-
Notifications
You must be signed in to change notification settings - Fork 0
/
commitment.go
62 lines (48 loc) · 2.04 KB
/
commitment.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package cs
import (
"math/big"
"github.com/vocdoni/gnark-tiny-prover-g16/hintsolver"
)
const CommitmentDst = "bsb22-commitment"
type Commitment struct {
Committed []int // sorted list of id's of committed variables in groth16. in plonk, list of indexes of constraints defining committed values
NbPrivateCommitted int
HintID hintsolver.HintID // TODO @gbotrel we probably don't need that here
CommitmentIndex int // in groth16, CommitmentIndex is the wire index. in plonk, it's the constraint defining it
CommittedAndCommitment []int // sorted list of id's of committed variables AND the commitment itself
}
func (i *Commitment) NbPublicCommitted() int {
return i.NbCommitted() - i.NbPrivateCommitted
}
func (i *Commitment) NbCommitted() int {
return len(i.Committed)
}
func (i *Commitment) Is() bool {
return len(i.Committed) != 0
}
// NewCommitment initialize a Commitment object
// - committed are the sorted wireID to commit to (without duplicate)
// - nbPublicCommited is the number of public inputs among the commited wireIDs
func NewCommitment(committed []int, nbPublicCommitted int) Commitment {
return Commitment{
Committed: committed,
NbPrivateCommitted: len(committed) - nbPublicCommitted,
}
}
func (i *Commitment) SerializeCommitment(privateCommitment []byte, publicCommitted []*big.Int, fieldByteLen int) []byte {
res := make([]byte, len(privateCommitment)+len(publicCommitted)*fieldByteLen)
copy(res, privateCommitment)
offset := len(privateCommitment)
for _, inJ := range publicCommitted {
inJ.FillBytes(res[offset : offset+fieldByteLen])
offset += fieldByteLen
}
return res
}
// PrivateToPublic returns indexes of variables which are private to the constraint system, but public to Groth16. That is, private committed variables and the commitment itself
func (i *Commitment) PrivateToPublic() []int {
return i.CommittedAndCommitment[i.NbPublicCommitted():]
}
func (i *Commitment) PrivateCommitted() []int {
return i.Committed[i.NbPublicCommitted():]
}