fix tests to match SAGE test vectors.

Author: mmaker

src/composition.rs

@@ -399,9 +399,7 @@ impl<G: PrimeGroup> SigmaProtocol for Protocol<G> {
                 Ok(ProtocolResponse::And(responses))
             }
             Protocol::Or(ps) => {
-                let ch_bytes_len = <G::Scalar as PrimeField>::Repr::default()
-                    .as_ref()
-                    .len();
+                let ch_bytes_len = <G::Scalar as PrimeField>::Repr::default().as_ref().len();
                 let mut cursor = 0;
                 let mut challenges = Vec::with_capacity(ps.len());
                 let mut responses = Vec::with_capacity(ps.len());

src/tests/spec/vectors/fixedLabelVectors.json

@@ -2,31 +2,31 @@
   "bbs_blind_commitment_computation_with_session_ID": {
     "Ciphersuite": "sigma/OWKeccak1600+Bls12381",
     "Context": "68656c6c6f20776f726c64",
-    "Proof": "803d5d4fdb311967832758ae7402d03304b570f97c0756e5385a50622d0ac7b5de87fe14d15041b1564ba4893a1187303eb09eb13f7a221c394d4c57b168d21f73b3b64b5fc847e318d80934922d183d00ae11c9b05f27218041d1bf1e4c3c8ff2d508ade4a71a1372e0309b6c6ef0b53f6a73a63aa963c8877e2d57c4f303e4e140e9b3a8861d5dd513a4ef9a600c97210e07e685cd0fb763d4ee9d7743559e6495199e8a408f403f7de002cad38903",
-    "Statement": "01000000040000000400000000000000000000000100000001000000020000000200000003000000030000008e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face41580c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d9a01abd54895b7df2d476b2371e1796278a114f7dd1514e05cc1c0c07d40957268684c8887aa3f8cee33856ca325412f581a513b89ce4a0e3213ba6dbb8af71898c6c6b4ad96a6d83de7c280fa91065f705b029f0c4db29521190cd576ff5d49a831cb36c8ff357b10806173cf5ad3d7e9a404fe66d2675138086a43b2c8627526e155e6195f55164187c8f4a101a6208"
+    "Proof": "803d5d4fdb311967832758ae7402d03304b570f97c0756e5385a50622d0ac7b5de87fe14d15041b1564ba4893a1187302496afa2a189b17644162f53b1999592d45f13595fa6394c3fd1eb1869c8dd7617903da5bcc393b38df063d3c6e87bb20e0a75fd9bfb6487ecd3d725f668d01a24d2390ea46927eac36bc0bc851c58d9f0571434afb5bba55f3c2de4719b55f124a550610622c12e50b0aabf349516066db751100057f6cf955c2d9f82567b99",
+    "Statement": "0100000000000000040000000000000001000000010000000200000002000000030000000300000004000000831cb36c8ff357b10806173cf5ad3d7e9a404fe66d2675138086a43b2c8627526e155e6195f55164187c8f4a101a62088e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face41580c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d9a01abd54895b7df2d476b2371e1796278a114f7dd1514e05cc1c0c07d40957268684c8887aa3f8cee33856ca325412f581a513b89ce4a0e3213ba6dbb8af71898c6c6b4ad96a6d83de7c280fa91065f705b029f0c4db29521190cd576ff5d49a"
   },
   "discrete_logarithm_with_session_ID": {
     "Ciphersuite": "sigma/OWKeccak1600+Bls12381",
     "Context": "68656c6c6f20776f726c64",
-    "Proof": "80c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d939308873c3c1a06c61df8cccb7f0c8f7d9b1feeb4573d9d6a81b8cbc426c131e",
-    "Statement": "010000000100000001000000000000000000000097f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb8e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face415"
+    "Proof": "80c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d920c5cec92f646e839f59d475b78543d7d7d3e6fff74780ecca619eb79843ac80",
+    "Statement": "01000000000000000100000000000000010000008e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face41597f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb"
   },
   "dleq_with_session_ID": {
     "Ciphersuite": "sigma/OWKeccak1600+Bls12381",
     "Context": "68656c6c6f20776f726c64",
-    "Proof": "a01abd54895b7df2d476b2371e1796278a114f7dd1514e05cc1c0c07d40957268684c8887aa3f8cee33856ca325412f5859a8bb9d31747dafffcfe70acd32bcb30b45db8333cd157f561039e654e2f8314ee648604afdb4c2a4c30ae964911922f959abb6cc2324e40049c4efd86a9489287f6ca31e690eafbb21a5efd428082",
-    "Statement": "02000000010000000100000000000000000000000300000001000000000000000200000097f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb80c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d98e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face4158f145e1c22e60229fbfa9a754244a51935ec5422d4aabbb83427cb213ff81a48a49471f74c371564afd334522d56f4b4"
