You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently nimue won't fail if the IO Pattern declares absorbing an EC point, and later a scalar is absorbed (if they have the same size). This is for instance the case in curve25519, where both are of 32 bytes. It'd be nice to have the Rust compiler could recognize this at compile time without making the building time explode.
Looking at how other libraries were going about this problem, it seems that:
halo2_proofs is using two different domain separators for points and scalars. Yet, it doesn't distinguish between public and private information.
Currently nimue won't fail if the IO Pattern declares absorbing an EC point, and later a scalar is absorbed (if they have the same size). This is for instance the case in
curve25519, where both are of 32 bytes. It'd be nice to have the Rust compiler could recognize this at compile time without making the building time explode.Looking at how other libraries were going about this problem, it seems that:
halo2_proofsis using two different domain separators for points and scalars. Yet, it doesn't distinguish between public and private information.hyperplonkis YOLO'ing it by serializing to bytesThe text was updated successfully, but these errors were encountered: