refactor: better naming of methods

this includes:
Shake -> Shake128,
_translated -> _shifted
constraints -> linear_combinations
prandom -> random_group_elt
srandom -> random_scalar_elt

Author: mmaker

README.md

@@ -10,7 +10,7 @@ This library provides a flexible framework for creating zero-knowledge proofs fo
 
 ```rust
 use sigma_rs::{LinearRelation, Protocol, ProtocolWitness, Nizk};
-use sigma_rs::codec::ShakeCodec;
+use sigma_rs::codec::Shake128DuplexSponge;
 use curve25519_dalek::RistrettoPoint as G;
 
 // Prove knowledge of (x, r) such that C = x·G + r·H (Pedersen commitment)

examples/simple_composition.rs

@@ -5,7 +5,7 @@ use curve25519_dalek::scalar::Scalar;
 use group::Group;
 use rand::rngs::OsRng;
 use sigma_rs::{
-    codec::ShakeCodec,
+    codec::Shake128DuplexSponge,
     composition::{Protocol, ProtocolWitness},
     errors::Error,
     LinearRelation, Nizk,
@@ -54,7 +54,7 @@ fn prove(P1: G, x2: Scalar, H: G) -> ProofResult<Vec<u8>> {
 
     let protocol = create_relation(P1, P2, Q, H);
     let witness = ProtocolWitness::Or(1, vec![ProtocolWitness::Simple(vec![x2])]);
-    let nizk = Nizk::<_, ShakeCodec<G>>::new(b"or_proof_example", protocol);
+    let nizk = Nizk::<_, Shake128DuplexSponge<G>>::new(b"or_proof_example", protocol);
 
     nizk.prove_batchable(&witness, &mut OsRng)
 }
@@ -63,7 +63,7 @@ fn prove(P1: G, x2: Scalar, H: G) -> ProofResult<Vec<u8>> {
 #[allow(non_snake_case)]
 fn verify(P1: G, P2: G, Q: G, H: G, proof: &[u8]) -> ProofResult<()> {
     let protocol = create_relation(P1, P2, Q, H);
-    let nizk = Nizk::<_, ShakeCodec<G>>::new(b"or_proof_example", protocol);
+    let nizk = Nizk::<_, Shake128DuplexSponge<G>>::new(b"or_proof_example", protocol);
 
     nizk.verify_batchable(proof)
 }

src/codec.rs

@@ -118,4 +118,4 @@ where
 pub type KeccakByteSchnorrCodec<G> = ByteSchnorrCodec<G, KeccakDuplexSponge>;
 
 /// Type alias for a SHAKE-based ByteSchnorrCodec.
-pub type ShakeCodec<G> = ByteSchnorrCodec<G, ShakeDuplexSponge>;
+pub type Shake128DuplexSponge<G> = ByteSchnorrCodec<G, ShakeDuplexSponge>;

src/linear_relation/mod.rs

@@ -16,7 +16,7 @@ use std::marker::PhantomData;
 use ff::Field;
 use group::{Group, GroupEncoding};
 
-use crate::codec::ShakeCodec;
+use crate::codec::Shake128DuplexSponge;
 use crate::errors::Error;
 use crate::schnorr_protocol::SchnorrProof;
 use crate::Nizk;
@@ -224,7 +224,7 @@ impl<G: Group> FromIterator<(GroupVar<G>, G)> for GroupMap<G> {
 #[derive(Clone, Default, Debug)]
 pub struct LinearMap<G: Group> {
     /// The set of linear combination constraints (equations).
-    pub constraints: Vec<LinearCombination<G>>,
+    pub linear_combinations: Vec<LinearCombination<G>>,
     /// The list of group elements referenced in the linear map.
     ///
     /// Uninitialized group elements are presented with `None`.
@@ -263,7 +263,7 @@ impl<G: Group> LinearMap<G> {
     /// and zero allocated scalars and elements.
     pub fn new() -> Self {
         Self {
-            constraints: Vec::new(),
+            linear_combinations: Vec::new(),
             group_elements: GroupMap::default(),
             num_scalars: 0,
             num_elements: 0,
@@ -272,15 +272,15 @@ impl<G: Group> LinearMap<G> {
 
     /// Returns the number of constraints (equations) in this linear map.
     pub fn num_constraints(&self) -> usize {
-        self.constraints.len()
+        self.linear_combinations.len()
     }
 
     /// Adds a new linear combination constraint to the linear map.
     ///
     /// # Parameters
     /// - `lc`: The [`LinearCombination`] to add.
     pub fn append(&mut self, lc: LinearCombination<G>) {
-        self.constraints.push(lc);
+        self.linear_combinations.push(lc);
     }
 
     /// Evaluates all linear combinations in the linear map with the provided scalars.
@@ -292,7 +292,7 @@ impl<G: Group> LinearMap<G> {
     ///
     /// A vector of group elements, each being the result of evaluating one linear combination with the scalars.
     pub fn evaluate(&self, scalars: &[<G as Group>::Scalar]) -> Result<Vec<G>, Error> {
-        self.constraints
+        self.linear_combinations
             .iter()
             .map(|lc| {
                 // TODO: The multiplication by the (public) weight is potentially wasteful in the
@@ -343,7 +343,7 @@ pub struct CanonicalLinearRelation<G: Group + GroupEncoding> {
     pub image: Vec<G>,
     /// The constraints, where each constraint is a vector of (scalar_var, group_var) pairs
     /// representing the right-hand side of the equation
-    pub constraints: Vec<Vec<(ScalarVar<G>, GroupVar<G>)>>,
