Jeff Burdges
ark-std lags std's alloc in a few ways, like https://github.com/arkworks-rs/std/issues/44 If rust stabilizes `error_in_core` then ark-std could largely be deprecated. If someone wants something within the next few years then...
We might've ark-serialize bugs similar to https://github.com/paritytech/parity-scale-codec/pull/426 I suppose serde could've worse similar bugs.
@drskalman worked out an optimized G_T serialization, which likely he submits, so imho other G_T serializations should not be considered standard. Afaik all field serialization are defined in https://github.com/arkworks-rs/algebra/tree/master/ff/src/fields/models At...
[`Fp12`](https://github.com/arkworks-rs/algebra/blob/master/ec/src/models/bls12/mod.rs#L211) is the target field for bls12 curves, so the cubic field extension is sandwiched in the middle. `G_T` is a subgroup of the multiplicative group of `Fp12`, so people...
As for costs, @drskalman trick makes G_T elements 3 times smaller, so 192 bytes instead of 576 bytes for bls12-381/377. It appears @drskalman trick involves cube roots in the extension...
Appears the tower have the same degree sequence, not sure if the same quotients, but maybe it's pretty simple. I'd say first see if https://github.com/MystenLabs/fastcrypto/blob/main/fastcrypto-zkp/src/bls12381/conversions.rs helps you. Also @achimcc has...
It's what these do then https://github.com/MystenLabs/fastcrypto/blob/main/fastcrypto-zkp/src/bls12381/conversions.rs#L138-L150
I'd say choose another Edwards curve that's actually faster than BLS12-377 but an Edwards form of BLS12-377's G1 might possibly work, given its cofactor contains plenty of 2 torsion. I'd...
Are there any new claims about the current security level for BL12-377/381 there? I missed them. Also anything about BN128?
I've slightly wrong here, the IRTF draft cannot be described using `XofReader` because they hash the output length. We might still simplify the code along similar lines, using our own...