Namespaces
namespace	detail
	Internal access helpers for experimental BPPP backend implementations.

Data Structures
struct	BpppBackendResourcesDeleter

struct	CommittedPurifyWitness
	Purify witness bundle together with a Pedersen commitment to the output. More...

class	ExperimentalCircuitBackend
	Common interface for reusable experimental BPPP backend state. More...

class	ExperimentalCircuitCache
	Caller-owned cache for reusable experimental circuit reduction and BPPP backend data. More...

class	ExperimentalCircuitCacheLine
	Thread-local clone of one warmed experimental BPPP backend-resource line. More...

struct	ExperimentalCircuitNormArgProof
	Experimental transparent circuit proof backed by the standalone BPPP norm argument. More...

struct	ExperimentalCircuitZkNormArgProof
	Experimental masked circuit proof that hides the reduced witness before the final BPPP argument. More...

struct	GeneratorBackendCacheKeyHash

struct	NormArgInputs
	Inputs required to produce a standalone BPPP norm argument. More...

struct	NormArgProof
	Standalone BPPP norm-argument proof bundle with all verifier-side inputs. More...

Typedefs
using	ScalarBytes = std::array< unsigned char, 32 >
	Big-endian 32-byte scalar encoding.

using	PointBytes = std::array< unsigned char, 33 >
	Compressed 33-byte curve-point encoding.

using	GeneratorBytes = std::array< unsigned char, 33 >
	Serialized generator encoding used by the BPPP bridge.

using	OwnedBpppBackendResources = std::unique_ptr< purify_bppp_backend_resources, BpppBackendResourcesDeleter >

using	GeneratorBackendCacheKey = std::array< unsigned char, 32 >

using	CircuitNormArgPublicDataCacheKey = std::array< unsigned char, 32 >

using	CircuitNormArgPublicDataCacheKeyHash = GeneratorBackendCacheKeyHash

Functions
GeneratorBytes	base_generator (purify_secp_context *secp_context)
	Returns the serialized secp256k1 base generator used as the blind generator.

GeneratorBytes	value_generator_h (purify_secp_context *secp_context)
	Returns the serialized alternate generator used for committed values.

Result< std::vector< PointBytes > >	create_generators (std::size_t count, purify_secp_context *secp_context)
	Expands the BPPP generator list.

Result< PointBytes >	pedersen_commit_char (const ScalarBytes &blind, const ScalarBytes &value, purify_secp_context *secp_context)
	Computes a Pedersen commitment to an arbitrary 32-byte scalar value using Purify's default generators.

Result< PointBytes >	pedersen_commit_char (const ScalarBytes &blind, const ScalarBytes &value, purify_secp_context *secp_context, const GeneratorBytes &value_gen, const GeneratorBytes &blind_gen)
	Computes a Pedersen commitment to an arbitrary 32-byte scalar value with explicit generators.

ScalarBytes	scalar_bytes (const FieldElement &value)
	Serializes a Purify field element into the scalar encoding expected by the BPPP bridge.

std::vector< ScalarBytes >	scalar_bytes (const std::vector< FieldElement > &values)
	Serializes a vector of Purify field elements into BPPP scalar encodings.

Result< PointBytes >	commit_norm_arg (const NormArgInputs &inputs, purify_secp_context *secp_context)
	Computes the public BPPP commitment for a standalone norm-argument input bundle.

Result< NormArgProof >	prove_norm_arg (const NormArgInputs &inputs, purify_secp_context *secp_context)
	Produces a standalone BPPP norm argument.

Result< NormArgProof >	prove_norm_arg (NormArgInputs &&inputs, purify_secp_context *secp_context)
	Produces a standalone BPPP norm argument, moving large inputs into the returned proof when possible.

Result< NormArgProof >	prove_norm_arg_to_commitment (const NormArgInputs &inputs, const PointBytes &commitment, purify_secp_context *secp_context)
	Produces a standalone BPPP norm argument anchored to a caller-supplied public commitment.

bool	verify_norm_arg (const NormArgProof &proof, purify_secp_context *secp_context)
	Verifies a standalone BPPP norm argument.

