A library for constructing Groth-Sahai proofs using pre-built wrappers

Overview

Groth-Sahai Wrappers

A Rust library containing wrappers that facilitate the construction of non-interactive witness-indistinguishable and zero-knowledge proofs about various equations over bilinear groups [1]. See the corresponding Groth-Sahai library for more details about how Groth-Sahai has been implemented.

This library is distributed under the MIT License and the Apache v2 License (see License).

Disclaimer

  • This library, including many dependencies it relies on, are academic proof-of-concepts only that have NOT been thoroughly reviewed for production use. Do NOT use this implementation in production code.
  • Your choice of bilinear group (G1, G2, GT, e) MUST be secure under the SXDH assumption, must be equipped with a Type-III pairing, and must be implemented in Arkworks. For example, Bls12_381 is amenable to this implementation.

Getting Started

Installation

First, install the latest version of Rust using rustup:

rustup install stable

After that, use Rust's cargo to compile the library:

git clone https://github.com/jdwhite88/groth-sahai-wrappers.git
cd groth-sahai-wrappers
cargo build

Test

To run the unit tests (in each source file) and integration tests (in tests):

cargo test

To run the benchmark tests (in benches):

cargo bench

Supported Wrappers

  • **Groth16 -- For constructing variants of GS-over-Groth16 proofs, given a Proof and other components of the zk-SNARK's circuit [3]. (WIP)
  • Etc...

Dependencies

  • Groth-Sahai - An implementation of the Groth-Sahai proof system in Rust.
  • Arkworks - A Rust ecosystem for developing and programming with zkSNARKs as well as finite field and elliptic curve arithmetic.

Contributing

If you notice a bug, would like to ask a question, or want to propose a new feature, feel free to open an issue!

If you would like to contribute, but have not been invited as a direct collaborator to the project, follow the procedure below (keeping in mind these instructions if you are attempting to resolve an open issue):

  1. Fork the project
  2. Create your feature branch (git checkout -b feature-branch main)
  3. Commit your changes (git commit -m 'Resolves #i; commit message')
  4. Push to the branch (git push origin feature-branch)
  5. Open a pull request to merge with this repo (preferably linked to an issue)

References

[1] Jens Groth and Amit Sahai. Efficient Non-interactive Proof Systems for Bilinear Groups, Advances in Cryptology -- EUROCRYPT 2008: 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey. Springer Berlin Heidelberg, vol 4965: 415–432, 2008.

[2] Essam Ghadafi, Nigel P. Smart, and Bogdan Warinschi. Groth-Sahai proofs revisited. In Phong Q. Nguyen and David Pointcheval, editors, PKC 2010, volume 6056 of LNCS, pages 177–192. Springer, Heidelberg, May 2010.

[3] Jens Groth. On the size of pairing-based non-interactive arguments. In Marc Fischlin and Jean-Sébastien Coron, editors, EUROCRYPT 2016, Part II, volume 9666 of LNCS, pages 305-326. Springer, Heidelberg, May 2016.

License

This library is distributed under either of the following licenses:

Unless explicitly stated otherwise, any contribution made to this library shall be dual-licensed as above (as defined in the Apache v2 License), without any additional terms or conditions.

Authors

You might also like...
Rust bindings for the soloud audio engine library

soloud-rs A crossplatform Rust bindings for the soloud audio engine library. Supported formats: wav, mp3, ogg, flac. The library also comes with a spe

A song analysis library for making playlists

bliss-rs is the Rust improvement of bliss, a library used to make playlists by analyzing songs, and computing distance between them.

Symphonia is a pure Rust audio decoding and media demuxing library supporting AAC, FLAC, MP3, MP4, OGG, Vorbis, and WAV.

