Ecosystem/serai
Ecosystem/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-01-08 20:09:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix serialization

Browse source 
This enabled getting the proof sizes, which are:
- ConciseLinear had a proof size of 44607 bytes
- CompromiseLinear had a proof size of 48765 bytes
- ClassicLinear had a proof size of 56829 bytes
- EfficientLinear had a proof size of 65145 byte
This commit is contained in:
Luke Parker 2022-07-07 08:46:11 -04:00
parent c3a0e0375d
commit 4dbf50243b
5 changed files with 26 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
crypto/dleq/src/cross_group/aos.rs
View file

@ -195,6 +195,7 @@ impl<
#[cfg(feature = "serialize")] #[cfg(feature = "serialize")]
pub(crate) fn serialize<W: Write>(&self, w: &mut W) -> std::io::Result<()> { pub(crate) fn serialize<W: Write>(&self, w: &mut W) -> std::io::Result<()> {
#[allow(non_snake_case)]
match self.Re_0 { match self.Re_0 {
Re::R(R0, R1) => { Re::R(R0, R1) => {
w.write_all(R0.to_bytes().as_ref())?; w.write_all(R0.to_bytes().as_ref())?;
@ -211,6 +212,7 @@ impl<
Ok(()) Ok(())
} }
#[allow(non_snake_case)]
#[cfg(feature = "serialize")] #[cfg(feature = "serialize")]
pub(crate) fn deserialize<R: Read>(r: &mut R, mut Re_0: Re<G0, G1>) -> std::io::Result<Self> { pub(crate) fn deserialize<R: Read>(r: &mut R, mut Re_0: Re<G0, G1>) -> std::io::Result<Self> {
match Re_0 { match Re_0 {

7
crypto/dleq/src/cross_group/bits.rs
View file

@ -165,6 +165,11 @@ impl<
#[cfg(feature = "serialize")] #[cfg(feature = "serialize")]
pub(crate) fn deserialize<R: Read>(r: &mut R) -> std::io::Result<Self> { pub(crate) fn deserialize<R: Read>(r: &mut R) -> std::io::Result<Self> {
Ok(Bits { commitments: (read_point(r)?, read_point(r)?), signature: Aos::deserialize(r)? }) Ok(
Bits {
commitments: (read_point(r)?, read_point(r)?),
signature: Aos::deserialize(r, BitSignature::from(SIGNATURE).aos_form())?
}
)
} }
} }

7
crypto/dleq/src/cross_group/mod.rs
View file

@ -63,7 +63,7 @@ pub struct DLEqProof<
} }
macro_rules! dleq { macro_rules! dleq {
($name: ident, $signature: expr, $remainder: expr) => { ($name: ident, $signature: expr, $remainder: literal) => {
pub type $name<G0, G1> = DLEqProof< pub type $name<G0, G1> = DLEqProof<
G0, G0,
G1, G1,
@ -81,10 +81,12 @@ macro_rules! dleq {
// bit and removing a hash while slightly reducing challenge security. This security reduction is // bit and removing a hash while slightly reducing challenge security. This security reduction is
// already applied to the scalar being proven for, a result of the requirement it's mutually valid // already applied to the scalar being proven for, a result of the requirement it's mutually valid
// over both scalar fields, hence its application here as well. This is mainly here as a point of // over both scalar fields, hence its application here as well. This is mainly here as a point of
// reference for the following DLEq proofs, all which use merged challenges // reference for the following DLEq proofs, all which use merged challenges, and isn't performant
// in comparison to the others
dleq!(ClassicLinearDLEq, BitSignature::ClassicLinear, false); dleq!(ClassicLinearDLEq, BitSignature::ClassicLinear, false);
// Proves for 2-bits at a time to save 3/7 elements of every other bit // Proves for 2-bits at a time to save 3/7 elements of every other bit
// <9% smaller than CompromiseLinear, yet ~12% slower
dleq!(ConciseLinearDLEq, BitSignature::ConciseLinear, true); dleq!(ConciseLinearDLEq, BitSignature::ConciseLinear, true);
// Uses AOS signatures of the form R, s, to enable the final step of the ring signature to be // Uses AOS signatures of the form R, s, to enable the final step of the ring signature to be
@ -94,6 +96,7 @@ dleq!(EfficientLinearDLEq, BitSignature::EfficientLinear, false);
// Proves for 2-bits at a time while using the R, s form. This saves 3/7 elements of every other // Proves for 2-bits at a time while using the R, s form. This saves 3/7 elements of every other
// bit, while adding 1 element to every bit, and is more efficient than ConciseLinear yet less // bit, while adding 1 element to every bit, and is more efficient than ConciseLinear yet less
// efficient than EfficientLinear due to having more ring signature steps which aren't batched // efficient than EfficientLinear due to having more ring signature steps which aren't batched
// >25% smaller than EfficientLinear and just 11% slower, making it the recommended option
dleq!(CompromiseLinearDLEq, BitSignature::CompromiseLinear, true); dleq!(CompromiseLinearDLEq, BitSignature::CompromiseLinear, true);
impl< impl<

