3 unstable releases
0.3.2 | Aug 7, 2023 |
---|---|
0.3.1 | Jul 18, 2023 |
0.2.3 | Apr 3, 2023 |
#2572 in Magic Beans
3,337 downloads per month
Used in 3 crates
(via tari_crypto)
145KB
3K
SLoC
Tari Bulletproofs+
A speedy implementation of the Bulletproofs+ range proving system that does fun tricks.
In particular, it supports:
- Proof aggregation. You can generate a proof containing multiple range assertions in an efficient way.
- Extended commitments. Commitments may contain multiple masks.
- Batch verification. Verifying a set of multiple proofs is extremely fast.
- Minimum value promises. You can additionally prove that a commitment binds to at least a specified value.
- Mask extraction. If the prover and verifier agree on a shared secret, the verifier can use it to recover the mask used for the commitment in a non-aggregated proof.
Compared to an updated fork of the dalek-cryptography
Bulletproofs implementation, this Bulletproofs+ implementation is:
- Smaller. Regardless of the aggregation factor, a Bulletproofs+ proof is 96 bytes shorter.
- Faster to generate proofs. This implementation generates a non-aggregated 64-bit range proof about 10% faster, with similar speedups for aggregated proofs.
- Slower to verify single proofs. While this implementation verifies a single 64-bit range proof in comparable time, it verifies aggregated proofs more slowly.
- Faster to verify batched proofs. Because this implementation supports batching, its marginal verification time for a single 64-bit range proof can be reduced to under half the corresponding non-batched time.
As always, your mileage may vary.
References
This implementation takes its cue from the dalek-cryptography
Bulletproofs implementation, as well as the Monero Bulletproofs+ implementation.
Several of the features and optimizations used in this implementation are described in Tari RFC-0181.
Copyright
All original source code files are marked with
Copyright 2022 The Tari Project
SPDX-License-Identifier: BSD-3-Clause
All re-used and or adapted dalek-cryptography
source code files are marked with
Copyright 2022 The Tari Project
SPDX-License-Identifier: BSD-3-Clause
Modified from:
Copyright (c) 2018 Chain, Inc.
SPDX-License-Identifier: MIT
Dependencies
~3.5–5MB
~90K SLoC