Result< PointBytes >	commit_experimental_circuit_witness (const NativeBulletproofCircuit &circuit, const BulletproofAssignmentData &assignment, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Commits to the reduced witness coordinates used by the experimental circuit-to-BPPP reduction.

Result< ExperimentalCircuitNormArgProof >	prove_experimental_circuit_norm_arg (const NativeBulletproofCircuit &circuit, const BulletproofAssignmentData &assignment, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Produces an anchored transparent circuit proof using the experimental circuit-to-BPPP reduction.

Result< ExperimentalCircuitNormArgProof >	prove_experimental_circuit_norm_arg_to_commitment (const NativeBulletproofCircuit &circuit, const BulletproofAssignmentData &assignment, const PointBytes &witness_commitment, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Produces an anchored transparent circuit proof against a caller-supplied reduced witness commitment.

Result< bool >	verify_experimental_circuit_norm_arg (const NativeBulletproofCircuit &circuit, const ExperimentalCircuitNormArgProof &proof, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Verifies an experimental transparent circuit proof produced by `prove_experimental_circuit_norm_arg`.

Result< ExperimentalCircuitZkNormArgProof >	prove_experimental_circuit_zk_norm_arg (const NativeBulletproofCircuit &circuit, const BulletproofAssignmentData &assignment, const ScalarBytes &nonce, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Produces an experimental masked circuit proof over the reduced BPPP relation.

Result< bool >	verify_experimental_circuit_zk_norm_arg (const NativeBulletproofCircuit &circuit, const ExperimentalCircuitZkNormArgProof &proof, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Verifies an experimental masked circuit proof produced by `prove_experimental_circuit_zk_norm_arg`.

Result< ExperimentalCircuitZkNormArgProof >	prove_experimental_circuit_zk_norm_arg_with_public_commitments (const NativeBulletproofCircuit &circuit, const BulletproofAssignmentData &assignment, const ScalarBytes &nonce, std::span< const PointBytes > public_commitments, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Produces an experimental masked circuit proof bound to explicit public commitment points.

Result< bool >	verify_experimental_circuit_zk_norm_arg_with_public_commitments (const NativeBulletproofCircuit &circuit, const ExperimentalCircuitZkNormArgProof &proof, std::span< const PointBytes > public_commitments, purify_secp_context secp_context, std::span< const unsigned char > statement_binding={}, ExperimentalCircuitBackend cache=nullptr)
	Verifies an experimental masked circuit proof against explicit public commitment points.

Result< CommittedPurifyWitness >	commit_output_witness (const Bytes &message, const SecretKey &secret, const ScalarBytes &blind, purify_secp_context *secp_context)
	Evaluates Purify, derives its witness, and commits to the output using Purify's default generators.

Result< CommittedPurifyWitness >	commit_output_witness (const Bytes &message, const SecretKey &secret, const ScalarBytes &blind, purify_secp_context *secp_context, const GeneratorBytes &value_gen, const GeneratorBytes &blind_gen)
	Evaluates Purify, derives its witness, and commits to the output with explicit generators.

template<typename Digest >
std::size_t	digest_prefix_hash (const Digest &digest) noexcept

GeneratorBackendCacheKey	generator_backend_cache_key (std::span< const PointBytes > generators)

Result< PointBytes >	commit_norm_arg_with_cache (const NormArgInputs &inputs, purify_secp_context secp_context, ExperimentalCircuitBackend cache=nullptr)

Result< NormArgProof >	prove_norm_arg_to_commitment_with_cache (const NormArgInputs &inputs, const PointBytes &commitment, purify_secp_context secp_context, ExperimentalCircuitBackend cache=nullptr)

bool	verify_norm_arg_with_cache (const NormArgProof &proof, purify_secp_context secp_context, ExperimentalCircuitBackend cache=nullptr)

