Added ProofError structure to handle errors when checking proofs

nougzarm · nougzarm · commit cbc09d2facf8 · 2025-04-29T08:42:48.000+02:00
diff --git a/src/toolbox/sigma/fiat_shamir.rs b/src/toolbox/sigma/fiat_shamir.rs
@@ -16,6 +16,7 @@
 use rand::{RngCore, CryptoRng};
 use crate::toolbox::sigma::SigmaProtocol;
 use crate::toolbox::sigma::transcript::TranscriptCodec;
+use crate::ProofError;
 use group::Group;
 
 /// A Fiat-Shamir transformation of a Sigma protocol into a non-interactive proof.
@@ -75,12 +76,12 @@ where
         // Prouver's response
         let response = self.sigmap.prover_response(prover_state, &challenge);
         // Local verification of the proof
-        assert!(self.sigmap.verifier(&commitment, &challenge, &response) == Ok(()));
+        assert!(self.sigmap.verifier(&commitment, &challenge, &response).is_ok());
         self.sigmap.serialize_batchable(&commitment, &challenge, &response)
     }
 
     /// Verify a non-interactive serialized proof and returns a Result: `Ok(())` if the proof verifies successfully, `Err(())` otherwise.
-    pub fn verify(&mut self, proof: &[u8]) -> Result<(), ()> {
+    pub fn verify(&mut self, proof: &[u8]) -> Result<(), ProofError> {
         self.hash_state = C::new(&self.domain_sep);
 
         let (commitment, response) = self.sigmap.deserialize_batchable(proof).unwrap();
diff --git a/src/toolbox/sigma/proof_composition.rs b/src/toolbox/sigma/proof_composition.rs
@@ -9,7 +9,7 @@
 //!
 //! These constructions preserve zero-knowledge properties and follow standard Sigma protocol composition techniques.
 
-use crate::toolbox::sigma::{SigmaProtocol, SigmaProtocolSimulator};
+use crate::{toolbox::sigma::{SigmaProtocol, SigmaProtocolSimulator}, ProofError};
 use rand::{Rng, CryptoRng};
 use ff::PrimeField;
 
@@ -78,13 +78,13 @@ where
             commitment: &Self::Commitment,
             challenge: &Self::Challenge,
             response: &Self::Response,
-        ) -> Result<(), ()> {
+        ) -> Result<(), ProofError> {
         let verif0 = self.protocol0.verifier(&commitment.0, challenge, &response.0);
         let verif1 = self.protocol1.verifier(&commitment.1, challenge, &response.1);
 
         match (verif0, verif1) {
             (Ok(()), Ok(())) => Ok(()),
-            _ => Err(()),
+            _ => Err(ProofError::VerificationFailure),
         }
     }
 }
@@ -204,15 +204,15 @@ where
         commitments: &Self::Commitment,
         challenge: &Self::Challenge,
         response: &Self::Response,
-    ) -> Result<(), ()> {
+    ) -> Result<(), ProofError> {
         let cond0 = self.protocol0.verifier(&commitments.0, &response.0, &response.1);
 
         let challenge1 = *challenge - response.0;
         let cond1 = self.protocol1.verifier(&commitments.1, &challenge1, &response.2);
 
         match (cond0, cond1) {
             (Ok(()), Ok(())) => Ok(()),
-            _ => Err(()),
+            _ => Err(ProofError::VerificationFailure),
         }
     }
 }
diff --git a/src/toolbox/sigma/schnorr_proof.rs b/src/toolbox/sigma/schnorr_proof.rs
@@ -7,7 +7,7 @@
 use rand::{CryptoRng, Rng};
 use group::{Group, GroupEncoding};
 use ff::{PrimeField,Field};
-use crate::toolbox::sigma::{SigmaProtocol, GroupMorphismPreimage};
+use crate::{toolbox::sigma::{GroupMorphismPreimage, SigmaProtocol}, ProofError};
 
 /// A Schnorr protocol proving knowledge some discrete logarithm relation.
 ///
@@ -70,7 +70,7 @@ where
         commitment: &Self::Commitment,
         challenge: &Self::Challenge,
         response: &Self::Response,
-    ) -> Result<(), ()> {
+    ) -> Result<(), ProofError> {
         let lhs = self.morphismp.morphism.evaluate(response);
 
         let mut rhs = Vec::new();
@@ -80,7 +80,7 @@ where
 
         match lhs == rhs {
             true => Ok(()),
-            false => Err(()), 
+            false => Err(ProofError::VerificationFailure), 
         }
     }
 
diff --git a/src/toolbox/sigma/trait.rs b/src/toolbox/sigma/trait.rs
@@ -3,6 +3,7 @@
 //! This module defines the `SigmaProtocol` trait, a generic interface for 3-message Sigma protocols.
 
 use rand::{Rng, CryptoRng};
+use crate::ProofError;
 
 /// A trait defining the behavior of a generic Sigma protocol.
 ///
@@ -57,7 +58,7 @@ pub trait SigmaProtocol {
         commitment: &Self::Commitment,
         challenge: &Self::Challenge,
         response: &Self::Response,
-    ) -> Result<(), ()>;
+    ) -> Result<(), ProofError>;
 
     /// Serializes a proof transcript (commitment, challenge, response) to bytes for batching.
     ///
diff --git a/tests/non_interactive_protocol.rs b/tests/non_interactive_protocol.rs
@@ -45,7 +45,7 @@ fn fiat_shamir_schnorr_proof_ristretto() {
     let proof_bytes = nizk.prove(&witness, &mut rng);
 
