From 8296496c5168746ba403bd6a95282371048486e4 Mon Sep 17 00:00:00 2001 From: eliastor Date: Fri, 25 Aug 2023 18:51:22 +0300 Subject: [PATCH] first release --- LICENSE | 395 ++++++++++++++++++++++++++++++++++++++++++++++++ ed25519.go | 147 ++++++++++++++++++ example_test.go | 48 ++++++ go.mod | 14 ++ go.sum | 17 +++ nizk.go | 13 ++ nizk_test.go | 113 ++++++++++++++ 7 files changed, 747 insertions(+) create mode 100644 LICENSE create mode 100644 ed25519.go create mode 100644 example_test.go create mode 100644 go.mod create mode 100644 go.sum create mode 100644 nizk.go create mode 100644 nizk_test.go diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..10fabd9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,395 @@ +Attribution 4.0 International + +======================================================================= + +Creative Commons Corporation ("Creative Commons") is not a law firm and +does not provide legal services or legal advice. Distribution of +Creative Commons public licenses does not create a lawyer-client or +other relationship. Creative Commons makes its licenses and related +information available on an "as-is" basis. Creative Commons gives no +warranties regarding its licenses, any material licensed under their +terms and conditions, or any related information. Creative Commons +disclaims all liability for damages resulting from their use to the +fullest extent possible. + +Using Creative Commons Public Licenses + +Creative Commons public licenses provide a standard set of terms and +conditions that creators and other rights holders may use to share +original works of authorship and other material subject to copyright +and certain other rights specified in the public license below. The +following considerations are for informational purposes only, are not +exhaustive, and do not form part of our licenses. + + Considerations for licensors: Our public licenses are + intended for use by those authorized to give the public + permission to use material in ways otherwise restricted by + copyright and certain other rights. Our licenses are + irrevocable. Licensors should read and understand the terms + and conditions of the license they choose before applying it. + Licensors should also secure all rights necessary before + applying our licenses so that the public can reuse the + material as expected. Licensors should clearly mark any + material not subject to the license. This includes other CC- + licensed material, or material used under an exception or + limitation to copyright. More considerations for licensors: + wiki.creativecommons.org/Considerations_for_licensors + + Considerations for the public: By using one of our public + licenses, a licensor grants the public permission to use the + licensed material under specified terms and conditions. If + the licensor's permission is not necessary for any reason--for + example, because of any applicable exception or limitation to + copyright--then that use is not regulated by the license. Our + licenses grant only permissions under copyright and certain + other rights that a licensor has authority to grant. Use of + the licensed material may still be restricted for other + reasons, including because others have copyright or other + rights in the material. A licensor may make special requests, + such as asking that all changes be marked or described. + Although not required by our licenses, you are encouraged to + respect those requests where reasonable. More considerations + for the public: + wiki.creativecommons.org/Considerations_for_licensees + +======================================================================= + +Creative Commons Attribution 4.0 International Public License + +By exercising the Licensed Rights (defined below), You accept and agree +to be bound by the terms and conditions of this Creative Commons +Attribution 4.0 International Public License ("Public License"). To the +extent this Public License may be interpreted as a contract, You are +granted the Licensed Rights in consideration of Your acceptance of +these terms and conditions, and the Licensor grants You such rights in +consideration of benefits the Licensor receives from making the +Licensed Material available under these terms and conditions. + + +Section 1 -- Definitions. + + a. Adapted Material means material subject to Copyright and Similar + Rights that is derived from or based upon the Licensed Material + and in which the Licensed Material is translated, altered, + arranged, transformed, or otherwise modified in a manner requiring + permission under the Copyright and Similar Rights held by