// Copyright 2023-present Space and Time Labs, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
extern crate blitzar;
extern crate curve25519_dalek;
extern crate rand_core;

use blitzar::compute::*;
use curve25519_dalek::{
    ristretto::{CompressedRistretto, RistrettoPoint},
    scalar::Scalar,
};
use rand_core::OsRng;

fn main() {
    /////////////////////////////////////////////
    // For the following data, we have:
    //     commitment[0] = gs[0]*data[0] + gs[1]*data[1] + gs[2]*data[2] + gs[3]*data[3]
    //
    // Those generators `gs` are automatically generated by our CPU/GPU code.
    // So we provide an interface to access them. We use the offset to get only
    // a subset of the generated used in the gpu/cpu code.
    //
    // Alternatively, in this example, we provide a generator vector `gs`.
    /////////////////////////////////////////////
    let data: &[Scalar] = &[
        Scalar::from(2u8),
        Scalar::from(3u8),
        Scalar::from(1u8),
        Scalar::from(10u8),
    ];

    /////////////////////////////////////////////
    // randomly obtain some generator points
    /////////////////////////////////////////////
    let mut rng = OsRng;
    let gs: Vec<RistrettoPoint> = (0..data.len())
        .map(|_| RistrettoPoint::random(&mut rng))
        .collect();

    /////////////////////////////////////////////
    // Do the actual commitment computation
    /////////////////////////////////////////////
    let mut commitments = vec![CompressedRistretto::default(); 1];
    compute_curve25519_commitments_with_generators(&mut commitments, &[data.into()], &gs);

    /////////////////////////////////////////////
    // Then we use the above generators `gs`,
    // as well as the data as scalars
    // to verify that those generators `gs`
    // are indeed the ones used during the
    // commitment computation
    /////////////////////////////////////////////
    let expected_commit: RistrettoPoint = data.iter().zip(gs).map(|(d, g)| d * g).sum();

    /////////////////////////////////////////////
    // Compare the Dalek and our CPU/GPU commitment
    /////////////////////////////////////////////
    assert_eq!(commitments[0], expected_commit.compress());
}