Package com.horizen.certnative

Class NaiveThresholdSigProof

  • public class NaiveThresholdSigProof
extends Object

    • Constructor Detail

      • NaiveThresholdSigProof

        public NaiveThresholdSigProof()

    • Method Detail

      • getConstant

        public static FieldElement getConstant​(List<SchnorrPublicKey> schnorrPublicKeys,
                                       long threshold)
        Compute constant parameter
        Parameters:
        schnorrPublicKeys - - Schnorr signature keys, part of the constant computation
        threshold - - minimum number of valid Schnorr signatures, part of the constant computation
        Returns:
        the constant as FieldElement, computed as PoseidonHash(PoseidonHash(schnorrPublicKeys), threshold), or null pointer if some error occured.

      • createMsgToSign

        public static FieldElement createMsgToSign​(BackwardTransfer[] bt,
                                           FieldElement scId,
                                           int epochNumber,
                                           FieldElement endCumulativeScTxCommTreeRoot,
                                           long btrFee,
                                           long ftMinAmount,
                                           List<FieldElement> customFields)
        Compute message to be signed
        Parameters:
        bt - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        customFields - - additional parameters. Can be empty.
        Returns:
        The message to be signed, computed as PoseidonHash(scId, epochNumber, MR(bt), endCumulativeScTxCommTreeRoot, btrFee, ftMinAmount, [H(customFields)]) or null pointer if some error occured.

      • setup

        public static boolean setup​(ProvingSystemType psType,
                            long maxPks,
                            int numCustomFields,
                            Optional<Integer> segmentSize,
                            String provingKeyPath,
                            String verificationKeyPath,
                            boolean zk,
                            int maxProofPlusVkSize,
                            boolean compressPk,
                            boolean compressVk)
        Generate (provingKey, verificationKey) pair for this circuit.
        Parameters:
        psType - - proving system to be used
        maxPks - - maximum number of public keys (and so signatures) the circuit must support
        numCustomFields - - exact number of custom fields the circuit must support
        segmentSize - - the segment size to be used to generate (pk, vk). Must be smaller equal than the segment size passed to the ProvingSystem.generateDLogKeys() method. If not specified, it will default to the same size as the one passed to ProvingSystem.generateDLogKeys() method.
        provingKeyPath - - file path to which saving the proving key
        verificationKeyPath - - file path to which saving the verification key
        zk - - used to estimate the proof and vk size, tells if the proof will be created using zk or not
        maxProofPlusVkSize - - maximum allowed size for proof + vk
        compressPk - - if the proving key must be saved to provingKeyPath in compressed form
        compressVk - - if the verification key must be saved to verificationKeyPath in compressed form
        Returns:
        true if (pk, vk) generation and saving to file was successfull, false otherwise

      • setup

        public static boolean setup​(ProvingSystemType psType,
                            long maxPks,
                            int numCustomFields,
                            Optional<Integer> segmentSize,
                            String provingKeyPath,
                            String verificationKeyPath,
                            boolean zk,
                            int maxProofPlusVkSize)
        Generate (provingKey, verificationKey) pair for this circuit.
        Parameters:
        psType - - proving system to be used
        maxPks - - maximum number of public keys (and so signatures) the circuit must support
        numCustomFields - - exact number of custom fields the circuit must support
        segmentSize - - the segment size to be used to generate (pk, vk). Must be smaller equal than the segment size passed to the ProvingSystem.generateDLogKeys() method. If not specified, it will default to the same size as the one passed to ProvingSystem.generateDLogKeys() method.
        provingKeyPath - - file path to which saving the proving key. Proving key will be saved in compressed form.
        verificationKeyPath - - file path to which saving the verification key. Verification key will be saved in compressed form.
        zk - - used to estimate the proof and vk size, tells if the proof will be created using zk or not
        maxProofPlusVkSize - - maximum allowed size for proof + vk
        Returns:
        true if (pk, vk) generation and saving to file was successfull, false otherwise

