Update package metadata.

Author: mmaker

CHANGELOG.md

@@ -2,45 +2,7 @@
 
 Entries are listed in reverse chronological order.
 
-## 0.8.4
-* move Criterion to dev-dependencies
 
-## 0.8.3
-* switch to Criterion for benchmarking
-* remove define_proof benchmarking
-* revert `thiserror` to v1 until tor-browser 15.0
-
-
-## 0.8.2
-* remove `nightly` feature, fix clippy warnings
-
-## 0.8.1
-* update `thiserror to v2`
-* fix tests
-
-## 0.8.0
-* update `curve25519-dalek` dependency to 4.0
-* update `merlin` dependency to 3
-* update `rand` dependency to 0.8
-* update `sha2` dependency to 0.10
-* remove backend features to be consistent with upstream dalek-cryptography
-* fix bug that occurs when public point is the identity 
-
-## 0.7.0
-
-* Update `curve25519-dalek`, `merlin` dependencies to 2.0.
-* Switch from `failure` to `thiserror` to provide `std`-compatible errors.
-* Correct `curve25519-dalek` feature-selection logic.
-
-## 0.6.2
-
-* Correct minimum `curve25519-dalek` version to 1.0.3, not 1.0.0.
-
-## 0.6.1
-
-* Add metadata for docs.rs.
-
-## 0.6.0
-
-* Rewrite around a constraint system API.
+## 0.1
 
+Initial fork from `lox-zkp` and compatibility with the sigma protocol IETF draft.

Cargo.toml

@@ -1,11 +1,16 @@
 [package]
-name = "lox-zkp"
+name = "sigma-rs"
 version = "0.8.4"
-authors = ["Henry de Valence <[email protected]>"]
+authors = [
+    "Henry de Valence <[email protected]>",
+    "nougzarm <[email protected]>",
+    "Michele Orrù <[email protected]>",
+    "Lénaïck Gouriou <[email protected]>"
+]
 edition = "2018"
 license = "CC0-1.0"
 readme = "README.md"
-repository = "https://gitlab.torproject.org/onyinyang/lox-zkp"
+repository = "https://github.com/mmaker/sigma-rs"
 documentation = "https://docs.rs/lox-zkp"
 categories = ["cryptography"]
 keywords = ["cryptography", "ristretto", "zero-knowledge", "NIZK",

README.md

@@ -1,23 +1,14 @@
-# lox-zkp: a(n updated) toolkit for Schnorr proofs used by Lox
+# sigma-rs: a(n updated) toolkit for Σ-protocols
 
 ### Background
 
-This crate was originally created as part of [`dalek-cyptography`](https://github.com/dalek-cryptography) and then
-was forked to [`zkcrypto`](https://github.com/zkcrypto) and updated to include forks of
-`dalek-cryptography` dependencies that were compatible with `zkcrypto`'s
-[`zkp`](https://github.com/zkcrypto/zkp)
-crate. These forks have since fallen out of sync with the upstream
-`dalek-cryptography` crates which has led to incompatabilities when relying on
-up-to-date dependencies in projects that rely on both `zkp` and
-`dalek-cryptography` crates, such as [Lox](https://gitlab.torproject.org/tpo/anti-censorship/lox). This crate was created for 3 reasons:
-1. To bring the `zkp` crate up to date with `dalek-cryptography` dependencies 
-2. To resolve a bug in the zkp crate
-3. To enabling publishing additional lox crates to crates.io with a working zkp
-   dependency.
-
-This crate has a toolkit for Schnorr-style zero-knowledge proofs,
-instantiated using the ristretto255 group.
+This crate was originally created as part of [`dalek-cyptography`](https://github.com/dalek-cryptography).
+It has been forked:
+1. To bring the `zkp` crate up to date with `dalek-cryptography` dependencies.
+2. To resolve bugs and incorporate changes to the fiat-shamir transform.
+3. To make this effort compatible with the Σ-protocol standardization effort.
 
+This crate has a toolkit for Schnorr-style zero-knowledge proofs over generic [`Group`](https://github.com/zkcrypto/group)s
 It provides two levels of API:
 
