sigma-rs
diff --git a/‎.github/workflows/rust.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/rust.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/codec.rs‎
Lines changed: 17 additions & 7 deletions b/‎src/codec.rs‎
Lines changed: 17 additions & 7 deletions
diff --git a/‎src/composition.rs‎
Lines changed: 6 additions & 4 deletions b/‎src/composition.rs‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎src/fiat_shamir.rs‎
Lines changed: 1 addition & 1 deletion b/‎src/fiat_shamir.rs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/lib.rs‎
Lines changed: 4 additions & 4 deletions b/‎src/lib.rs‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/schnorr_protocol.rs‎
Lines changed: 5 additions & 2 deletions b/‎src/schnorr_protocol.rs‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎src/tests/mod.rs‎
Lines changed: 0 additions & 5 deletions b/‎src/tests/mod.rs‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎src/tests/spec/mod.rs‎
Lines changed: 0 additions & 7 deletions b/‎src/tests/spec/mod.rs‎
Lines changed: 0 additions & 7 deletions
diff --git a/‎src/tests/spec/vectors/testSigmaProtocols.json‎
Lines changed: 0 additions & 42 deletions b/‎src/tests/spec/vectors/testSigmaProtocols.json‎
Lines changed: 0 additions & 42 deletions
diff --git a/‎src/traits.rs‎
Lines changed: 1 addition & 1 deletion b/‎src/traits.rs‎
Lines changed: 1 addition & 1 deletion
@@ -24,14 +24,14 @@ jobs:
     - name: Build
       run: cargo build --verbose
     - name: Run tests
-      run: cargo test --verbose
+      run: cargo test --verbose --no-fail-fast
     - name: Run benchmark test
       # Run the msm benchmark, just to ensure it isn't broken.
       run: cargo bench --bench msm -- --quick
 
   no-std-check:
     runs-on: ubuntu-latest
-    
+
     steps:
     - uses: actions/checkout@v3
     - name: Install Rust toolchain
@@ -76,4 +76,4 @@ jobs:
     - name: Build no_std (nightly)
       run: cargo +${{ matrix.toolchain }} build --no-default-features --verbose
     - name: Run tests (nightly)
-      run: cargo +${{ matrix.toolchain }} test --all-features --verbose
+      run: cargo +${{ matrix.toolchain }} test --all-features --verbose --no-fail-fast
@@ -1,7 +1,7 @@
 //! Encoding and decoding utilities for Fiat-Shamir and group operations.
 
 use crate::duplex_sponge::DuplexSpongeInterface;
-pub use crate::duplex_sponge::{keccak::KeccakDuplexSponge, shake::ShakeDuplexSponge};
+use crate::duplex_sponge::{keccak::KeccakDuplexSponge, shake::ShakeDuplexSponge};
 use alloc::vec;
 use ff::PrimeField;
 use group::prime::PrimeGroup;
@@ -23,7 +23,11 @@ pub trait Codec {
     type Challenge;
 
     /// Generates an empty codec that can be identified by a domain separator.
-    fn new(protocol_identifier: &[u8], session_identifier: &[u8], instance_label: &[u8]) -> Self;
+    fn new(
+        protocol_identifier: &[u8; 64],
+        session_identifier: &[u8],
+        instance_label: &[u8],
+    ) -> Self;
 
     /// Allows for precomputed initialization of the codec with a specific IV.
     fn from_iv(iv: [u8; 64]) -> Self;
@@ -65,12 +69,11 @@ fn length_to_bytes(x: usize) -> [u8; WORD_SIZE] {
 /// This function computes a deterministic IV from the protocol identifier,
 /// session identifier, and instance label using the specified duplex sponge.
 pub fn compute_iv<H: DuplexSpongeInterface>(
-    protocol_id: &[u8],
+    protocol_id: &[u8; 64],
     session_id: &[u8],
     instance_label: &[u8],
 ) -> [u8; 64] {
     let mut tmp = H::new([0u8; 64]);
-    tmp.absorb(&length_to_bytes(protocol_id.len()));
     tmp.absorb(protocol_id);
     tmp.absorb(&length_to_bytes(session_id.len()));
     tmp.absorb(session_id);
@@ -86,9 +89,16 @@ where
 {
     type Challenge = G::Scalar;
 
-    fn new(protocol_id: &[u8], session_id: &[u8], instance_label: &[u8]) -> Self {
-        let iv = compute_iv::<H>(protocol_id, session_id, instance_label);
-        Self::from_iv(iv)
+    fn new(protocol_id: &[u8; 64], session_id: &[u8], instance_label: &[u8]) -> Self {
+        let mut hasher = H::new(*protocol_id);
+        hasher.absorb(&length_to_bytes(session_id.len()));
+        hasher.absorb(session_id);
+        hasher.absorb(&length_to_bytes(instance_label.len()));
+        hasher.absorb(instance_label);
+        Self {
+            hasher,
+            _marker: core::marker::PhantomData,
+        }
     }
 
     fn from_iv(iv: [u8; 64]) -> Self {
 
@@ -556,7 +556,7 @@ impl<G: PrimeGroup + ConstantTimeEq + ConditionallySelectable> SigmaProtocol
         }
     }
 
-    fn protocol_identifier(&self) -> impl AsRef<[u8]> {
+    fn protocol_identifier(&self) -> [u8; 64] {
         let mut hasher = Sha3_256::new();
 
         match self {
@@ -569,19 +569,21 @@ impl<G: PrimeGroup + ConstantTimeEq + ConditionallySelectable> SigmaProtocol
                 let mut hasher = Sha3_256::new();
                 hasher.update([1u8; 32]);
                 for p in protocols {
-                    hasher.update(p.protocol_identifier());
+                    hasher.update(p.protocol_identifier().as_ref());
                 }
             }
             ComposedRelation::Or(protocols) => {
                 let mut hasher = Sha3_256::new();
                 hasher.update([2u8; 32]);
                 for p in protocols {
-                    hasher.update(p.protocol_identifier());
+                    hasher.update(p.protocol_identifier().as_ref());
                 }
             }
         }
 
-        hasher.finalize()
+        let mut protocol_id = [0u8; 64];
+        protocol_id[..32].clone_from_slice(&hasher.finalize());
+        protocol_id
     }
 
     fn serialize_response(&self, response: &Self::Response) -> Vec<u8> {
 
@@ -68,7 +68,7 @@ where
     /// A new [`Nizk`] that can generate and verify non-interactive proofs.
     pub fn new(session_identifier: &[u8], interactive_proof: P) -> Self {
         let hash_state = C::new(
-            interactive_proof.protocol_identifier().as_ref(),
+            &interactive_proof.protocol_identifier(),
             session_identifier,
             interactive_proof.instance_label().as_ref(),
         );
 
@@ -72,17 +72,17 @@ extern crate alloc;
 pub mod codec;
 pub mod composition;
 pub mod errors;
+pub mod group;
 pub mod linear_relation;
 pub mod traits;
 
 pub(crate) mod duplex_sponge;
 pub(crate) mod fiat_shamir;
-pub(crate) mod group;
 pub(crate) mod schnorr_protocol;
 
-#[cfg(test)]
-pub mod tests;
-
+pub use duplex_sponge::{
+    keccak::KeccakDuplexSponge, shake::ShakeDuplexSponge, DuplexSpongeInterface,
+};
 pub use fiat_shamir::Nizk;
 pub use group::msm::VariableMultiScalarMul;
 pub use linear_relation::LinearRelation;
 
@@ -233,8 +233,11 @@ impl<G: PrimeGroup> SigmaProtocol for CanonicalLinearRelation<G> {
         self.label()
     }
 
-    fn protocol_identifier(&self) -> impl AsRef<[u8]> {
-        b"draft-zkproof-fiat-shamir"
+    fn protocol_identifier(&self) -> [u8; 64] {
+        const PROTOCOL_ID: &[u8; 32] = b"ietf sigma proof linear relation";
+        let mut protocol_id = [0; 64];
+        protocol_id[..32].clone_from_slice(PROTOCOL_ID);
+        protocol_id
     }
 }
 
