Zulip Chat Archive

import Mathlib.Probability.ProbabilityMassFunction.Basic
import Mathlib.Probability.ProbabilityMassFunction.Monad
import Mathlib.Probability.ProbabilityMassFunction.Constructions
import Mathlib.Data.ZMod.Defs

structure CommitmentScheme (M C O K : Type) where
  (setup : PMF K)
  (commit : K → M → PMF (C × O))
  (verify : K → M → C → O → ZMod 2)

-- This works ok, but I don't really want ∀ h
def perfect_hiding (scheme : CommitmentScheme M C O K) : Prop :=
  ∀ (h : K) (m₀ m₁ : M) (c : C),
    PMF.map Prod.fst (scheme.commit h m₀) c = PMF.map Prod.fst (scheme.commit h m₁) c

-- Trying to do something like this, but can't think of a good way to get around the fact that I end up with a prop-valued thing inside a PMF
def perfect_hiding' (scheme : CommitmentScheme M C O K) : Prop :=
  ∀ (m₀ m₁ : M) (c : C),
    PMF.bind scheme.setup (fun h => PMF.map Prod.fst (scheme.commit h m₀) = PMF.map Prod.fst (scheme.commit h m₁) ) c

-- I could solve it like this:
noncomputable def do_commit (scheme: CommitmentScheme M C O K) (m : M) : PMF C :=
do
  let h ← scheme.setup
  let (c, _) ← scheme.commit h m
  return c

def perfect_hiding'' (scheme: CommitmentScheme M C O K) : Prop :=
  ∀ (m m' : M) (c : C), (do_commit scheme m) c = (do_commit scheme m') c