the + Licensor. For purposes of this Public License, where the Licensed + Material is a musical work, performance, or sound recording, + Adapted Material is always produced where the Licensed Material is + synched in timed relation with a moving image. + + b. Adapter's License means the license You apply to Your Copyright + and Similar Rights in Your contributions to Adapted Material in + accordance with the terms and conditions of this Public License. + + c. Copyright and Similar Rights means copyright and/or similar rights + closely related to copyright including, without limitation, + performance, broadcast, sound recording, and Sui Generis Database + Rights, without regard to how the rights are labeled or + categorized. For purposes of this Public License, the rights + specified in Section 2(b)(1)-(2) are not Copyright and Similar + Rights. + + d. Effective Technological Measures means those measures that, in the + absence of proper authority, may not be circumvented under laws + fulfilling obligations under Article 11 of the WIPO Copyright + Treaty adopted on December 20, 1996, and/or similar international + agreements. + + e. Exceptions and Limitations means fair use, fair dealing, and/or + any other exception or limitation to Copyright and Similar Rights + that applies to Your use of the Licensed Material. + + f. Licensed Material means the artistic or literary work, database, + or other material to which the Licensor applied this Public + License. + + g. Licensed Rights means the rights granted to You subject to the + terms and conditions of this Public License, which are limited to + all Copyright and Similar Rights that apply to Your use of the + Licensed Material and that the Licensor has authority to license. + + h. Licensor means the individual(s) or entity(ies) granting rights + under this Public License. + + i. Share means to provide material to the public by any means or + process that requires permission under the Licensed Rights, such + as reproduction, public display, public performance, distribution, + dissemination, communication, or importation, and to make material + available to the public including in ways that members of the + public may access the material from a place and at a time + individually chosen by them. + + j. Sui Generis Database Rights means rights other than copyright + resulting from Directive 96/9/EC of the European Parliament and of + the Council of 11 March 1996 on the legal protection of databases, + as amended and/or succeeded, as well as other essentially + equivalent rights anywhere in the world. + + k. You means the individual or entity exercising the Licensed Rights + under this Public License. Your has a corresponding meaning. + + +Section 2 -- Scope. + + a. License grant. + + 1. Subject to the terms and conditions of this Public License, + the Licensor hereby grants You a worldwide, royalty-free, + non-sublicensable, non-exclusive, irrevocable license to + exercise the Licensed Rights in the Licensed Material to: + + a. reproduce and Share the Licensed Material, in whole or + in part; and + + b. produce, reproduce, and Share Adapted Material. + + 2. Exceptions and Limitations. For the avoidance of doubt, where + Exceptions and Limitations apply to Your use, this Public + License does not apply, and You do not need to comply with + its terms and conditions. + + 3. Term. The term of this Public License is specified in Section + 6(a). + + 4. Media and formats; technical modifications allowed. The + Licensor authorizes You to exercise the Licensed Rights in + all media and formats whether now known or hereafter created, + and to make technical modifications necessary to do so. The + Licensor waives and/or agrees not to assert any right or + authority to forbid You from making technical modifications + necessary to exercise the Licensed Rights, including + technical modifications necessary to circumvent Effective + Technological Measures. For purposes of this Public License, + simply making modifications authorized by this Section 2(a) + (4) never produces Adapted Material. + + 5. Downstream recipients. + + a. Offer from the Licensor -- Licensed Material. Every + recipient of the Licensed Material automatically + receives an offer from the Licensor to exercise the + Licensed Rights under the terms and conditions of this + Public License. + + b. No downstream restrictions. You may not offer or impose + any additional or different terms or conditions on, or + apply any Effective Technological Measures to, the + Licensed Material if doing so restricts exercise of the + Licensed Rights by any recipient