Pure Rust multimedia format demuxing, tag reading, and audio decoding library

Rust Sound Synthesis Library

Oscen Oscen [“oh-sin”] is a library for building modular synthesizers in Rust. It contains a collection of components frequently used in sound synthes

A wav encoding and decoding library in Rust

Hound A wav encoding and decoding library in Rust. Hound can read and write the WAVE audio format, an ubiquitous format for raw, uncompressed audio. T

Small music theory library with MIDI capabilities written in Rust
Small music theory library with MIDI capabilities written in Rust

mumuse Small music theory library with MIDI capabilities written in Rust (wip). Examples Creating notes and transpositions // Declare Note from &str l

ears is a simple library to play Sounds and Musics in Rust

ears ears is a simple library to play Sounds and Musics in Rust. ears is build on the top of OpenAL and libsndfile. Provides an access to the OpenAL s

Flutter crossplatform audio playback library powered by golang beep & oto

Rowdy Pure Rust based Dart/Flutter audio playback library Installation $ flutter pub add rowdy Configuration You'll need the Rust toolchain installed

A library and application for lossless, format-preserving, two-pass optimization and repair of Vorbis data, reducing its size without altering any audio information.
A library and application for lossless, format-preserving, two-pass optimization and repair of Vorbis data, reducing its size without altering any audio information.

OptiVorbis A library and application for lossless, format-preserving, two-pass optimization and repair of Vorbis data, reducing its size without alter

Comments
  • Equation -> Groth-Sahai statement conversion tool

    Equation -> Groth-Sahai statement conversion tool

    One of the primary issues in the literature and in my personal experience with using Groth-Sahai beyond a black-box manner is that it's a non-trivial (and at times tedious) process to apply the many properties of bilinear group arithmetic and its equipped pairing to encode each equation into the desired (A * Y) (X * B) (X * Γ Y) = t form that is expected of a Groth-Sahai statement. Especially in situations where one must prove about the satisfiability of many different equations or with lots of unique / unstructured variables, this could become a laborious-- if not impossible-- process trying to even encode the Groth-Sahai statement properly for the API to accept it.

    And so, I think it would be incredibly useful to have some sort of tool that, given a human-readable list of equations to be satisfied, restructures the different kinds of equations into a format that is amenable to Groth-Sahai, and also auto-generates the necessary equations that can be plugged directly into the API.

    (n.b. this would likely be such a massive undertaking even IF I could figure out how to do it. And so, I'm pre-emptively marking it as wontfix. I have no idea if I'll even get here, but I'll keep the issue open in case I or anyone else reading this finds inspiration to work on this)

    enhancement help wanted wontfix 
    opened by jdwhite48 2
  • Implement GS over basic Groth16 verification

    Implement GS over basic Groth16 verification

    Pre-requisites: Issue #6 in groth-sahai-rs (potentially)

    • [x] Implement a basic commit-and-prove function that a Groth16 verification equation is satisfied. The function should take as input n tuples of the form (Proof, VerifyingKey, prepared_pub_input) where each Proof is the tuple (A_p, B_p, C_p), and prepared_pub_input is the single G1 element Σ_{i=0}^{\ell [p]} a_i W_i where a_i \in Fr are the public inputs and W_i = gamma_abc_g1[i] from vks[i]: VerifyingKey. A single GS-compatible Groth16 verification equation has the following form:

    e( C_0, - vks[0].delta_g2 ) * e( A_0, B_0 ) = e( vks[0].alpha_g1, vks[0].beta_g2 ) * e( prepared_pub_input[0], vks[0].gamma_g2 )

    which, for Groth-Sahai, gets encoded as the following Equation struct fields:

    Γ = [ 1, 0 ], A = [ 0 ], B = [ 0, - delta_g2 ] and t = e(alpha_g1, beta_g2) * e(prepared_pub_input, gamma_g2)

    where the EquProof consists of X = [ A_0, C_0 ], Y = [ B_0 ].

    • [x] Similarly, implement a basic verify function that takes the commitments to X and Y, together with n (EquProof, VerifyingKey, prepared_pub_input) as input, and re-interprets the n Equation as before to verify that GS' EquProof is a valid witness to the satisfiability of Groth16 verification equations.
    • [ ] Optionally, compare benchmarks for separately proving about n individual commitments / equations (though having the commits specific to an individual equation is non-canonical for GS) vs. composing all n equations into a single GS proof
    enhancement 
    opened by jdwhite48 1
  • Implement GS over linked Groth16 verification

    Implement GS over linked Groth16 verification

    Similar to Issue #1, but with Groth-Sahai also treating some number a_0, ..., a_{k-1} of G16 public inputs as GS hidden variables, which supposedly links the n Groth16 proofs together in some fashion (agnostic to the operation of GS).