+    "Proof": "a01abd54895b7df2d476b2371e1796278a114f7dd1514e05cc1c0c07d40957268684c8887aa3f8cee33856ca325412f5859a8bb9d31747dafffcfe70acd32bcb30b45db8333cd157f561039e654e2f8314ee648604afdb4c2a4c30ae964911925623af758653ec0dc5e8050acd893a2df9992c92b7e35ef01b99b5ed5c9f86f0",
+    "Statement": "02000000000000000100000000000000010000000200000001000000000000000300000080c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d997f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb8f145e1c22e60229fbfa9a754244a51935ec5422d4aabbb83427cb213ff81a48a49471f74c371564afd334522d56f4b48e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face415"
   },
   "pedersen_commitment_dleq_with_session_ID": {
     "Ciphersuite": "sigma/OWKeccak1600+Bls12381",
     "Context": "68656c6c6f20776f726c64",
-    "Proof": "b3e0e2f9f68405774ae13cc7271ffa66199c079a332977a0170ff134739feccc674ce0be72e236312ecf3194cfca25eb8253ccdd07c6b67dd79f3a27f214bfcb42d2b0f34432ec795ab286f099bb19ed011b0b10828e58a10d5ef8fb4f615bf817bae64f823e86ca5d9eb395ebd5caf6d82008b6b49fbd244fa51f89204fa9626b3e81037d39c4bce7c979425360210c5b34c52862a67cc5620558d6f12a4b1e",
-    "Statement": "020000000200000002000000000000000000000001000000010000000500000002000000000000000300000001000000040000008e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face41580c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d992a2d40d620847feca5cb85e5276e72d051568faaf0eab836ba92407dd7a0b7c7cac7b11770403fa368c76b3d01fee23a01abd54895b7df2d476b2371e1796278a114f7dd1514e05cc1c0c07d40957268684c8887aa3f8cee33856ca325412f581a513b89ce4a0e3213ba6dbb8af71898c6c6b4ad96a6d83de7c280fa91065f705b029f0c4db29521190cd576ff5d49a954d82081d55a0f02505bd29a97e5fcd079f2f5dc6901fdf9df178fc0ae4f47b8c2d13bfb6ac3adc06c5d7c69dd3c7f4"
+    "Proof": "b3e0e2f9f68405774ae13cc7271ffa66199c079a332977a0170ff134739feccc674ce0be72e236312ecf3194cfca25eb8253ccdd07c6b67dd79f3a27f214bfcb42d2b0f34432ec795ab286f099bb19ed011b0b10828e58a10d5ef8fb4f615bf86a1c50571c8bc4ade4b75a543f1d613baaec54d18254e26a47d67bf4be844b3160187ba1962ef9539bad3f8c5c4271796770abfee07cf1397a117ffce53d372e",
+    "Statement": "0200000000000000020000000000000001000000010000000200000003000000020000000000000004000000010000000500000092a2d40d620847feca5cb85e5276e72d051568faaf0eab836ba92407dd7a0b7c7cac7b11770403fa368c76b3d01fee238e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face41580c96c2822d816de609d4b72dd0b2a9409a3402338c977467225e7f506a60f3153a7f447450d7336c0ef15e4151349d9954d82081d55a0f02505bd29a97e5fcd079f2f5dc6901fdf9df178fc0ae4f47b8c2d13bfb6ac3adc06c5d7c69dd3c7f4a01abd54895b7df2d476b2371e1796278a114f7dd1514e05cc1c0c07d40957268684c8887aa3f8cee33856ca325412f581a513b89ce4a0e3213ba6dbb8af71898c6c6b4ad96a6d83de7c280fa91065f705b029f0c4db29521190cd576ff5d49a"
   },
   "pedersen_commitment_with_session_ID": {
     "Ciphersuite": "sigma/OWKeccak1600+Bls12381",
     "Context": "68656c6c6f20776f726c64",
-    "Proof": "91c620e60e68502ab1e0f0fa6b9f7e3225f678596da80c0e950e4149078562518ad37ed6177c71ebd6e2ca5fc32457d8711e9c5332c9499ff31c65a2749847949f3a1980e814c4cfc590b51a60a77a3122a98c886f481d35d58e512cf3b40f05cb8db3591fab9cdcb0503584219c3a09",
-    "Statement": "0100000002000000020000000000000000000000010000000100000097f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb8e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face415b4054b3c7e864c3dc66fb10b967d874a871451d2b949e27c02f6ee74f96d68daadea1a917dba760114bb67100f74060d"
+    "Proof": "91c620e60e68502ab1e0f0fa6b9f7e3225f678596da80c0e950e4149078562518ad37ed6177c71ebd6e2ca5fc32457d820ae3917daa04f886a2fa614ddf8817255c79475dadcd8aa3cb1bb552f28337d40e1174e5adae19a5523bc30372417fc1a30b6588be6323361f5c42bf9e8b0e8",
+    "Statement": "01000000000000000200000000000000010000000100000002000000b4054b3c7e864c3dc66fb10b967d874a871451d2b949e27c02f6ee74f96d68daadea1a917dba760114bb67100f74060d97f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb8e6e5ac1f85d0bfd5123a9f7eef4030590497392023dde2cd1df43995f90839a480cd6dc33f857469586855d7face415"
   }
 }