1
crypto/dleq/src/tests/cross_group/aos.rs
View file

@ -9,6 +9,7 @@ use crate::{
tests::cross_group::{G0, G1, transcript, generators} tests::cross_group::{G0, G1, transcript, generators}
}; };
#[allow(non_snake_case)]
#[cfg(feature = "serialize")] #[cfg(feature = "serialize")]
fn test_aos_serialization<const RING_LEN: usize>(proof: Aos<G0, G1, RING_LEN>, Re_0: Re<G0, G1>) { fn test_aos_serialization<const RING_LEN: usize>(proof: Aos<G0, G1, RING_LEN>, Re_0: Re<G0, G1>) {
let mut buf = vec![]; let mut buf = vec![];

19
crypto/dleq/src/tests/cross_group/mod.rs
View file

@ -49,7 +49,7 @@ pub(crate) fn generators() -> (Generators<G0>, Generators<G1>) {
} }
macro_rules! verify_and_deserialize { macro_rules! verify_and_deserialize {
($type: ident, $proof: ident, $generators: ident, $keys: ident) => { ($type: ty, $proof: ident, $generators: ident, $keys: ident) => {
let public_keys = $proof.verify(&mut OsRng, &mut transcript(), $generators).unwrap(); let public_keys = $proof.verify(&mut OsRng, &mut transcript(), $generators).unwrap();
assert_eq!($generators.0.primary * $keys.0, public_keys.0); assert_eq!($generators.0.primary * $keys.0, public_keys.0);
assert_eq!($generators.1.primary * $keys.1, public_keys.1); assert_eq!($generators.1.primary * $keys.1, public_keys.1);
@ -58,14 +58,14 @@ macro_rules! verify_and_deserialize {
{ {
let mut buf = vec![]; let mut buf = vec![];
$proof.serialize(&mut buf).unwrap(); $proof.serialize(&mut buf).unwrap();
let deserialized = $type::<G0, G1>::deserialize(&mut std::io::Cursor::new(&buf)).unwrap(); let deserialized = <$type>::deserialize(&mut std::io::Cursor::new(&buf)).unwrap();
assert_eq!(proof, deserialized); assert_eq!($proof, deserialized);
} }
} }
} }
macro_rules! test_dleq { macro_rules! test_dleq {
($str: expr, $benchmark: ident, $name: ident, $type: ident) => { ($str: literal, $benchmark: ident, $name: ident, $type: ident) => {
#[ignore] #[ignore]
#[test] #[test]
fn $benchmark() { fn $benchmark() {
@ -93,7 +93,7 @@ macro_rules! test_dleq {
#[cfg(feature = "serialize")] #[cfg(feature = "serialize")]
{ {
let mut buf = vec![]; let mut buf = vec![];
proofs[0].serialize(&mut buf); proofs[0].serialize(&mut buf).unwrap();
println!("{} had a proof size of {} bytes", $str, buf.len()); println!("{} had a proof size of {} bytes", $str, buf.len());
} }
} }
@ -126,7 +126,7 @@ macro_rules! test_dleq {
res res
}; };
verify_and_deserialize!($type, proof, generators, keys); verify_and_deserialize!($type::<G0, G1>, proof, generators, keys);
} }
} }
} }
@ -183,5 +183,10 @@ fn test_remainder() {
).unwrap(); ).unwrap();
assert_eq!(keys, res); assert_eq!(keys, res);
verify_and_deserialize!(ConciseLinearDLEq, proof, generators, keys); verify_and_deserialize!(
ConciseLinearDLEq::<ProjectivePoint, ProjectivePoint>,
proof,
generators,
keys
);
} }