,
PoKG2DiscreteLogInPairing,
G2Affine,
G1Affine,
G1Prepared,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ use dock_crypto_utils::{
use schnorr_pok::{
compute_random_oracle_challenge,
discrete_log_pairing::{
PokG1DiscreteLogInPairing, PokG1DiscreteLogInPairingProtocol, PokG2DiscreteLogInPairing,
PokG2DiscreteLogInPairingProtocol,
PoKG1DiscreteLogInPairing, PoKG1DiscreteLogInPairingProtocol, PoKG2DiscreteLogInPairing,
PoKG2DiscreteLogInPairingProtocol,
},
};
use serde::{Deserialize, Serialize};
Expand Down Expand Up @@ -372,8 +372,8 @@ impl_protocol!(
ComputationShareG1,
ComputationShareG1Proof,
deal_secret_in_g1,
PokG1DiscreteLogInPairingProtocol,
PokG1DiscreteLogInPairing,
PoKG1DiscreteLogInPairingProtocol,
PoKG1DiscreteLogInPairing,
G1Af<E>,
G2Af<E>,
pair_g2_g1
Expand All @@ -386,8 +386,8 @@ impl_protocol!(
ComputationShareG2,
ComputationShareG2Proof,
deal_secret_in_g2,
PokG2DiscreteLogInPairingProtocol,
PokG2DiscreteLogInPairing,
PoKG2DiscreteLogInPairingProtocol,
PoKG2DiscreteLogInPairing,
G2Af<E>,
G1Af<E>,
pair_g1_g2
Expand Down
31 changes: 31 additions & 0 deletions syra/Cargo.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
[package]
name = "syra"
version = "0.1.0"
edition.workspace = true
authors.workspace = true
license.workspace = true
repository.workspace = true
description = "SyRA: Sybil-Resilient Anonymous Signatures with Applications to Decentralized Identity"

[dependencies]
ark-serialize.workspace = true
ark-ff.workspace = true
ark-ec.workspace = true
ark-std.workspace = true
digest.workspace = true
rayon = {workspace = true, optional = true}
serde.workspace = true
serde_with.workspace = true
zeroize.workspace = true
dock_crypto_utils = { version = "0.20.0", default-features = false, path = "../utils" }
schnorr_pok = { version = "0.20.0", default-features = false, path = "../schnorr_pok" }

[dev-dependencies]
blake2.workspace = true
ark-bls12-381.workspace = true

[features]
default = [ "parallel" ]
std = [ "ark-ff/std", "ark-ec/std", "ark-std/std", "ark-serialize/std", "dock_crypto_utils/std", "schnorr_pok/std", "serde/std"]
print-trace = [ "ark-std/print-trace", "dock_crypto_utils/print-trace" ]
parallel = [ "std", "ark-ff/parallel", "ark-ec/parallel", "ark-std/parallel", "rayon", "dock_crypto_utils/parallel", "schnorr_pok/parallel" ]
7 changes: 7 additions & 0 deletions syra/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
<!-- cargo-rdme start -->

Implements the protocol from the paper [SyRA: Sybil-Resilient Anonymous Signatures with Applications to Decentralized Identity](https://eprint.iacr.org/2024/379)

This will be used to generate pseudonym for low-entropy user attributes. The issuer will create "signature" for a unique user attribute and user uses this "signature" to create the pseudonym.

<!-- cargo-rdme end -->
13 changes: 13 additions & 0 deletions syra/src/error.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
use ark_serialize::SerializationError;

#[derive(Debug)]
pub enum SyraError {
InvalidProof,
Serialization(SerializationError),
}

impl From<SerializationError> for SyraError {
fn from(e: SerializationError) -> Self {
Self::Serialization(e)
}
}
11 changes: 11 additions & 0 deletions syra/src/lib.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
#![cfg_attr(not(feature = "std"), no_std)]
#![allow(non_snake_case)]

//! Implements the protocol from the paper [SyRA: Sybil-Resilient Anonymous Signatures with Applications to Decentralized Identity](https://eprint.iacr.org/2024/379)
//!
//! This will be used to generate pseudonym for low-entropy user attributes. The issuer will create "signature" for a unique user attribute and user uses this "signature" to create the pseudonym.
mod error;
pub mod pseudonym;
pub mod setup;
pub mod vrf;
Loading

0 comments on commit ed791bb

Please sign in to comment.