src/tests/test_utils.rs

@@ -158,8 +158,13 @@ pub fn bbs_blind_commitment_computation<G: PrimeGroup>(
     // This is the part that needs to be changed in the specification of blind bbs.
     let [var_secret_prover_blind, var_msg_1, var_msg_2, var_msg_3] = relation.allocate_scalars();
 
+    // Match Sage's allocation order: allocate all elements in the same order
     let [var_Q_2, var_J_1, var_J_2, var_J_3] = relation.allocate_elements();
-    let var_C = relation.allocate_eq(
+    let var_C = relation.allocate_element(); // Allocate var_C separately, giving it index 4
+
+    // Now append the equation separately (like Sage's append_equation)
+    relation.append_equation(
+        var_C,
         var_secret_prover_blind * var_Q_2
             + var_msg_1 * var_J_1
             + var_msg_2 * var_J_2
@@ -188,8 +193,7 @@ pub fn test_linear_relation_example<G: PrimeGroup>() -> LinearRelation<G> {
     let mut sigma__lr = LinearRelation::<G>::new();
     let x = sigma__lr.allocate_scalar();
     let B = sigma__lr.allocate_element();
-    let _sigma__eq1 =
-        sigma__lr.allocate_eq((x + (-<G::Scalar as Field>::ONE)) * B + (-B));
+    let _sigma__eq1 = sigma__lr.allocate_eq((x + (-<G::Scalar as Field>::ONE)) * B + (-B));
 
     sigma__lr
 }