Result< ExperimentalCircuitZkNormArgProof >	prove_experimental_circuit_zk_norm_arg_impl (const NativeBulletproofCircuit &circuit, const BulletproofAssignmentData &assignment, const ScalarBytes &nonce, std::span< const PointBytes > public_commitments, purify_secp_context secp_context, std::span< const unsigned char > statement_binding, bool externalize_commitments, ExperimentalCircuitBackend cache)

Result< bool >	verify_experimental_circuit_zk_norm_arg_impl (const NativeBulletproofCircuit &circuit, const ExperimentalCircuitZkNormArgProof &proof, std::span< const PointBytes > public_commitments, purify_secp_context secp_context, std::span< const unsigned char > statement_binding, bool externalize_commitments, ExperimentalCircuitBackend cache)

Typedef Documentation

◆ CircuitNormArgPublicDataCacheKey

using purify::bppp::CircuitNormArgPublicDataCacheKey = typedef std::array<unsigned char, 32>

Definition at line 57 of file bppp.cpp.

◆ CircuitNormArgPublicDataCacheKeyHash

using purify::bppp::CircuitNormArgPublicDataCacheKeyHash = typedef GeneratorBackendCacheKeyHash

Definition at line 58 of file bppp.cpp.

◆ GeneratorBackendCacheKey

using purify::bppp::GeneratorBackendCacheKey = typedef std::array<unsigned char, 32>

Definition at line 40 of file bppp.cpp.

◆ GeneratorBytes

using purify::bppp::GeneratorBytes = typedef std::array<unsigned char, 33>

Definition at line 34 of file bppp.hpp.

◆ OwnedBpppBackendResources

using purify::bppp::OwnedBpppBackendResources = typedef std::unique_ptr<purify_bppp_backend_resources, BpppBackendResourcesDeleter>

Definition at line 37 of file bppp.cpp.

◆ PointBytes

using purify::bppp::PointBytes = typedef std::array<unsigned char, 33>

Definition at line 32 of file bppp.hpp.

◆ ScalarBytes

using purify::bppp::ScalarBytes = typedef std::array<unsigned char, 32>

Definition at line 30 of file bppp.hpp.

Function Documentation

◆ base_generator()

GeneratorBytes purify::bppp::base_generator ( purify_secp_context * secp_context )

Definition at line 1064 of file bppp.cpp.

References purify_bppp_base_generator().

Referenced by commit_output_witness(), main(), and pedersen_commit_char().

◆ commit_experimental_circuit_witness()

Result< PointBytes > purify::bppp::commit_experimental_circuit_witness	(	const NativeBulletproofCircuit &	circuit,
		const BulletproofAssignmentData &	assignment,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

Parameters

circuit	Native circuit to reduce.
assignment	Witness assignment to commit.
statement_binding	Optional statement bytes folded into the public reduction challenges.

Returns: Commitment to the reduced hidden witness coordinates.

Definition at line 1303 of file bppp.cpp.

References PURIFY_ASSIGN_OR_RETURN.

Referenced by prove_experimental_circuit_norm_arg().

◆ commit_norm_arg()

Result< PointBytes > purify::bppp::commit_norm_arg	(	const NormArgInputs &	inputs,
		purify_secp_context *	secp_context
	)

Definition at line 1286 of file bppp.cpp.

References commit_norm_arg_with_cache().

◆ commit_norm_arg_with_cache()

Result< PointBytes > purify::bppp::commit_norm_arg_with_cache	(	const NormArgInputs &	inputs,
		purify_secp_context *	secp_context,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

◆ commit_output_witness() [1/2]

Result< CommittedPurifyWitness > purify::bppp::commit_output_witness	(	const Bytes &	message,
		const SecretKey &	secret,
		const ScalarBytes &	blind,
		purify_secp_context *	secp_context
	)

Parameters

message	Message to evaluate.
secret	Owned Purify secret key.
blind	Blinding factor for the output commitment.
secp_context	Active secp256k1 context.

