Back-Maxwell range proof for Pedersen Commitments on Go

Example implementation of Back-Maxwell Rangeproof on Go for creating the Pedersen commitment with corresponding proof that committed value lies in [0..2^n-1] range.
The implementation uses Ethereum bn128 G1 curve to produce commitments and proofs.

Use only for educational reasons.

DO NOT USE IN PRODUCTION.

Usage

Explore main_test.go TestPedersenCommitment with example of usage.

Note, that there are the following values defined in global space to be changed on your choice:

var G *bn256.G1
var H *bn256.G1

// Hash function that should return the value in Curve.N field
var Hash func(...[]byte) *big.Int = defaultHash

Signature (Proof of ownership)

Explore main_test.go TestSignatureForCommitments with example of signing the Pederssn commitment.

It uses the scheme from Simple Schnorr Signature with Pedersen Commitment as Key article.

For the decentralized systems hash message expected to be the hash of transaction outputs.

Schnorr Signature

Explore main_test.go TestSchnorrSignatureAggregation with an example of Schnorr signature. It can be useful to sign the resulting C=C1-C2 commitment in transactions.

It uses the scheme from Schnorr Signature article.