Example 1

Assume the following sample code: mul R1, R1, 5 => Gate 1, p=181 add R1, R1, 11 => Gate 2, p=181 mul R1, R1, 26 => Gate 3, p=181

The constraints are as follows considering $p=181$ :

$R_1^{(2)}-5R_1^{(1)}=0$ $R_1^{(3)}-R_1^{(2)}-11=0$ $R_1^{(4)}-26R_1^{(3)}=0$

To keep the example simple and understandable, we continue with $n_g=3$ and $n_i=1$ .

The Prover calculates square matrices $A$ , $B$ and $C$ of order $n_g+n_i+1=3+1+1=5$ based on above construction:

A=\begin{bmatrix} 0&0&0&0&0\\ 0&0&0&0&0\\ 0&1&0&0&0\\ 1&0&0&0&0\\ 0&0&0&1&0 \end{bmatrix}

B=\begin{bmatrix} 0&0&0&0&0\\ 0&0&0&0&0\\ 5&0&0&0&0\\ 11&0&1&0&0\\ 26&0&0&0&0 \end{bmatrix}

C=\begin{bmatrix} 0&0&0&0&0\\ 0&0&0&0&0\\ 0&0&1&0&0\\ 0&0&0&1&0\\ 0&0&0&0&1 \end{bmatrix}

At we see, the matrices $A$ and $B$ are $2-SLT$ and matrix $C$ is $2-Diag$ . Also $Az\hspace{1mm}o\hspace{1mm}Bz=Cz$ .

We consider multiplicative subgroup $\mathbb{H}$ of order $n=n_g+n_i+1=5$ with generator $\omega=2^{36}\equiv 59 (\textrm{mod}\hspace{1mm}181)$ . Note that if $g$ is a generator of field $\mathbb{F}$ of order $p$ , then, $g^{\frac{p-1}{n}}$ is a generator of a multiplicative subgroup of it of order $n$ . Therefore, $\mathbb{H}=$ { $1,\omega,\omega^2,\omega^3,\omega^4$ } = { $1,59,42,125,135$ }.

Also, consider multiplicative subgroup $\mathbb{K}$ of order $m=2n_g=6$ where $t=n_i+1=2$ with generator $\gamma=g^{\frac{p-1}{m}}=2^{30}\equiv49(\textrm{mod}\hspace{1mm}181)$ . Therefore, $\mathbb{K}=$ { $1,\gamma,\gamma^2,...,\gamma^5$ } = { $1,49,48,180,132,133$ } .

PFR Commitment

$Commit(ck=(2,66,83,91,96,24,2,66,83),m_f=(A,B,C),s\in R)$ :

1- The Prover Selects $s=(s_1,...,s_{s_{AHP}(0)})$ of random space $R$ .

2- The Prover calculates $\overrightarrow{O}=Enc(m_f=(A,B,C))$ as encoded index as following:.

First, calculates the polynomial $row_{PFR_A}(x)$ . Since matrix $A$ has three non-zero entries that the first of them is in the second row, so $c_0=2$ and $row_{PFR_A}(\gamma^0)=\omega^2$ , note that rows numbered of zero, the second is in the third row, so $c_1=3$ and $row_{PFR_A}(\gamma^1)=\omega^3$ and the third is in the fourth row, so $c_2=4$ and $row_{PFR_A}(\gamma^2)=\omega^4$ . Note that to construct all three polynomials, we read the entries in the matrix in row or column order. Here they are read in row order.

According to the values defined for $\gamma$ and $\omega$ , we have $row_{PFR_A}(1)=42$ , $row_{PFR_A}(43)=125$ and $row_{PFR_A}(39)=135$ . Therefore based on Lagrange polynomials, have $row_{PFR_A}(x)=\sum_{i=1}^{3}y_iL_i(x)$ , so $row_{PFR_A}(x)=42L_1(x)+125L_2(x)+135L_3(x)$ , where $L_1(x)=\frac{(x-43)(x-39)}{(1-43)(1-39)}=\frac{(x-43)(x-39)}{(-42)(-38)}$ . Now, since $-42\equiv139\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $-38\equiv143\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $-43\equiv138\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ and $-39\equiv142\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , therefore $L_1(x)=\frac{(x+138)(x+142)}{(139)(143)}$ and since $(139)(143)\equiv 148\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ and $148^{-1}\equiv 170\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , have $L_1(x)=170(x+138)(x+142)=170x^2+178x+15$ . We get in a similar way that $L_2(x)=167x^2+17x+178$ and $L_3(x)=25x^2+167x+170$ . Therefore $row_{PFR_A}(x)=77x^2+109x+37$ .

Now, calculates $col_{PFR_A}(x)$ . Since matrix $A$ has three non-zero entries that the first of them is in the first column, so $r_0=1$ and $col_{PFR_A}(\gamma^0)=\omega^1$ , note that columns numbered of zero, the second is in the zero column, so $r_1=0$ and $col_{PFR_A}(\gamma^1)=\omega^0$ and the third is in the third column, so $r_2=3$ and $col_{PFR_A}(\gamma^2)=\omega^3$ . Therefore $col_{PFR_A}(1)=59$ , $col_{PFR_A}(43)=1$ and $col_{PFR_A}(39)=125$ . So $col_{PFR_A}(x)=59L_1(x)+L_2(x)+125L_3(x)=109x^2+81x+50$ .

Now, calculates $val_{PFR_A}(x)$ . Since matrix $A$ has three non-zero entries such that the value of all of them is one, therefore $v_0=v_1=v_2=1$ . So, $val_{PFR_A}(x)=L_1(x)+L_2(x)+L_3(x)=1$ .

Therefore, the matrix $A$ is encoded by $row_{PFR_A}(x)=77x^2+109x+37$ , $col_{PFR_A}(x)=109x^2+81x+50$ and $val_{PFR_A}(x)=1$ .

Now, encodes the matrix $B$ . First, calculates the polynomial $row_{PFR_B}(x)$ . Since matrix $B$ has four non-zero entries such that the first of them is in the second row, so $c_0=2$ and $row_{PFR_B}(\gamma^0)=\omega^2$ . The second and the third are in the third row, so $c_1=c_2=3$ and $row_{PFR_B}(\gamma^1)=row_{PFR_B}(\gamma^2)=\omega^3$ and the fourth is in the fourth row, so $c_3=4$ and $row_{PFR_B}(\gamma^3)=\omega^4$ . Therefore, $row_{PFR_B}(1)=42$ , $row_{PFR_B}(43)=125$ , $row_{PFR_B}(39)=125$ and $row_{PFR_B}(48)=135$ . So $row_{PFR_B}(x)=42L_1(x)+125L_2(x)+125L_3(x)+135L_4(x)$ where $L_1(x)=\frac{(x-43)(x-39)(x-48)}{(1-43)(1-39)(1-48)}=\frac{(x+138)(x+142)(x+133)}{(139)(143)(134)}=\frac{(x+138)(x+142)(x+133)}{103}$ . Since $103^{-1}\equiv58\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , so $L_1(x)=58(x+138)(x+142)(x+133)=58x^3+62x^2+116x+127$ . We get in a similar way that $L_2(x)=39x^3+7x^2+19x+116$ , $L_3(x)=138x^3+155x^2+7x+62$ and $L_4(x)=127x^3+138x^2+39x+58$ . Therefore $row_{PFR_B}(x)=76x^3+35x^2+174x+119$ .

Now, calculates $col_{PFR_B}(x)$ . Since matrix $B$ has four non-zero entries that the first, second and fourth of them are in zero column, so $r_0=r_1=r_3=0$ and $col_{PFR_B}(\gamma^0)=col_{PFR_B}(\gamma^1)=col_{PFR_B}(\gamma^3)=\omega^0$ and the third is in the second column, so $r_2=2$ and $col_{PFR_B}(\gamma^2)=\omega^2$ . Therefore $col_{PFR_B}(1)=1$ , $col_{PFR_B}(43)=1$ , $col_{PFR_B}(39)=42$ and $col_{PFR_B}(48)=1$ . So $col_{PFR_B}(x)=L_1(x)+L_2(x)+42L_3(x)+L_4(x)=47x^3+20x^2+106x+9$ .

Now, calculates $val_{PFR_B}(x)$ . Since matrix $B$ has four non-zero entries that value of them are $5$ , $11$ , $1$ and $26$ , respectively. Therefore $v_0=v_1=v_2=1$ $val_{PFR_B}(\gamma^0)=5$ , $val_{PFR_B}(\gamma^1)=11$ , $val_{PFR_B}(\gamma^2)=1$ and $val_{PFR_B}(\gamma^3)=26$ . So, $val_{PFR_B}(1)=5$ , $val_{PFR_B}(43)=11$ , $val_{PFR_B}(39)=1$ and $val_{PFR_B}(48)=26$ . Therefore, $val_{PFR_B}(x)=5L_1(x)+11L_2(x)+L_3(x)+26L_4(x)=177x^3+148x^2+42$ .

Therefore, the matrix $B$ is encoded by $row_{PFR_B}(x)=76x^3+35x^2+174x+119$ , $col_{PFR_B}(x)=47x^3+20x^2+106x+9$ and $val_{PFR_B}(x)=177x^3+148x^2+42$ .

Now, calculates polynomial $row_{PFR_C}(x)$ . In a similar way, Since matrix $C$ has three non-zero entries that are in the third, fourth and fifth rows, therefore $row_{PFR_C}(\gamma^0)=\omega^2$ , $row_{PFR_C}(\gamma^1)=\omega^3$ and $row_{PFR_C}(\gamma^2)=\omega^4$ . Then $row_{PFR_C}(1)=42$ , $row_{PFR_C}(43)=125$ and $row_{PFR_C}(39)=135$ . So $row_{PFR_C}(x)=42L_1(x)+125L_2(x)+135L_3(x)$ , therefore $row_{PFR_C}(x)=77x^2+109x+37$ .

Now, since $C$ is a diagonal matrix, polynomials $row_{PFR_C}(x)$ and $col_{PFR_C}(x)$ are equal. Also, since the matrix $C$ has three non-zero entries such that the value of all of them is one, therefore $v_0=v_1=v_2=1$ . So, $val_{PFR_C}(x)=L_1(x)+L_2(x)+L_3(x)=1$ .

Therefore, the matrix $C$ is encoded by $row_{PFR_C}(x)=77x^2+109x+37$ , $col_{PFR_C}(x)=77x^2+109x+37$ and $val_{PFR_C}(x)=1$ . Therefore, encoding of $m_f=(A,B,C)$ calculates as following: $\overrightarrow{O}_{PFR}=(37,109,77,0,0,0,0,0,0,50,81,109,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,119,174,35,76,0,0,$

3- The Prover calculates commitment by using of KZG commitment scheme as following:

$Com_{T}=\sum_{i=0}^{deg_T}a_ig\tau^i=\sum_{i=0}^{deg_T}a_ick(i)$ where $a_i$ is coefficient of $x^i$ in polynomial $T(x)$ .

Therefore

$Com_{PFR}^0=\sum_{i=0}^{2}row_{PFR_{A_i}}(g\tau^i)=\sum_{i=0}^{2}row_{PFR_{A_i}}ck(i)=37ck(0)+109ck(1)+77ck(2)=37\times2+109\times 57+77\times 86\equiv\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$

$Com_{PFR}^1=$

$Com_{PFR}^2=$

and similarly

$Com_{PFR}^3=$ , $Com_{PFR}^4=$ , $Com_{PFR}^5=$ , $Com_{PFR}^6=$ , $Com_{PFR}^7=$ and $Com_{PFR}^8=$ .

4- The Prover sends $Com_{PFR}=$ to the Verifier.

AHP Commitment

$Commit(ck,m_f=(A,B,C),s\in R)$ :

1 - The Prover Selects $s=(s_1,...,s_{s_{AHP}(0)})$ of random space $R$ . 2- The Prover calculates $\overrightarrow{O}_{AHP}=Enc(m_f=(A,B,C))$ as encoded index as following:

The polynomial $row_{AHP_A}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } with $row_{AHP_A}(k=\gamma^i)=\omega^{r_i}$ for $1\leq i\leq ||A||$ , and otherwise $row_{AHP_A}(k)$ returns an arbitrary element in $\mathbb{H}$ . So $row_{AHP_A}(k)$ on $\mathbb{K}$ is a polynomial so that $row_{AHP_A}(1)=42$ , $row_{AHP_A}(49)=125$ , $row_{AHP_A}(48)=135$ and otherwise $row_{AHP_A}(k)$ returns arbitrary elements of $\mathbb{H}$ , for example $row_{AHP_A}(180)=125$ , $AHProw_A(132)=135$ , $AHProw_A(133)=1$ . Therefore, $row_{AHP_A}(x)=\sum_{i=1}^{6}y_iL_i(x)=162x^5+62x^4+161x^3+169x^2+88x+124$ .

