Assumption¶
What is an assumption? Operationally speaking, the protocol characterizes assumptions as beliefs about logical impliciations (\(a \implies b\) for some \(a\) and some \(b\)); for example:
- \(a\) could be that a particular trusted party has signed over a statement, and \(b\) could be that the statement is
- \(a\) could be nothing, and \(b\) could be that the algebraic group model holds (this assumption is often relied upon by cryptographic proof systems)
- \(a\) could be nothing, and \(b\) could be that \(c = c\) (the identity case)
In an ideal world, the protocol could characterize all of these assumptions
exactly (e.g. as mathematical statements) - however, that will not be feasible
in the short term (precisely expressing cryptographic assumptions will require a
sophisticated specification language), so for now the protocol standardizes an
extensible sum type that can evolve along with the Proof
multiformat (to add
new types of assumptions).
Note
The encoding here needs to allow for additions to the sum type without breaking backwards compatibility (which may be a property we often want in general).
Data structure¶
type Assumption :=
| HashRandomOracle
| FullyTrust ExternalIdentity