Jeff Burdges

Ideally we should increase the compliance with the IRTF CFRG drafts for [BLS signatures](https://github.com/cfrg/draft-irtf-cfrg-bls-signature) and [hash-to-curve](https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve) throughout, without doing anything silly like using SHA2-HMACs everywhere.

Thanks! I'll attempt to catch back up on this eventually, but not anytime this month I fear.

Avoid To/FromBytes: https://github.com/arkworks-rs/algebra/issues/390

We're aiming for strong metadata protections. Matrix provides _no_ metadata protections. Briar provides Tor-like metadata protections, but mixnets can do much better. You cannot send HTTP through a mixnet because...

We expect authentication and confidentiality _of content_ to be handled by https://messaginglayersecurity.rocks/ We're worried about _metadata_, meaning who talks to who. Matrix is just a redesign of XMPP plus some...

I've not looked as closely as you wanted but seems fine afaik.

Agreed. We should judge streaming out of scope and prioritize latency flexibility instead. And streamed data is normally not that sensitive anyways. In principle, there are streaming-like protocols that might...

There is an interesting article on speeding up pairing computations with parallelization here: https://www.researchgate.net/publication/220963070_Parallelizing_the_Weil_and_Tate_Pairings If we cared we'd start by asking Diego Aranha where he implemented it.

If we want ACML for constant time signing then check out https://github.com/lovesh/amcl_rust_wrapper

Almost everyone involved who hails from academia has informally done this themselves. At a high level, we often address the technical concerns in our talks, but mostly they boil down...