bulletproofs icon indicating copy to clipboard operation
bulletproofs copied to clipboard

Published 20 hours ago verified publisher icon dalek-cryptography

Add Bulletproof rewind functionality

Open hansieodendaal opened this issue 4 years ago • 1 comments

This is closely modelled on Grin's solution, but using two private keys:

  • Interfaces:
    • create a rewindable ZK proof with up to 23 bytes additional embedded proof data
    • extract the value and 23 bytes proof data only
    • extract the value, blinding factor and 23 bytes proof data
  • Required:
    • two rewind nonces, based on two public rewind keys and the value commitment
    • two blinding nonces, based on the two private rewind keys and the value commitment
  • Use:
    • the two rewind nonces are used to extract the value and 23 bytes embedded proof data
    • the two rewind nonces and two blinding nonces are used to extract the value, blinding factor and 23 bytes embedded proof data

Please see related issue #335

Thanks!

hansieodendaal avatar Jan 08 '21 08:01 hansieodendaal

Hi bulletproofs team! @hdevalence @cathieyun @isislovecruft @oleganza

Could we have any feedback on this proposal/PR please? We are maintaining a fork over at tari-project/bulletproofs, but would love to have this merged upstream if it's something you find could be useful.

Any comment or critique is greatly welcomed. Thank you

delta1 avatar Feb 08 '21 18:02 delta1