A Rust Implementation of the Penis Protocol

Penis Protocol is a cryptographic protocol that enables verifiable hashing while keeping certain parts of the data confidential. At it's core, PENIS (Partially Executed Nth-round Intermediate State) allows you to generate a hash that can be verified without revealing the entire input data. This is particularly useful in scenarios where you want to prove that certain parts of your data were included in the hash, but you don't want to reveal those specific parts. This implementation is written in Rust and provides a secure way to generate and verify SHA-256 hashes with selective data privacy.

Features

• SHA-256 compatible hash generation
• Selective data confidentiality through partial hash execution
• Verifiable intermediate states
• Zero dependencies
• no_std support (uses alloc)
• Zero-copy and memory-efficient implementation
• Constant-time operations for critical sections

Installation

Add this to your Cargo.toml:

[dependencies]
penis = "0.1.0"

Or use Cargo:

cargo add penis

Quick Start

use penis::{DataRange, PenisGenerator, PenisVerifier, SecsParam, ToBeHashed};

/* ------------------------ Generator-side code ------------------------ */

// Create security parameters (n=40 for maximum security)
let secs = SecsParam::new(40);

// Initialize generator
let generator = PenisGenerator(secs);

// Prepare data with confidential ranges
let data = b"Hello, World!".to_vec();
let confidential = DataRange::new(0, 5); // Keep "Hello" confidential

let to_be_hashed = ToBeHashed {
    data,
    confidentials: vec![confidential],
};


// Generate intermediate state
let penis = generator.execute(to_be_hashed);

// Encode for transmission, and send to verifier
let encoded = penis.encode_sparse();


/* ------------------------ Verifier-side code ------------------------ */

// Create security parameters (same as generator-side)
let secs = SecsParam::new(40);

// Receive encoded data from generator and decode it
let decoded = Penis::decode_sparse(&encoded);

// Initialize verifier
let verifier = PenisVerifier(secs);

// Resume verification from the decoded state
let final_state = verifier.resume(decoded);

// Finalize the hash computation
let hash = final_state.finalize();

Security Notice

This protocol is currently in development and has not undergone formal security audits. While the implementation follows cryptographic best practices, users should:

1. Use security parameter n=40 for maximum security (lower values may compromise security)
2. Implement additional security measures for production use
3. Conduct security audits specific to their use case
4. Be aware of potential side-channel attacks in timing-sensitive applications

License

This software is released under the AokiApp Normative Application License. See the LICENSE for more details.

Contributing

As per the terms and conditions in LICENSE, external contributions can't be made. The protocol development is currently managed by an internal team to ensure security and consistency.