luce-otp 0.1.1

A Python package for zero-knowledge OTP proof using Rust and Groth16 zk-SNARKs

luce_otp

luce_otp is a Python extension module for generating and verifying zero-knowledge proofs (ZKP) for a one-time password (OTP) using Rust and zk-SNARKs. It leverages the Groth16 proving system to ensure privacy, allowing users to prove knowledge of an OTP without revealing the OTP itself.

Note: This package is intended for research purposes only and is not meant for use in production environments. Further testing is necessary to ensure its correctness, security, and performance.

Features

• Zero-Knowledge Proof: Prove knowledge of a 20-bit OTP without revealing it.
• zk-SNARK: Use zk-SNARKs (Groth16) for efficient proof generation and verification.
• Integration with Python: Easily integrate Rust-powered zk-SNARKs into Python using PyO3 and Maturin.

Installation

To install the package, use pip:

pip install luce_otp

Ensure that you have Rust and Maturin installed in your environment. If not, you can install Rust using rustup and install Maturin with:

pip install maturin

Usage

Here’s how you can use luce_otp to generate and verify zero-knowledge proofs for an OTP.

1. Setup Parameters

Before generating or verifying proofs, you need to set up the proving and verification parameters. This step is done only once.

import luce_otp

# This will generate the parameters and store them in 'params.bin' and 'vk.bin'
luce_otp.setup_parameters()

2. Generate a Proof

Once the parameters are set up, you can generate a zero-knowledge proof for a given OTP. The OTP should be a 20-bit number (i.e., between 0 and 999,999).

otp = 123456  # Example OTP
proof, public_inputs = luce_otp.generate_proof(otp)

# 'proof' contains the generated zk-SNARK proof
# 'public_inputs' contains the packed hash that will be verified

3. Verify the Proof

To verify the proof, pass both the proof and the public inputs to the verification function. The function returns True if the proof is valid, and False otherwise.

is_valid = luce_otp.verify_proof(proof, public_inputs)
if is_valid:
    print("Proof is valid!")
else:
    print("Proof is invalid!")

Testing

To ensure the correctness of the package, you can run basic tests by following these steps:

1. Install Dependencies

Make sure you have all the necessary Python dependencies installed in your environment:

pip install maturin

You also need to have Rust installed. You can install it by running:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

2. Build and Install the Package Locally

If you're developing the package locally, you can build and install it into your virtual environment using maturin:

maturin develop

3. Run Tests

You can write Python test scripts to test the functionality of the package. Here’s an example test script:

import luce_otp

def test_luce_otp():
    # Set up parameters
    luce_otp.setup_parameters()

    # Generate proof
    otp = 123456
    proof, public_inputs = luce_otp.generate_proof(otp)

    # Verify proof
    is_valid = luce_otp.verify_proof(proof, public_inputs)
    assert is_valid, "Proof verification failed."

    print("All tests passed.")

if __name__ == "__main__":
    test_luce_otp()

Disclaimer

Note: This package is designed for research purposes only and is not meant for use in production environments. The underlying cryptographic methods, though well-studied, have not been extensively tested in this implementation. Further testing is necessary to ensure that the library is secure, bug-free, and performant under different environments and workloads. Use this package with caution in critical systems.