// The inner product relation is P = sum(g_bold * a, h_bold * b, g * (a * b)) use rand_core::OsRng; use ciphersuite::{ group::{ff::Field, Group}, Ciphersuite, Ristretto, }; use crate::{ ScalarVector, PointVector, Generators, transcript::*, inner_product::{P, IpStatement, IpWitness}, tests::generators, }; #[test] fn test_zero_inner_product() { let P = ::G::identity(); let generators = generators::(1); let reduced = generators.reduce(1).unwrap(); let witness = IpWitness::::new( ScalarVector::<::F>::new(1), ScalarVector::<::F>::new(1), ) .unwrap(); let proof = { let mut transcript = Transcript::new([0; 32]); IpStatement::::new( reduced, ScalarVector(vec![::F::ONE; 1]), ::F::ONE, P::Prover(P), ) .unwrap() .clone() .prove(&mut transcript, witness) .unwrap(); transcript.complete() }; let mut verifier = Generators::batch_verifier(); IpStatement::::new( reduced, ScalarVector(vec![::F::ONE; 1]), ::F::ONE, P::Verifier { verifier_weight: ::F::ONE }, ) .unwrap() .verify(&mut verifier, &mut VerifierTranscript::new([0; 32], &proof)) .unwrap(); assert!(generators.verify(verifier)); } #[test] fn test_inner_product() { // P = sum(g_bold * a, h_bold * b) let generators = generators::(32); let mut verifier = Generators::batch_verifier(); for i in [1, 2, 4, 8, 16, 32] { let generators = generators.reduce(i).unwrap(); let g = generators.g(); assert_eq!(generators.len(), i); let mut g_bold = vec![]; let mut h_bold = vec![]; for i in 0 .. i { g_bold.push(generators.g_bold(i)); h_bold.push(generators.h_bold(i)); } let g_bold = PointVector::(g_bold); let h_bold = PointVector::(h_bold); let mut a = ScalarVector::<::F>::new(i); let mut b = ScalarVector::<::F>::new(i); for i in 0 .. i { a[i] = ::F::random(&mut OsRng); b[i] = ::F::random(&mut OsRng); } let P = g_bold.multiexp(&a) + h_bold.multiexp(&b) + (g * a.inner_product(b.0.iter())); let witness = IpWitness::::new(a, b).unwrap(); let proof = { let mut transcript = Transcript::new([0; 32]); IpStatement::::new( generators, ScalarVector(vec![::F::ONE; i]), ::F::ONE, P::Prover(P), ) .unwrap() .prove(&mut transcript, witness) .unwrap(); transcript.complete() }; verifier.additional.push((::F::ONE, P)); IpStatement::::new( generators, ScalarVector(vec![::F::ONE; i]), ::F::ONE, P::Verifier { verifier_weight: ::F::ONE }, ) .unwrap() .verify(&mut verifier, &mut VerifierTranscript::new([0; 32], &proof)) .unwrap(); } assert!(generators.verify(verifier)); }