      • setup

        public static boolean setup​(ProvingSystemType psType,
                            long maxPks,
                            int numCustomFields,
                            Optional<Integer> segmentSize,
                            String provingKeyPath,
                            String verificationKeyPath,
                            int maxProofPlusVkSize)
        Generate (provingKey, verificationKey) pair for this circuit.
        Parameters:
        psType - - proving system to be used
        maxPks - - maximum number of public keys (and so signatures) the circuit must support
        numCustomFields - - exact number of custom fields the circuit must support
        segmentSize - - the segment size to be used to generate (pk, vk). Must be smaller equal than the segment size passed to the ProvingSystem.generateDLogKeys() method. If not specified, it will default to the same size as the one passed to ProvingSystem.generateDLogKeys() method.
        provingKeyPath - - file path to which saving the proving key. Proving key will be saved in compressed form.
        verificationKeyPath - - file path to which saving the verification key. Verification key will be saved in compressed form.
        maxProofPlusVkSize - - maximum allowed size for proof + vk, estimated assuming not to use zk property
        Returns:
        true if (pk, vk) generation and saving to file was successfull, false otherwise.

      • setup

        public static boolean setup​(ProvingSystemType psType,
                            long maxPks,
                            int numCustomFields,
                            String provingKeyPath,
                            String verificationKeyPath,
                            int maxProofPlusVkSize)
        Generate (provingKey, verificationKey) pair for this circuit.
        Parameters:
        psType - - proving system to be used
        maxPks - - maximum number of public keys (and so signatures) the circuit must support
        numCustomFields - - exact number of custom fields the circuit must support
        provingKeyPath - - file path to which saving the proving key. Proving key will be saved in compressed form.
        verificationKeyPath - - file path to which saving the verification key. Verification key will be saved in compressed form.
        maxProofPlusVkSize - - maximum allowed size for proof + vk, estimated assuming not to use zk property
        Returns:
        true if (pk, vk) generation and saving to file was successfull, false otherwise.

      • debugCircuit

        public static Optional<String> debugCircuit​(List<BackwardTransfer> btList,
                                            FieldElement scId,
                                            int epochNumber,
                                            FieldElement endCumulativeScTxCommTreeRoot,
                                            long btrFee,
                                            long ftMinAmount,
                                            List<SchnorrSignature> schnorrSignatureList,
                                            List<SchnorrPublicKey> schnorrPublicKeyList,
                                            long threshold,
                                            List<FieldElement> customFields)
        Checks if possible to create a valid proof with the supplied data. Useful to understand the reason for which proof creation fails (usually some inconsistency with input data).
        Parameters:
        btList - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        schnorrSignatureList - - list of Schnorr signatures to be verified using the corresponding public keys passed in SchnorrPublicKeyList
        schnorrPublicKeyList - - list of Schnorr public keys corresponding to schnorrSignaturesList
        threshold - - Minimum number of signatures that must be verified for the certificate to be accepted
        customFields - - additional parameters. Can be empty.
        Returns:
        an Optional containing the name of the first failing constraint if the supplied data don't satisfy all the circuit's constraints, and nothing if all constraints are satisfied.

