Can the Expander implementations be made public?

[tmarkovski]

The trait Expander in ark_ff and its Xmd and Xof implementations are currently private. We have a need to use the expanders directly for other implementations, like hash_to_scalar (using both ExpandXmd and ExpandXof, as this BBS spec defines two ciphersuites using each expander).
The provided HashToField trait doesn't allow custom implementation since the expanders are private, and the DefaultFieldHasher is only using a subset of the expander module.
Can these module be made public?

[mmagician]

Yeah I don't see why not. Feel free to submit a PR. If possible, try to keep the existing implementation as default, maybe this doesn't require a breaking change?

[tmarkovski]

No, I believe it can be done without introducing breaking change. Will make a PR, thanks.

[burdges]

This is one of many problems with the hash-to-curve code. Fixed by #643

The default is really determined by the curve, so it makes no sense to say "default" per se. it does make sense to have a trait on the curve that does everything, which also gives a nicer interface.

[burdges]

In #643 I improved memory handling for hashing to non-prime order fields, which changes the field trait. If you only hash to prime order fields, then in the short term you could fork whatever parts of #643 you require.

I do this in https://github.com/w3f/ring-vrf/blob/master/ark-transcript/src/lib.rs#L450 for example.