Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Possible simplification of CapsuleFrag.verify() #46

Open
fjarri opened this issue Apr 19, 2021 · 0 comments
Open

Possible simplification of CapsuleFrag.verify() #46

fjarri opened this issue Apr 19, 2021 · 0 comments
Assignees
@cygnusv @tuxxy
Labels
cryptography Needs attention of someone who knows what they're doing

Comments

@fjarri
Copy link
Contributor

fjarri commented Apr 19, 2021

At the moment, we check three equations:

let correct_reencryption_of_e = &e * &z3 == &e2 + &(&e1 * &h);
let correct_reencryption_of_v = &v * &z3 == &v2 + &(&v1 * &h);
let correct_rk_commitment = &u * &z3 == &u2 + &(&u1 * &h);

h here is a hash containing all the other values used (except u which is a constant). So it would seem that the equalities are either all true, or all false, and we can only check one of them. This is especially impactful for running verification as a part of an Ethereum contract.

Can it be proven?
@fjarri fjarri added the cryptography Needs attention of someone who knows what they're doing label Apr 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cygnusv cygnusv

@tuxxy tuxxy

Labels
cryptography Needs attention of someone who knows what they're doing
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fjarri @cygnusv @tuxxy