     // Verify
-    let verified = nizk.verify(&proof_bytes) == Ok(());
+    let verified = nizk.verify(&proof_bytes).is_ok();
 
     assert!(verified, "Fiat-Shamir Schnorr proof verification failed");
 }
diff --git a/tests/proof_composition_test.rs b/tests/proof_composition_test.rs
@@ -1,5 +1,5 @@
 use rand::{rngs::OsRng, CryptoRng, Rng};
-use sigma_rs::toolbox::sigma::{proof_composition::OrEnum, SigmaProtocolSimulator, AndProtocol, OrProtocol, SigmaProtocol};
+use sigma_rs::{toolbox::sigma::{proof_composition::OrEnum, AndProtocol, OrProtocol, SigmaProtocol, SigmaProtocolSimulator}, ProofError};
 use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar};
 
 pub struct SchnorrZkp {
@@ -39,10 +39,10 @@ impl SigmaProtocol for SchnorrZkp {
             commitment: &Self::Commitment,
             challenge: &Self::Challenge,
             response: &Self::Response,
-        ) -> Result<(), ()> {
+        ) -> Result<(), ProofError> {
         match response * self.generator == challenge * self.target + commitment {
             true => Ok(()),
-            false => Err(()),
+            false => Err(ProofError::VerificationFailure),
         }
     }
 }
@@ -104,7 +104,7 @@ fn andproof_schnorr_correct() {
     // Verifier checks
     let result = and_proof.verifier(&commitments, &challenge, &responses);
 
-    assert!(result == Ok(()));
+    assert!(result.is_ok());
 }
 
 
@@ -144,7 +144,7 @@ fn andproof_schnorr_incorrect() {
     // Verifier checks
     let result = and_proof.verifier(&commitments, &challenge, &responses);
 
-    assert!(result == Err(()));
+    assert!(!result.is_ok());
 }
 
 
@@ -182,7 +182,7 @@ fn orproof_schnorr_correct() {
     // Verifier checks
     let result = or_proof.verifier(&commitments, &challenge, &responses);
 
-    assert!(result == Ok(()));
+    assert!(result.is_ok());
 }
 
 
@@ -220,5 +220,5 @@ fn orproof_schnorr_incorrect() {
     // Verifier checks
     let result = or_proof.verifier(&commitments, &challenge, &responses);
 
-    assert!(result == Err(()));
+    assert!(!result.is_ok());
 }

Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,7 @@ fn fiat_shamir_schnorr_proof_ristretto() {`
`45`	`45`	`let proof_bytes = nizk.prove(&witness, &mut rng);`
`46`	`46`
`47`	`47`	`// Verify`
`48`		`- let verified = nizk.verify(&proof_bytes) == Ok(());`
	`48`	`+ let verified = nizk.verify(&proof_bytes).is_ok();`
`49`	`49`
`50`	`50`	`assert!(verified, "Fiat-Shamir Schnorr proof verification failed");`
`51`	`51`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`use rand::{rngs::OsRng, CryptoRng, Rng};`
`2`		`-use sigma_rs::toolbox::sigma::{proof_composition::OrEnum, SigmaProtocolSimulator, AndProtocol, OrProtocol, SigmaProtocol};`
	`2`	`+use sigma_rs::{toolbox::sigma::{proof_composition::OrEnum, AndProtocol, OrProtocol, SigmaProtocol, SigmaProtocolSimulator}, ProofError};`
`3`	`3`	`use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar};`
`4`	`4`
`5`	`5`	`pub struct SchnorrZkp {`
`@@ -39,10 +39,10 @@ impl SigmaProtocol for SchnorrZkp {`
`39`	`39`	`commitment: &Self::Commitment,`
`40`	`40`	`challenge: &Self::Challenge,`
`41`	`41`	`response: &Self::Response,`
`42`		`- ) -> Result<(), ()> {`
	`42`	`+ ) -> Result<(), ProofError> {`
`43`	`43`	`match response * self.generator == challenge * self.target + commitment {`
`44`	`44`	`true => Ok(()),`
`45`		`- false => Err(()),`
	`45`	`+ false => Err(ProofError::VerificationFailure),`
`46`	`46`	`}`
`47`	`47`	`}`
`48`	`48`	`}`
`@@ -104,7 +104,7 @@ fn andproof_schnorr_correct() {`
`104`	`104`	`// Verifier checks`
`105`	`105`	`let result = and_proof.verifier(&commitments, &challenge, &responses);`
`106`	`106`
`107`		`- assert!(result == Ok(()));`
	`107`	`+ assert!(result.is_ok());`
`108`	`108`	`}`
`109`	`109`
`110`	`110`
`@@ -144,7 +144,7 @@ fn andproof_schnorr_incorrect() {`
`144`	`144`	`// Verifier checks`
`145`	`145`	`let result = and_proof.verifier(&commitments, &challenge, &responses);`
`146`	`146`
`147`		`- assert!(result == Err(()));`
	`147`	`+ assert!(!result.is_ok());`
`148`	`148`	`}`
`149`	`149`
`150`	`150`
`@@ -182,7 +182,7 @@ fn orproof_schnorr_correct() {`
`182`	`182`	`// Verifier checks`
`183`	`183`	`let result = or_proof.verifier(&commitments, &challenge, &responses);`
`184`	`184`
`185`		`- assert!(result == Ok(()));`
	`185`	`+ assert!(result.is_ok());`
`186`	`186`	`}`
`187`	`187`
`188`	`188`
`@@ -220,5 +220,5 @@ fn orproof_schnorr_incorrect() {`
`220`	`220`	`// Verifier checks`
`221`	`221`	`let result = or_proof.verifier(&commitments, &challenge, &responses);`
`222`	`222`
`223`		`- assert!(result == Err(()));`
	`223`	`+ assert!(!result.is_ok());`
`224`	`224`	`}`