Documentation - Centralized Telescope: Parameters

docs/rustdoc/centralized_telescope/intro.md

@@ -0,0 +1,6 @@
+# Telescope - Construction with Bounded DFS
+
+In scenarios where $n_p$ is small, the parameters given for prehashed construction (relative to the security parameter, $\lambda$) are not optimal, resulting in a reduced probability of constructing a valid proof in a single attempt.
+For large $n_p$, the rapid growth in potential proof tuples ensures valid ones can be found efficiently, allowing the prehashed construction to work seamlessly.
+In contrast, small $n_p$ limits the search space, making the previous parameters inadequate.
+To address this, the **construction with bounded DFS** expands on the prehashed version with *retries*, *prehashing randomization*, and *bounding* the DFS.

docs/rustdoc/centralized_telescope/main.md

@@ -1,10 +1,3 @@
-# Telescope - Construction with Bounded DFS
-
-In scenarios where $n_p$ is small, the parameters given for prehashed construction (relative to the security parameter, $\lambda$) are not optimal, resulting in a reduced probability of constructing a valid proof in a single attempt.
-For large $n_p$, the rapid growth in potential proof tuples ensures valid ones can be found efficiently, allowing the prehashed construction to work seamlessly.
-In contrast, small $n_p$ limits the search space, making the previous parameters inadequate.
-To address this, the **construction with bounded DFS** expands on the prehashed version with *retries*, *prehashing randomization*, and *bounding* the DFS.
-
 ## Overview
 - When $n_p$ is large, the rapid increase in potential proof tuples enhances the chances of finding a valid proof, simplifying the construction process.
 - For small $n_p$, the element distribution across bins is more likely to be skewed, some bins may contain multiple elements while others remain empty.

docs/rustdoc/centralized_telescope/params/overview.md

@@ -0,0 +1,5 @@
+## Centralized Telescope - Parameter Setup
+
+The parameter setup ensures that the **DFS (Depth-First Search) algorithm** completes in a reasonable number of steps, even when the number of elements, $n_p$, is small.
+- The scheme must handle both large and small $n_p$ efficiently while keeping proof generation practical.
+- The goal is to **balance the prover's workload and the reliability of the proof**.

docs/rustdoc/centralized_telescope/params/setup.md

@@ -0,0 +1,89 @@
+## Parameter generation protocol
+### Initialization
+1. Set the proof size $u$:
+
+$$
+u \coloneqq \left\lceil \frac{\lambda_{\text{sec}} + \log \lambda_{\text{rel}} + 5 - \log \log e}{\log \left(\frac{n_p}{n_f}\right)} \right\rceil
+$$
+
+2. Set the check values $s_1$ and $s_2$:
+
+$$
+ratio \coloneqq \frac{9 n_p \log e}{(17u)^2}
+$$
+
+$$
+s_1 \coloneqq ratio - 7, \quad s_2 \coloneqq ratio - 2.
+$$
+
+3. Set the values of $\lambda_{rel}^{(1)}$ and $\lambda_{rel}^{(2)}$:
+    - If $s_1 < 1 \implies \lambda_{rel}^{(1)} \coloneqq \bot$, else $\implies \lambda_{rel}^{(1)} \coloneqq \mathsf{min}(\lambda_{rel}, s_1)$
+    - If $s_2 < 1 \implies \lambda_{rel}^{(2)} \coloneqq \bot$, else $\implies \lambda_{rel}^{(2)} \coloneqq \mathsf{min}(\lambda_{rel}, s_2)$
+
+### Cases
+#### Small case
+If ($s_1 < 1$ or $s_2 < 1$) $\implies$ SMALL CASE, $\quad n_p \leq \lambda^2$.
+
+$$
+r \coloneqq \lceil \lambda_{rel} \rceil, \quad d \coloneqq \lceil 32\cdot \ln(12)\cdot u \rceil,
+$$
+
+$$
+q \coloneqq \frac{2 \cdot \ln(12)}{d}, \quad b \coloneqq \Big\lfloor \frac{8 \cdot (u + 1) \cdot d}{\ln(12)} \Big\rfloor.
+$$
+
+---
+#### Mid case
+If $s_2 \ge 1$, we know that $\lambda_{rel}^{(2)} = \mathsf{min}(\lambda_{rel}, s_2)$.
+In this case, if ($u \ge \lambda_{rel}^{(2)}$) $\implies$ MID CASE, $\quad \lambda^3 > n_p > \lambda^2$.
+
+First, we set $\lambda_{rel}^{(1)}$, and compute $\overline{\lambda_{rel}}$ and $d$:
+
+$$
+\lambda_{rel}^{(1)} \coloneqq \mathsf{min}(\lambda_{rel}, s_1 )
+$$
+
+$$
+\overline{\lambda_{rel}} \coloneqq \frac{\lambda_{rel}^{(1)} + 7}{\log{e}}, \quad d \coloneqq \lceil 16 \cdot u \cdot \overline{\lambda_{rel}}\rceil
+$$
+
+Then, we check the prover's set size.
+If $n_p \geq \frac{d^2}{9 \cdot \bar{\lambda}}$, we abort the process.
+Otherwise, we compute $w$, $r$, $q$, $b$ as follows:
+
+$$
+w \coloneqq \mathsf{min}\Big\\{w: w \in \mathbb{N} \wedge w \geq u \wedge \frac{14 \cdot w^2 \cdot (w + 2) \cdot e^\frac{w+1}{w}} {e \cdot (w + 2 - e^{1/w}) \cdot (w + 1)!} \le 2^{-\lambda_{rel}^{(1)}}\Big\\}
+$$
+
+For realistic values of $\lambda_{rel}^{(1)}$, $w = u$ can be used.
+
+$$
+r \coloneqq \Big\lceil\frac{\lambda_{rel}}{\lambda_{rel}^{(1)}}\Big\rceil, \quad q \coloneqq 2 \cdot \frac{\overline{\lambda_{rel}}}{d}
+$$
+
+$$
+b \coloneqq \Bigg\lfloor\Big(\frac{w \overline{\lambda_{rel}}}{d} + 1\Big) \cdot \mathsf{exp}\Big(\frac{2 u w \overline{\lambda_{rel}}}{n_p} + \frac{7 u}{w}\Big)d u + d \Bigg\rfloor
+$$
+
+---
+#### High case
+Since $s_2 > 1$, $\lambda_{rel}^{(2)} = \mathsf{min}(\lambda_{rel}, s_2)$.
+If ($u < \lambda_{rel}^{(2)}$) $\implies$ HIGH CASE, $\quad n_p \geq \lambda^3$.
+
+First, we compute $d$:
+
+$$
+d \coloneqq \Bigg\lceil \frac{16 \cdot u \cdot (\lambda_{rel}^{(2)} + 2)}{\log{e}} \Bigg\rceil.
+$$
+
+Then, we check the prover's set size.
+If $n_p \geq \frac{d^2 \cdot \log{e}}{9 \cdot (\lambda_{rel}^{(2)} + 2)}$, we abort the process.
+Otherwise, we compute $r$, $q$, $b$ as follows:
+
+$$
+r \coloneqq \Big\lceil \frac{\lambda_{rel}}{\lambda_{rel}^{(2)}} \Big\rceil, \quad q \coloneqq \frac{2 \cdot (\lambda_{rel}^{(2)} + 2)}{d \cdot \log{e}}
+$$
+
+$$
+b \coloneqq \Bigg\lfloor\frac{\lambda_{rel}^{(2)} + 2 + \log{u}} {\lambda_{rel}^{(2)} + 2}\cdot \Big(3 \cdot u \cdot \frac{d}{4}\Big) + d + u\Bigg\rfloor
+$$