Returns: Witness bundle extended with the serialized output commitment.

Definition at line 1782 of file bppp.cpp.

References base_generator(), commit_output_witness(), and value_generator_h().

Referenced by commit_output_witness(), and purify::run_cli().

◆ commit_output_witness() [2/2]

Result< CommittedPurifyWitness > purify::bppp::commit_output_witness	(	const Bytes &	message,
		const SecretKey &	secret,
		const ScalarBytes &	blind,
		purify_secp_context *	secp_context,
		const GeneratorBytes &	value_gen,
		const GeneratorBytes &	blind_gen
	)

Parameters

message	Message to evaluate.
secret	Owned Purify secret key.
blind	Blinding factor for the output commitment.
secp_context	Active secp256k1 context.
value_gen	Generator used for the value term.
blind_gen	Generator used for the blind term.

Returns: Witness bundle extended with the serialized output commitment.

Definition at line 1790 of file bppp.cpp.

References pedersen_commit_char(), purify::prove_assignment_data(), purify::bppp::CommittedPurifyWitness::public_key, PURIFY_ASSIGN_OR_RETURN, and scalar_bytes().

◆ create_generators()

Result< std::vector< PointBytes > > purify::bppp::create_generators	(	std::size_t	count,
		purify_secp_context *	secp_context
	)

Parameters

count Number of generators requested.

Returns: Serialized generator points, or a BPPP input/backend error.

Definition at line 1083 of file bppp.cpp.

References purify::BackendRejectedInput, purify_bppp_create_generators(), PURIFY_RETURN_IF_ERROR, purify::require_secp_context(), purify::unexpected_error(), and purify::UnexpectedSize.

Referenced by commit_norm_arg_with_cache(), and prove_norm_arg_to_commitment_with_cache().

◆ digest_prefix_hash()

template<typename Digest >

std::size_t purify::bppp::digest_prefix_hash ( const Digest & digest )

noexcept

Definition at line 43 of file bppp.cpp.

Referenced by purify::bppp::GeneratorBackendCacheKeyHash::operator()().

◆ generator_backend_cache_key()

GeneratorBackendCacheKey purify::bppp::generator_backend_cache_key ( std::span< const PointBytes > generators )

Definition at line 60 of file bppp.cpp.

References generators, and purify_sha256().

Referenced by purify::bppp::ExperimentalCircuitCache::clone_line_for_thread().

◆ pedersen_commit_char() [1/2]

Result< PointBytes > purify::bppp::pedersen_commit_char	(	const ScalarBytes &	blind,
		const ScalarBytes &	value,
		purify_secp_context *	secp_context
	)

Parameters

blind	Blinding factor.
value	Committed scalar value.
secp_context	Active secp256k1 context.

Returns: Serialized compressed commitment point, or a backend rejection error.

Definition at line 1155 of file bppp.cpp.

References base_generator(), pedersen_commit_char(), and value_generator_h().

Referenced by commit_output_witness(), and pedersen_commit_char().

◆ pedersen_commit_char() [2/2]

Result< PointBytes > purify::bppp::pedersen_commit_char	(	const ScalarBytes &	blind,
		const ScalarBytes &	value,
		purify_secp_context *	secp_context,
		const GeneratorBytes &	value_gen,
		const GeneratorBytes &	blind_gen
	)

Parameters

blind	Blinding factor.
value	Committed scalar value.
secp_context	Active secp256k1 context.
value_gen	Generator used for the value term.
blind_gen	Generator used for the blind term.

Returns: Serialized compressed commitment point, or a backend rejection error.

Definition at line 1163 of file bppp.cpp.

References purify::BackendRejectedInput, purify_pedersen_commit_char(), PURIFY_RETURN_IF_ERROR, purify::require_secp_context(), and purify::unexpected_error().