    • [ ] Also passing this as input into the prove function and with prepared_pub_input being Σ_{i=k}^{\ell [0]} a_0,i W_0,i instead, by simple bilinear group arithmetic properties a single GS-compatible Groth16 verification equation would take the following form:

    e( C_0, -vks[0].delta_g2 ) * e( S_0, -vks[0].gamma_g2 ) * e( A_0, B_0 ) = e( vks[0].alpha_g1, vks[0].beta_g2 ) * e( prepared_pub_input[0], vks[0].gamma_g2 )

    where S_0 = Σ_{i=0}^{k-1} a_0,i W_0,i. For Groth-Sahai, gets encoded as the following Equation struct fields:

    Γ = [ 1, 0, 0 ], A = [ 0 ], B = [ 0, - delta_g2, - gamma_g2 ] and t = e(alpha_g1, beta_g2) * e(prepared_pub_input, gamma_g2).

    where the EquProof consists of X = [ A_0, C_0, S_0 ], Y = [ B_0 ].

    • [ ] Similarly, implement a basic verify function that takes the commitments to X and Y, together with n (EquProof, VerifyingKey, prepared_pub_input) as input, and re-interprets the n Equation as before to verify that GS' EquProofis a valid witness to the satisfiability of linked Groth16 verification equations.
    enhancement 
    opened by jdwhite48 0
Owner
Jacob White
Computer Science Masters student at Purdue University. Focusing on applied cryptography.
Jacob White
PortAudio bindings and wrappers for Rust.

rust-portaudio PortAudio bindings and wrappers for Rust. PortAudio is a free, cross-platform, open-source, audio I/O library. rust-portaudio is still

null 331 Dec 23, 2022
Thin but safe ALSA wrappers for Rust

ALSA bindings for Rust Thin but safe wrappers for ALSA, the most common API for accessing audio devices on Linux. The ALSA API is rather big, so every

null 91 Dec 26, 2022
PortAudio bindings and wrappers for Rust.

rust-portaudio PortAudio bindings and wrappers for Rust. PortAudio is a free, cross-platform, open-source, audio I/O library. rust-portaudio is still

null 332 Dec 30, 2022
This crate is an implementation of Sonic, a protocol for quickly verifiable, compact zero-knowledge proofs of arbitrary computations

Sonic This crate is an implementation of Sonic, a protocol for quickly verifiable, compact zero-knowledge proofs of arbitrary computations. Sonic is i

null 75 Jul 4, 2022
A modular command line digital signal processor built in rust

Ever wanted to pipe raw audio samples around in the terminal to impress your friends at a party? Well then, you've come to the right place.

Sam Andreae 13 Dec 15, 2022
GStreamer plugin for speech to text using the Vosk Toolkit.

This project has moved upstream to the GStreamer Rust Plugins: https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/merge_requests/729 Vosk Speec

Rafael Carício 7 Apr 12, 2022
ncspot is a ncurses Spotify client written in Rust using librespot.

ncspot is a ncurses Spotify client written in Rust using librespot. It is heavily inspired by ncurses MPD clients, such as ncmpc. My motivation was to provide a simple and resource friendly alternative to the official client as well as to support platforms that currently don't have a Spotify client, such as the *BSDs.

Henrik Friedrichsen 3.4k Jan 8, 2023
A rust binding for the FMOD library

rust-fmod This is a rust binding for FMOD, the library developped by FIRELIGHT TECHNOLOGIES. FMOD website : www.fmod.org You can also find it on crate

Guillaume Gomez 55 Nov 2, 2022
Cross-platform audio I/O library in pure Rust

CPAL - Cross-Platform Audio Library Low-level library for audio input and output in pure Rust. This library currently supports the following: Enumerat

null 1.8k Jan 8, 2023
Rust audio playback library

Audio playback library Rust playback library. Playback is handled by cpal. MP3 decoding is handled by minimp3. WAV decoding is handled by hound. Vorbi

null 1.2k Jan 1, 2023