 
@@ -98,7 +98,7 @@ pub trait SigmaProtocol {
     /// Deserializes a response from bytes.
     fn deserialize_response(&self, data: &[u8]) -> Result<Self::Response, Error>;
 
-    fn protocol_identifier(&self) -> impl AsRef<[u8]>;
+    fn protocol_identifier(&self) -> [u8; 64];
 
     fn instance_label(&self) -> impl AsRef<[u8]>;
 }
Original file line number	Diff line number	Diff line change
`@@ -556,7 +556,7 @@ impl<G: PrimeGroup + ConstantTimeEq + ConditionallySelectable> SigmaProtocol`
`556`	`556`	`}`
`557`	`557`	`}`
`558`	`558`
`559`		`- fn protocol_identifier(&self) -> impl AsRef<[u8]> {`
	`559`	`+ fn protocol_identifier(&self) -> [u8; 64] {`
`560`	`560`	`let mut hasher = Sha3_256::new();`
`561`	`561`
`562`	`562`	`match self {`
`@@ -569,19 +569,21 @@ impl<G: PrimeGroup + ConstantTimeEq + ConditionallySelectable> SigmaProtocol`
`569`	`569`	`let mut hasher = Sha3_256::new();`
`570`	`570`	`hasher.update([1u8; 32]);`
`571`	`571`	`for p in protocols {`
`572`		`- hasher.update(p.protocol_identifier());`
	`572`	`+ hasher.update(p.protocol_identifier().as_ref());`
`573`	`573`	`}`
`574`	`574`	`}`
`575`	`575`	`ComposedRelation::Or(protocols) => {`
`576`	`576`	`let mut hasher = Sha3_256::new();`
`577`	`577`	`hasher.update([2u8; 32]);`
`578`	`578`	`for p in protocols {`
`579`		`- hasher.update(p.protocol_identifier());`
	`579`	`+ hasher.update(p.protocol_identifier().as_ref());`
`580`	`580`	`}`
`581`	`581`	`}`
`582`	`582`	`}`
`583`	`583`
`584`		`- hasher.finalize()`
	`584`	`+ let mut protocol_id = [0u8; 64];`
	`585`	`+ protocol_id[..32].clone_from_slice(&hasher.finalize());`
	`586`	`+ protocol_id`
`585`	`587`	`}`
`586`	`588`
`587`	`589`	`fn serialize_response(&self, response: &Self::Response) -> Vec<u8> {`
Original file line number	Diff line number	Diff line change
`@@ -233,8 +233,11 @@ impl<G: PrimeGroup> SigmaProtocol for CanonicalLinearRelation<G> {`
`233`	`233`	`self.label()`
`234`	`234`	`}`
`235`	`235`
`236`		`- fn protocol_identifier(&self) -> impl AsRef<[u8]> {`
`237`		`- b"draft-zkproof-fiat-shamir"`
	`236`	`+ fn protocol_identifier(&self) -> [u8; 64] {`
	`237`	`+ const PROTOCOL_ID: &[u8; 32] = b"ietf sigma proof linear relation";`
	`238`	`+ let mut protocol_id = [0; 64];`
	`239`	`+ protocol_id[..32].clone_from_slice(PROTOCOL_ID);`
	`240`	`+ protocol_id`
`238`	`241`	`}`
`239`	`242`	`}`
`240`	`243`
Original file line number	Diff line number	Diff line change
`@@ -98,7 +98,7 @@ pub trait SigmaProtocol {`
`98`	`98`	`/// Deserializes a response from bytes.`
`99`	`99`	`fn deserialize_response(&self, data: &[u8]) -> Result<Self::Response, Error>;`
`100`	`100`
`101`		`- fn protocol_identifier(&self) -> impl AsRef<[u8]>;`
	`101`	`+ fn protocol_identifier(&self) -> [u8; 64];`
`102`	`102`
`103`	`103`	`fn instance_label(&self) -> impl AsRef<[u8]>;`
`104`	`104`	`}`