zksk’s docs¶
ZeroKnowledge Swiss Knife: Python library for prototyping composable zeroknowledge proofs in the discretelog setting.
Let’s say Peggy commits to a secret bit and wants to prove to Victor in zero knowledge that she knows this bit—that is, without revealing it. In CamenischStadler notation, we can write:
To implement this zeroknowledge proof, Peggy will run:
from zksk import Secret, DLRep
from zksk import utils
# Setup: Peggy and Victor agree on two group generators.
G, H = utils.make_generators(num=2, seed=42)
# Setup: generate a secret randomizer.
r = Secret(utils.get_random_num(bits=128))
# This is Peggy's secret bit.
top_secret_bit = 1
# A Pedersen commitment to the secret bit.
C = top_secret_bit * G + r.value * H
# Peggy's definition of the proof statement, and proof generation.
# (The first orclause corresponds to the secret value 0, and the second to the value 1. Because
# the real value of the bit is 1, the clause that corresponds to zero is marked as simulated.)
stmt = DLRep(C, r * H, simulated=True)  DLRep(C  G, r * H)
zk_proof = stmt.prove()
Victor will receive the commitment C
and zk_proof
from Peggy, and run this to verify the
proof:
from zksk import Secret, DLRep
# Setup: get the agreed group generators.
G, H = utils.make_generators(num=2, seed=42)
# Setup: define a randomizer with an unknown value.
r = Secret()
stmt = DLRep(C, r * H)  DLRep(C  G, r * H)
assert stmt.verify(zk_proof)
Victor is now convinced that Peggy knows the committed bit.
Documentation and materials¶
Docs 

Academic paper 
https://arxiv.org/abs/1911.02459 — theoretical details 
Warning
Please don’t use this software for anything missioncritical. It is designed for quick protyping of privacyenhancing technologies, not production use.