Skip to main content

Overview

The proof_data module contains data types for all supported zero-knowledge proofs. Each proof type consists of:
  • Context data - Public values being certified
  • Proof - Cryptographic proof data

ProofType Enum

ProofType
enum
Enumeration of all supported proof types.
pub enum ProofType {
    Uninitialized,
    ZeroCiphertext,
    CiphertextCiphertextEquality,
    CiphertextCommitmentEquality,
    PubkeyValidity,
    PercentageWithCap,
    BatchedRangeProofU64,
    BatchedRangeProofU128,
    BatchedRangeProofU256,
    GroupedCiphertext2HandlesValidity,
    BatchedGroupedCiphertext2HandlesValidity,
    GroupedCiphertext3HandlesValidity,
    BatchedGroupedCiphertext3HandlesValidity,
}

ZkProofData Trait

All proof data types implement the ZkProofData trait. 
pub trait ZkProofData<T: Pod> {
    const PROOF_TYPE: ProofType;
    
    fn context_data(&self) -> &T;
    
    #[cfg(not(target_os = "solana"))]
    fn verify_proof(&self) -> Result<(), ProofVerificationError>;
}

Zero Ciphertext Proof

Certifies that an ElGamal ciphertext encrypts the value zero.

ZeroCiphertextProofData

ZeroCiphertextProofData
struct
Proof data for the VerifyZeroCiphertext instruction.Size: 192 bytes (96 bytes context + 96 bytes proof)

Fields

context
ZeroCiphertextProofContext
The context data for verification (96 bytes)
proof
PodZeroCiphertextProof
The cryptographic proof (96 bytes)

Methods

new
(keypair: &ElGamalKeypair, ciphertext: &ElGamalCiphertext) -> Result<Self>
Creates a new zero-ciphertext proof.
use solana_zk_sdk::{
    encryption::elgamal::ElGamalKeypair,
    zk_elgamal_proof_program::proof_data::ZeroCiphertextProofData,
};

let keypair = ElGamalKeypair::new_rand();
let ciphertext = keypair.pubkey().encrypt(0_u64);
let proof_data = ZeroCiphertextProofData::new(&keypair, &ciphertext)?;

// Verify the proof
proof_data.verify_proof()?;

ZeroCiphertextProofContext

ZeroCiphertextProofContext
struct
Context data needed to verify a zero-ciphertext proof.Size: 96 bytes

Fields

pubkey
PodElGamalPubkey
The ElGamal public key (32 bytes)
ciphertext
PodElGamalCiphertext
The ElGamal ciphertext that encrypts zero (64 bytes)

Ciphertext-Ciphertext Equality Proof

Certifies that two ElGamal ciphertexts encrypt the same message.

CiphertextCiphertextEqualityProofData

CiphertextCiphertextEqualityProofData
struct
Proof data for the VerifyCiphertextCiphertextEquality instruction.

Fields

context
CiphertextCiphertextEqualityProofContext
The context data containing both ciphertexts and public keys
proof
PodCiphertextCiphertextEqualityProof
The cryptographic proof

Methods

new
(first_keypair: &ElGamalKeypair, second_pubkey: &ElGamalPubkey, first_ciphertext: &ElGamalCiphertext, second_ciphertext: &ElGamalCiphertext, second_opening: &PedersenOpening, amount: u64) -> Result<Self>
Creates a ciphertext-ciphertext equality proof.
use solana_zk_sdk::{
    encryption::{
        elgamal::{ElGamalKeypair, ElGamalPubkey},
        pedersen::PedersenOpening,
    },
    zk_elgamal_proof_program::proof_data::CiphertextCiphertextEqualityProofData,
};

let first_keypair = ElGamalKeypair::new_rand();
let second_keypair = ElGamalKeypair::new_rand();
let amount = 100_u64;

let first_ciphertext = first_keypair.pubkey().encrypt(amount);
let second_opening = PedersenOpening::new_rand();
let second_ciphertext = second_keypair.pubkey().encrypt_with(amount, &second_opening);

let proof_data = CiphertextCiphertextEqualityProofData::new(
    &first_keypair,
    second_keypair.pubkey(),
    &first_ciphertext,
    &second_ciphertext,
    &second_opening,
    amount,
)?;

proof_data.verify_proof()?;

CiphertextCiphertextEqualityProofContext

CiphertextCiphertextEqualityProofContext
struct
Context data for ciphertext-ciphertext equality verification.Size: 192 bytes

Fields

first_pubkey
PodElGamalPubkey
The first ElGamal public key (32 bytes)
second_pubkey
PodElGamalPubkey
The second ElGamal public key (32 bytes)
first_ciphertext
PodElGamalCiphertext
The first ElGamal ciphertext (64 bytes)
second_ciphertext
PodElGamalCiphertext
The second ElGamal ciphertext (64 bytes)

Ciphertext-Commitment Equality Proof

Certifies that an ElGamal ciphertext and a Pedersen commitment encode the same value.

CiphertextCommitmentEqualityProofData

CiphertextCommitmentEqualityProofData
struct
Proof data for the VerifyCiphertextCommitmentEquality instruction.

