-
Notifications
You must be signed in to change notification settings - Fork 256
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unecessary Vec in HashToField #572
Comments
This is fine by me, but let's avoid |
Around this, there are issues with the hash-to-curve traits overall, like being SNARK unfriendly. I'd suggest they be replaced with pure output traits.
It's annoying How do you add data then? I'm unsure their receivers should work here. Although odd, I think
As for the draft standard's cipher choices, we'd likely require two adaptors, an extender shared by Sha256, Sha384, and Sha512, and generic XoF ones for Shake256 like:
|
It's maybe subtle to do these output oriented things in hash-to-field, given the standard keeping sha2 and the domain worries, but overall the code is not structured well. I raised an issue on the source repo armfazh/h2c-rust-ref#8 but anyways but maybe a reference implementation won't care about these improprieties. Also, arkworks does not really expose the right constants to do avoid Vecs, not even sure if const generics are really there yet either, so maybe not worth it right now. |
Superseded by #630 |
There is an unnecessary Vec in HashToField:
This is a minor issue in the IRTF hash-to-curve spec, which extracts all fields elements at once. A hasher should not usually allocate.
If one uses rust-lang/rust#96097 then one correct formulation is
We could skip the unsafe bits initially by supplying only
fn hash_to_field<const N; usize>(&self, msg: &[u8]) -> [F; N]
as the hash-to-curve spec itself uses only N=1 or N=2.The text was updated successfully, but these errors were encountered: