Creating a SigmaProtocolSimulator trait to extend the SigmaProtocol trait

nougzarm · nougzarm · commit b05fe106e7bb · 2025-04-28T10:27:01.000+02:00
diff --git a/src/toolbox/sigma/mod.rs b/src/toolbox/sigma/mod.rs
@@ -5,7 +5,7 @@ pub mod group_morphism;
 pub mod schnorr_proof;
 pub mod transcript;
 
-pub use r#trait::SigmaProtocol;
+pub use r#trait::{SigmaProtocol, SigmaProtocolSimulator};
 pub use proof_composition::{AndProtocol, OrProtocol};
 pub use fiat_shamir::NISigmaProtocol;
 pub use schnorr_proof::SchnorrProof;
diff --git a/src/toolbox/sigma/proof_composition.rs b/src/toolbox/sigma/proof_composition.rs
@@ -1,4 +1,4 @@
-use crate::toolbox::sigma::SigmaProtocol;
+use crate::toolbox::sigma::{SigmaProtocol, SigmaProtocolSimulator};
 use rand::{Rng, CryptoRng};
 use ff::PrimeField;
 
@@ -110,8 +110,8 @@ where
 impl<P, Q, C> SigmaProtocol for OrProtocol<P, Q> 
 where 
     C: PrimeField,
-    P: SigmaProtocol<Challenge = C>,
-    Q: SigmaProtocol<Challenge = C>,
+    P: SigmaProtocol<Challenge = C> + SigmaProtocolSimulator,
+    Q: SigmaProtocol<Challenge = C> + SigmaProtocolSimulator,
     P::Response: Clone,
     Q::Response: Clone,
     {
diff --git a/src/toolbox/sigma/trait.rs b/src/toolbox/sigma/trait.rs
@@ -27,20 +27,6 @@ pub trait SigmaProtocol {
         response: &Self::Response,
     ) -> Result<(), ()>;
 
-    fn simulate_proof(
-        &self, 
-        _challenge: &Self::Challenge,
-        _rng: &mut (impl Rng + CryptoRng)
-    ) -> (Self::Commitment, Self::Response) {
-        panic!("simulatable_proof not implemented for this protocol")
-    }
-
-    fn simulate_transcription(
-        &self, _rng: &mut (impl Rng + CryptoRng)
-    ) -> (Self::Commitment, Self::Challenge, Self::Response) {
-        panic!("simulatable_transcription not implemented for this protocol")
-    }
-
     fn serialize_batchable(
         &self,
         _commitment: &Self::Commitment,
@@ -55,6 +41,23 @@ pub trait SigmaProtocol {
     ) -> Option<(Self::Commitment, Self::Response)> {
         panic!("deserialize_batchable not implemented for this protocol")
     }
+}
 
 
+pub trait SigmaProtocolSimulator
+where Self: SigmaProtocol {
+
+    fn simulate_proof(
+        &self, 
+        _challenge: &Self::Challenge,
+        _rng: &mut (impl Rng + CryptoRng)
+    ) -> (Self::Commitment, Self::Response) {
+        panic!("simulatable_proof not implemented for this protocol")
+    }
+    
+    fn simulate_transcription(
+        &self, _rng: &mut (impl Rng + CryptoRng)
+    ) -> (Self::Commitment, Self::Challenge, Self::Response) {
+        panic!("simulatable_transcription not implemented for this protocol")
+    }
 }
diff --git a/tests/proof_composition_test.rs b/tests/proof_composition_test.rs
@@ -1,5 +1,5 @@
 use rand::{rngs::OsRng, CryptoRng, Rng};
-use sigma_rs::toolbox::sigma::{proof_composition::OrEnum, AndProtocol, OrProtocol, SigmaProtocol};
+use sigma_rs::toolbox::sigma::{proof_composition::OrEnum, SigmaProtocolSimulator, AndProtocol, OrProtocol, SigmaProtocol};
 use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar};
 
 pub struct SchnorrZkp {
@@ -45,26 +45,32 @@ impl SigmaProtocol for SchnorrZkp {
             false => Err(()),
         }
     }
+}
 
+#[allow(non_snake_case)]
+impl SigmaProtocolSimulator for SchnorrZkp {
     fn simulate_proof(
-            &self,
-            challenge: &Self::Challenge,
-            rng: &mut (impl Rng + CryptoRng)
-        ) -> (Self::Commitment, Self::Response) {
-        let z = Scalar::random(rng);
-        let R = z * self.generator - challenge * self.target;
-        (R,z)
-    }
+        &self,
+        challenge: &Self::Challenge,
+        rng: &mut (impl Rng + CryptoRng)
+    ) -> (Self::Commitment, Self::Response) {
+    let z = Scalar::random(rng);
+    let R = z * self.generator - challenge * self.target;
+    (R,z)
+}
 
-    fn simulate_transcription(
-        &self, rng: &mut (impl Rng + CryptoRng)
-    ) -> (Self::Commitment, Self::Challenge, Self::Response) {
-        let challenge = Scalar::random(rng);
-        let (commitment, response) = self.simulate_proof(&challenge, rng);
-        (commitment, challenge, response)
-    }
+fn simulate_transcription(
+    &self, rng: &mut (impl Rng + CryptoRng)
+) -> (Self::Commitment, Self::Challenge, Self::Response) {
+    let challenge = Scalar::random(rng);
+    let (commitment, response) = self.simulate_proof(&challenge, rng);
+    (commitment, challenge, response)
+}
 }
 
+
+//  Proof calculation and verification in an AND-protocol in the case where:
+//  both protocols are SchnorrZkp and the proof is correct
 #[allow(non_snake_case)]
 #[test]
 fn andproof_schnorr_correct() {
@@ -101,6 +107,9 @@ fn andproof_schnorr_correct() {
     assert!(result == Ok(()));
 }
 
+
+//  Proof calculation and verification in an AND-protocol in the case where:
+//  both protocols are SchnorrZkp and the proof is incorrect
 #[allow(non_snake_case)]
 #[test]
 fn andproof_schnorr_incorrect() {
@@ -138,6 +147,9 @@ fn andproof_schnorr_incorrect() {
     assert!(result == Err(()));
 }
 
+
+//  Proof calculation and verification in an OR-protocol in the case where:
+//  both protocols are SchnorrZkp and the proof is correct
 #[allow(non_snake_case)]
 #[test]
 fn orproof_schnorr_correct() {
@@ -173,6 +185,9 @@ fn orproof_schnorr_correct() {
     assert!(result == Ok(()));
 }
 
+
+//  Proof calculation and verification in an OR-protocol in the case where:
+//  both protocols are SchnorrZkp and the proof is incorrect
 #[allow(non_snake_case)]
 #[test]
 fn orproof_schnorr_incorrect() {
