Implement 2 DAC (Delegatable Anonymous Credentials) schemes: Protego

(and Protego Duo) and MSBM

Signed-off-by: lovesh <lovesh.bond@gmail.com>

Author: lovesh

Cargo.toml

@@ -9,7 +9,8 @@ members = [
     "saver",
     "compressed_sigma",
     "benches",
-    "test_utils"
+    "test_utils",
+    "delegatable_credentials"
 ]
 resolver = "2"
 
@@ -31,7 +32,8 @@ serde_with = { version = "1.10.0", default-features = false, features = ["macros
 zeroize = { version = "1.5.5", features = ["derive"] }
 blake2 = { version = "0.9", default-features = false }
 ark-bls12-381 = { version = "^0.3.0", default-features = false, features = [ "curve" ] }
-
+ark-poly = { version = "^0.3.0", default-features = false }
+merlin = { version = "^3.0", default-features = false }
 
 [profile.release]
 lto = true

bbs_plus/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "bbs_plus"
-version = "0.9.0"
+version = "0.10.0"
 edition.workspace = true
 authors.workspace = true
 license.workspace = true
@@ -18,8 +18,8 @@ ark-ec.workspace = true
 ark-std.workspace = true
 digest.workspace = true
 rayon = {workspace = true, optional = true}
-schnorr_pok = { version = "0.7.0", default-features = false, path = "../schnorr_pok" }
-dock_crypto_utils = { version = "0.7.0", default-features = false, path = "../utils" }
+schnorr_pok = { version = "0.8.0", default-features = false, path = "../schnorr_pok" }
+dock_crypto_utils = { version = "0.8.0", default-features = false, path = "../utils" }
 serde.workspace = true
 serde_with.workspace = true
 zeroize.workspace = true

benches/Cargo.toml

@@ -6,9 +6,9 @@ authors.workspace = true
 license.workspace = true
 
 [dependencies]
-bbs_plus = { version = "0.9.0", default-features = false, path = "../bbs_plus" }
-schnorr_pok = { version = "0.7.0", default-features = false, path = "../schnorr_pok" }
-vb_accumulator = { version = "0.10.0", default-features = false, path = "../vb_accumulator" }
+bbs_plus = { version = "0.10.0", default-features = false, path = "../bbs_plus" }
+schnorr_pok = { version = "0.8.0", default-features = false, path = "../schnorr_pok" }
+vb_accumulator = { version = "0.11.0", default-features = false, path = "../vb_accumulator" }
 test_utils = { version = "0.1.0", default-features = false, path = "../test_utils" }
 ark-ff.workspace = true
 ark-ec.workspace = true

compressed_sigma/Cargo.toml

@@ -15,7 +15,7 @@ ark-sponge = { version = "^0.3.0", default-features = false }
 ark-poly = { version = "^0.3.0", default-features = false }
 rayon = {workspace = true, optional = true}
 digest.workspace = true
-dock_crypto_utils = { version = "0.7.0", default-features = false, path = "../utils" }
+dock_crypto_utils = { version = "0.8.0", default-features = false, path = "../utils" }
 
 [dev-dependencies]
 blake2.workspace = true

compressed_sigma/src/compressed_linear_form.rs

@@ -133,7 +133,7 @@ where
 
         // There are many multiplications done with `k`, so creating a table for it
         let lg2 = z_hat.len() & (z_hat.len() - 1);
-        let k_table = WindowTable::new(G::ScalarField::size_in_bits(), lg2, k.into_projective());
+        let k_table = WindowTable::new(lg2, k.into_projective());
 
         // In each iteration of the loop, size of `z_hat`, `g_hat` and `L_tilde` is reduced by half
         while z_hat.len() > 2 {

compressed_sigma/src/utils.rs

@@ -2,7 +2,7 @@ use ark_ec::AffineCurve;
 use ark_ff::PrimeField;
 use ark_std::{vec, vec::Vec};
 use dock_crypto_utils::ec::batch_normalize_projective_into_affine;
-use dock_crypto_utils::msm::{multiply_field_elems_with_same_group_elem, variable_base_msm};
+use dock_crypto_utils::msm::multiply_field_elems_with_same_group_elem;
 
 use crate::transforms::{Homomorphism, LinearForm};
 

delegatable_credentials/Cargo.toml

@@ -0,0 +1,35 @@
+[package]
+name = "delegatable_credentials"
+version = "0.1.0"
+edition.workspace = true
+authors.workspace = true
+license.workspace = true
+repository.workspace = true
+
+[dependencies]
+ark-ff.workspace = true
+ark-ec.workspace = true
+ark-std.workspace = true
+ark-serialize.workspace = true
+ark-poly.workspace = true
+digest.workspace = true
+rayon = {workspace = true, optional = true}
+serde.workspace = true
+serde_with.workspace = true
+dock_crypto_utils = { version = "0.8.0", default-features = false, path = "../utils" }
+zeroize.workspace = true
+num-bigint = { version = "0.4.0", default-features = false }
+schnorr_pok = { version = "0.8.0", default-features = false, path = "../schnorr_pok" }
+[dependencies.num-integer]
+version = "0.1.42"
+features = ["i128"]
+default-features = false
+
+[dev-dependencies]
+blake2.workspace = true
+ark-bls12-381.workspace = true
+
+[features]
+default = [ "parallel" ]
+std = [ "ark-ff/std", "ark-ec/std", "ark-std/std", "ark-serialize/std", "serde/std", "dock_crypto_utils/std", "ark-poly/std"]
+parallel = [ "std", "ark-ff/parallel", "ark-ec/parallel", "ark-std/parallel", "rayon", "dock_crypto_utils/parallel", "ark-poly/parallel"]

delegatable_credentials/README.md

@@ -0,0 +1,5 @@
+# Delegatable credentials
+
+Provides 2 variations:
+1. Ad-hoc delegation where credential owner chooses a set of issuer public keys and proves that the credential was issued by one of the key. Based on the paper [Protego: A Credential Scheme for Permissioned Blockchains](https://eprint.iacr.org/2022/661). [Code](./src/protego)
+2. Here there is a root issuer which can issue a credential to anyone with the permission to reissue the credential with or without additional attributes. Based on the paper [Practical Delegatable Anonymous Credentials From Equivalence Class Signatures](https://eprint.iacr.org/2022/680). [Code](./src/msbm)