-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question: Witness (terminology and implementation) #19
Comments
Hi.
The term "witness" is found in zero-knowledge proof literature to refer to the data known to prover (and not the verifier) and whose knowledge is being proven in the proof, see definition 19.2 and 19.3 here.
Its the actual secret value, the wrapper is just an abstraction. Regarding commitments, they are usually not the witness (unless the proof is about proving knowledge of a commitment and not just its opening), the opening (committed value and any randomness used) is the witness when the proof is for the knowledge of the opening.
The opening of the commitment is/includes the committed value and will be the witness. Eg. in a Pedersen commitment
Probably to avoid jargon :), and the book is about the application of ZKP. Have only read small part of it though. Hope that helps. |
Hi, thank you for the explanation! |
You're welcome. |
Hi 馃憢 I am still admiring your work!
I am wondering about the terminology of the
witness
and its "implementation".From the docs:
So:
And, for two statements (e.g. for POKS and set membership), the witnesses are distinct objects in code, but "reference" the same value. This equality of the witnesses is what we prove with witnessEquality in the metaStatements.
I feel that the term
witness
is used quite heterogeneously on the Web - and, FWIW, Rannenberg, Camenisch and Sabouri don't even mention that term in their work on Attribute-based Credentials for Trust.I'd appreciate if you could clarify your understanding of the term
witness
and how it relates to the composite proofs.Cheers
Christoph
The text was updated successfully, but these errors were encountered: