Correction on variable names and started adding bench for schnorr_signature.

Author: damrobi

mithril-stm/Cargo.toml

@@ -72,6 +72,11 @@ name = "multi_sig"
 harness = false
 required-features = ["benchmark-internals"]
 
+[[bench]]
+name = "schnorr_sig"
+harness = false
+required-features = ["future_snark"]
+
 [[bench]]
 name = "stm"
 harness = false

mithril-stm/benches/schnorr_sig.rs

@@ -0,0 +1,41 @@
+use criterion::{BenchmarkId, Criterion, criterion_group, criterion_main};
+use mithril_stm::{SchnorrSigningKey, SchnorrVerificationKey};
+use rand_chacha::ChaCha20Rng;
+use rand_core::{RngCore, SeedableRng};
+
+fn sign_and_verify(c: &mut Criterion, nr_sigs: usize) {
+    let mut group = c.benchmark_group("Schnorr".to_string());
+    let mut rng = ChaCha20Rng::from_seed([0u8; 32]);
+    let mut rng_sig = ChaCha20Rng::from_seed([1u8; 32]);
+
+    let mut msg = [0u8; 32];
+    rng.fill_bytes(&mut msg);
+    let mut mvks = Vec::new();
+    let mut sigs = Vec::new();
+    for _ in 0..nr_sigs {
+        let sk = SchnorrSigningKey::generate(&mut rng);
+        let vk = SchnorrVerificationKey::from(&sk);
+        let sig = sk.sign(&msg, &mut rng_sig).unwrap();
+        sigs.push(sig);
+        mvks.push(vk);
+    }
+
+    group.bench_function(BenchmarkId::new("Individual verif", nr_sigs), |b| {
+        b.iter(|| {
+            for (vk, sig) in mvks.iter().zip(sigs.iter()) {
+                assert!(sig.verify(&msg, vk).is_ok());
+            }
+        })
+    });
+}
+
+fn schnorr_benches(c: &mut Criterion) {
+    sign_and_verify(c, 1000);
+}
+
+criterion_group!(name = benches;
+                 config = Criterion::default().nresamples(10);
+                 targets =
+    schnorr_benches
+);
+criterion_main!(benches);

mithril-stm/src/lib.rs

@@ -140,6 +140,9 @@ pub use bls_multi_signature::{
     BlsVerificationKeyProofOfPossession,
 };
 
+#[cfg(feature = "future_snark")]
+pub use schnorr_signature::{SchnorrSignature, SchnorrSigningKey, SchnorrVerificationKey};
+
 /// The quantity of stake held by a party, represented as a `u64`.
 pub type Stake = u64;
 

mithril-stm/src/schnorr_signature/mod.rs

@@ -7,6 +7,7 @@ pub(super) mod utils;
 mod verification_key;
 
 pub use signature::*;
+pub use signing_key::*;
 pub use utils::*;
 pub use verification_key::*;
 
@@ -24,9 +25,7 @@ mod tests {
     use rand_chacha::ChaCha20Rng;
     use rand_core::SeedableRng;
 
-    use crate::schnorr_signature::{
-        signing_key::SchnorrSigningKey, verification_key::SchnorrVerificationKey,
-    };
+    use crate::schnorr_signature::{SchnorrSigningKey, SchnorrVerificationKey};
 
     #[test]
     fn test_hash_msg_to_jubjubbase() {

mithril-stm/src/schnorr_signature/signature.rs

@@ -59,39 +59,40 @@ impl SchnorrSignature {
         let generator = JubjubSubgroup::generator();
 
         // First hashing the message to a scalar then hashing it to a curve point
-        let hash_msg = JubjubExtended::hash_to_point(msg);
+        let msg_hash = JubjubExtended::hash_to_point(msg);
 
         // Computing R1 = H(msg) * s + sigma * c
-        let hash_msg_times_sig = hash_msg * self.signature;
+        let msg_hash_times_signature = msg_hash * self.signature;
         let sigma_times_challenge = self.sigma * self.challenge;
-        let random_value_1_recomputed = hash_msg_times_sig + sigma_times_challenge;
+        let random_point_1_recomputed = msg_hash_times_signature + sigma_times_challenge;
 
         // Computing R2 = g * s + vk * c
-        let generator_times_s = generator * self.signature;
+        let generator_times_signature = generator * self.signature;
         let vk_times_challenge = verification_key.0 * self.challenge;
-        let random_value_2_recomputed = generator_times_s + vk_times_challenge;
+        let random_point_2_recomputed = generator_times_signature + vk_times_challenge;
 
