trait ProverInterpreter extends Interpreter with ProverUtils with AttributionCore
Interpreter with enhanced functionality to prove statements.
- Alphabetic
- By Inheritance
- ProverInterpreter
- AttributionCore
- AttributionCommon
- ProverUtils
- Interpreter
- ScorexLogging
- StrictLogging
- AnyRef
- Any
- Hide All
- Show All
- Public
- All
Type Members
-
class
MutableCell[T] extends AnyRef
- Definition Classes
- Interpreter
-
abstract
type
CTX <: InterpreterContext
- Definition Classes
- Interpreter
-
class
CachedAttribute[T, U] extends Attribute[T, U]
- Definition Classes
- AttributionCore
-
class
CachedDynamicAttribute[T, U] extends CachedAttribute[T, U]
- Definition Classes
- AttributionCore
-
class
CachedParamAttribute[A, T, U] extends (A) ⇒ Attribute[T, U]
- Definition Classes
- AttributionCore
-
class
CircularAttribute[T, U] extends Attribute[T, U]
- Definition Classes
- AttributionCore
-
class
ConstantAttribute[T, U] extends Attribute[T, U]
- Definition Classes
- AttributionCommon
-
type
ProofT = UncheckedTree
- Definition Classes
- ProverInterpreter → Interpreter
Abstract Value Members
-
abstract
val
IR: IRContext
- Definition Classes
- Interpreter
- abstract def secrets: Seq[SigmaProtocolPrivateInput[_, _]]
Concrete Value Members
-
final
def
!=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
##(): Int
- Definition Classes
- AnyRef → Any
-
final
def
==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
applyDeserializeContext(context: CTX, exp: Value[SType]): (BoolValue, CTX)
Substitute Deserialize* nodes with deserialized subtrees We can estimate cost of the tree evaluation only after this step.
Substitute Deserialize* nodes with deserialized subtrees We can estimate cost of the tree evaluation only after this step.
- Definition Classes
- Interpreter
-
final
def
asInstanceOf[T0]: T0
- Definition Classes
- Any
-
macro
def
attr[T, U](f: (T) ⇒ U): CachedAttribute[T, U]
- Definition Classes
- AttributionCore
-
def
attrWithName[T, U](name: String, f: (T) ⇒ U): CachedAttribute[T, U]
- Definition Classes
- AttributionCore
-
def
bagForMultisig(context: CTX, ergoTree: ErgoTree, proof: Array[Byte], realSecretsToExtract: Seq[SigmaBoolean], simulatedSecretsToExtract: Seq[SigmaBoolean] = Seq.empty): HintsBag
A method which is extracting partial proofs of secret knowledge for particular secrets with their respective public images given.
A method which is extracting partial proofs of secret knowledge for particular secrets with their respective public images given. Useful for distributed signature applications.
See DistributedSigSpecification for examples of usage.
- context
- context used to reduce the proposition
- ergoTree
- proposition to reduce
- proof
- proof for reduced proposition
- realSecretsToExtract
- public keys of secrets with real proofs
- simulatedSecretsToExtract
- public keys of secrets with simulated proofs
- returns
- bag of OtherSecretProven and OtherCommitment hints
- Definition Classes
- ProverUtils
-
def
calcResult(context: Context, calcF: eval.IRContext.Ref[(eval.IRContext.Context) ⇒ Any]): SigmaProp
- Definition Classes
- Interpreter
-
macro
def
circular[T, U](init: U)(f: (T) ⇒ U): CircularAttribute[T, U]
- Definition Classes
- AttributionCore
-
def
circularWithName[T, U](name: String, init: U)(f: (T) ⇒ U): CircularAttribute[T, U]
- Definition Classes
- AttributionCore
-
def
clone(): AnyRef
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native()
-
val
computeCommitments: Strategy
Verifier Step 4: For every leaf node, compute the commitment a from the challenge e and response $z$, per the verifier algorithm of the leaf's Sigma-protocol.