Also, $col_{AHP_A}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } with $col_{AHP_A}(k=\gamma^i)=\omega^{c_i}$ for $1\leq i\leq ||A||$ and otherwise $col_{AHP_A}(k)$ returns an arbitrary element in $\mathbb{H}$ . So $col_{AHP_A}(k)$ on $\mathbb{K}$ is a polynomial so that $col_{AHP_A}(1)=59$ , $col_{AHP_A}(49)=1$ , $col_{AHP_A}(48)=125$ and otherwise $col_{AHP_A}(k)$ returns arbitrary elements of $\mathbb{H}$ , for example $col_{AHP_A}(180)=125$ , $col_{AHP_A}(132)=135$ and $col_{AHP_A}(133)=1$ . Therefore, $col_{AHP_A}(x)=\sum_{i=1}^{6}y_iL_i(x)=128x^5+150x^4+32x^3+109x^2+169x+14$

and , $val_{AHP_A}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } with $val_{AHP_A}(k=\gamma^i)=\frac{v_i}{u_{\mathbb{H}}(row_{AHP_A}(k),row_{AHP_A}(k))u_{\mathbb{H}}(col_{AHP_A}(k),col_{AHP_A}(k))}$ for $1\leq i\leq ||A||$ where $v_i$ is value of $i^{th}$ nonzero entry and otherwise $val_{AHP_A}(k)$ returns zero. Note that based on definition of $u_{\mathbb{H}}(x,y)$ , for each $x \in \mathbb{H}$ , $u_{\mathbb{H}}(x,x)=|\mathbb{H}|x^{|\mathbb{H}|-1}=5x^4$ . So $val_{AHP_A}(1)=\frac{1}{(5row_{AHP_A}^4(1))(5col_{AHP_A}^4(1))}=\frac{1}{5\times 42^4\times5\times59^4}=\frac{1}{145}\equiv 5\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $val_{AHP_A}(49)=\frac{1}{(5row_{AHP_A}^4(49))(5col_{AHP_A}^4(49))}=\frac{1}{5\times 125^4\times5\times1^4}=\frac{1}{145}\equiv 5\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $val_{AHP_A}(48)=\frac{1}{(5row_{AHP_A}^4(48))(5col_{AHP_A}^4(48))}=\frac{1}{5\times 135^4\times5\times 125^4}=\frac{1}{48}\equiv 132\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ and $val_{AHP_A}(k)=0$ for $k\in \mathbb{K}-$ { $1,49,48$ }. Therefore $val_{AHP_A}(x)=\sum_{i=1}^{6}y_iL_i(x)=72x^5+79x^4+22x^3+111x^2+180x+84$ .

Now, $\hat{row_{AHP_A}}$ , $\hat{col_{AHP_A}}$ and $\hat{val_{AHP_A}}$ are extensions of $row_{AHP_A}$ , $col_{AHP_A}$ and $val_{AHP_A}$ so that are agree on $\mathbb{K}$ .

Similarly, $row_{AHP_B}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } so that $row_{AHP_B}(1)=42$ , $row_{AHP_B}(49)=125$ , $row_{AHP_B}(48)=125$ , $row_{AHP_B}(180)=135$ and for the rest values of $\mathbb{K}$ , $row_{AHP_B}(k)$ returns arbitrary elements of $\mathbb{H}$ , for example $row_{AHP_B}(132)=135$ and $row_{AHP_B}(133)=1$ . Therefore $row_{AHP_B}(x)=\sum_{i=1}^{6}y_iL_i(x)=20x^5+85x^4+37x^3+151x^2+168x+124$ .

