Osuke

icon company @LayerXcom icon location Tokyo

Results 48 comments of Osuke

Add conf_whitelist module

The maintainer of the whitelist can update the Merkle root whenever they want. It's just the trade-off between their maintenance cost and UX.

Use a `Polynomial` type instead of `Vec<E::Fr>`

It could be type alias.

Use a `Polynomial` type instead of `Vec<E::Fr>`

LGTM! It should be implemented as operator overloadings. I've never used `SmallVec`. How much would it be optimized actually?

Ensure preventing from small subgroup attacks

Needed implement `as_prime_order()` at reading from bytes like here. https://github.com/LayerXcom/zero-chain/blob/90ebbfef4d08c102ff11c90affe21c578610b0cb/primitives/src/ciphertext.rs#L67-L69

To be compatible with the ethereum smart contracts

Needed to be used alt-bn 256 curve for bellman and elgamal encryption, not jubjub curve. babyjubjub(compatible with alt-bn 256): - https://github.com/matter-labs/sapling-crypto - https://github.com/matter-labs/bellman - https://github.com/matter-labs/pairing - https://github.com/matter-labs/ff

To be compatible with the ethereum smart contracts

The specification of BN254 curve: https://tools.ietf.org/id/draft-kasamatsu-bncurves-01.html

Optimize multiexp

* [Faster batch forgery identification](https://cr.yp.to/badbatch/badbatch-20120919.pdf) * [Pippenger's exponentiation algorithm](https://cr.yp.to/papers/pippenger.pdf) * [Improved Techniques for Fast Exponentiation](http://www.bmoeller.de/pdf/fastexp-icisc2002.pdf) * [Faster Multi-Exponentiation through Caching: Accelerating (EC)DSA Signature Verification](https://eprint.iacr.org/2007/470.pdf) * [Efficient Multi-Exponentiation](https://jbootle.github.io/Misc/pippenger.pdf) * [Fast parallel...

Integrate with SONIC proof system

Reference for W-ary Non-Adjacent Form * https://crypto.stackexchange.com/questions/25225/non-adjacent-form-of-an-integer-is-unique * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#w-ary_non-adjacent_form_(wNAF)_method

Integrate with SONIC proof system

Reference for polynomial commitment * [Constant-Size Commitments to Polynomials and Their Applications](https://www.cypherpunks.ca/~iang/pubs/PolyCommit-AsiaCrypt.pdf) * https://eprint.iacr.org/2001/107.pdf Reference for constraint system https://eprint.iacr.org/2017/872.pdf

Add server side logics to decrypt with ElGamal

Brute-force decrypt balance for [0, B_MAX] https://github.com/jpmorganchase/anonymous-zether/blob/f8236cebc8097764b1f49f3939cd7cdbe6efbd40/packages/anonymous.js/src/utils/maintenance.js#L12-L38