Files
dusk_plonk
commitment_scheme
kzg10
errors.rskey.rsmod.rssrs.rs
mod.rs
constraint_system
ecc
gates.rsmod.rs
arithmetic.rsboolean.rscomposer.rscs_errors.rslogic.rsmod.rsrange.rsvariable.rs
fft
domain.rsevaluations.rsfft_errors.rsmod.rspolynomial.rs
permutation
constants.rsmod.rspermutation.rs
proof_system
widget
arithmetic
mod.rsproverkey.rsverifierkey.rs
ecc
mod.rsproverkey.rsverifierkey.rs
logic
mod.rsproverkey.rsverifierkey.rs
permutation
mod.rsproverkey.rsverifierkey.rs
range
mod.rsproverkey.rsverifierkey.rs
mod.rs
linearisation_poly.rsmod.rspreprocess.rsproof.rsproof_system_errors.rsprover.rsquotient_poly.rsverifier.rs
bit_iterator.rslib.rsprelude.rstranscript.rsutil.rs
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

use crate::commitment_scheme::kzg10::{CommitKey, OpeningKey};
use crate::constraint_system::StandardComposer;
use crate::proof_system::widget::VerifierKey;
use crate::proof_system::Proof;
use dusk_bls12_381::Scalar;
use failure::Error;
use merlin::Transcript;
/// Verifier verifies a proof
#[allow(missing_debug_implementations)]
pub struct Verifier {
    /// VerificationKey which is used to verify a specific PLONK circuit
    pub verifier_key: Option<VerifierKey>,

    pub(crate) cs: StandardComposer,
    /// Store the messages exchanged during the preprocessing stage
    /// This is copied each time, we make a proof, so that we can use the same verifier to
    /// Verify multiple proofs from the same circuit. If this is not copied, then the verification procedure will modify
    /// the transcript, making it unusable for future proofs.
    pub preprocessed_transcript: Transcript,
}

impl Default for Verifier {
    fn default() -> Verifier {
        Verifier::new(b"plonk")
    }
}

impl Verifier {
    /// Creates a new verifier object
    pub fn new(label: &'static [u8]) -> Verifier {
        Verifier {
            verifier_key: None,
            cs: StandardComposer::new(),
            preprocessed_transcript: Transcript::new(label),
        }
    }

    /// Returns the number of gates in the circuit
    pub fn circuit_size(&self) -> usize {
        self.cs.circuit_size()
    }

    /// Returns a mutable copy of the underlying composer
    pub fn mut_cs(&mut self) -> &mut StandardComposer {
        &mut self.cs
    }

    /// Preprocess a proof
    pub fn preprocess(&mut self, commit_key: &CommitKey) -> Result<(), Error> {
        let vk = self
            .cs
            .preprocess_verifier(commit_key, &mut self.preprocessed_transcript)?;

        self.verifier_key = Some(vk);
        Ok(())
    }

    /// Keys the transcript with additional seed information
    /// Wrapper around transcript.append_message
    pub fn key_transcript(&mut self, label: &'static [u8], message: &[u8]) {
        self.preprocessed_transcript.append_message(label, message);
    }

    /// Verifies a proof
    pub fn verify(
        &self,
        proof: &Proof,
        opening_key: &OpeningKey,
        public_inputs: &[Scalar],
    ) -> Result<(), Error> {
        let mut cloned_transcript = self.preprocessed_transcript.clone();
        let verifier_key = self.verifier_key.as_ref().unwrap();

        proof.verify(
            verifier_key,
            &mut cloned_transcript,
            opening_key,
            public_inputs,
        )
    }
}