Verifier Step 4: For every leaf node, compute the commitment a from the challenge e and response $z$, per the verifier algorithm of the leaf's Sigma-protocol. If the verifier algorithm of the Sigma-protocol for any of the leaves rejects, then reject the entire proof.
- Definition Classes
- Interpreter
-
def
constant[T, U](name: String, u: ⇒ U): Attribute[T, U]
- Definition Classes
- AttributionCommon
-
macro
def
constant[T, U](u: ⇒ U): Attribute[T, U]
- Definition Classes
- AttributionCommon
- val convertToUnchecked: (ProofTree) ⇒ UncheckedSigmaTree
- def convertToUnproven(sigmaTree: SigmaBoolean): UnprovenTree
-
def
deserializeMeasured(context: CTX, scriptBytes: Array[Byte]): (CTX, Value[SType])
Deserializes given script bytes using ValueSerializer (i.e.
Deserializes given script bytes using ValueSerializer (i.e. assuming expression tree format). It also measures tree complexity adding to the total estimated cost of script execution. The new returned context contains increased
initCost
and should be used for further processing.The method SHOULD be called only inside trySoftForkable scope, to make deserialization soft-forkable.
NOTE: While ErgoTree is always of type SigmaProp, ValueSerializer can serialize expression of any type. So it cannot be replaced with ErgoTreeSerializer here.
- Definition Classes
- Interpreter
-
macro
def
dynAttr[T, U](f: (T) ⇒ U): CachedDynamicAttribute[T, U]
- Definition Classes
- AttributionCore
-
def
dynAttrWithName[T, U](name: String, f: (T) ⇒ U): CachedDynamicAttribute[T, U]
- Definition Classes
- AttributionCore
-
final
def
eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
def
equals(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
finalize(): Unit
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( classOf[java.lang.Throwable] )
-
def
fullReduction(ergoTree: ErgoTree, context: CTX, env: ScriptEnv): (SigmaBoolean, Long)
Full reduction of initial expression given in the ErgoTree form to a SigmaBoolean value (which encodes whether a sigma-protocol proposition or a boolean value, so true or false).
Full reduction of initial expression given in the ErgoTree form to a SigmaBoolean value (which encodes whether a sigma-protocol proposition or a boolean value, so true or false).
Works as follows: 1) parse ErgoTree instance into a typed AST 2) go bottom-up the tree to replace DeserializeContext nodes only 3) estimate cost and reduce the AST to a SigmaBoolean instance (so sigma-tree or trivial boolean value)
- ergoTree
- input ErgoTree expression to reduce
- context
- context used in reduction
- env
- script environment
- returns
sigma boolean and the updated cost counter after reduction
- Definition Classes
- Interpreter
-
def
generateCommitments(sigmaTree: SigmaBoolean): HintsBag
Generate commitments for given crypto-tree (sigma-tree) for prover's secrets.
-
def
generateCommitments(ergoTree: ErgoTree, ctx: CTX): HintsBag
Generate commitments for given ergo tree for prover's secrets.
Generate commitments for given ergo tree for prover's secrets. The prover is reducing the given tree to crypto-tree by using the given context, and then generates commitments.
-
def
generateCommitmentsFor(sigmaTree: SigmaBoolean, generateFor: Seq[SigmaBoolean]): HintsBag
A method which is is generating commitments for all the public keys provided.
A method which is is generating commitments for all the public keys provided.
Currently only keys in form of ProveDlog and ProveDiffieHellman are supported, not more complex subtrees.
- sigmaTree
- crypto-tree
- generateFor
- public keys for which commitments should be generated
- returns
generated commitments (private, containing secret randomness, and public, containing only commitments)
- Definition Classes
- ProverUtils
-
def
generateCommitmentsFor(ergoTree: ErgoTree, context: CTX, generateFor: Seq[SigmaBoolean]): HintsBag
Generate commitments for a given ergoTree (mixed-tree) and public keys.
Generate commitments for a given ergoTree (mixed-tree) and public keys.
First, the given tree is to be reduced to crypto-tree (sigma-tree) by using context provided.
- Definition Classes
- ProverUtils
-
final
def
getClass(): Class[_]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
def
hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
implicit
def
internalToDynamicAttribute[T, U](f: (T) ⇒ U): CachedDynamicAttribute[T, U]
- Definition Classes
- AttributionCore
-
final
def
isInstanceOf[T0]: Boolean
- Definition Classes
- Any
-
def
log: Logger
- Attributes
- protected
- Definition Classes
- ScorexLogging
- Annotations
- @inline()
-
val
logger: Logger
- Attributes
- protected
- Definition Classes
- StrictLogging
-
def
markReal(hintsBag: HintsBag): Strategy
Prover Step 1: This step will mark as "real" every node for which the prover can produce a real proof.
Prover Step 1: This step will mark as "real" every node for which the prover can produce a real proof. This step may mark as "real" more nodes than necessary if the prover has more than the minimal necessary number of witnesses (for example, more than one child of an OR). This will be corrected in the next step. In a bottom-up traversal of the tree, do the following for each node:
-
final
def
ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
final
def
notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
final
def
notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
macro
def
paramAttr[V, T, U](f: (V) ⇒ (T) ⇒ U): CachedParamAttribute[V, T, U]
- Definition Classes
- AttributionCore
-
def
paramAttrWithName[V, T, U](name: String, f: (V) ⇒ (T) ⇒ U): CachedParamAttribute[V, T, U]
- Definition Classes
- AttributionCore
-
val
polishSimulated: Strategy
Prover Step 3: This step will change some "real" nodes to "simulated" to make sure each node has the right number of simulated children.
Prover Step 3: This step will change some "real" nodes to "simulated" to make sure each node has the right number of simulated children. Also, children will get proper position set during this step. In a top-down traversal of the tree, do the following for each node:
-
def
propositionFromErgoTree(ergoTree: ErgoTree, context: CTX): SigmaPropValue
Extracts proposition for ErgoTree handing soft-fork condition.
Extracts proposition for ErgoTree handing soft-fork condition.
- Definition Classes
- Interpreter
- Note
soft-fork handler
- def prove(env: ScriptEnv, ergoTree: ErgoTree, context: CTX, message: Array[Byte], hintsBag: HintsBag = HintsBag.empty): Try[CostedProverResult]
- def prove(ergoTree: ErgoTree, context: CTX, message: Array[Byte]): Try[CostedProverResult]
- def prove(ergoTree: ErgoTree, context: CTX, message: Array[Byte], hintsBag: HintsBag): Try[CostedProverResult]
-
def
prove(unprovenTree: UnprovenTree, message: Array[Byte], hintsBag: HintsBag): ProofT
The comments in this section are taken from the algorithm for the Sigma-protocol prover as described in the ErgoScript white-paper https://ergoplatform.org/docs/ErgoScript.pdf , Appendix A
The comments in this section are taken from the algorithm for the Sigma-protocol prover as described in the ErgoScript white-paper https://ergoplatform.org/docs/ErgoScript.pdf , Appendix A
- Attributes
- protected
-
def
proving(hintsBag: HintsBag): Strategy
Prover Step 9: Perform a top-down traversal of only the portion of the tree marked "real" in order to compute the challenge e for every node marked "real" below the root and, additionally, the response z for every leaf marked "real"
-
def
publicKeys: Seq[SigmaBoolean]
Public keys of prover's secrets.
Public keys of prover's secrets. This operation can be costly if there are many secrets the prover knows, consider re-implementation of this field then.
