From b510fe2ce883fafbd60b6399ee21e4504f956fd3 Mon Sep 17 00:00:00 2001
From: Özgür Kesim <oec@codeblau.de>
Date: Wed, 13 Nov 2024 09:48:16 +0100
Subject: factored out reveal()

---
 nizk/stage1.go | 28 ++++++++++++++++++----------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/nizk/stage1.go b/nizk/stage1.go
index 9e87846..2342e17 100644
--- a/nizk/stage1.go
+++ b/nizk/stage1.go
@@ -68,6 +68,21 @@ func (s *Stage) commit(lost bool, Xs ...*Point) *StageCommitment {
 	return s.com
 }
 
+func (s *Stage) reveal(Xs ...*Point) (r *StageReveal, e error) {
+	// TODO: Calculate Y based on the Xs and our own X_i
+	// as Π_(i<k) X_k / Π_(i>k) X_k
+	// For now:
+	Y := G.Exp(Curve.RandomScalar())
+
+	r = &StageReveal{Y: Y}
+	if s.bit.IsSet() {
+		r.Z = s.com.R.Exp(s.x)
+	} else {
+		r.Z = Y.Exp(s.x)
+	}
+	return r, e
+}
+
 func (s *Stage) RevealStage1(Xs ...*Point) (rev *StageReveal, pr *Stage1Proof, e error) {
 	var ε [2][4]*Point
 	var r1, r2, ρ1, ρ2, ω *Scalar
@@ -77,16 +92,9 @@ func (s *Stage) RevealStage1(Xs ...*Point) (rev *StageReveal, pr *Stage1Proof, e
 	c := s.commit(false)
 	bc := s.bit.com
 
-	// TODO: Calculate Y based on the Xs and our own X_i
-	// as Π_(i<k) X_k / Π_(i>k) X_k
-	// For now:
-	Y := G.Exp(Curve.RandomScalar())
-
-	rev = &StageReveal{Y: Y}
-	if s.bit.IsSet() {
-		rev.Z = c.R.Exp(s.x)
-	} else {
-		rev.Z = rev.Y.Exp(s.x)
+	rev, e = s.reveal(Xs...)
+	if e != nil {
+		return nil, nil, e
 	}
 
 	if s.bit.IsSet() {
-- 
cgit v1.2.3