Also, $col_{AHP_B}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } so that $col_{AHP_B}(1)=1$ , $col_{AHP_B}(49)=1$ , $col_{AHP_B}(48)=42$ , $col_{AHP_B}(180)=1$ and for the rest values of $\mathbb{K}$ , $col_{AHP_B}(k)$ returns arbitrary elements of $\mathbb{H}$ , for example $col_{AHP_B}(132)=135$ and $col_{AHP_B}(133)=1$ . Therefore $col_{AHP_B}(x)=\sum_{i=1}^{6}y_iL_i(x)=18x^5+164x^4+180x^3+18x^2+164x$

and , $val_{AHP_B}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } so that $val_{AHP_B}(1)=\frac{5}{(5row_{AHP_B}^4(1))(5col_{AHP_B}^4(1))}=\frac{5}{5\times 42^4\times5\times1^4}=\frac{5}{48}\equiv 117\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $val_{AHP_B}(49)=\frac{11}{(5row_{AHP_B}^4(49))(5col_{AHP_B}^4(49))}=\frac{11}{5\times 125^4\times5\times1^4}=\frac{11}{145}\equiv 55\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $val_{AHP_B}(48)=\frac{1}{(5row_{AHP_B}^4(48))(5col_{AHP_B}^4(48))}=\frac{1}{5\times 125^4\times5\times 42^4}=\frac{1}{25}\equiv 29\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $val_{AHP_B}(180)=\frac{26}{(5row_{AHP_B}^4(180))(5col_{AHP_B}^4(180))}=\frac{26}{5\times 135^4\times5\times 1^4}=\frac{26}{27}\equiv 68\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ and $val_{AHP_B}(k)=0$ for $k\in \mathbb{K}-\{1,49,48,180\}$ . Therefore $val_{AHP_B}(x)=\sum_{i=1}^{6}y_iL_i(x)=86x^5+53x^4+34x^3+55x^2+176x+75$ .

Now, $\hat{row_{AHP_B}}$ , $\hat{col_{AHP_B}}$ and $\hat{val_{AHP_B}}$ are extensions of $row_{AHP_B}$ , $col_{AHP_B}$ and $val_{AHP_B}$ so that are agree on $\mathbb{K}$ .

Similarly, $row_{AHP_C}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } so that $row_{AHP_C}(1)=42$ , $row_{AHP_C}(49)=125$ , $row_{AHP_C}(48)=135$ and for the rest values of $\mathbb{K}$ , $row_{AHP_C}(k)$ returns arbitrary elements of $\mathbb{H}$ , for example $row_{AHP_C}(180)=125$ , $row_{AHP_C}(132)=135$ and $row_{AHP_C}(133)=1$ . Therefore $row_{AHP_C}(x)=\sum_{i=1}^{6}y_iL_i(x)=162x^5+62x^4+161x^3+169x^2+88x+124$ .

Also, $col_{AHP_C}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ }so that $col_{AHP_C}(1)=42$ , $col_{AHP_C}(49)=125$ , $col_{AHP_C}(48)=135$ , $col_{AHP_C}(180)=125$ and for the rest values of $\mathbb{K}$ , $col_{AHP_C}(k)$ returns arbitrary elements of $\mathbb{H}$ , for example $col_{AHP_C}(132)=135$ and $col_{AHP_C}(133)=1$ . Therefore $col_{AHP_C}(x)=\sum_{i=1}^{6}y_iL_i(x)=162x^5+62x^4+161x^3+169x^2+88x+124$ .

and , $val_{AHP_C}:\mathbb{K}=$ { $1,49,48,180,132,133$ } $\to\mathbb{H}=$ { $1,59,42,125,135$ } so that $val_{AHP_C}(1)=\frac{1}{(5row_{AHP_C}^4(1))(5col_{AHP_C}^4(1))}=\frac{1}{5\times 42^4\times5\times42^4}=\frac{1}{27}\equiv 114\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $val_{AHP_C}(49)=\frac{1}{(5row_{AHP_C}^4(49))(5col_{AHP_C}^4(49))}=\frac{1}{5\times 125^4\times5\times125^4}=\frac{1}{117}\equiv 82\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ , $val_{AHP_C}(48)=\frac{1}{(5row_{AHP_C}^4(48))(5col_{AHP_C}^4(48))}=\frac{1}{5\times 135^4\times5\times135 ^4}=\frac{1}{145}\equiv 5\hspace{1mm}(\textrm{mod}\hspace{1mm}181)$ and $val_{AHP_C}(k)=0$ for $k\in \mathbb{K}-\{1,49,48\}$ . Therefore $val_{AHP_C}(x)=\sum_{i=1}^{6}y_iL_i(x)=65x^5+61x^4+157x^3+53x^2+16x+124$ .