-        let (hash_msg_x, hash_msg_y) = get_coordinates_extended(hash_msg);
+        let (msg_hash_x, msg_hash_y) = get_coordinates_extended(msg_hash);
         let (verification_key_x, verification_key_y) = get_coordinates_subgroup(verification_key.0);
         let (sigma_x, sigma_y) = get_coordinates_extended(self.sigma);
-        let (random_value_1_recomputed_x, random_value_1_recomputed_y) =
-            get_coordinates_extended(random_value_1_recomputed);
-        let (random_value_2_recomputed_x, random_value_2_recomputed_y) =
-            get_coordinates_subgroup(random_value_2_recomputed);
+        let (random_point_1_recomputed_x, random_point_1_recomputed_y) =
+            get_coordinates_extended(random_point_1_recomputed);
+        let (random_point_2_recomputed_x, random_point_2_recomputed_y) =
+            get_coordinates_subgroup(random_point_2_recomputed);
+
         let challenge_recomputed = Hash::digest_truncated(
             Domain::Other,
             &[
                 DST_SIGNATURE,
-                hash_msg_x,
-                hash_msg_y,
+                msg_hash_x,
+                msg_hash_y,
                 verification_key_x,
                 verification_key_y,
                 sigma_x,
                 sigma_y,
-                random_value_1_recomputed_x,
-                random_value_1_recomputed_y,
-                random_value_2_recomputed_x,
-                random_value_2_recomputed_y,
+                random_point_1_recomputed_x,
+                random_point_1_recomputed_y,
+                random_point_2_recomputed_x,
+                random_point_2_recomputed_y,
             ],
         )[0];
 

mithril-stm/src/schnorr_signature/signing_key.rs

@@ -9,16 +9,16 @@ use rand_core::{CryptoRng, RngCore};
 use group::Group;
 
 use crate::schnorr_signature::{
-    DST_SIGNATURE, SchnorrSignature, SchnorrVerificationKey,
-    utils::{get_coordinates_extended, get_coordinates_subgroup},
+    DST_SIGNATURE, SchnorrSignature, SchnorrVerificationKey, get_coordinates_extended,
+    get_coordinates_subgroup,
 };
 
 /// Schnorr Signing key, it is essentially a random scalar of the Jubjub scalar field
 #[derive(Debug, Clone)]
-pub struct SchnorrSigningKey(pub(crate) JubjubScalar);
+pub struct SchnorrSigningKey(pub JubjubScalar);
 
 impl SchnorrSigningKey {
-    pub(crate) fn generate(rng: &mut (impl RngCore + CryptoRng)) -> Self {
+    pub fn generate(rng: &mut (impl RngCore + CryptoRng)) -> Self {
         SchnorrSigningKey(JubjubScalar::random(rng))
     }
 
@@ -61,7 +61,7 @@ impl SchnorrSigningKey {
     /// details in the implementation of the SchnorrSignature.
     ///
     // TODO: Check if we want the sign function to handle the randomness by itself
-    pub(crate) fn sign(
+    pub fn sign(
         &self,
         msg: &[u8],
         rng: &mut (impl RngCore + CryptoRng),
@@ -71,40 +71,40 @@ impl SchnorrSigningKey {
         let verification_key = SchnorrVerificationKey::from(self);
 
         // First hashing the message to a scalar then hashing it to a curve point
-        let hash_msg = JubjubExtended::hash_to_point(msg);
+        let msg_hash = JubjubExtended::hash_to_point(msg);
 
-        let sigma = hash_msg * self.0;
+        let sigma = msg_hash * self.0;
 
         // Compute the random part of the signature with
         // r1 = H(msg) * r
         // r2 = g * r
         let random_scalar = JubjubScalar::random(rng);
-        let random_value_1 = hash_msg * random_scalar;
-        let random_value_2 = generator * random_scalar;
+        let random_point_1 = msg_hash * random_scalar;
+        let random_point_2 = generator * random_scalar;
 
         // Since the hash function takes as input scalar elements
         // We need to convert the EC points to their coordinates
         // I use gx and gy for now but maybe we can replace them by a DST?
-        let (hash_msg_x, hash_msg_y) = get_coordinates_extended(hash_msg);
+        let (msg_hash_x, msg_hash_y) = get_coordinates_extended(msg_hash);
         let (verification_key_x, verification_key_y) = get_coordinates_subgroup(verification_key.0);
         let (sigma_x, sigma_y) = get_coordinates_extended(sigma);
-        let (random_value_1_x, random_value_1_y) = get_coordinates_extended(random_value_1);
-        let (random_value_2_x, random_value_2_y) = get_coordinates_subgroup(random_value_2);
+        let (random_point_1_x, random_point_1_y) = get_coordinates_extended(random_point_1);
+        let (random_point_2_x, random_point_2_y) = get_coordinates_subgroup(random_point_2);
 
         let challenge = Hash::digest_truncated(
             Domain::Other,
             &[
                 DST_SIGNATURE,
-                hash_msg_x,
-                hash_msg_y,
+                msg_hash_x,
+                msg_hash_y,
                 verification_key_x,
                 verification_key_y,
                 sigma_x,
                 sigma_y,
-                random_value_1_x,
-                random_value_1_y,
-                random_value_2_x,
-                random_value_2_y,
+                random_point_1_x,
+                random_point_1_y,
+                random_point_2_x,
+                random_point_2_y,
             ],
         )[0];
 

mithril-stm/src/schnorr_signature/verification_key.rs

@@ -32,9 +32,9 @@ impl From<&SchnorrSigningKey> for SchnorrVerificationKey {
     ///
     /// This is done by computing `vk = g * sk` where g is the generator
     /// of the subgroup and sk is the schnorr secret key
-    fn from(sk: &SchnorrSigningKey) -> Self {
-        let g = JubjubSubgroup::generator();
+    fn from(signing_key: &SchnorrSigningKey) -> Self {
+        let generator = JubjubSubgroup::generator();
 
-        SchnorrVerificationKey(g * sk.0)
+        SchnorrVerificationKey(generator * signing_key.0)
     }
 }