algebra
algebra copied to clipboard
arkworks-rs
Add Sonny Curve to Library
Summary
Add the Sonny curve to this library: Sonny
Problem Definition
Implementing ECDSA ZK Proofs using Curve25519-dalek as a base curve requires a scalar curve to generate proofs. Sonny is such a curve.
This curve would be used with Spartan
Proposal
Provide an implementation for: Sonny
For Admin Use
- [ ] Not duplicate issue
- [ ] Appropriate labels applied
- [ ] Appropriate contributors tagged
- [ ] Contributor assigned/self-assigned
Two comments on this:
- I think arkworks-rs still needs a bit of work to support Ristretto fully.
- Is Dusk still using Sonny? The current industry trend is to move away from using application-specific curves for signatures since it brings significant challenges for user adoption.
What is an ECDSA ZK Proof? Are you talking about DKGs that need ZKPs?
ECDSA itself is pretty crappy, so afaik nobody would ever use it with Ristretto/ed25519. I think even GNUNet replaced it. Ed25519 DKGs are another matter entirely.
ECDSA is still being used a lot, so even for compatibility, it is useful on its own.
Nevertheless, I believe that there is not a lot of incentive in adding the Sonny curve. I will leave this issue open.
You mean they're doing non-native curve arithmetic on Ristretto to prove ECDSA secp256k1 signatures? That's also be odd since you could use its mirror curve instead, but maybe ECDSA on some curve without a mirror makes sense. I only meant that ECDSA on Ristretto makes no sense, but if that's not what's going on then nevermind.. ;)
Nay, I think Microsoft's use case here is to find a curve for signature inside curve25519 that can be easily verified by Ristretto (curve25519). However, curve25519 does not have such a mirror, so one needs to find an embedded curve.
It can be either ECDSA or EdDSA I think, just to find a suitable curve.
After one year, I think the overall trend of avoiding application-specific curve has become clear. Today, people who want to do this are likely going to use non-native fields.