◆ prove_experimental_circuit_norm_arg()

Result< ExperimentalCircuitNormArgProof > purify::bppp::prove_experimental_circuit_norm_arg	(	const NativeBulletproofCircuit &	circuit,
		const BulletproofAssignmentData &	assignment,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

Parameters

circuit	Native circuit to reduce.
assignment	Witness assignment to prove.
statement_binding	Optional statement bytes folded into the public reduction challenges.

Returns: Proof carrying the reduced witness commitment and BPPP proof bytes.

Definition at line 1379 of file bppp.cpp.

References commit_experimental_circuit_witness(), prove_experimental_circuit_norm_arg_to_commitment(), and PURIFY_ASSIGN_OR_RETURN.

◆ prove_experimental_circuit_norm_arg_to_commitment()

Result< ExperimentalCircuitNormArgProof > purify::bppp::prove_experimental_circuit_norm_arg_to_commitment	(	const NativeBulletproofCircuit &	circuit,
		const BulletproofAssignmentData &	assignment,
		const PointBytes &	witness_commitment,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

Parameters

circuit	Native circuit to reduce.
assignment	Witness assignment to prove.
witness_commitment	Public reduced witness commitment expected by the verifier.
statement_binding	Optional statement bytes folded into the public reduction challenges.

Returns: Proof carrying the supplied reduced witness commitment and BPPP proof bytes.

Definition at line 1318 of file bppp.cpp.

References purify::BackendRejectedInput, purify::BulletproofAssignmentData::commitments, purify::EquationMismatch, purify::NativeBulletproofCircuit::evaluate(), purify::NativeBulletproofCircuit::has_valid_shape(), purify::InvalidDimensions, purify::is_power_of_two_size(), purify::BulletproofAssignmentData::left, purify::NativeBulletproofCircuit::n_commitments, purify::NativeBulletproofCircuit::n_gates, purify::BulletproofAssignmentData::output, prove_norm_arg_to_commitment_with_cache(), PURIFY_ASSIGN_OR_RETURN, purify::BulletproofAssignmentData::right, purify::SizeMismatch, and purify::unexpected_error().

Referenced by prove_experimental_circuit_norm_arg().

◆ prove_experimental_circuit_zk_norm_arg()

Result< ExperimentalCircuitZkNormArgProof > purify::bppp::prove_experimental_circuit_zk_norm_arg	(	const NativeBulletproofCircuit &	circuit,
		const BulletproofAssignmentData &	assignment,
		const ScalarBytes &	nonce,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

This wrapper is intended to mimic the outer masking strategy of Bulletproof-style protocols: it commits to the reduced witness, commits to a random mask, derives a challenge, and only proves the challenge-combined witness with the inner BPPP norm argument. The inner BPPP implementation remains variable-time and should still be treated as experimental for secret data.

Parameters

circuit	Native circuit to reduce.
assignment	Witness assignment to prove.
nonce	Deterministic prover randomness used to derive the outer masking vectors.
statement_binding	Optional statement bytes folded into the public reduction challenges.

Returns: Masked proof bundle, or a reduction/backend error.

Definition at line 1737 of file bppp.cpp.

References nonce, and prove_experimental_circuit_zk_norm_arg_impl().

Referenced by main().

◆ prove_experimental_circuit_zk_norm_arg_impl()

Result< ExperimentalCircuitZkNormArgProof > purify::bppp::prove_experimental_circuit_zk_norm_arg_impl	(	const NativeBulletproofCircuit &	circuit,
		const BulletproofAssignmentData &	assignment,
		const ScalarBytes &	nonce,
		std::span< const PointBytes >	public_commitments,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding,
		bool	externalize_commitments,
		ExperimentalCircuitBackend *	cache
	)

Definition at line 1440 of file bppp.cpp.