      • createProof

        public static CreateProofResult createProof​(List<BackwardTransfer> btList,
                                            FieldElement scId,
                                            int epochNumber,
                                            FieldElement endCumulativeScTxCommTreeRoot,
                                            long btrFee,
                                            long ftMinAmount,
                                            List<SchnorrSignature> schnorrSignatureList,
                                            List<SchnorrPublicKey> schnorrPublicKeyList,
                                            long threshold,
                                            List<FieldElement> customFields,
                                            Optional<Integer> segmentSize,
                                            String provingKeyPath,
                                            boolean checkProvingKey,
                                            boolean zk,
                                            boolean compressed_pk,
                                            boolean compress_proof)
        Compute proof for given parameters
        Parameters:
        btList - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        schnorrSignatureList - - list of Schnorr signatures to be verified using the corresponding public keys passed in SchnorrPublicKeyList
        schnorrPublicKeyList - - list of Schnorr public keys corresponding to schnorrSignaturesList
        threshold - - Minimum number of signatures that must be verified for the certificate to be accepted
        customFields - - additional parameters. Can be empty.
        segmentSize - - the segment size to be used to create the proof. Must be equal to the one passed to the setup() method. If not specified, it will default to the same size as the one passed to ProvingSystem.generateDLogKeys() method.
        provingKeyPath - - file path from which reading the proving key
        checkProvingKey - - enable semantic checks on the proving key (WARNING: very expensive)
        zk - - if proof must be created using zk property or not
        compressed_pk - - if the pk read from provingKeyPath is in compressed form or not
        compress_proof - - whether to return the proof bytes in compressed form or not
        Returns:
        a CreateProofResult instance, i.e. the computed proof bytes and the quality of the certificate (i.e. in this case, number of valid signatures), OR null pointer if some errors occured during proof creation.

      • createProof

        public static CreateProofResult createProof​(List<BackwardTransfer> btList,
                                            FieldElement scId,
                                            int epochNumber,
                                            FieldElement endCumulativeScTxCommTreeRoot,
                                            long btrFee,
                                            long ftMinAmount,
                                            List<SchnorrSignature> schnorrSignatureList,
                                            List<SchnorrPublicKey> schnorrPublicKeyList,
                                            long threshold,
                                            List<FieldElement> customFields,
                                            Optional<Integer> segmentSize,
                                            String provingKeyPath,
                                            boolean checkProvingKey,
                                            boolean zk)
        Compute proof for given parameters
        Parameters:
        btList - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        schnorrSignatureList - - list of Schnorr signatures to be verified using the corresponding public keys passed in SchnorrPublicKeyList
        schnorrPublicKeyList - - list of Schnorr public keys corresponding to schnorrSignaturesList
        threshold - - Minimum number of signatures that must be verified for the certificate to be accepted
        customFields - - additional parameters. Can be empty.
        segmentSize - - the segment size to be used to create the proof. Must be equal to the one passed to the setup() method. If not specified, it will default to the same size as the one passed to ProvingSystem.generateDLogKeys() method.
        provingKeyPath - - file path from which reading the proving key, expected to be in compressed form
        checkProvingKey - - enable semantic checks on the proving key (WARNING: very expensive)
        zk - - if proof must be created using zk property or not
        Returns:
        a CreateProofResult instance, i.e. the computed proof bytes (in compressed form), and the quality of the certificate (i.e. in this case, number of valid signatures) OR null pointer if some errors occured during proof creation.

      • createProof

        public static CreateProofResult createProof​(List<BackwardTransfer> btList,
                                            FieldElement scId,
                                            int epochNumber,
                                            FieldElement endCumulativeScTxCommTreeRoot,
                                            long btrFee,
                                            long ftMinAmount,
                                            List<SchnorrSignature> schnorrSignatureList,
                                            List<SchnorrPublicKey> schnorrPublicKeyList,
                                            long threshold,
                                            List<FieldElement> customFields,
                                            Optional<Integer> segmentSize,
                                            String provingKeyPath,
                                            boolean zk)
        Compute proof for given parameters
        Parameters:
        btList - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        schnorrSignatureList - - list of Schnorr signatures to be verified using the corresponding public keys passed in SchnorrPublicKeyList
        schnorrPublicKeyList - - list of Schnorr public keys corresponding to schnorrSignaturesList
        threshold - - Minimum number of signatures that must be verified for the certificate to be accepted
        customFields - - additional optional parameters. Can be empty
        segmentSize - - the segment size to be used to create the proof. Must be equal to the one passed to the setup() method. If not specified, it will default to the same size as the one passed to ProvingSystem.generateDLogKeys() method.
        provingKeyPath - - file path from which reading the proving key, expected to be in compressed form
        zk - - if proof must be created using zk property or not
        Returns:
        a CreateProofResult instance, i.e. the computed proof bytes (in compressed form), and the quality of the certificate (i.e. in this case, number of valid signatures); OR null pointer if some errors occured during proof creation.

