data-model

docs/crypto.md

@@ -48,7 +48,7 @@ For more details on cryptographic functions in ErgoScript, see [ErgoScript Crypt
 
 ### How Sigma Protocols Work
 
-At their core, Sigma protocols provide a secure way to prove the following properties:
+At their core, [Sigma protocols](sigma.md) provide a secure way to prove the following properties:
 
 1. **Proof of Knowledge of Discrete Logarithm**: Prove knowledge of the discrete logarithm of a given public key without revealing the secret key.
 

docs/dev/data-model/dlog.md

@@ -0,0 +1,56 @@
+# Discrete Logarithm Proofs in Ergo
+
+## Overview
+
+Discrete logarithm proofs are a fundamental cryptographic primitive in Ergo's signature verification mechanism, based on the computational hardness of the discrete logarithm problem in elliptic curve cryptography.
+
+## Key Characteristics
+
+- **Cryptographic Foundation**: Proofs of knowledge of a discrete logarithm (DLog) verify signature authenticity without revealing the secret key
+- **Schnorr Signature Basis**: Ergo uses Schnorr signatures built on discrete logarithm proofs
+
+## Technical Details
+
+- **Proof Structure**: Demonstrate knowledge of secret exponent `w` such that `g^w = x`
+  - `g`: Generator of an elliptic curve group
+  - `x`: Public key point
+  - `w`: Private key
+
+## Related Cryptographic Concepts
+
+- [Sigma Protocols](scs/sigma.md)
+- [Threshold Signatures](threshold.md)
+- [Ring Signatures](ring.md)
+
+## Implementation in ErgoScript
+
+In ErgoScript, discrete logarithm proofs are implemented using the `proveDlog()` predicate, which returns true if a valid proof of knowledge can be provided.
+
+```scala
+// DLog-based signature verification
+val pubKey = ...  // Public key point
+val signature = ...  // Signature proof
+proveDlog(pubKey)
+```
+
+## Practical Examples
+
+- [Schnorr Signature Verification](scs/sigma/verifying.md)
+- [Public Key Cryptography](scs/ergoscript/public-keys.md)
+
+## Security Considerations
+
+- Based on discrete logarithm problem hardness
+- Efficient and compact signature verification
+- Supports multi-signatures and ring signatures
+
+## Advanced Applications
+
+- [Cryptographic Foundations](crypto.md)
+- [ZeroJoin Privacy Protocol](uses/mixer.md)
+- [Sidechains Interoperability](uses/sidechains/sigma-chains.md)
+
+## References
+
+- [Cryptographic Primitives](crypto.md)
+- [ErgoScript Capabilities](scs/ergoscript.md)

docs/dev/data-model/nizk.md

@@ -0,0 +1,137 @@
+# Non-Interactive Zero-Knowledge Proofs in Ergo
+
+## Overview
+
+Non-Interactive Zero-Knowledge Proofs (NIZKs) are advanced cryptographic techniques that allow one party to prove knowledge of a secret without revealing the secret itself, and without requiring real-time interaction between the prover and verifier.
+
+## Theoretical Foundation
+
+NIZKs in Ergo are primarily implemented through **Sigma Protocols** (Σ-protocols), which provide a powerful and flexible approach to zero-knowledge proofs. These protocols are a cornerstone of Ergo's privacy and cryptographic infrastructure.
+
+### Key Characteristics
+
+- **Non-Interactive**: Proofs can be verified without direct communication
+  - Unlike traditional interactive zero-knowledge proofs, NIZKs can be verified asynchronously
+  - Reduces computational overhead and network complexity
+
+- **Zero-Knowledge**: No information about the secret is revealed
+  - Cryptographically guarantees that only the validity of a statement is proven
+  - Protects sensitive information while maintaining verifiability
+
+- **Composable**: Can be combined using logical operators like AND, OR, and THRESHOLD
+  - Enables creation of complex cryptographic conditions
+  - Supports advanced smart contract logic and privacy-preserving protocols
+
+## Cryptographic Primitives
+
+Ergo supports several fundamental zero-knowledge proof types:
+
+1. **Discrete Logarithm Proofs**
+   - Prove knowledge of a secret key without revealing it
+   - Fundamental to [Schnorr signature verification](schnorr.md)
+   - Implemented using `proveDlog()` predicate in [ErgoScript](ergoscript.md)
+
+2. **Diffie-Hellman Tuple Proofs**
+   - Prove equality of discrete logarithms across different generators
+   - Enables privacy-preserving key exchange and contract designs
+   - Critical for advanced cryptographic protocols
+
+## Implementation Techniques
+
+### Fiat-Shamir Transformation
+
+Ergo makes proofs non-interactive using the Fiat-Shamir transformation, which converts interactive proofs into non-interactive ones by using a cryptographic hash function.
+
+Key steps:
+- Transform an interactive proof into a non-interactive version
+- Use a cryptographic hash function to generate a challenge
+- Eliminates the need for real-time communication between prover and verifier
+
+### Proof Composition
+
+Sigma protocols can be combined to create complex proofs:
+
+```scala
+// Example of a threshold signature proof
+val thresholdProof = prove {
+  atLeast(
+    3,  // Minimum number of signatures required
+    Coll(
+      PK("pubkey1"),
+      PK("pubkey2"),
+      PK("pubkey3"),
+      PK("pubkey4"),
+      PK("pubkey5")
+    )
+  )
+}
+```
+
+## Advanced Applications
+
+### Privacy-Preserving Techniques
+
+1. **Ring Signatures**
+   - Prove one of multiple possible signers without revealing the exact signer
+   - Enables anonymous transactions
+   - Detailed in [Ring Signatures](ring.md) documentation
+
+2. **Threshold Signatures**
+   - Require k-out-of-n participants to sign
+   - Supports multi-party computational scenarios
+   - Explored in [Threshold Signatures](threshold.md) documentation
+
+3. **Stealth Addresses**
+   - Generate one-time addresses for enhanced transaction privacy
+   - Prevent linking of transactions to a specific public address
+   - Crucial for maintaining financial privacy
+
+### Mixer Protocols
+
+**ZeroJoin** demonstrates a practical application:
+- Uses ring signatures and Diffie-Hellman tuples
+- Restores fungibility of digital tokens
+- Provides non-interactive, trustless mixing
+- Detailed in [Mixer Protocol](mixer.md) documentation
+
+## Security Considerations
+
+- Based on the hardness of the discrete logarithm problem
+- Requires careful implementation to prevent potential vulnerabilities
+- Extensive test coverage in Ergo's cryptographic implementations
+- Relies on well-established cryptographic assumptions
+
+## Related Cryptographic Concepts
+
+- [Discrete Logarithm Proofs](dlog.md)
+- [Ring Signatures](ring.md)
+- [Threshold Signatures](threshold.md)
+- [Sigma Protocols](sigma.md)
+
+## Future Research Directions
+
+- Enhanced privacy protocol implementations
+- More efficient zero-knowledge proof constructions
+- Cross-chain interoperability using NIZKs
+- Integration with advanced cryptographic techniques
+
+## Performance and Scalability
+
+NIZKs in Ergo are designed with performance in mind:
+- Constant-time proof verification
+- Minimal computational overhead
+- Efficient serialization and deserialization
+- Support for batch verification techniques
+
+## References
+
+- [Sigma Protocols Overview](sigma.md)
+- [Cryptographic Foundations](crypto.md)
+- [Zero-Knowledge Proofs in Ergo](zkp.md)
+- Academic Papers:
+  - [Sigma Protocols: A Survey](https://eprint.iacr.org/2021/1022)
+  - [Non-Interactive Zero-Knowledge Proofs](https://eprint.iacr.org/2016/263)
+
+## Conclusion
+
+Ergo's Non-Interactive Zero-Knowledge Proofs represent a sophisticated approach to cryptographic privacy, enabling complex, secure, and flexible smart contract designs while maintaining user confidentiality. By leveraging advanced cryptographic techniques like Sigma Protocols and the Fiat-Shamir transformation, Ergo provides a robust framework for privacy-preserving computational techniques.

docs/dev/data-model/ring.md

@@ -0,0 +1,67 @@
+# Ring Signatures in Ergo
+
+## Overview
+
+Ring signatures are an advanced privacy-preserving cryptographic technique that allows a user to sign a transaction on behalf of a group without revealing which specific group member signed it.
+
+## Key Features
+
+- **Anonymity**: Provides plausible deniability by obscuring the actual signer
+- **Privacy**: Prevents tracing the origin of a signature to a specific participant
+- **Flexible Composition**: Implemented through Ergo's Sigma protocols
+
+## Use Cases
+
+1. **Anonymous Transactions**: Enabling privacy in blockchain transactions
+2. **Decentralized Mixers**: 
+
+      - [ErgoMixer Privacy Protocol](mixer.md)
+      - [ZeroJoin Privacy Mechanism](zerojoin.md)
+
+3. **Confidential Voting**: Where the voter's identity must remain secret
+
+## Technical Implementation
+
+In Ergo, ring signatures are implemented using Sigma protocols, allowing for:
+
+- Proving knowledge of one secret from a set of secrets
+- Creating cryptographic proofs that obfuscate the true signer
+
+### Example Scenario
+
+```scala
+// Simplified conceptual representation
+val ringSignature = prove {
+  atLeastOneOf(
+    List(
+      proveDlog(pubKey1),
+      proveDlog(pubKey2),
+      proveDlog(pubKey3)
+    )
+  )
+}
+```
+
+## Related Cryptographic Concepts
+
+- [Discrete Logarithm Proofs](dlog.md)
+- [Threshold Signatures](threshold.md)
+- [Sigma Protocols Overview](sigma.md)
+
+## Privacy Mechanisms
+
+- **ZeroJoin**: A privacy protocol leveraging ring signatures to restore fungibility
+- **ErgoMixer**: A non-custodial mixing service using ring signature techniques
+
+## Advanced Applications
+
+- [Cryptographic Foundations in Ergo](crypto.md)
+- [Schnorr Signatures and Privacy](schnorr.md)
+- [Sidechains and Interoperability](sigma-chains.md)
+
+## Security Considerations
+
+- Computational complexity makes tracing the original signer computationally infeasible
+- Relies on the hardness of the discrete logarithm problem
+- Provides strong privacy guarantees without compromising blockchain security
+