References purify::BackendRejectedInput, binding_digest, purify::bppp::NormArgInputs::c_vec, purify::checked_add_size(), commit_norm_arg_with_cache(), purify::BulletproofAssignmentData::commitments, purify::EquationMismatch, purify::Expected< T, E >::error(), purify::NativeBulletproofCircuit::evaluate(), purify::experimental_circuit_binding_digest(), purify::FieldElement::from_int(), purify::bppp::NormArgInputs::generators, purify::NativeBulletproofCircuit::has_valid_shape(), purify::Expected< T, E >::has_value(), purify::InternalMismatch, purify::InvalidDimensions, purify::is_power_of_two_size(), purify::FieldElement::is_zero(), purify::bppp::NormArgInputs::l_vec, purify::BulletproofAssignmentData::left, purify::NativeBulletproofCircuit::n_commitments, purify::NativeBulletproofCircuit::n_gates, purify::bppp::NormArgInputs::n_vec, nonce, purify::BulletproofAssignmentData::output, purify::Overflow, prove_norm_arg_to_commitment_with_cache(), PURIFY_ASSIGN_OR_RETURN, PURIFY_RETURN_IF_ERROR, purify::bppp::NormArgInputs::rho, purify::BulletproofAssignmentData::right, scalar_bytes(), purify::SizeMismatch, purify::unexpected_error(), and purify::FieldElement::zero().

Referenced by prove_experimental_circuit_zk_norm_arg(), and prove_experimental_circuit_zk_norm_arg_with_public_commitments().

◆ prove_experimental_circuit_zk_norm_arg_with_public_commitments()

Result< ExperimentalCircuitZkNormArgProof > purify::bppp::prove_experimental_circuit_zk_norm_arg_with_public_commitments	(	const NativeBulletproofCircuit &	circuit,
		const BulletproofAssignmentData &	assignment,
		const ScalarBytes &	nonce,
		std::span< const PointBytes >	public_commitments,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

This variant removes the circuit commitment scalars from the hidden reduced witness and instead binds them through caller-supplied compressed secp256k1 points. Each point must equal the exact public commitment assignment.commitments[i] * G for the matching circuit commitment wire.

Definition at line 1758 of file bppp.cpp.

References nonce, and prove_experimental_circuit_zk_norm_arg_impl().

◆ prove_norm_arg() [1/2]

Result< NormArgProof > purify::bppp::prove_norm_arg	(	const NormArgInputs &	inputs,
		purify_secp_context *	secp_context
	)

Parameters

inputs Prover inputs and optional generators.

Returns: Proof bundle containing all verifier-side inputs, or a BPPP input/backend error.

Definition at line 1180 of file bppp.cpp.

Referenced by main().

◆ prove_norm_arg() [2/2]

Result< NormArgProof > purify::bppp::prove_norm_arg	(	NormArgInputs &&	inputs,
		purify_secp_context *	secp_context
	)

Definition at line 1185 of file bppp.cpp.

◆ prove_norm_arg_to_commitment()

Result< NormArgProof > purify::bppp::prove_norm_arg_to_commitment	(	const NormArgInputs &	inputs,
		const PointBytes &	commitment,
		purify_secp_context *	secp_context
	)

Definition at line 1292 of file bppp.cpp.

References prove_norm_arg_to_commitment_with_cache().

◆ prove_norm_arg_to_commitment_with_cache()

Result< NormArgProof > purify::bppp::prove_norm_arg_to_commitment_with_cache	(	const NormArgInputs &	inputs,
		const PointBytes &	commitment,
		purify_secp_context *	secp_context,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

◆ scalar_bytes() [1/2]

ScalarBytes purify::bppp::scalar_bytes ( const FieldElement & value )

inline

Parameters

value Field element to serialize.

Returns: Big-endian scalar bytes.

Definition at line 78 of file bppp.hpp.

References purify::FieldElement::to_bytes_be().

Referenced by commit_output_witness(), prove_experimental_circuit_zk_norm_arg_impl(), and scalar_bytes().

◆ scalar_bytes() [2/2]

std::vector< ScalarBytes > purify::bppp::scalar_bytes ( const std::vector< FieldElement > & values )

inline

Parameters

values Field elements to serialize.