 * a higher-level, declarative API based around the `define_proof` macro,
@@ -31,7 +22,7 @@ It provides two levels of API:
     (A, G, H),   // Public variables unique to each proof
     (B) :        // Public variables common between proofs
     A = (x * B), // Statements to prove
-    G = (x * H) 
+    G = (x * H)
     }
   ```
   This expands into a module containing an implementation of proving,
@@ -46,40 +37,7 @@ It provides two levels of API:
   lower-level API.
   The lower-level API is contained in the `toolbox` module.
 
-# Examples
-
-Examples of how to use the API can be found in the library's `tests`
-directory.
-
-Currently, the examples include:
-
-* Specification of an "anonymous credential presentation with 10 hidden
-  attributes" proof from CMZ'13.  Depending on the backend selection, the
-  generated implementation is between 20 to 40 times faster than the benchmark
-  numbers reported in that paper.
-
-* A transcript-based signature and VRF construction with an auto-generated
-  implementation.  This includes an example of using the online interactive
-  composition [described in the Merlin blog post][merlin_blog] to provide chained
-  signatures with a counterparty.
-
-* An example of using the lower-level constraint system API.
-
-
-# Use and features
-
-To enable the `define_proof` macro, import the crate like so:
-```
-#[macro_use]
-extern crate zkp;
-```
-
-#### Transcript debugging
-
-The `debug-transcript` feature is for development and testing, and
-prints a log of the data fed into the proof transcript.
-
-#### Autogenerated benchmarks
+#### Auto-generated benchmarks
 
 The `define_proof` macro builds benchmarks for the generated proof
 statements, but because these are generated in the client crate (where
@@ -101,4 +59,3 @@ code, for now there are no stability guarantees on the proofs, so they
 should not yet be deployed.
 
 [bellman]: https://github.com/zkcrypto/bellman
-[merlin_blog]: https://medium.com/@hdevalence/merlin-flexible-composable-transcripts-for-zero-knowledge-proofs-28d9fda22d9a

benches/dleq_benches.rs

@@ -12,7 +12,7 @@
 use criterion::{criterion_group, criterion_main, Criterion};
 extern crate bincode;
 extern crate curve25519_dalek;
-extern crate lox_zkp;
+extern crate sigma_rs;
 extern crate serde;
 extern crate serde_derive;
 extern crate sha2;
@@ -23,10 +23,10 @@ mod dleq_benches {
     use curve25519_dalek::constants as dalek_constants;
     use curve25519_dalek::ristretto::RistrettoPoint;
     use curve25519_dalek::scalar::Scalar;
-    use lox_zkp::toolbox::{
+    use sigma_rs::toolbox::{
         batch_verifier::BatchVerifier, prover::Prover, verifier::Verifier, SchnorrCS,
     };
-    use lox_zkp::Transcript;
+    use sigma_rs::Transcript;
 
     #[allow(non_snake_case)]
     fn dleq_statement<CS: SchnorrCS>(

benches/zkp.rs

@@ -12,7 +12,7 @@
 extern crate bincode;
 extern crate curve25519_dalek;
 #[macro_use]
-extern crate lox_zkp;
+extern crate sigma_rs;
 extern crate serde;
 extern crate serde_derive;
 extern crate sha2;

src/macros.rs

@@ -371,7 +371,7 @@ macro_rules! define_proof {
 
             /*use criterion::{criterion_group, criterion_main, Criterion};
 
-            mod lox_zkp_benches {
+            mod sigma_rs_benches {
                 use super::*;
                 use rand::thread_rng;
 
@@ -467,15 +467,15 @@ macro_rules! define_proof {
                 }
 
                 criterion_group!{
-                    name = lox_zkp_benches;
+                    name = sigma_rs_benches;
                     config = Criterion::default();
                     targets =
                     prove,
                     verify_batchable_proof,
                     verify_compact_proof,
                 }
             }
-        criterion_main!(lox_zkp_benches::lox_zkp_benches);*/
+        criterion_main!(sigma_rs_benches::sigma_rs_benches);*/
         }
     }
 }

tests/dleq_using_constraint_api.rs

@@ -12,7 +12,7 @@
 
 extern crate bincode;
 extern crate curve25519_dalek;
-extern crate lox_zkp;
+extern crate sigma_rs;
 extern crate serde;
 extern crate sha2;
 
@@ -22,10 +22,10 @@ use curve25519_dalek::constants as dalek_constants;
 use curve25519_dalek::ristretto::RistrettoPoint;
 use curve25519_dalek::scalar::Scalar;
 
-use lox_zkp::toolbox::{
+use sigma_rs::toolbox::{
     batch_verifier::BatchVerifier, prover::Prover, verifier::Verifier, SchnorrCS,
 };
-use lox_zkp::Transcript;
+use sigma_rs::Transcript;
 
 fn dleq_statement<CS: SchnorrCS>(
     cs: &mut CS,

tests/interactive_codec.rs

@@ -1,7 +1,7 @@
 use rand::rngs::OsRng;
 use curve25519_dalek::ristretto::RistrettoPoint;
 
-use lox_zkp::toolbox::sigma::transcript::{r#trait::TranscriptCodec, transcriptcodec::KeccakTranscript};
+use sigma_rs::toolbox::sigma::transcript::{r#trait::TranscriptCodec, transcriptcodec::KeccakTranscript};
 
 pub type KeccakTranscriptRistretto = KeccakTranscript<curve25519_dalek::ristretto::RistrettoPoint>;
 

tests/non_interactive_protocol.rs

@@ -2,10 +2,10 @@ use rand::rngs::OsRng;
 use curve25519_dalek::ristretto::RistrettoPoint;
 use curve25519_dalek::scalar::Scalar;
 
-use lox_zkp::toolbox::sigma::group_morphism::GroupMorphismPreimage;
-use lox_zkp::toolbox::sigma::schnorr_proof::SchnorrProof;
-use lox_zkp::toolbox::sigma::transcript::transcriptcodec::KeccakTranscript;
-use lox_zkp::toolbox::sigma::fiat_shamir::NISigmaProtocol;
+use sigma_rs::toolbox::sigma::group_morphism::GroupMorphismPreimage;
+use sigma_rs::toolbox::sigma::schnorr_proof::SchnorrProof;
+use sigma_rs::toolbox::sigma::transcript::transcriptcodec::KeccakTranscript;
+use sigma_rs::toolbox::sigma::fiat_shamir::NISigmaProtocol;
 
 type G = RistrettoPoint;
 

tests/proof_composition_test.rs

@@ -1,7 +1,7 @@
 use std::ops::Not;
 
 use rand::{rngs::OsRng, CryptoRng, Rng};
-use lox_zkp::toolbox::sigma::{proof_composition::OrEnum, AndProtocol, OrProtocol, SigmaProtocol};
+use sigma_rs::toolbox::sigma::{proof_composition::OrEnum, AndProtocol, OrProtocol, SigmaProtocol};
 use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar};
 
 pub struct LokZkpSchnorr {
@@ -46,7 +46,7 @@ impl SigmaProtocol for LokZkpSchnorr {
     }
 
     fn simulate_proof(
-            &self, 
+            &self,
             challenge: &Self::Challenge,
             rng: &mut (impl Rng + CryptoRng)
         ) -> (Self::Commitment, Self::Response) {