feat(rust/catalyst-voting): Vote proof (#54)

* initialize a new crate * add intentionally failed test * fix CI * fix * fix * update vscode setting.recommended.json * add a basic interfaces for the vote part * add basic elgamal encryption based on the ristretto255 group * add arithmetic tests for ristretto255 * fix tests * wip * add decryption algorithm, add tests * fix CI * remove unused std_ops_gen * add new voter module * add EncryptionRandomness random generation * add a tally function * fix * wip * add a babystep implementation * wip * refactor, add decrypt_tally_result * wip * wip * add voting test * remove rayon dependency for now * fix spelling, remove rayon * fix * remove unused anyhow dep * intentionally break the test * try * wip * update DecryptionTallySetup interface * add doctest example * refactor, make voting_test as integration test * fix baby_step_giant_step_test * move tally module into the seprate dir * add new proof.rs * refactor * add to_bytes, from_bytes functions for Scalar and GroupElement * add zk_dl_equality.rs * add hash module * update hash implementation * add dleq verify function, add tests * implement tally proof generation and tally proof verification * update voting_test with the tally proofs, fix verify_tally_proof * remove uneeded comment * fix * fix * fix spelling * fix comment * update rust docs * fix rustdoc tests * refactor * refactor * add zk_unit_vector_proof module * refactor * add polynomial generation * fix * wip * wip * finish proof generation * refactor * add new get_bit function * refactor bit calculation * wip * fix calculation * refactor imports * refactor * refactor * update tests * update comment * update test * refactor * fix doc tests * remove redundant polynomial test * refactor imports, add voter proof module * fix doc test * update * add error handling for `generate_voter_proof` * update voting_test * update test * fix spelling
input-output-hk · Oct 8, 2024 · 817889a · 817889a
1 parent 54d5275
commit 817889a
Show file tree

Hide file tree

Showing 15 changed files with 831 additions and 91 deletions.
diff --git a/rust/catalyst-voting/src/crypto/babystep_giantstep.rs b/rust/catalyst-voting/src/crypto/babystep_giantstep.rs
@@ -3,7 +3,7 @@
 
 use std::collections::HashMap;
 
-use super::group::{GroupElement, Scalar};
+use crate::crypto::group::{GroupElement, Scalar};
 
 /// Default balance value.
 /// Make steps asymmetric, in order to better use caching of baby steps.

diff --git a/rust/catalyst-voting/src/crypto/elgamal.rs b/rust/catalyst-voting/src/crypto/elgamal.rs
@@ -5,14 +5,14 @@ use std::ops::{Add, Deref, Mul};
 
 use rand_core::CryptoRngCore;
 
-use super::group::{GroupElement, Scalar};
+use crate::crypto::group::{GroupElement, Scalar};
 
 /// ``ElGamal`` secret key.
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub struct SecretKey(Scalar);
 
 /// ``ElGamal`` public key.
-#[derive(Debug, Clone, Eq, PartialEq)]
+#[derive(Clone, Debug, PartialEq, Eq)]
 pub struct PublicKey(GroupElement);
 
 /// ``ElGamal`` ciphertext, encrypted message with the public key.
@@ -37,7 +37,7 @@ impl Deref for PublicKey {
 
 impl SecretKey {
     /// Generate a random `SecretKey` value from the random number generator.
-    pub fn generate<R: CryptoRngCore>(rng: &mut R) -> Self {
+    pub fn random<R: CryptoRngCore>(rng: &mut R) -> Self {
         Self(Scalar::random(rng))
     }
 

diff --git a/rust/catalyst-voting/src/crypto/group/ristretto255.rs b/rust/catalyst-voting/src/crypto/group/ristretto255.rs
@@ -45,12 +45,12 @@ impl Scalar {
     }
 
     /// additive identity
-    pub fn zero() -> Self {
+    pub const fn zero() -> Self {
         Scalar(IScalar::ZERO)
     }
 
     /// multiplicative identity
-    pub fn one() -> Self {
+    pub const fn one() -> Self {
         Scalar(IScalar::ONE)
     }
 
