Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

See if we can remove partial precomputation #128

Closed
AaronFeickert opened this issue Mar 22, 2024 · 1 comment · Fixed by #129
Closed

See if we can remove partial precomputation #128

AaronFeickert opened this issue Mar 22, 2024 · 1 comment · Fixed by #129

Comments

@AaronFeickert
Copy link
Contributor

AaronFeickert commented Mar 22, 2024
edited

Currently, the only reason to require a custom curve library fork is to support partial precomputation. This permits a more flexible use of inner-product generators.

While it's beneficial to have this flexibility, it's a headache for integration with other libraries. It might be useful to revisit this design choice and see if it can be removed in favor of being able to use the upstream curve library directly. This has become increasingly relevant since upstream has seen a flurry of activity that continues to diverge from the fork.

For use cases in the Tari ecosystem, it's unlikely to cause efficiency problems in practice. For use cases elsewhere that do require a larger inner-product generator set than is used in verification, there are options. Either the caller generates parameters for the aggregation factors it actually needs (which incurs no internal efficiency hit), or we allow for a larger generator set but pad the corresponding scalars (which does incur an efficiency hit).
@AaronFeickert
Copy link
Contributor Author

This entire issue would be rendered moot if an upstream curve library PR is accepted. However, it's been stuck in the queue for many months, and it's not clear if it will be merged.

@AaronFeickert AaronFeickert mentioned this issue Mar 22, 2024
Merged
hansieodendaal pushed a commit that referenced this issue Mar 29, 2024
@AaronFeickert
feat: remove partial precomputation (#129)
58409fa 
Partial precomputation is the sole reason for maintaining a custom curve
library fork, which has proven to be a headache and limits compatibility
with other libraries.

This PR removes partial precomputation altogether. If you supply
parameters with more inner-product generators than you need, padding is
used. This incurs an efficiency hit, but only in this particular case.
For the use cases in the Tari ecosystem, this is not an issue.

As a result of this change, we also switch back to the latest version of
the upstream curve library and simplify some scalar exponentiation
operations. The audit report is also updated to note the curve library
dependency change.

Closes #128. Closes #93. Closes #96.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: remove partial precomputation AaronFeickert/bulletproofs-plus
1 participant
@AaronFeickert