Skip to content

tari-project/bulletproofs-plus

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

127 Commits

.github/workflows

.github/workflows

 
 

benches

benches

 
 

docs/quarkslab-audit

docs/quarkslab-audit

 
 

fuzz

fuzz

 
 

scripts

scripts

 
 

src

src

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

.license.ignore

.license.ignore

 
 

.versionrc.json

.versionrc.json

 
 

CHANGELOG.md

CHANGELOG.md

 
 

Cargo.toml

Cargo.toml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

clippy.toml

clippy.toml

 
 

lints.toml

lints.toml

 
 

rust-toolchain.toml

rust-toolchain.toml

 
 

rustfmt.toml

rustfmt.toml

 
 

test_coverage.sh

test_coverage.sh

 
 

Repository files navigation

Build Coverage Status

Tari Bulletproofs+

A speedy implementation of the Bulletproofs+ range proving system that does fun tricks.

In particular, it supports:

  • Proof aggregation. You can generate a proof containing multiple range assertions in an efficient way.
  • Extended commitments. Commitments may contain multiple masks.
  • Batch verification. Verifying a set of multiple proofs is extremely fast.
  • Minimum value promises. You can prove that a commitment binds to at least a specified value.
  • Mask extraction. If the prover and verifier agree on a shared secret, the verifier can use it to recover the mask used for the commitment in a non-aggregated proof.

Compared to an updated fork of the dalek-cryptography Bulletproofs implementation, this Bulletproofs+ implementation is:

  • Smaller. Regardless of the aggregation factor, a Bulletproofs+ proof is 96 bytes shorter.
  • Faster to generate proofs. This implementation generates a non-aggregated 64-bit range proof about 10% faster, with similar speedups for aggregated proofs.
  • Faster to verify single proofs. This implementation verifies a single 64-bit range proof about 15% faster.
  • Slower to verify aggregated proofs. This implementaiton verifies aggregated proofs more slowly.
  • Faster to verify batched proofs. Because this implementation supports batching, its marginal verification time for a single 64-bit range proof can be reduced to under half the corresponding non-batched time.

As always, your mileage may vary.

This library underwent a code audit by Quarkslab at a specific point in the repository history. You can read the report and issue responses in this repository.

Features

The library is #![no_std]-friendly when default features are disabled.

The (default) rand feature adds prover and verifier functionality using the OsRng random number generator. If it is not enabled, you must supply your own cryptographically-secure random number generator.

The (default) std feature enables corresponding functionality in dependencies.

Testing

Unit tests are available via cargo test. Basic fuzz testing can be run (on a nightly toolchain) via cargo fuzz.

References

This implementation takes its cue from the dalek-cryptography Bulletproofs implementation, as well as the Monero Bulletproofs+ implementation.

Several of the features and optimizations used in this implementation are described in Tari RFC-0181.

Copyright

All original source code files are marked with

Copyright 2022 The Tari Project
SPDX-License-Identifier: BSD-3-Clause

All re-used and or adapted dalek-cryptography source code files are marked with

Copyright 2022 The Tari Project
SPDX-License-Identifier: BSD-3-Clause
  Modified from:
    Copyright (c) 2018 Chain, Inc.
    SPDX-License-Identifier: MIT

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

6 stars

Watchers

5 watching

Forks

11 forks
Report repository

Releases

16 tags

Packages

No packages published

Contributors 8

Languages