@@ -190,6 +190,17 @@ mod tests {
         }
     }
 
+    impl Arbitrary for GroupElement {
+        type Parameters = ();
+        type Strategy = BoxedStrategy<Self>;
+
+        fn arbitrary_with((): Self::Parameters) -> Self::Strategy {
+            any::<Scalar>()
+                .prop_map(|s| GroupElement::GENERATOR.mul(&s))
+                .boxed()
+        }
+    }
+
     #[proptest]
     fn scalar_to_bytes_from_bytes_test(e1: Scalar) {
         let bytes = e1.to_bytes();

diff --git a/rust/catalyst-voting/src/crypto/hash.rs b/rust/catalyst-voting/src/crypto/hash.rs
@@ -5,6 +5,7 @@ use curve25519_dalek::digest::{
 };
 
 /// Blake2b-512 hasher instance.
+#[derive(Clone, Debug)]
 pub struct Blake2b512Hasher(blake2b_simd::State);
 
 impl Blake2b512Hasher {

diff --git a/rust/catalyst-voting/src/crypto/mod.rs b/rust/catalyst-voting/src/crypto/mod.rs
@@ -5,3 +5,4 @@ pub(crate) mod elgamal;
 pub(crate) mod group;
 pub(crate) mod hash;
 pub(crate) mod zk_dl_equality;
+pub(crate) mod zk_unit_vector;
diff --git a/rust/catalyst-voting/src/crypto/zk_dl_equality.rs b/rust/catalyst-voting/src/crypto/zk_dl_equality.rs
@@ -12,9 +12,9 @@
 
 // cspell: words NIZK dlog
 
-use curve25519_dalek::digest::Update;
+use curve25519_dalek::digest::Digest;
 
-use super::{
+use crate::crypto::{
     group::{GroupElement, Scalar},
     hash::Blake2b512Hasher,
 };
@@ -55,12 +55,12 @@ fn calculate_challenge(
     a_1: &GroupElement, a_2: &GroupElement,
 ) -> Scalar {
     let blake2b_hasher = Blake2b512Hasher::new()
-        .chain(base_1.to_bytes())
-        .chain(base_2.to_bytes())
-        .chain(point_1.to_bytes())
-        .chain(point_2.to_bytes())
-        .chain(a_1.to_bytes())
-        .chain(a_2.to_bytes());
+        .chain_update(base_1.to_bytes())
+        .chain_update(base_2.to_bytes())
+        .chain_update(point_1.to_bytes())
+        .chain_update(point_2.to_bytes())
+        .chain_update(a_1.to_bytes())
+        .chain_update(a_2.to_bytes());
 
     Scalar::from_hash(blake2b_hasher)
 }

diff --git a/rust/catalyst-voting/src/crypto/zk_unit_vector/challenges.rs b/rust/catalyst-voting/src/crypto/zk_unit_vector/challenges.rs
@@ -0,0 +1,42 @@
+//! ZK unit vector challenges calculation functionality
+
+use curve25519_dalek::digest::Digest;
+
+use crate::{
+    crypto::{
+        elgamal::Ciphertext, group::GroupElement, hash::Blake2b512Hasher,
+        zk_unit_vector::randomness_announcements::Announcement,
+    },
+    PublicKey,
+};
+
+/// Calculates the first challenge hash.
+pub(crate) fn calculate_first_challenge_hash(
+    commitment_key: &GroupElement, public_key: &PublicKey, ciphertexts: &[Ciphertext],
+    announcements: &[Announcement],
+) -> Blake2b512Hasher {
+    let mut hash = Blake2b512Hasher::new()
+        .chain_update(commitment_key.to_bytes())
+        .chain_update(public_key.to_bytes());
+    for c in ciphertexts {
+        hash.update(c.first().to_bytes());
+        hash.update(c.second().to_bytes());
+    }
+    for announcement in announcements {
+        hash.update(announcement.i.to_bytes());
+        hash.update(announcement.b.to_bytes());
+        hash.update(announcement.a.to_bytes());
+    }
+    hash
+}
+
+/// Calculates the second challenge hash.
+pub(crate) fn calculate_second_challenge_hash(
+    mut com_1_hash: Blake2b512Hasher, ciphertexts: &[Ciphertext],
+) -> Blake2b512Hasher {
+    for c in ciphertexts {
+        com_1_hash.update(c.first().to_bytes());
+        com_1_hash.update(c.second().to_bytes());
+    }
+    com_1_hash
+}