Returns: Serialized scalar vector.

Definition at line 87 of file bppp.hpp.

References scalar_bytes().

◆ value_generator_h()

GeneratorBytes purify::bppp::value_generator_h ( purify_secp_context * secp_context )

Definition at line 1073 of file bppp.cpp.

References purify_bppp_value_generator_h().

Referenced by commit_output_witness(), and pedersen_commit_char().

◆ verify_experimental_circuit_norm_arg()

Result< bool > purify::bppp::verify_experimental_circuit_norm_arg	(	const NativeBulletproofCircuit &	circuit,
		const ExperimentalCircuitNormArgProof &	proof,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

Parameters

circuit	Native circuit to reduce.
proof	Reduced witness commitment plus proof bytes.
statement_binding	Optional statement bytes folded into the public reduction challenges.

Returns: True when the proof verifies against the public circuit statement.

Definition at line 1394 of file bppp.cpp.

References purify::bppp::NormArgProof::c_vec, purify::checked_mul_size(), purify::bppp::NormArgProof::commitment, purify::EmptyInput, purify::bppp::NormArgProof::generators, purify::NativeBulletproofCircuit::has_valid_shape(), purify::InvalidDimensions, purify::is_power_of_two_size(), purify::NativeBulletproofCircuit::n_gates, purify::bppp::NormArgProof::n_vec_len, purify::Overflow, purify::bppp::NormArgProof::proof, purify::bppp::ExperimentalCircuitNormArgProof::proof, public_data, PURIFY_ASSIGN_OR_RETURN, purify::bppp::NormArgProof::rho, purify::unexpected_error(), verify_norm_arg_with_cache(), and purify::bppp::ExperimentalCircuitNormArgProof::witness_commitment.

◆ verify_experimental_circuit_zk_norm_arg()

Result< bool > purify::bppp::verify_experimental_circuit_zk_norm_arg	(	const NativeBulletproofCircuit &	circuit,
		const ExperimentalCircuitZkNormArgProof &	proof,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

Parameters

circuit	Native circuit to reduce.
proof	Outer commitments plus the inner masked BPPP proof.
statement_binding	Optional statement bytes folded into the public reduction challenges.

Returns: True when the masked proof verifies against the public circuit statement.

Definition at line 1747 of file bppp.cpp.

References verify_experimental_circuit_zk_norm_arg_impl().

Referenced by main().

◆ verify_experimental_circuit_zk_norm_arg_impl()

Result< bool > purify::bppp::verify_experimental_circuit_zk_norm_arg_impl	(	const NativeBulletproofCircuit &	circuit,
		const ExperimentalCircuitZkNormArgProof &	proof,
		std::span< const PointBytes >	public_commitments,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding,
		bool	externalize_commitments,
		ExperimentalCircuitBackend *	cache
	)

Definition at line 1664 of file bppp.cpp.

References purify::bppp::ExperimentalCircuitZkNormArgProof::a_commitment, binding_digest, purify::bppp::NormArgProof::c_vec, purify::checked_mul_size(), purify::bppp::NormArgProof::commitment, purify::EmptyInput, purify::experimental_circuit_binding_digest(), purify::bppp::NormArgProof::generators, purify::NativeBulletproofCircuit::has_valid_shape(), purify::InvalidDimensions, purify::is_power_of_two_size(), purify::NativeBulletproofCircuit::n_gates, purify::bppp::NormArgProof::n_vec_len, purify::Overflow, purify::bppp::NormArgProof::proof, purify::bppp::ExperimentalCircuitZkNormArgProof::proof, public_data, PURIFY_ASSIGN_OR_RETURN, purify::bppp::NormArgProof::rho, purify::bppp::ExperimentalCircuitZkNormArgProof::s_commitment, purify::bppp::ExperimentalCircuitZkNormArgProof::t2, purify::FieldElement::try_from_bytes32(), purify::unexpected_error(), and verify_norm_arg_with_cache().

