kilic

Also, It would be great to have an ability to write functions for header files. For example, there is a 256 bit multiplication function in this one https://github.com/cloudflare/bn256/blob/master/mul_amd64.h Having such...

Thanks, it works as expected. Here is a little example. ``` xyz := operand.NewDataAddr(Symbol{Name: "·xyz"}, 0) MOVQ(xyz.Offset(8), reg.R8) ```

@protolambda Thanks! Sure we can add this improvement. I'm happy with switching to `[]PointG1/2`. Can you also apply the same to the `MultiExpBig` function? Constant window size and smaller type...

As far as I understand from [BBS+ signature scheme](https://eprint.iacr.org/2016/663.pdf) you need to do arithmetic in scalar field instead of base field `fe`. Is that right? At this current version, big.Int...

It can be followed at this branch https://github.com/privacy-scaling-explorations/halo2wrong/tree/v2

@DamianStraszak As far as I remember `downsize` API is introduced for this reason as a workaround

It is already in use for modular exponentiations see [here](https://github.com/kilic/evmvdf/blob/71c0d45b9f26bfbf1393b63adc850535bb10f3c6/contracts/VerifyVDF.sol#L163) and [here](https://github.com/kilic/evmvdf/blob/71c0d45b9f26bfbf1393b63adc850535bb10f3c6/contracts/VerifyVDF.sol#L139)

> on-the-fly signed digit recoding with zero allocation How do you achieve recording on the fly while we need to iterate bucket indexes (ie slices of scalar) in reverse order?...

It seems to me like B3 appendix of jolt paper can be somehow implemented with shuffle API

@kitounliu Thanks for the correction. Can you make checks green so that we can merge it