Fields

context
CiphertextCommitmentEqualityProofContext
The context data containing the ciphertext, commitment, and public key
proof
PodCiphertextCommitmentEqualityProof
The cryptographic proof

CiphertextCommitmentEqualityProofContext

CiphertextCommitmentEqualityProofContext
struct
Context data for ciphertext-commitment equality verification.

Public Key Validity Proof

Certifies that an ElGamal public key is well-formed and the prover knows the corresponding secret key.

PubkeyValidityProofData

PubkeyValidityProofData
struct
Proof data for the VerifyPubkeyValidity instruction.Size: 96 bytes (32 bytes context + 64 bytes proof)

Fields

context
PubkeyValidityProofContext
The context data containing the public key (32 bytes)
proof
PodPubkeyValidityProof
The cryptographic proof (64 bytes)

Methods

new
(keypair: &ElGamalKeypair) -> Result<Self>
Creates a public key validity proof.
use solana_zk_sdk::{
    encryption::elgamal::ElGamalKeypair,
    zk_elgamal_proof_program::proof_data::PubkeyValidityProofData,
};

let keypair = ElGamalKeypair::new_rand();
let proof_data = PubkeyValidityProofData::new(&keypair)?;

proof_data.verify_proof()?;

PubkeyValidityProofContext

PubkeyValidityProofContext
struct
Context data for public key validity verification.Size: 32 bytes

Fields

pubkey
PodElGamalPubkey
The ElGamal public key to be proved (32 bytes)

Percentage with Cap Proof

Certifies that a tuple of Pedersen commitments satisfy a percentage relation.

PercentageWithCapProofData

PercentageWithCapProofData
struct
Proof data for the VerifyPercentageWithCap instruction.

Fields

context
PercentageWithCapProofContext
The context data containing the commitments
proof
PodPercentageWithCapProof
The cryptographic proof

PercentageWithCapProofContext

PercentageWithCapProofContext
struct
Context data for percentage-with-cap verification.

Batched Range Proofs

Certify that Pedersen commitments encode values within specific bit ranges.

BatchedRangeProofU64Data

BatchedRangeProofU64Data
struct
Proof data for 64-bit batched range proofs.Certifies that commitments encode positive numbers with total bit-length ≤ 64.

BatchedRangeProofU128Data

BatchedRangeProofU128Data
struct
Proof data for 128-bit batched range proofs.Certifies that commitments encode positive numbers with total bit-length ≤ 128.

BatchedRangeProofU256Data

BatchedRangeProofU256Data
struct
Proof data for 256-bit batched range proofs.Certifies that commitments encode positive numbers with total bit-length ≤ 256.

BatchedRangeProofContext

BatchedRangeProofContext
struct
Context data shared by all batched range proof types.

Grouped Ciphertext Validity Proofs

Certify that grouped ElGamal ciphertexts are well-formed and can be decrypted by the associated private keys.

GroupedCiphertext2HandlesValidityProofData

GroupedCiphertext2HandlesValidityProofData
struct
Proof data for grouped ciphertexts with 2 decrypt handles.

Fields

context
GroupedCiphertext2HandlesValidityProofContext
The context data containing the grouped ciphertext
proof
PodGroupedCiphertext2HandlesValidityProof
The cryptographic proof

GroupedCiphertext3HandlesValidityProofData

GroupedCiphertext3HandlesValidityProofData
struct
Proof data for grouped ciphertexts with 3 decrypt handles.

Fields

context
GroupedCiphertext3HandlesValidityProofContext
The context data containing the grouped ciphertext
proof
PodGroupedCiphertext3HandlesValidityProof
The cryptographic proof

Batched Variants

BatchedGroupedCiphertext2HandlesValidityProofData
struct
Batched proof for two grouped ciphertexts with 2 handles each.More efficient than two individual proofs.
BatchedGroupedCiphertext3HandlesValidityProofData
struct
Batched proof for two grouped ciphertexts with 3 handles each.More efficient than two individual proofs.

Example: Creating Multiple Proof Types

use solana_zk_sdk::{
    encryption::elgamal::ElGamalKeypair,
    zk_elgamal_proof_program::proof_data::{
        ZeroCiphertextProofData,
        PubkeyValidityProofData,
    },
};

let keypair = ElGamalKeypair::new_rand();

// Public key validity proof
let pubkey_proof = PubkeyValidityProofData::new(&keypair)?;
assert!(pubkey_proof.verify_proof().is_ok());

// Zero ciphertext proof
let zero_ciphertext = keypair.pubkey().encrypt(0_u64);
let zero_proof = ZeroCiphertextProofData::new(&keypair, &zero_ciphertext)?;
assert!(zero_proof.verify_proof().is_ok());

// Invalid zero ciphertext proof (encrypts non-zero)
let non_zero_ciphertext = keypair.pubkey().encrypt(100_u64);
let result = ZeroCiphertextProofData::new(&keypair, &non_zero_ciphertext);
assert!(result.is_err()); // Proof generation fails

Build docs developers (and LLMs) love

Get started for freeTalk to us