test(composition): implement serialization tests for AND/OR proofs

- test: add serialization and deserialization tests for AND/OR composition proofs using SchnorrProtocol
- refactor: reorganize Sage test vectors into a consistent list for improved automated verification

Author: nougzarm

src/proof_composition.rs

@@ -176,7 +176,7 @@ pub enum OrEnum<L, R> {
     Right(R),
 }
 
-/// Internal state for a simulated transcription in an OR proof.
+/// Internal state for a simulated transcript in an OR proof.
 pub struct OrState<P: SigmaProtocol>(P::Challenge, P::Response);
 
 /// Enum to describe which side (left or right) is simulated in an OR proof.
@@ -202,7 +202,7 @@ where
         usize,
         OrEnum<P::ProverState, Q::ProverState>,
         OrTranscription<P, Q>,
-    ); // ProverState = (real index, real prover state = (r, &real witness), fake transcription)
+    ); // ProverState = (real index, real prover state = (r, &real witness), fake transcript)
     type Response = (P::Challenge, P::Response, Q::Response);
     type Witness = (usize, OrEnum<P::Witness, Q::Witness>); // Index of the real witness, and Enum to wrap the real witness
     type Challenge = P::Challenge;
@@ -216,7 +216,7 @@ where
         let (r_index, r_witness_w) = witness;
         match r_witness_w {
             OrEnum::Left(ref r_witness) => {
-                let f_trnsc = self.protocol1.simulate_transcription(rng);
+                let f_trnsc = self.protocol1.simulate_transcript(rng);
                 let ST = OrState(f_trnsc.1, f_trnsc.2);
                 let (commit, r_pr_st) = self.protocol0.prover_commit(r_witness, rng);
                 (
@@ -225,7 +225,7 @@ where
                 )
             }
             OrEnum::Right(ref r_witness) => {
-                let f_trnsc = self.protocol0.simulate_transcription(rng);
+                let f_trnsc = self.protocol0.simulate_transcript(rng);
                 let ST = OrState(f_trnsc.1, f_trnsc.2);
                 let (commit, r_pr_st) = self.protocol1.prover_commit(r_witness, rng);
                 (
@@ -241,7 +241,7 @@ where
         state: Self::ProverState,
         challenge: &Self::Challenge,
     ) -> Self::Response {
-        // let state = (real index, real prover state, fakee transcription)
+        // let state = (real index, real prover state, fake transcript)
         let (_, r_pr_st, f_trnsc) = state;
 
         // Compute the real challenge
@@ -259,7 +259,7 @@ where
                 let r_response = self.protocol1.prover_response(r_prover_state, &r_challenge);
                 (f_ch, f_response.clone(), r_response)
             }
-            _ => panic!("Incoherence between real prover state and fake transcription"),
+            _ => panic!("Incoherence between real prover state and fake transcript"),
         }
     }
 

src/schnorr_protocol.rs

@@ -237,7 +237,7 @@ where
         (commitment, response)
     }
 
-    fn simulate_transcription(
+    fn simulate_transcript(
         &self,
         rng: &mut (impl RngCore + CryptoRng),
     ) -> (Self::Commitment, Self::Challenge, Self::Response) {

src/trait.rs

@@ -48,7 +48,7 @@ pub trait SigmaProtocol {
         challenge: &Self::Challenge,
     ) -> Self::Response;
 
-    /// Verifies a Sigma protocol transcription.
+    /// Verifies a Sigma protocol transcript.
     ///
     /// Returns:
     /// - `Ok(())` if the verification succeeds.
@@ -60,7 +60,7 @@ pub trait SigmaProtocol {
         response: &Self::Response,
     ) -> Result<(), ProofError>;
 
-    /// Serializes a proof transcription (commitment, challenge, response) to bytes batchable proof.
+    /// Serializes a proof transcript (commitment, challenge, response) to bytes batchable proof.
     fn serialize_batchable(
         &self,
         _commitment: &Self::Commitment,
@@ -94,7 +94,7 @@ pub trait SigmaProtocol {
 /// Types implementing `CompactProtocol` must define:
 /// - `get_commitment`
 pub trait CompactProtocol: SigmaProtocol {
-    /// Returns the commitment for which ('commitment', 'challenge', 'response') is a valid transcription
+    /// Returns the commitment for which ('commitment', 'challenge', 'response') is a valid transcript
     ///
     /// This function allows to omit commitment in compact proofs of the type ('challenge', 'response')
     fn get_commitment(
@@ -103,7 +103,7 @@ pub trait CompactProtocol: SigmaProtocol {
         response: &Self::Response,
     ) -> Self::Commitment;
 
-    /// Serializes a proof transcription (commitment, challenge, response) to bytes compact proof.
+    /// Serializes a proof transcript (commitment, challenge, response) to bytes compact proof.
     fn serialize_compact(
         &self,
         _commitment: &Self::Commitment,
@@ -128,17 +128,17 @@ pub trait CompactProtocol: SigmaProtocol {
     }
 }
 
-/// A trait defining the behavior of a Sigma protocol for which simulation of transcriptions is necessary.
+/// A trait defining the behavior of a Sigma protocol for which simulation of transcripts is necessary.
 ///
-/// All Sigma protocols can technically simulate a valid transcription, but this mostly serve to prove the security of the protocol and is not used in the real protocol execution.
+/// All Sigma protocols can technically simulate a valid transcript, but this mostly serve to prove the security of the protocol and is not used in the real protocol execution.
 /// However, some protocols (like OR protocols that prove the truth of one-out-of-two statements) require them during for the real execution.
 ///
 /// ## Minimal Implementation
 /// Types implementing `SigmaProtocolSimulator` must define:
 /// - `simulate_proof`
-/// - `simulate_transcription`
+/// - `simulate_transcript`
 pub trait SigmaProtocolSimulator: SigmaProtocol {
-    /// Simulates a protocol transcription given a challenge.
+    /// Simulates a protocol transcript given a challenge.
     ///
     /// This serves to create zero-knowledge simulations without access to a witness.
     fn simulate_proof(
@@ -147,8 +147,8 @@ pub trait SigmaProtocolSimulator: SigmaProtocol {
         rng: &mut (impl Rng + CryptoRng),
     ) -> (Self::Commitment, Self::Response);
 
-    /// Simulates an entire protocol transcription.
-    fn simulate_transcription(
+    /// Simulates an entire protocol transcript.
+    fn simulate_transcript(
         &self,
         rng: &mut (impl Rng + CryptoRng),
     ) -> (Self::Commitment, Self::Challenge, Self::Response);