scalus.cardano.onchain.plutus.crypto.accumulator.G1Accumulator
On-chain bilinear accumulator with the accumulator value on G1.
The setup (CRS) uses G2 powers of tau. The accumulator and membership proofs are G1 points. This variant is compatible with Ethereum KZG ceremonies (which provide G1 and G2 powers) and hydrozoa.
G1 accumulator is more expensive on-chain (G2 commitment in verification) but allows using existing ceremony data without re-generation.
Attributes
Graph
Reset zoom Hide graph Show graph
Supertypes
class Object
trait Matchable
class Any
Self type
Members list
Verify membership of a subset in the accumulated set.
Verify membership of a subset in the accumulated set.
Checks the pairing equation: e(acc, g2) == e(proof, getG2Commitment(setup, subset))
Value parameters
acc
the accumulator value (G1 point)
proof
the membership proof (G1 point)
setup
G2 powers of tau: [τ⁰·G2, τ¹·G2, ...]
subset
elements to prove membership for
Attributes
Returns
true if the subset is in the accumulated set
Verify non-membership of a disjoint set against the accumulated set.
Verify non-membership of a disjoint set against the accumulated set.
Checks the pairing equation: e(acc, proof._1) · e(proof._2, getG2Commitment(setup, disjointSet)) == e(g1, g2)
Value parameters
acc
the accumulator value (G1 point)
disjointSet
elements to prove non-membership for
g1
the G1 generator point
proof
the non-membership proof (G2, G1) from extended GCD: (S on G2, T on G1)
setup
G2 powers of tau
Attributes
Returns
true if the disjoint set has no elements in common with the accumulated set