Content deleted Content added
clarifed that the committed value cannot be extracted from tne message - prev version said itcannot be known - what ? even if the sender and receiver are the same person ? |
m Minor typo |
||
Line 221:
====Reveal====
A KZG proof must demonstrate that the revealed data is the authentic value of <math>x_i</math> when <math>C</math> was computed. Let <math>y=x_i</math>, the revealed value we must prove. Since the vector of <math>x_i</math> was reformulated into a polynomial, we really need to prove that the polynomial <math>p</math>, when evaluated at <math>i</math>, takes on the value <math>y</math>. Simply, we just need to prove that <math>p(i)=y</math>. We will do this by demonstrating that subtracting <math>y</math> from <math>p</math> yields a root at <math>i</math>. Define the polynomial <math>q</math> as
:<math>q(x)=\frac{p(x)-y}{x-i}</math>
This polynomial is itself the proof that <math>p(i)=y</math>, because if <math>q</math> exists, then <math>p(x)-y</math> is divisible by <math>x-i</math>, meaning it has a root at <math>i</math>, so <math>p(i)-y=0</math> (or, in other words, <math>p(i)=y</math>). The KZG proof will demonstrate that <math>q</math> exists and has this property.
| |||