Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Zk improvements #57

Open
dr-orlovsky opened this issue Sep 20, 2020 · 1 comment
Open

Zk improvements #57

dr-orlovsky opened this issue Sep 20, 2020 · 1 comment
Labels
*privacy* Issues important for privacy matters proposal New proposals [RGB] Specs related to client-validated state management system *scalability* Issues important for scalability *security* Security-related issues
Milestone
RGBv1

Comments

@dr-orlovsky
Copy link
Member

dr-orlovsky commented Sep 20, 2020
edited
Loading

Consider removing bulletproof data from single-use-seal commitments: this will add scalability with aggregation over history + zk upgredabiliy and replacability

Update: during dev call on the 23rd of Sept 2020 it was decided to take the following route:

  1. Phase I: use hashing as a strategy for committing to bulletproofs, such as in the future if it will be decided that bulletproof commitments are not required the size of historical data may be reduced from ~500-750 bytes to 32 bytes per bulletproof. Timeline: immediate
  2. Phase II: separate individual bulletproofs from Pedersen commitments (alike SegWit) and merkelize bulletproofs inside single state transition independently from Pedersen commitments, such that the total size of commitment-critical data will be further reduced to 32 bytes per transition (independently from the number of bulletproofs inside the transition). Timeline: after completion of initial LN implementation.
  3. Phase III: after appropriate consultations with cryptography experts remove bulletproof from commitment data and aggregate them across the whole history. which will allow to:
    • reduce the overall size of bulletproof data for ~10k of historical transitions from ~7.5MB to ~10kB (three orders of magnitude)
    • make it possible to use alternative/more advanced version of range proofs and/or replace rangeproof algorithms without hard forks/asset re-issuance
      Timeline: RGB v1.0 (~half a year from now)
  4. Phase IV: Pedersen commitment cut-through in a Mimble-wimble style (requires separate Merkle tree for Pedersen commitments from phase 2)
@dr-orlovsky dr-orlovsky added *privacy* Issues important for privacy matters *security* Security-related issues [RGB] Specs related to client-validated state management system help wanted Extra attention is needed proposal New proposals labels Sep 20, 2020
@dr-orlovsky dr-orlovsky added this to the RGB core: drafts milestone Sep 20, 2020
@dr-orlovsky dr-orlovsky added *scalability* Issues important for scalability and removed help wanted Extra attention is needed labels Sep 23, 2020
@dr-orlovsky dr-orlovsky mentioned this issue Sep 23, 2020
Closed
UkolovaOlga added a commit to LNP-BP/devcalls that referenced this issue Sep 23, 2020
@UkolovaOlga
Audio recordings of the call on September 23rd, 2020
c06e73f 
# Agenda for 23 Sept call

## Ongoing developments
- Last beta 4 pre-release before RC1
- Invoicing protocol: 
  * LNURL downsides
  * new LN developments (lni, lno, lnr by Rusty Russel)
  * possible applications of the above for RGB LN workflows
  * miniscript/descriptor bitcoin invoices with TLV-LN style
  * results of research and plans for RGB universal invoicing
- PSBT development: 
  * main format for data storage & exchange
  * brining rust-bitcoin libraries closer to full implementation
- Schema/Genesis: versioning, chain params
  * Implications: DEX/Spectrum outside RGB in LN

## Closing old discussions
- Monero bulletproofs
- Lexicographic output ordering

## CI & infrastructure:
- Dockerization: full set up images
- Signet & Lightning
- Exhaustive tests

## Future protocol developments
- Zk: bulletproofs aggregation
- Decentralized issuance with public transitions

Tasks for the community discussion:
* LNP-BP/LNPBPs#57
* LNP-BP/LNPBPs#46
* LNP-BP/rust-lnpbp#104
@dr-orlovsky dr-orlovsky pinned this issue Mar 30, 2021
@dr-orlovsky
Copy link
Member Author

Update: since we have pedersen commitments, participating in the consensus commit process, commitments to bulletproofs are not required (if your pedersen commitment commits to a negative value, you still will not be able to construct bulletproof passing the validation). Thus, Phase III may be partially implemented instead of Phase II

@dr-orlovsky dr-orlovsky mentioned this issue Mar 30, 2021
Closed
@dr-orlovsky dr-orlovsky mentioned this issue Jan 23, 2023
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
*privacy* Issues important for privacy matters proposal New proposals [RGB] Specs related to client-validated state management system *scalability* Issues important for scalability *security* Security-related issues
Projects
None yet
Milestone
RGBv1
Development

No branches or pull requests
1 participant
@dr-orlovsky