Implement Secret Key knowledge gadget with Bulletproofs

[CPerezz]

To construct this gadget we will need to prove that: BASEPOINT * Blinded(Sk) as bits = Pub Key

To implement it we will need the following gadgets:

• [x] Point addition gadget -> #1
• [x] Point doubling gadget -> #4
• [x] Conditionally selection gadget -> #6

Once this is implemented we will be able to start building up the main Secret Key knowledge gadget which is the final goal of this issue and will close dusk-network/dusk-zerocaf#96 which was raised by @vlopes11

[CPerezz]

As stated in this comment:

I was mistaken on the way I initially understood this gadget functionallity.

If the bits of the Sk were not commited, we would be able to to apply conditions over them since we would know the value of each bit of the Sk and so we would have been able to conditionally operate (Add or Double) according to it.

In this case, the Sk bits are committed. This forces us to work with the blinded values. Add constrains to check if the bit is one or zero is not possible since they will be evaluated with the whole circuit and we cannot apply conditions there.

Solution

The idea then should be using Left to right binary scalar mul algorithm.

We would perform both the double and the addition on each round but we will conditionally assingn Q to be the Identity point if the bit is 0 in the statement Q = &Q + &point and we will use the correct Q coordinates when we get 1 as bit.

This is not the most optimal way of performing the scalar mul, but at least we will be able to > have a working implementation. We can always optimise it later.

We will go for an implementation of ltr_binary_mul algorithm for Scalar multiplication iside ECC.