docs/rustdoc/centralized_telescope/params/strategy.md

@@ -0,0 +1,20 @@
+## Parameter selection strategy
+- When $n_p$ is large:
+    - If $n_p$ is at least $\lambda^3$, proof generation is straightforward.
+    - The prover can find a valid proof in roughly the time it takes to process all elements.
+    - The worst case, where the prover needs extra work, still remains within a manageable margin.
+- When $n_p$ is small:
+    - If $n_p < \lambda^2$, the standard approach no longer guarantees that the prover finds a valid proof quickly.
+    - To fix this, we allow the prover to retry multiple times, increasing the chances of success without overwhelming computational cost.
+    - Extra retries increase reliability, but they must be controlled to avoid unnecessary work.
+- Handling intermediate cases ($\lambda^2 < n_p < \lambda^3$):
+    - A hybrid strategy balances efficiency and reliability.
+    - The prover makes more retries than in the large $n_p$ case but fewer than in the small $n_p$ case.
+    - This keeps the average workload low while ensuring the proof remains trustworthy and compact.
+- Keeping proof size practical:
+    - The number of elements included in the proof remains almost unchanged, ensuring that verification remains efficient.
+    - Security adjustments are made to prevent the prover from taking shortcuts that might compromise reliability.
+- Preventing unbounded search:
+    - Without restrictions, DFS could explore too many possibilities before finding a valid proof.
+    - We limit the depth of the search, forcing it to stop early.
+    - This ensures that even in the worst case, the prover finishes within a predictable time frame.

docs/rustdoc/centralized_telescope/structures/struct_params.md

@@ -0,0 +1,6 @@
+## Parameters
+- <a id="params-u">$u$</a> : Proof size $\implies$ `proof_size`
+- <a id="params-d">$d$</a> : Maximum number of subtrees to search to find a proof $\implies$ `search_width`
+- <a id="params-q">$q$</a> : Probability that a tuple of element is a valid proof $\implies$ `valid_proof_probability`
+- <a id="params-r">$r$</a> : Maximum number of retries to find a proof $\implies$ `max_retries`
+- <a id="params-b">$b$</a> : Maximum number of DFS calls permitted to find a proof $\implies$ `dfs_bound`

src/centralized_telescope/mod.rs

@@ -1,7 +1,9 @@
 //! ALBA's bounded DFS scheme using Blake2b as hash function.
 //! (c.f. Section 3.2.2 of Alba paper)
 
-#![doc = include_str!("../../docs/rustdoc/centralized_telescope/main.md")]
+#![doc = include_str!("../../docs/rustdoc/centralized_telescope/intro.md")]
+//!
+//! See full documentation: [Telescope - Construction with Bounded DFS][crate::docs::centralized]
 
 pub mod params;
 

src/centralized_telescope/params.rs

@@ -1,8 +1,14 @@
 //! Centralized Telescope's `Params` structure comprising the internal parameters
+#![doc = include_str!("../../docs/rustdoc/centralized_telescope/params/overview.md")]
+//!
+//! See full documentation: [Parameter Setup - Centralized Telescope][crate::docs::centralized::params].
 
 use std::f64::consts::LOG2_E;
 
 /// Internal parameters
+///
+/// See the documentation: [Internal parameters of centralized
+/// telescope][crate::docs::centralized::params#parameters]
 #[derive(Debug, Clone, Copy)]
 pub struct Params {
     /// Number of prover set's elements
@@ -16,7 +22,9 @@ pub struct Params {
     /// Maximum number of DFS calls permitted to find a proof
     pub dfs_bound: u64,
 }
-
+/// See the documentation:
+/// - [Parameter selection strategy][crate::docs::centralized::params#parameter-selection-strategy]
+/// - [Parameter generation protocol][crate::docs::centralized::params#parameter-generation-protocol]
 impl Params {
     /// Returns a `Params` structure from user parameters
     ///

src/docs.rs

@@ -11,9 +11,13 @@ pub mod basic {}
 #[doc = include_str!("../docs/rustdoc/prehashing.md")]
 pub mod prehashing {}
 
+#[doc = include_str!("../docs/rustdoc/centralized_telescope/intro.md")]
 #[doc = include_str!("../docs/rustdoc/centralized_telescope/main.md")]
 pub mod centralized {
-    #[doc = include_str!("../docs/rustdoc/centralized_telescope/params.md")]
+    #[doc = include_str!("../docs/rustdoc/centralized_telescope/params/overview.md")]
+    #[doc = include_str!("../docs/rustdoc/centralized_telescope/params/strategy.md")]
+    #[doc = include_str!("../docs/rustdoc/centralized_telescope/structures/struct_params.md")]
+    #[doc = include_str!("../docs/rustdoc/centralized_telescope/params/setup.md")]
     pub mod params {}
 
     #[doc = include_str!("../docs/rustdoc/centralized_telescope/proof.md")]