-
def
reduceToCrypto(context: CTX, exp: Value[SType]): Try[ReductionResult]
- Definition Classes
- Interpreter
-
def
reduceToCrypto(context: CTX, env: ScriptEnv, exp: Value[SType]): Try[ReductionResult]
This method is used in both prover and verifier to compute SigmaBoolean value.
This method is used in both prover and verifier to compute SigmaBoolean value. As the first step the cost of computing the
exp
expression in the given context is estimated. If cost is above limit then exception is returned andexp
is not executed elseexp
is computed in the given context and the resulting SigmaBoolean returned.- context
the context in which
exp
should be executed- env
environment of system variables used by the interpreter internally
- exp
expression to be executed in the given
context
- returns
result of script reduction
- Definition Classes
- Interpreter
- See also
ReductionResult
-
def
setPositions(uc: UnprovenConjecture): UnprovenConjecture
Set positions for children of a unproven inner node (conjecture, so AND/OR/THRESHOLD)
Set positions for children of a unproven inner node (conjecture, so AND/OR/THRESHOLD)
- Attributes
- protected
-
def
simulateAndCommit(hintsBag: HintsBag): Strategy
Prover Step 4: In a top-down traversal of the tree, compute the challenges e for simulated children of every node Prover Step 5: For every leaf marked "simulated", use the simulator of the Sigma-protocol for that leaf to compute the commitment $a$ and the response z, given the challenge e that is already stored in the leaf.
Prover Step 4: In a top-down traversal of the tree, compute the challenges e for simulated children of every node Prover Step 5: For every leaf marked "simulated", use the simulator of the Sigma-protocol for that leaf to compute the commitment $a$ and the response z, given the challenge e that is already stored in the leaf. Prover Step 6: For every leaf marked "real", use the first prover step of the Sigma-protocol for that leaf to compute the commitment a.
-
def
substDeserialize(context: CTX, updateContext: (CTX) ⇒ Unit, node: SValue): Option[SValue]
- updateContext
call back to setup new context (with updated cost limit) to be passed next time
- Definition Classes
- Interpreter
-
final
def
synchronized[T0](arg0: ⇒ T0): T0
- Definition Classes
- AnyRef
-
def
toString(): String
- Definition Classes
- AnyRef → Any
-
def
toValidScriptType(exp: SValue): BoolValue
- Definition Classes
- Interpreter
-
def
verify(ergoTree: ErgoTree, context: CTX, proof: ProverInterpreter.ProofT, message: Array[Byte]): Try[VerificationResult]
- Definition Classes
- Interpreter
-
def
verify(env: ScriptEnv, ergoTree: ErgoTree, context: CTX, proverResult: ProverResult, message: Array[Byte]): Try[VerificationResult]
- Definition Classes
- Interpreter
-
def
verify(ergoTree: ErgoTree, context: CTX, proverResult: ProverResult, message: Array[Byte]): Try[VerificationResult]
- Definition Classes
- Interpreter
-
def
verify(env: ScriptEnv, ergoTree: ErgoTree, context: CTX, proof: Array[Byte], message: Array[Byte]): Try[VerificationResult]
Executes the script in a given context.
Executes the script in a given context. Step 1: Deserialize context variables Step 2: Evaluate expression and produce SigmaProp value, which is zero-knowledge statement (see also
SigmaBoolean
). Step 3: Verify that the proof is presented to satisfy SigmaProp conditions.- env
environment of system variables used by the interpreter internally
- ergoTree
ErgoTree expression to execute in the given context and verify its result
- context
the context in which
exp
should be executed- proof
The proof of knowledge of the secrets which is expected by the resulting SigmaProp
- message
message bytes, which are used in verification of the proof
- returns
verification result or Exception. If if the estimated cost of execution of the
exp
exceeds the limit (given incontext
), then exception if thrown and packed in Try. If left component is false, then: 1) script executed to false or 2) the given proof failed to validate resulting SigmaProp conditions.
- Definition Classes
- Interpreter
- See also
reduceToCrypto
-
final
def
wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native()