Jeff Burdges

We do not need `unsafe` per se when maintaining a safety invariant within its defining visibility boundary aka module: [_"Because it relies on invariants of a struct field, this unsafe...

> If the invariant is violated, the result is undefined behavior. > That is a significant argument in favor of something better. This RFC is not better because memory safety...

> Other code in Vec relies on the invariants of Vec.len in ways that leads to undefined behavior if the invariants are broken. Yes, but this does not make altering...

Just curious, do any class group protocols involve secrets or otherwise benefit from constant time arithmetic for other reasons? VDFs need pure speed, but afaik do not benefit from being...

Any background on this concern? I presume the suffle proof remains secure if performed by a party who knows the private key? Aka is the shuffle proof sound in the...

It's not a big change for downstream users, just a `use ..::{.., MalleableSignature as Signature};`, but maybe turn the feature into an error with some explanation. If you want a...

I agree with @clarfonthey that this syntax looks unecessary, including that `loop match` must trash the result of the `match`. Yet if folks want this then the systax should be...

I suppose https://github.com/rust-lang/rust/issues/120930 means breakage here anyways, but likely addresses this.

ref github.com/polkadot-fellows/RFCs/pull/119

I'd kinda expect merkle proofs should always be batched, so you prove for many keys simultaniously. I've no worked out how much more efficent this makes them of course, but...