      • createProof

        public static CreateProofResult createProof​(List<BackwardTransfer> btList,
                                            FieldElement scId,
                                            int epochNumber,
                                            FieldElement endCumulativeScTxCommTreeRoot,
                                            long btrFee,
                                            long ftMinAmount,
                                            List<SchnorrSignature> schnorrSignatureList,
                                            List<SchnorrPublicKey> schnorrPublicKeyList,
                                            long threshold,
                                            List<FieldElement> customFields,
                                            String provingKeyPath,
                                            boolean zk)
        Compute proof for given parameters
        Parameters:
        btList - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        schnorrSignatureList - - list of Schnorr signatures to be verified using the corresponding public keys passed in SchnorrPublicKeyList
        schnorrPublicKeyList - - list of Schnorr public keys corresponding to schnorrSignaturesList
        threshold - - Minimum number of signatures that must be verified for the certificate to be accepted
        customFields - - additional optional parameters. Can be empty
        provingKeyPath - - file path from which reading the proving key, expected to be in compressed form
        zk - - if proof must be created using zk property or not
        Returns:
        a CreateProofResult instance, i.e. the computed proof bytes (in compressed form), and the quality of the certificate (i.e. in this case, number of valid signatures); OR null pointer if some errors occured during proof creation.

      • verifyProof

        public static boolean verifyProof​(List<BackwardTransfer> btList,
                                  FieldElement scId,
                                  int epochNumber,
                                  FieldElement endCumulativeScTxCommTreeRoot,
                                  long btrFee,
                                  long ftMinAmount,
                                  FieldElement constant,
                                  long quality,
                                  List<FieldElement> customFields,
                                  byte[] proof,
                                  boolean checkProof,
                                  String verificationKeyPath,
                                  boolean checkVerificationKey)
        Verify proof using the supplied parameters
        Parameters:
        btList - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        constant - - constant parameter, as defined by getConstant() method
        quality - - quality parameter, as returned by the createProof() function (in this case the number of valid signatures)
        customFields - - additional parameters. Can be empty.
        proof - - the bytes of the proof to be verified, expected to be in compressed form
        checkProof - - enable semantic checks on the proof
        verificationKeyPath - - file path from which loading the verification key, expected to be in compressed form
        checkVerificationKey - - enable semantic checks on the verification key
        Returns:
        true, if proof verification was successfull, false if proof verification failed or if some errors occured during verification

      • verifyProof

        public static boolean verifyProof​(List<BackwardTransfer> btList,
                                  FieldElement scId,
                                  int epochNumber,
                                  FieldElement endCumulativeScTxCommTreeRoot,
                                  long btrFee,
                                  long ftMinAmount,
                                  FieldElement constant,
                                  long quality,
                                  List<FieldElement> customFields,
                                  byte[] proof,
                                  String verificationKeyPath)
        Verify proof using the supplied parameters
        Parameters:
        btList - - the list of backward transfer for a given certificate
        scId - - the id of the corresponding sidechain
        epochNumber - - the epoch number for the certificate
        endCumulativeScTxCommTreeRoot - - the value of the cumulative sidechain transaction commitment tree at epoch end
        btrFee - - fee for BackwardTransfer
        ftMinAmount - - minimum amount for Forward Transfer
        constant - - constant parameter, as defined by getConstant() method
        quality - - quality parameter, as returned by the createProof() function (in this case the number of valid signatures)
        customFields - - additional parameters. Can be empty.
        proof - - the bytes of the proof to be verified, expected to be in compressed form
        verificationKeyPath - - file path from which loading the verification key, expected to be in compressed form
        Returns:
        true, if proof verification was successfull, false if proof verification failed or if some errors occured during verification