You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is there any support planned (or already available) for disjunctive proofs, or, alternatively, generating a "fake" RangeProof and/or InnerProductProof given the challenge scalars in advance, in support of CDS94 style disjunctive proofs? It's entirely possible that this machinery is already available, in which case I haven't discovered it yet, and I suppose it would be nice to add some more documentation for it.
Please forgive my ignorance if this question is better suited for the Merlin repository, or if I've made some other error in judgement; I'm not a cryptographer.
The text was updated successfully, but these errors were encountered:
Assuming that this is not planned, and I have the desire to implement this myself, is it sufficient to simulate the proof with a fixed RNG, and then just calculate any one of the commitments to be the additive inverse of all the others?
For instance, can I just calculate x, y, z, c, U, and S randomly, and then just calculate the bit commitment A as the additive inverse of the remaining summands? Or does this leak information that this is a false proof, somehow, and I have to forge the commitments more carefully? Again, not a cryptographer, so I want to be really careful before doing anything.
Is there any support planned (or already available) for disjunctive proofs, or, alternatively, generating a "fake"
RangeProof
and/orInnerProductProof
given the challenge scalars in advance, in support of CDS94 style disjunctive proofs? It's entirely possible that this machinery is already available, in which case I haven't discovered it yet, and I suppose it would be nice to add some more documentation for it.Please forgive my ignorance if this question is better suited for the Merlin repository, or if I've made some other error in judgement; I'm not a cryptographer.
The text was updated successfully, but these errors were encountered: