feat: Refactor ProtocolProverState and ProtocolWitness in Or cases to improve clarity

- Replaced Vec with Box in the Or variants of ProtocolProverState and ProtocolWitness, since these were always single‑element vectors. This change improves readability and overall code comprehension.

- Added ProtocolWitness::from helper methods for easier construction.

- Updated all related tests to align with the new data structures.

Author: nougzarm

README.md

@@ -48,12 +48,12 @@ let or_protocol = Protocol::Or(vec![
 ]);
 
 // If we know the second option, create witness for index 1
-let witness = ProtocolWitness::Or(1, vec![
-    ProtocolWitness::And(vec![
+let witness = ProtocolWitness::from((1, 
+    ProtocolWitness::from(vec![
         ProtocolWitness::Simple(vec![y]),
         ProtocolWitness::Simple(vec![z]),
     ])
-]);
+));
 ```
 
 ## Examples

examples/simple_composition.rs

@@ -55,7 +55,7 @@ fn prove(P1: G, x2: Scalar, H: G) -> ProofResult<Vec<u8>> {
     let Q = H * x2;
 
     let protocol = create_relation(P1, P2, Q, H);
-    let witness = ProtocolWitness::Or(1, vec![ProtocolWitness::Simple(vec![x2])]);
+    let witness = ProtocolWitness::from((1, ProtocolWitness::Simple(vec![x2])));
     let nizk = NISigmaProtocol::<_, ShakeCodec<G>>::new(b"or_proof_example", protocol);
 
     nizk.prove_batchable(&witness, &mut rng)

src/composition.rs

@@ -77,7 +77,7 @@ pub enum ProtocolProverState<G: Group + GroupEncoding> {
     And(Vec<ProtocolProverState<G>>),
     Or(
         usize,                                                 // real index
-        Vec<ProtocolProverState<G>>,                           // real ProverState
+        Box<ProtocolProverState<G>>,                           // real ProverState
         (Vec<ProtocolChallenge<G>>, Vec<ProtocolResponse<G>>), // simulated transcripts
     ),
 }
@@ -94,7 +94,19 @@ pub enum ProtocolResponse<G: Group + GroupEncoding> {
 pub enum ProtocolWitness<G: Group + GroupEncoding> {
     Simple(<SchnorrProof<G> as SigmaProtocol>::Witness),
     And(Vec<ProtocolWitness<G>>),
-    Or(usize, Vec<ProtocolWitness<G>>),
+    Or(usize, Box<ProtocolWitness<G>>),
+}
+
+impl<G: Group + GroupEncoding> From<Vec<ProtocolWitness<G>>> for ProtocolWitness<G> {
+    fn from(value: Vec<ProtocolWitness<G>>) -> Self {
+        Self::And(value)
+    }
+}
+
+impl<G: Group + GroupEncoding> From<(usize, ProtocolWitness<G>)> for ProtocolWitness<G> {
+    fn from((i, witness): (usize, ProtocolWitness<G>)) -> Self {
+        Self::Or(i, Box::new(witness))
+    }
 }
 
 // Structure representing the Challenge type of Protocol as SigmaProtocol
@@ -144,7 +156,7 @@ impl<G: Group + GroupEncoding> SigmaProtocol for Protocol<G> {
                 let mut simulated_challenges = Vec::new();
                 let mut simulated_responses = Vec::new();
 
-                let (real_commitment, real_state) = ps[*w_index].prover_commit(&w[0], rng)?;
+                let (real_commitment, real_state) = ps[*w_index].prover_commit(&w, rng)?;
 
                 for i in (0..ps.len()).filter(|i| i != w_index) {
                     let (commitment, challenge, response) = ps[i].simulate_transcript(rng)?;
@@ -158,7 +170,7 @@ impl<G: Group + GroupEncoding> SigmaProtocol for Protocol<G> {
                     ProtocolCommitment::Or(commitments),
                     ProtocolProverState::Or(
                         *w_index,
-                        vec![real_state],
+                        Box::new(real_state),
                         (simulated_challenges, simulated_responses),
                     ),
                 ))
@@ -203,8 +215,7 @@ impl<G: Group + GroupEncoding> SigmaProtocol for Protocol<G> {
                 for ch in &simulated_challenges {
                     real_challenge -= ch;
                 }
-                let real_response =
-                    ps[w_index].prover_response(real_state[0].clone(), &real_challenge)?;
+                let real_response = ps[w_index].prover_response(*real_state, &real_challenge)?;
 
                 for (i, _) in ps.iter().enumerate() {
                     if i == w_index {

src/tests/composition.rs

@@ -65,7 +65,7 @@ fn composition_proof_correct() {
         Protocol::Simple(SchnorrProof::from(relation1)),
         Protocol::Simple(SchnorrProof::from(relation2)),
     ]);
-    let or_witness1 = ProtocolWitness::Or(0, vec![ProtocolWitness::Simple(witness1)]);
+    let or_witness1 = ProtocolWitness::from((0, ProtocolWitness::Simple(witness1)));
 
     let simple_protocol1 = Protocol::from(relation3);
     let simple_witness1 = ProtocolWitness::Simple(witness3);
@@ -74,14 +74,14 @@ fn composition_proof_correct() {
         Protocol::Simple(SchnorrProof::from(relation4)),
         Protocol::Simple(SchnorrProof::from(relation5)),
     ]);
-    let and_witness1 = ProtocolWitness::And(vec![
+    let and_witness1 = ProtocolWitness::from(vec![
         ProtocolWitness::Simple(witness4),
         ProtocolWitness::Simple(witness5),
     ]);
 
     // definition of the final protocol
     let protocol = Protocol::And(vec![or_protocol1, simple_protocol1, and_protocol1]);
-    let witness = ProtocolWitness::And(vec![or_witness1, simple_witness1, and_witness1]);
+    let witness = ProtocolWitness::from(vec![or_witness1, simple_witness1, and_witness1]);
 
     let nizk =
         NISigmaProtocol::<Protocol<RistrettoPoint>, ShakeCodec<G>>::new(domain_sep, protocol);