-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added validity proofs for eq, ge and aggregate proof #182
Conversation
Signed-off-by: aritroCoder <ogocodinggod@gmail.com>
::: | ||
#### Verify Validity Proofs | ||
|
||
An AnoncCreds validity proof is the combination of both equality and inequality predicate proofs. The validity proof is bound to the primary credential by the $\widehat{m_2}$ value that is presented in both proofs. The validity proof is verified by the following steps: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The term validity proofs
has not been used before. I think the intro section needs to be updated to talk about how the data structures in the presentation (eq_proof
, ge_proof
, aggregate_proof
) all contribute to the validity proof.
I can revise that text after this is merged if you would prefer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would be good
@@ -104,7 +105,7 @@ $$\widehat{T_6} \leftarrow D^{\widehat{r''}}\cdot g^{-\widehat{m'}} \widetilde{ | |||
$$\widehat{T_7} \leftarrow \left(\frac{e(pk\cdot\mathcal{G},\mathcal{S})}{e(g,g')}\right)^{c_H}\cdot e(pk\cdot \mathcal{G},\widehat{h})^{\widehat{r''}}\cdot e(\widetilde{h},\widehat{h})^{-\widehat{m'}}\cdot e(\widetilde{h},\mathcal{S})^{\widehat{r}}$$ | |||
$$\widehat{T_8} \leftarrow \left(\frac{e(\mathcal{G},u)}{e(g,\mathcal{U})}\right)^{c_H}\cdot e(\widetilde{h},u)^{\widehat{r}}\cdot e(1/g,\widehat{h})^{\widehat{r'''}}$$ | |||
|
|||
Then all these values are added to $\widehat{T}$. This is then added with the validity proof which when hashed with $\mathcal{C}$ and $n_1$(recieved from [[ref: holder]]) re constructs the challenge hash $\widehat{c_H}$ | |||
Then all these values are added to $\widehat{T}$. This is then added with the validity proof which when hashed with $\mathcal{C}$ and $n_1$(recieved from [[ref: holder]]) re constructs the challenge hash $\widehat{c_H}$. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Typo -- received
I didn't understand how the validity proof that is processed as per this section is combined with the non-revocation proofs that are also in the presentation. There will be one of those per source credential that have to be processed. |
To verify the proof, we need to regenerate the challenge hash at verifier side and match it with the one recieved from prover. The challenge hash is computed by concatinating |
Signed-off-by: aritroCoder <ogocodinggod@gmail.com>
Correct |
Reopend pull request accidentally closed. @mikelodder7 — could you please add your approval? Thanks! |
No description provided.