of the Licensed + Material. + + 6. No endorsement. Nothing in this Public License constitutes or + may be construed as permission to assert or imply that You + are, or that Your use of the Licensed Material is, connected + with, or sponsored, endorsed, or granted official status by, + the Licensor or others designated to receive attribution as + provided in Section 3(a)(1)(A)(i). + + b. Other rights. + + 1. Moral rights, such as the right of integrity, are not + licensed under this Public License, nor are publicity, + privacy, and/or other similar personality rights; however, to + the extent possible, the Licensor waives and/or agrees not to + assert any such rights held by the Licensor to the limited + extent necessary to allow You to exercise the Licensed + Rights, but not otherwise. + + 2. Patent and trademark rights are not licensed under this + Public License. + + 3. To the extent possible, the Licensor waives any right to + collect royalties from You for the exercise of the Licensed + Rights, whether directly or through a collecting society + under any voluntary or waivable statutory or compulsory + licensing scheme. In all other cases the Licensor expressly + reserves any right to collect such royalties. + + +Section 3 -- License Conditions. + +Your exercise of the Licensed Rights is expressly made subject to the +following conditions. + + a. Attribution. + + 1. If You Share the Licensed Material (including in modified + form), You must: + + a. retain the following if it is supplied by the Licensor + with the Licensed Material: + + i. identification of the creator(s) of the Licensed + Material and any others designated to receive + attribution, in any reasonable manner requested by + the Licensor (including by pseudonym if + designated); + + ii. a copyright notice; + + iii. a notice that refers to this Public License; + + iv. a notice that refers to the disclaimer of + warranties; + + v. a URI or hyperlink to the Licensed Material to the + extent reasonably practicable; + + b. indicate if You modified the Licensed Material and + retain an indication of any previous modifications; and + + c. indicate the Licensed Material is licensed under this + Public License, and include the text of, or the URI or + hyperlink to, this Public License. + + 2. You may satisfy the conditions in Section 3(a)(1) in any + reasonable manner based on the medium, means, and context in + which You Share the Licensed Material. For example, it may be + reasonable to satisfy the conditions by providing a URI or + hyperlink to a resource that includes the required + information. + + 3. If requested by the Licensor, You must remove any of the + information required by Section 3(a)(1)(A) to the extent + reasonably practicable. + + 4. If You Share Adapted Material You produce, the Adapter's + License You apply must not prevent recipients of the Adapted + Material from complying with this Public License. + + +Section 4 -- Sui Generis Database Rights. + +Where the Licensed Rights include Sui Generis Database Rights that +apply to Your use of the Licensed Material: + + a. for the avoidance of doubt, Section 2(a)(1) grants You the right + to extract, reuse, reproduce, and Share all or a substantial + portion of the contents of the database; + + b. if You include all or a substantial portion of the database + contents in a database in which You have Sui Generis Database + Rights, then the database in which You have Sui Generis Database + Rights (but not its individual contents) is Adapted Material; and + + c. You must comply with the conditions in Section 3(a) if You Share + all or a substantial portion of the contents of the database. + +For the avoidance of doubt, this Section 4 supplements and does not +replace Your obligations under this Public License where the Licensed +Rights include other Copyright and Similar Rights. + + +Section 5 -- Disclaimer of Warranties and Limitation of Liability. + + a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE + EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS + AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF + ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, + IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, + WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR + PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, + ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT + KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT + ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. + + b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE + TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, + NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, + INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, + COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR + USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN + ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR + DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR + IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. + + c. The disclaimer of warranties and limitation of liability provided + above shall be interpreted in a manner that, to the extent + possible, most closely approximates an absolute disclaimer and + waiver of all liability. + + +Section 6 -- Term and Termination. + + a. This Public License applies for the term of the Copyright and + Similar Rights licensed here. However, if You fail to comply with + this Public License, then Your rights under this Public License + terminate automatically. + + b. Where Your right to use the Licensed Material has terminated under + Section 6(a), it reinstates: + + 1. automatically as of the date the violation is cured, provided + it is cured within 30 days of Your discovery of the + violation; or + + 2. upon express reinstatement by the Licensor. + + For the avoidance of doubt, this Section 6(b) does not affect any + right the Licensor may have to seek remedies for Your violations + of this Public License. + + c. For the avoidance of doubt, the Licensor may also offer the + Licensed Material under separate terms or conditions or stop + distributing the Licensed Material at any time; however, doing so + will not terminate this Public License. + + d. Sections 1, 5, 6, 7, and 8 survive termination of this Public + License. + + +Section 7 -- Other Terms and Conditions. + + a. The Licensor shall not be bound by any additional or different + terms or conditions communicated by You unless expressly agreed. + + b. Any arrangements, understandings, or agreements regarding the + Licensed Material not stated herein are separate from and + independent of the terms and conditions of this Public License. + + +Section 8 -- Interpretation. + + a. For the avoidance of doubt, this Public License does not, and + shall not be interpreted to, reduce, limit, restrict, or impose + conditions on any use of the Licensed Material that could lawfully + be made without permission under this Public License. + + b. To the extent possible, if any provision of this Public License is + deemed unenforceable, it shall be automatically reformed to the + minimum extent necessary to make it enforceable. If the provision + cannot be reformed, it shall be severed from this Public License + without affecting the enforceability of the remaining terms and + conditions. + + c. No term or condition of this Public License will be waived and no + failure to comply consented to unless expressly agreed to by the + Licensor. + + d. Nothing in this Public License constitutes or may be interpreted + as a limitation upon, or waiver of, any privileges and immunities + that apply to the Licensor or You, including from the legal + processes of any jurisdiction or authority. + + +======================================================================= + +Creative Commons is not a party to its public licenses. +Notwithstanding, Creative Commons may elect to apply one of its public +licenses to material it publishes and in those instances will be +considered the “Licensor.” The text of the Creative Commons public +licenses is dedicated to the public domain under the CC0 Public Domain +Dedication. Except for the limited purpose of indicating that material +is shared under a Creative Commons public license or as otherwise +permitted by the Creative Commons policies published at +creativecommons.org/policies, Creative Commons does not authorize the +use of the trademark "Creative Commons" or any other trademark or logo +of Creative Commons without its prior written consent including, +without limitation, in connection with any unauthorized modifications +to any of its public licenses or any other arrangements, +understandings, or agreements concerning use of licensed material. For +the avoidance of doubt, this paragraph does not form part of the public +licenses. + +Creative Commons may be contacted at creativecommons.org. diff --git a/ed25519.go b/ed25519.go new file mode 100644 index 0000000..1a2edde --- /dev/null +++ b/ed25519.go @@ -0,0 +1,147 @@ +package nizk + +import ( + "crypto/rand" + "crypto/sha256" + "fmt" + "io" + + "filippo.io/edwards25519" + "golang.org/x/crypto/sha3" +) + +const ( + SecretSize = 32 + ProofSize = 64 + + // this prefix is needed to eliminate accidental generation of the same hash outside the proof + magicPrefix = "Fiat-Shamir NIZK proof made by https://github.com/eliastor?d3eac842bf90905fc958c42422132e984676521f EOL" +) + +var ( + _ Nizk = &ed25519Nizk{} +) + +type ed25519Nizk struct { + hashSum func(data []byte) [SecretSize]byte +} + +func (n *ed25519Nizk) fingerprintPointScalar(sum []byte) (*edwards25519.Point, *edwards25519.Scalar) { + sc, _ := edwards25519.NewScalar().SetBytesWithClamping(sum) + point := edwards25519.NewIdentityPoint().ScalarBaseMult(sc) + return point, sc +} + +func (n *ed25519Nizk) messagePointID(message []byte) (*edwards25519.Point, *edwards25519.Scalar) { + sum := n.hashSum(append([]byte(magicPrefix), message...)) + s := make([]byte, SecretSize) + copy(s, sum[:]) + X, x := n.fingerprintPointScalar(s) + return X, x +} + +func (n *ed25519Nizk) Fingerprint(message []byte) (id []byte) { + point, _ := n.messagePointID(message) + id = point.Bytes() + return +} + +func (n *ed25519Nizk) calcGYTPHashScalar(fingerprint, pT, stamp []byte) (*edwards25519.Scalar, error) { + gytp := []byte{} + gytp = append(gytp, edwards25519.NewGeneratorPoint().Bytes()...) + gytp = append(gytp, fingerprint...) + gytp = append(gytp, pT...) + gytp = append(gytp, stamp...) + sum := n.hashSum(gytp) + c, err := edwards25519.NewScalar().SetBytesWithClamping(sum[:]) + if err != nil { + return nil, fmt.Errorf("can't create c scalar: %w", err) + } + return c, nil +} + +func (n *ed25519Nizk) Proove(msg []byte, stamp []byte) (Proof, []byte, error) { + vb := [SecretSize]byte{} + _, err := io.ReadFull(rand.Reader, vb[:]) + if err != nil { + return nil, nil, err + } + v, err := edwards25519.NewScalar().SetBytesWithClamping(vb[:]) + if err != nil { + return nil, nil, fmt.Errorf("can't create r scalar: %w", err) + } + + T := edwards25519.NewIdentityPoint().ScalarBaseMult(v) + + Tb := T.Bytes() + + X, x := n.messagePointID(msg) + fingerprint := X.Bytes() + + c, err := n.calcGYTPHashScalar(fingerprint, Tb, stamp) // h = hash(G||id||vG||stamp) + if err != nil { + return nil, nil, fmt.Errorf("can't calculate GYTP hash: %w", err) + } + + c.Negate(c) + r := edwards25519.NewScalar().MultiplyAdd(c, x, v) // (-h) * x + v + + var proof [ProofSize]byte + copy(proof[:SecretSize], Tb) + copy(proof[SecretSize:], r.Bytes()) + + return proof[:], fingerprint, nil +} + +func (n *ed25519Nizk) ProofSize() int { + return ProofSize +} + +func (n *ed25519Nizk) FingerprintSize() int { + return SecretSize +} + +func (n *ed25519Nizk) Verify(id []byte, stamp []byte, proof Proof) (bool, error) { + if len(proof) != n.ProofSize() { + return false, fmt.Errorf("wrong size of proof, expected %d", n.ProofSize()) + } + + Tb := proof[:SecretSize] + rb := proof[SecretSize:] + + r, err := edwards25519.NewScalar().SetCanonicalBytes(rb) + if err != nil { + return false, fmt.Errorf("can't read r scalar: %w", err) + } + + X, err := edwards25519.NewIdentityPoint().SetBytes(id) + if err != nil { + return false, fmt.Errorf("can't read X point: %w", err) + } + + c, err := n.calcGYTPHashScalar(id, Tb, stamp) + if err != nil { + return false, fmt.Errorf("can't calculate GYTP hash: %w", err) + } + + T, err := edwards25519.NewIdentityPoint().SetBytes(Tb) + if err != nil { + return false, fmt.Errorf("can't read T point: %w", err) + } + + calculatedT := edwards25519.NewIdentityPoint().VarTimeDoubleScalarBaseMult(c, X, r) + + return T.Equal(calculatedT) == 1, nil +} + +func NewEd25519Sha3() Nizk { + return &ed25519Nizk{ + hashSum: sha3.Sum256, + } +} + +func NewEd25519Sha256() Nizk { + return &ed25519Nizk{ + hashSum: sha256.Sum256, + } +} diff --git a/example_test.go b/example_test.go new file mode 100644 index 0000000..539f87c --- /dev/null +++ b/example_test.go @@ -0,0 +1,48 @@ +package nizk_test + +import ( + "bytes" + "fmt" + + "github.com/eliastor/go-nizk" +) + +func Example() { + + // Alice + AliceZK := nizk.NewEd25519Sha3() + + msg := []byte("Arbitrary message which knowledge you want to prove.") + stamp := []byte("any other information you want to include to the proof: public keys, salts, symmetric keys, etc.") + + AliceProof, AliceFingerprint, err := AliceZK.Proove(msg, stamp) + if err != nil { + fmt.Println(err) + return + } + + // Alice publishes fingerprint and proof. + // Bob who knows the same message can generate fingerprint of the message + // and can easily verify that Alice also knows the message: + + // Bob + msg = msg // Bob knows the message + stamp = stamp // stamp must be the same, it's offline agreement of the protocol or Alice and Bob + + BobZK := nizk.NewEd25519Sha3() + BobFingerprint := BobZK.Fingerprint(msg) + + if !bytes.Equal(BobFingerprint, AliceFingerprint) { + fmt.Println("fingerprints are not equal, so Bob's and Alice's messages are not equal, so nothing to check") + return + } + + valid, err := BobZK.Verify(AliceFingerprint, stamp, AliceProof) + if err != nil { + fmt.Println(err) + return + } + if !valid { + fmt.Println("Alice's proof is not valid") + } +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..830ee48 --- /dev/null +++ b/go.mod @@ -0,0 +1,14 @@ +module github.com/eliastor/go-nizk + +go 1.20 + +require github.com/stretchr/testify v1.8.4 + +require ( + filippo.io/edwards25519 v1.0.1-0.20220803165937-8c58ed0e3550 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + golang.org/x/crypto v0.12.0 // indirect + golang.org/x/sys v0.11.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..73d1efc --- /dev/null +++ b/go.sum @@ -0,0 +1,17 @@ +filippo.io/edwards25519 v1.0.0 h1:0wAIcmJUqRdI8IJ/3eGi5/HwXZWPujYXXlkrQogz0Ek= +filippo.io/edwards25519 v1.0.0/go.mod h1:N1IkdkCkiLB6tki+MYJoSx2JTY9NUlxZE7eHn5EwJns= +filippo.io/edwards25519 v1.0.1-0.20220803165937-8c58ed0e3550 h1:Mqu6Q2e//30TWeP5bM9Th5KEzWdFAFd80Y2ZXN9fmeE= +filippo.io/edwards25519 v1.0.1-0.20220803165937-8c58ed0e3550/go.mod h1:N1IkdkCkiLB6tki+MYJoSx2JTY9NUlxZE7eHn5EwJns= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= +golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= +golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= +golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/nizk.go b/nizk.go new file mode 100644 index 0000000..d6b4cf2 --- /dev/null +++ b/nizk.go @@ -0,0 +1,13 @@ +package nizk + +type Suite interface{} + +type Proof []byte + +type Nizk interface { + Proove(msg []byte, stamp []byte) (proof Proof, fingerprint []byte, err error) + ProofSize() int + FingerprintSize() int + Fingerprint(msg []byte) []byte + Verify(fingerprint []byte, stamp []byte, proof Proof) (valid bool, err error) +} diff --git a/nizk_test.go b/nizk_test.go new file mode 100644 index 0000000..f6e8d2b --- /dev/null +++ b/nizk_test.go @@ -0,0 +1,113 @@ +package nizk_test + +import ( + "crypto/rand" + "io" + "testing" + + "github.com/eliastor/go-nizk" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func makeMsgStamp() (msg, stamp []byte) { + msg = make([]byte, 4096) + io.ReadFull(rand.Reader, msg) + stamp = make([]byte, 1024) + io.ReadFull(rand.Reader, stamp) + return msg, stamp +} + +func makeProove(t *testing.T, msg, stamp []byte, zk nizk.Nizk) ([]byte, []byte) { + var err error + fingerprint1 := zk.Fingerprint(msg) + proof, fingerprint2, err := zk.Proove(msg, stamp) + require.NoError(t, err) + assert.Equal(t, fingerprint1, fingerprint2) + return proof, fingerprint2 +} + +func testSuccessFlow(t *testing.T, id, stamp, proof []byte, zk nizk.Nizk) { + t.Run("SuccessFlow", func(t *testing.T) { + valid, err := zk.Verify(id, stamp, proof) + require.NoError(t, err) + assert.True(t, valid) + }) +} + +func testFailFlow(t *testing.T, id, stamp []byte, proof []byte, zk nizk.Nizk) { + t.Run("FailFlow", func(t *testing.T) { + proof[0] ^= 0xFF + valid, _ := zk.Verify(id, stamp, proof) + // require.NoError(t, err) there can be the error with invalid point encoding + assert.False(t, valid) + }) +} + +func testFlows(t *testing.T, zk nizk.Nizk) { + msg, stamp := makeMsgStamp() + proof, id := makeProove(t, msg, stamp, zk) + testSuccessFlow(t, id, stamp, proof, zk) + testFailFlow(t, id, stamp, proof, zk) +} + +func TestAllSuites(t *testing.T) { + suites := []struct { + Name string + Creator func() nizk.Nizk + }{ + {"ed25519_sha3", nizk.NewEd25519Sha3}, + {"ed25519_sha256", nizk.NewEd25519Sha256}, + } + + for _, suite := range suites { + name := suite.Name + zk := suite.Creator() + t.Run(name, func(t *testing.T) { + testFlows(t, zk) + }) + } +} + +func benchmarkSuite(b *testing.B, zk nizk.Nizk) { + msg, stamp := makeMsgStamp() + id := zk.Fingerprint(msg) + var proof nizk.Proof + var err error + b.Run("Proove", func(b *testing.B) { + for i := 0; i < b.N; i++ { + proof, _, err = zk.Proove(msg, stamp) + if err != nil { + b.Fatal(err) + } + } + }) + b.Run("Verify", func(b *testing.B) { + for i := 0; i < b.N; i++ { + valid, err := zk.Verify(id, stamp, proof) + if err != nil { + b.Fatal(err) + } + if !valid { + b.Fatal("failed verification") + } + } + }) +} + +func BenchmarkAllSuites(b *testing.B) { + suites := []struct { + Name string + Creator func() nizk.Nizk + }{ + {"ed25519_sha3", nizk.NewEd25519Sha3}, + {"ed25519_sha256", nizk.NewEd25519Sha256}, + } + for _, suite := range suites { + name := suite.Name + zk := suite.Creator() + b.Run(name, func(b *testing.B) { + benchmarkSuite(b, zk) + }) + } +}