docs/dev/data-model/threshold.md

@@ -0,0 +1,65 @@
+# Threshold Signatures in Ergo
+
+## Overview
+
+Threshold signatures are a cryptographic mechanism that allows a subset of a group to collectively sign a transaction, providing enhanced security and distributed trust.
+
+## Key Characteristics
+
+- **Distributed Signing**: Requires a minimum number of participants to authorize a transaction
+- **Flexible Thresholds**: Can be configured as k-out-of-n signatures (e.g., 3-out-of-5)
+- **Multi-Party Computation**: Enables complex collaborative signing scenarios
+
+## Detailed Examples
+
+### 3-out-of-5 Threshold Signature
+
+For a comprehensive example, refer to the dedicated tutorial:
+- [3-out-of-5 Threshold Signature](scs/sigma/3-out-of-5.md)
+
+### Practical Use Cases
+
+1. **Corporate Governance**: 
+   - Multi-signature wallets requiring collective approval
+   - [Microcredit Scenario](scs/microcredit.md)
+
+2. **Cross-Chain Interoperability**:
+   - [Rosen Bridge Mechanisms](eco/rosen.md)
+
+## Implementation Techniques
+
+Ergo supports threshold signatures through its Sigma protocol framework, allowing:
+- Proving knowledge of at least k secrets out of n total secrets
+- Creating multi-party computational scenarios with robust security guarantees
+
+## Conceptual Implementation
+
+```scala
+val thresholdSignature = prove {
+  atLeastKOutOfN(
+    k = 3,  // Minimum signatures required
+    n = 5,  // Total possible signers
+    publicKeys = List(
+      pubKey1, pubKey2, pubKey3, 
+      pubKey4, pubKey5
+    )
+  )
+}
+```
+
+## Related Cryptographic Concepts
+
+- [Sigma Protocols](scs/sigma.md)
+- [Discrete Logarithm Proofs](dlog.md)
+- [Ring Signatures](ring.md)
+
+## Technical Advantages
+
+- **Reduced Single Point of Failure**: No single participant can unilaterally control funds
+- **Flexible Configuration**: Adaptable to various security requirements
+- **Privacy Preservation**: Sigma protocols ensure minimal information leakage
+
+## References
+
+- [Cryptographic Foundations](crypto.md)
+- [ErgoScript Capabilities](scs/ergoscript.md)

mkdocs.yml

@@ -732,18 +732,25 @@ nav:
 
     - Cryptographic:
       - crypto.md
-      - Sigma Protocols:
-        - dev/scs/sigma.md
-        - Schnorr:
-          - dev/scs/sigma/schnorr.md
-          - Verifying Schnorr Signatures: dev/scs/sigma/verifying.md
-        - Diffie:
-          - dev/scs/sigma/diffie.md
-        - Ring Signatures:
-          - 3-out-of-5 Threshold Signature: dev/scs/sigma/3-out-of-5.md
-          - Distributed Signatures: node/sigs.md
-        # - Signature Scheme Internals: sig-scheme.md
+      - Signature Schemes:
+        - Sigma Protocols:
+          - dev/scs/sigma.md
+          - Schnorr:
+            - dev/scs/sigma/schnorr.md
+            - Verifying Schnorr Signatures: dev/scs/sigma/verifying.md
+          - Diffie:
+            - dev/scs/sigma/diffie.md
+          - Other Signatures:
+            - Ring Signatures: dev/data-model/ring.md
+            - Threshold Signatures:
+              - dev/data-model/threshold.md
+              - 3-out-of-5 Threshold Signature: dev/scs/sigma/3-out-of-5.md
+            - Distributed Signatures: node/sigs.md
+            - Signature Scheme Internals: sig-scheme.md
+      - Zero-Knowledge Proofs:
+        - Non-Interactive ZK: dev/data-model/nizk.md
         - ZeroJoin: dev/crypto/zerojoin.md
+
       - Data Structures:
         - dev/data-model/data-structures.md
         - Merkle Tree: