Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Curve alt_bn_128 #154

Open
darioAnongba opened this issue May 18, 2018 · 2 comments · May be fixed by #292
Open

Curve alt_bn_128 #154

darioAnongba opened this issue May 18, 2018 · 2 comments · May be fixed by #292

Comments

@darioAnongba
Copy link

Hi,

I am currently heavily involved in Ethereum development and am currently implementing a Confidential Transactions token. The curve used for this is alt_bn_128 and not secp256k1 like in Bitcoin. The curve alt_bn_128 is similar to secp256k1 but wiht parameters:

  • A = 0
  • B = 3
  • P = 0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47
  • N = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001

I was wondering if defining a new curve similar to secp256k1 with those parameters would "work out of the box" or if it's not that trivial. If not, what should I do to add support for this curve?

Also, I couldn't find documentation anywhere on how to use this library and its API (list of functions, etc) Does it exist?

Thanks.
@mahrud
Copy link

mahrud commented Jul 12, 2018

I don't think so, given that it's a Barreto-Naehrig curve, not a Koblitz curve like secp256k1. It'll most likely require a new curve type to be defined.

Also, I don't know much about Ethereum, but I presume what you really want to do with the curves is more than just arithmetic operations and making signatures. In particular, I think you really want to use elliptic pairings, which definitely requires some work.

Re: documentation, I think the README is the only thing AFAIK.

@darioAnongba
Copy link
Author

darioAnongba commented Jul 18, 2018
edited
Loading

It would actually be very useful for the Ethereum community to be able to use elliptic pairings in JavaScript but it is not for me at the moment. I actually just need the arithmetic operations and not the pairings.

You surely are asking yourself why I use alt_bn_128 if I don't need pairings. It's because the cost of using the alt_bn_128 curve will surely be greatly decreased because of the EIP 196 and 197 : https://eips.ethereum.org/EIPS/eip-196 and https://eips.ethereum.org/EIPS/eip-197.

Ethereum is famous and used enough to justify officially adding the curve to this library in the future.

Here is how the curve is defined:

defineCurve('bn256', {
  type: 'short',
  prime: null,
  p: '30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47',
  a: '0',
  b: '3',
  n: '30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001',
  hash: hash.sha256,
  gRed: false,
  g: [
    '1',
    '2'
  ]
});

and used in https://github.com/BANKEX/BulletproofJS

@AkashKarnatak AkashKarnatak linked a pull request Nov 20, 2022 that will close this issue
Open
@matthiasgeihs matthiasgeihs mentioned this issue Aug 4, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added support for alt_bn128 curve. AkashKarnatak/elliptic
2 participants
@mahrud @darioAnongba