+    pub linear_combinations: Vec<Vec<(ScalarVar<G>, GroupVar<G>)>>,
     /// The group elements map
     pub group_elements: GroupMap<G>,
     /// Number of scalar variables
@@ -355,7 +355,7 @@ impl<G: Group + GroupEncoding> CanonicalLinearRelation<G> {
     pub fn new() -> Self {
         Self {
             image: Vec::new(),
-            constraints: Vec::new(),
+            linear_combinations: Vec::new(),
             group_elements: GroupMap::default(),
             num_scalars: 0,
         }
@@ -435,7 +435,7 @@ impl<G: Group + GroupEncoding> CanonicalLinearRelation<G> {
 
         // Only include constraints that are non-trivial (not zero constraints)
         self.image.push(canonical_image);
-        self.constraints.push(rhs_terms);
+        self.linear_combinations.push(rhs_terms);
 
         Ok(())
     }
@@ -471,7 +471,7 @@ impl<G: Group + GroupEncoding> CanonicalLinearRelation<G> {
         // Build constraint data in the same order as original
         let mut constraint_data = Vec::new();
 
-        for (image_elem, constraint_terms) in iter::zip(&self.image, &self.constraints) {
+        for (image_elem, constraint_terms) in iter::zip(&self.image, &self.linear_combinations) {
             // First, add the left-hand side (image) element
             let lhs_index = repr_index(image_elem.to_bytes());
 
@@ -520,7 +520,7 @@ impl<G: Group + GroupEncoding> TryFrom<LinearRelation<G>> for CanonicalLinearRel
     fn try_from(relation: LinearRelation<G>) -> Result<Self, Self::Error> {
         assert_eq!(
             relation.image.len(),
-            relation.linear_map.constraints.len(),
+            relation.linear_map.linear_combinations.len(),
             "Number of equations and image variables must match"
         );
 
@@ -532,7 +532,7 @@ impl<G: Group + GroupEncoding> TryFrom<LinearRelation<G>> for CanonicalLinearRel
             HashMap::new();
 
         // Process each constraint using the modular helper method
-        for (image_var, equation) in iter::zip(&relation.image, &relation.linear_map.constraints) {
+        for (image_var, equation) in iter::zip(&relation.image, &relation.linear_map.linear_combinations) {
             canonical.process_constraint(
                 *image_var,
                 equation,
@@ -683,7 +683,7 @@ where
         }
 
         for (lc, lhs) in iter::zip(
-            self.linear_map.constraints.as_slice(),
+            self.linear_map.linear_combinations.as_slice(),
             self.image.as_slice(),
         ) {
             // TODO: The multiplication by the (public) weight is potentially wasteful in the
@@ -761,7 +761,7 @@ where
     /// let proof = nizk.prove_batchable(&vec![x], &mut OsRng).unwrap();
     /// assert!(nizk.verify_batchable(&proof).is_ok());
     /// ```
-    pub fn into_nizk(self, session_identifier: &[u8]) -> Nizk<SchnorrProof<G>, ShakeCodec<G>>
+    pub fn into_nizk(self, session_identifier: &[u8]) -> Nizk<SchnorrProof<G>, Shake128DuplexSponge<G>>
     where
         G: group::GroupEncoding,
     {

src/schnorr_protocol.rs

@@ -33,13 +33,13 @@ impl<G: Group + GroupEncoding> SchnorrProof<G> {
     }
 
     pub fn commitment_length(&self) -> usize {
-        self.0.constraints.len()
+        self.0.linear_combinations.len()
     }
 
     /// Evaluate the canonical linear relation with the provided scalars
     fn evaluate(&self, scalars: &[G::Scalar]) -> Result<Vec<G>, Error> {
         self.0
-            .constraints
+            .linear_combinations
             .iter()
             .map(|constraint| {
                 let mut result = G::identity();

src/tests/composition.rs

@@ -6,7 +6,7 @@ use super::test_utils::{
     bbs_blind_commitment_computation, discrete_logarithm, dleq, pedersen_commitment,
     pedersen_commitment_dleq,
 };
-use crate::codec::ShakeCodec;
+use crate::codec::Shake128DuplexSponge;
 use crate::composition::{Protocol, ProtocolWitness};
 use crate::fiat_shamir::Nizk;
 use crate::schnorr_protocol::SchnorrProof;
@@ -85,7 +85,7 @@ fn composition_proof_correct() {
     let protocol = Protocol::And(vec![or_protocol1, simple_protocol1, and_protocol1]);
     let witness = ProtocolWitness::And(vec![or_witness1, simple_witness1, and_witness1]);
 
-    let nizk = Nizk::<Protocol<RistrettoPoint>, ShakeCodec<G>>::new(domain_sep, protocol);
+    let nizk = Nizk::<Protocol<RistrettoPoint>, Shake128DuplexSponge<G>>::new(domain_sep, protocol);
 
     // Batchable and compact proofs
     let proof_batchable_bytes = nizk.prove_batchable(&witness, &mut OsRng).unwrap();