Now, $\hat{row_{AHP_C}}$ , $\hat{col_{AHP_C}}$ and $\hat{val_{AHP_C}}$ are extensions of $row_{AHP_C}$ , $col_{AHP_C}$ and $val_{AHP_C}$ so that are agree on $\mathbb{K}$ .

Therefore, $\overrightarrow{O}_{AHP}=(124,88,169,161,62,162,14,169,109,32,150,128,84,180,111,22,79,$ $72,124,168,151,37,85,20,0,164,18,180,164,18,75,176,55,34,53,86,124,88,169,$ $161,62,162,124,88,169,161,62,162,124,16,53,157,61,65)$ .

3- The Prover calculates commitment by using of $KZG$ commitment scheme as following:

$Com_{T}=\sum_{i=0}^{deg_T}a_ig\tau^i=\sum_{i=0}^{deg_T}a_ick(i)$ where $a_i$ is coefficient of $x^i$ in polynomial $T(x)$ .

4- The Prover sends

$Com_{AHP}^0=\sum_{i=0}^{5}\hat{row_{AHP_{A_i}}}\hspace{1.1mm}ck(i)=124ck(0)+88ck(1)+169ck(2)+161ck(3)+62ck(4)+162ck(5) \equiv 166\hspace{1mm}(\textrm{mod}\hspace{1mm} 181)$

and similarly

$Com_{AHP}^1=36$ , $Com_{AHP}^2=108$ , $Com_{AHP}^3=58$ , $Com_{AHP}^4=73$ , $Com_{AHP}^5=157$ , $Com_{AHP}^6=166$ , $Com_{AHP}^7=166$ and $Com_{AHP}^8=36$ .

AHP Commitment JSON File Example 1

IoT_Manufacturer_Name = "zkIoT" IoT_Device_Name = "MultiSensor" Device_Hardware_Version = "1.0" Firmware_Version = "1.0" Device Picture= <> Lines = [200, 350, 4000-4010]

{
    "commitmentId": String,
    "deviceType": String,
    "deviceIdType": String,
    "deviceModel": String,
    "manufacturer": String,
    "softwareVersion": String,
    "class": 32-bit Integer,
    "m": 6,
    "n": 5,
    "p": 181,
    "g": 2,   
        
    // PFR Commitment   
    "row_PFR_A": 64-bit Array,
    "col_PFR_A": 64-bit Array,
    "val_PFR_A": 64-bit Array,
    "row_PFR_B": 64-bit Array,
    "col_PFR_B": 64-bit Array,
    "val_PFR_B": 64-bit Array,
    "row_PFR_C": 64-bit Array,
    "col_PFR_C": 64-bit Array,
    "val_PFR_C": 64-bit Array,
    
    "Com_PFR0": 64-bit Integer,
    "Com_PFR1": 64-bit Integer,
    "Com_PFR2": 64-bit Integer,
    "Com_PFR3": 64-bit Integer,
    "Com_PFR4": 64-bit Integer,
    "Com_PFR5": 64-bit Integer,
    "Com_PFR6": 64-bit Integer,
    "Com_PFR7": 64-bit Integer,
    "Com_PFR8": 64-bit Integer,   

    // AHP Commitment       
    "row_AHP_A":[124,88,169,161,62,162],
    "col_AHP_A":[14,169,109,32,150,128],
    "val_AHP_A":[84,180,111,22,79,72],
    "row_AHP_B":[124,168,151,37,85,20],
    "col_AHP_B":[0,164,18,180,164,18],
    "val_AHP_B":[75,176,55,34,53,86],
    "row_AHP_C":[124,88,169,161,62,162],
    "col_AHP_C":[124,88,169,161,62,162],
    "val_AHP_C":[124,16,53,157,61,65],
    
    "Com_AHP0":166,
    "Com_AHP1":36,
    "Com_AHP2":108,
    "Com_AHP3":58,
    "Com_AHP4":73,
    "Com_AHP5":157,
    "Com_AHP6":166,
    "Com_AHP7":166,
    "Com_AHP8":36,
    
    "curve": "bn128",
    "PolynomialCommitment": "KZG"
}

Previous2- Commitment Phase NextExample 2

Last updated 4 months ago