hartm
commented
3 years ago Do we know who is using this? That should probably be a starting point.
We are already working on replacing Milagro in many pairing-based primitives with pairing-plus (https://github.com/algorand/pairing-plus), although it looks like there may be licensing issues (they are MIT). The main reason for this is performance, though--pairing-plus is much faster.
I agree that this feature should be marked as experimental--and so should others in Ursa. This is something we should discuss further as a part of the refactor.
brentzundel
madiazp
mikelodder7
I'm uncomfortable with the bulletproofs module for both subjective and objective reasons. When it was originally authored there were issues with the licensing (i.e. it was copied from the Dalek project) which I think were remedied. However I'm not 100% confident. That's not a concrete criticism but I don't know how to make it concrete without revisiting the full review which seems to have allowed commits like this through: Dont push yet. Some comments, refactorings and TODOs. Some refactoings
Moreover since it copies rather than imports/links to Dalek it is not actively incorporating changes from Dalek.
More concretely the feature also relies on a defunct crypto project, Apache Milagro Crypto Library: https://github.com/milagro-crypto/amcl That library seems to have changed hands or location and may only have a single maintainer. Relying (for security in particular) on single maintainer projects is contrary to best practices.
At the very least this module should be marked as experimental. That was sort of implicitly the case under the zmix code structure, but as we restructure the code this and other modules will move to a different structure that won't implicitly reflect the maturity of the feature. I would prefer however that it be removed until it can be actively maintained to address the concerns above.