@@ -163,7 +163,7 @@ def is_valid(
163163 )
164164
165165 # The equation 𝐴^𝑣𝑖 = 𝑏𝑖𝑀𝑖^𝑐𝑖 mod 𝑝
166- consistent_kv = (
166+ consistent_av = (
167167 in_bounds_alpha
168168 and in_bounds_b
169169 and in_bounds_c
@@ -183,7 +183,7 @@ def is_valid(
183183 and in_bounds_q
184184 and same_c
185185 and consistent_gv
186- and consistent_kv
186+ and consistent_av
187187 )
188188
189189 if not success :
@@ -202,7 +202,7 @@ def is_valid(
202202 "in_bounds_q" : in_bounds_q ,
203203 "same_c" : same_c ,
204204 "consistent_gv" : consistent_gv ,
205- "consistent_kv " : consistent_kv ,
205+ "consistent_av " : consistent_av ,
206206 "k" : k ,
207207 "q" : q ,
208208 "proof" : self ,
@@ -432,7 +432,7 @@ def make_constant_chaum_pedersen(
432432 Produces a proof that a given encryption corresponds to a specific total value.
433433
434434 :param message: An ElGamal ciphertext
435- :param constant: The plaintext constant value used to make the ElGamal ciphertext
435+ :param constant: The plaintext constant value used to make the ElGamal ciphertext (L in the spec)
436436 :param r: The aggregate nonce used creating the ElGamal ciphertext
437437 :param k: The ElGamal public key for the election
438438 :param seed: Used to generate other random values here
@@ -441,9 +441,9 @@ def make_constant_chaum_pedersen(
441441
442442 # Pick one random number in Q.
443443 u = Nonces (seed , "constant-chaum-pedersen-proof" )[0 ]
444- a = g_pow_p (u )
445- b = pow_p (k , u )
446- c = hash_elems (alpha , beta , a , b )
444+ a = g_pow_p (u ) # 𝑔^𝑢𝑖 mod 𝑝
445+ b = pow_p (k , u ) # 𝐴^𝑢𝑖 mod 𝑝
446+ c = hash_elems (alpha , beta , a , b ) # sha256(𝑄', A, B, a, b)
447447 v = a_plus_bc_q (u , c , r )
448448
449449 return ConstantChaumPedersenProof (a , b , c , v , constant )
0 commit comments