Youssef El Housni
Youssef El Housni
For BLS24, G2 is on Fp4. Currently SSWU is not supported on this extension.
SSWU hash-to-curve uses `SqrtRatio` where there are exponentiations by fixed constants. This should be done via short addition chains generated at the template level (see https://github.com/mmcloughlin/addchain).
As we start to have more BW6 curves, we should code generate the tower E6.
Currently we use a 2-bit windowed 2-dimensional GLV in G1 and G2 for all the curves. We should use 2-NAF.
e.g. In `./internal/generator/config/bls12-381.go`, if we set `GLV: false` and `CofactorCleaning: false`, the template `internal/generator/ecc/template/point.go.tmpl` handles incorrectly this case.
Currently, gnark-crypto implements 2-dim GLV for all curves and 2-dim GLS for twists over Fp2 (BLS12, BN) and over Fp4 (BLS24). This issue is a placeholder to track implementation of...
Similarly to BLS12 curves, BLS24 Miller loop counter is the curve seed `u`. Although this seed is 32 bits (half the size of BLS12 seeds), the BLS24 Miller loop is...
We should clean and correct comments across gnark-crypto. Also, It would be nice in the code generation to use mmcloughlin's [mathfmt](https://github.com/mmcloughlin/mathfmt) for equations and [bib](https://github.com/mmcloughlin/bib) for Bibtex references.
Currently, MNT4/6 pairing is implemented in projective coordinate with a binary Miller loop. Note that the Hamming weight of `ATE_LOOP_COUNT` for both MNT298 and MNT753 is lower when decomposed in...