Referenced by verify_experimental_circuit_zk_norm_arg(), and verify_experimental_circuit_zk_norm_arg_with_public_commitments().

◆ verify_experimental_circuit_zk_norm_arg_with_public_commitments()

Result< bool > purify::bppp::verify_experimental_circuit_zk_norm_arg_with_public_commitments	(	const NativeBulletproofCircuit &	circuit,
		const ExperimentalCircuitZkNormArgProof &	proof,
		std::span< const PointBytes >	public_commitments,
		purify_secp_context *	secp_context,
		std::span< const unsigned char >	statement_binding = `{}`,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

The verifier reconstructs the anchored outer commitment from proof.a_commitment, the folded circuit target, and the supplied public commitment points before checking the inner BPPP proof.

Definition at line 1770 of file bppp.cpp.

References verify_experimental_circuit_zk_norm_arg_impl().

◆ verify_norm_arg()

bool purify::bppp::verify_norm_arg	(	const NormArgProof &	proof,
		purify_secp_context *	secp_context
	)

Parameters

proof Proof bundle returned by prove_norm_arg.

Returns: True when the proof verifies.

Definition at line 1298 of file bppp.cpp.

References verify_norm_arg_with_cache().

Referenced by main().

◆ verify_norm_arg_with_cache()

bool purify::bppp::verify_norm_arg_with_cache	(	const NormArgProof &	proof,
		purify_secp_context *	secp_context,
		ExperimentalCircuitBackend *	cache = `nullptr`
	)

Definition at line 1259 of file bppp.cpp.

References purify::bppp::NormArgProof::c_vec, c_vec, purify::bppp::NormArgProof::commitment, purify::bppp::NormArgProof::generators, purify::bppp::NormArgProof::n_vec_len, purify::bppp::NormArgProof::proof, purify_bppp_verify_norm_arg(), purify_bppp_verify_norm_arg_with_resources(), and purify::bppp::NormArgProof::rho.

Referenced by verify_experimental_circuit_norm_arg(), verify_experimental_circuit_zk_norm_arg_impl(), and verify_norm_arg().

Namespaces

Data Structures

Typedefs

Functions

Typedef Documentation

◆ CircuitNormArgPublicDataCacheKey

◆ CircuitNormArgPublicDataCacheKeyHash

◆ GeneratorBackendCacheKey

◆ GeneratorBytes

◆ OwnedBpppBackendResources

◆ PointBytes

◆ ScalarBytes

Function Documentation

◆ base_generator()

◆ commit_experimental_circuit_witness()

◆ commit_norm_arg()

◆ commit_norm_arg_with_cache()

◆ commit_output_witness() [1/2]

◆ commit_output_witness() [2/2]

◆ create_generators()

◆ digest_prefix_hash()

◆ generator_backend_cache_key()

◆ pedersen_commit_char() [1/2]

◆ pedersen_commit_char() [2/2]

◆ prove_experimental_circuit_norm_arg()

◆ prove_experimental_circuit_norm_arg_to_commitment()

◆ prove_experimental_circuit_zk_norm_arg()

◆ prove_experimental_circuit_zk_norm_arg_impl()

◆ prove_experimental_circuit_zk_norm_arg_with_public_commitments()

◆ prove_norm_arg() [1/2]

◆ prove_norm_arg() [2/2]

◆ prove_norm_arg_to_commitment()

◆ prove_norm_arg_to_commitment_with_cache()

◆ scalar_bytes() [1/2]

◆ scalar_bytes() [2/2]

◆ value_generator_h()

◆ verify_experimental_circuit_norm_arg()

◆ verify_experimental_circuit_zk_norm_arg()

◆ verify_experimental_circuit_zk_norm_arg_impl()

◆ verify_experimental_circuit_zk_norm_arg_with_public_commitments()

◆ verify_norm_arg()

◆ verify_norm_arg_with_cache()