Struct snarkvm_algorithms::polycommit::kzg10::KZG10
source · pub struct KZG10<E: PairingEngine>(/* private fields */);
Expand description
KZG10
is an implementation of the polynomial commitment scheme of
Kate, Zaverucha and Goldbgerg
Implementations§
source§impl<E: PairingEngine> KZG10<E>
impl<E: PairingEngine> KZG10<E>
sourcepub fn load_srs(max_degree: usize) -> Result<UniversalParams<E>, PCError>
pub fn load_srs(max_degree: usize) -> Result<UniversalParams<E>, PCError>
Constructs public parameters when given as input the maximum degree degree
for the polynomial commitment scheme.
sourcepub fn commit(
powers: &Powers<'_, E>,
polynomial: &Polynomial<'_, E::Fr>,
hiding_bound: Option<usize>,
rng: Option<&mut dyn RngCore>
) -> Result<(KZGCommitment<E>, KZGRandomness<E>), PCError>
pub fn commit( powers: &Powers<'_, E>, polynomial: &Polynomial<'_, E::Fr>, hiding_bound: Option<usize>, rng: Option<&mut dyn RngCore> ) -> Result<(KZGCommitment<E>, KZGRandomness<E>), PCError>
Outputs a commitment to polynomial
.
sourcepub fn commit_lagrange(
lagrange_basis: &LagrangeBasis<'_, E>,
evaluations: &[E::Fr],
hiding_bound: Option<usize>,
rng: Option<&mut dyn RngCore>
) -> Result<(KZGCommitment<E>, KZGRandomness<E>), PCError>
pub fn commit_lagrange( lagrange_basis: &LagrangeBasis<'_, E>, evaluations: &[E::Fr], hiding_bound: Option<usize>, rng: Option<&mut dyn RngCore> ) -> Result<(KZGCommitment<E>, KZGRandomness<E>), PCError>
Outputs a commitment to polynomial
.
sourcepub fn compute_witness_polynomial(
polynomial: &DensePolynomial<E::Fr>,
point: E::Fr,
randomness: &KZGRandomness<E>
) -> Result<(DensePolynomial<E::Fr>, Option<DensePolynomial<E::Fr>>), PCError>
pub fn compute_witness_polynomial( polynomial: &DensePolynomial<E::Fr>, point: E::Fr, randomness: &KZGRandomness<E> ) -> Result<(DensePolynomial<E::Fr>, Option<DensePolynomial<E::Fr>>), PCError>
Compute witness polynomial.
The witness polynomial w(x) the quotient of the division (p(x) - p(z)) / (x - z) Observe that this quotient does not change with z because p(z) is the remainder term. We can therefore omit p(z) when computing the quotient.
sourcepub fn open_lagrange(
lagrange_basis: &LagrangeBasis<'_, E>,
domain_elements: &[E::Fr],
evaluations: &[E::Fr],
point: E::Fr,
evaluation_at_point: E::Fr
) -> Result<KZGProof<E>, PCError>
pub fn open_lagrange( lagrange_basis: &LagrangeBasis<'_, E>, domain_elements: &[E::Fr], evaluations: &[E::Fr], point: E::Fr, evaluation_at_point: E::Fr ) -> Result<KZGProof<E>, PCError>
On input a polynomial p
in Lagrange basis, and a point point
,
outputs an evaluation proof for the same.
sourcepub fn open(
powers: &Powers<'_, E>,
polynomial: &DensePolynomial<E::Fr>,
point: E::Fr,
rand: &KZGRandomness<E>
) -> Result<KZGProof<E>, PCError>
pub fn open( powers: &Powers<'_, E>, polynomial: &DensePolynomial<E::Fr>, point: E::Fr, rand: &KZGRandomness<E> ) -> Result<KZGProof<E>, PCError>
On input a polynomial p
and a point point
, outputs a proof for the same.
sourcepub fn check(
vk: &VerifierKey<E>,
commitment: &KZGCommitment<E>,
point: E::Fr,
value: E::Fr,
proof: &KZGProof<E>
) -> Result<bool, PCError>
pub fn check( vk: &VerifierKey<E>, commitment: &KZGCommitment<E>, point: E::Fr, value: E::Fr, proof: &KZGProof<E> ) -> Result<bool, PCError>
Verifies that value
is the evaluation at point
of the polynomial
committed inside commitment
.
sourcepub fn batch_check<R: RngCore>(
vk: &VerifierKey<E>,
commitments: &[KZGCommitment<E>],
points: &[E::Fr],
values: &[E::Fr],
proofs: &[KZGProof<E>],
rng: &mut R
) -> Result<bool, PCError>
pub fn batch_check<R: RngCore>( vk: &VerifierKey<E>, commitments: &[KZGCommitment<E>], points: &[E::Fr], values: &[E::Fr], proofs: &[KZGProof<E>], rng: &mut R ) -> Result<bool, PCError>
Check that each proof_i
in proofs
is a valid proof of evaluation for
commitment_i
at point_i
.