BP+ DLog PoK uses as many trits as fits into 2**MUTUAL_CAPACITY, not as many as fits into min(MOD_0, MOD_1)

kayabaNerve / full-chain-membership-proofs

18 stars 1 forks source link

BP+ DLog PoK uses as many trits as fits into 2**MUTUAL_CAPACITY, not as many as fits into min(MOD_0, MOD_1) #47

Open kayabaNerve opened 1 year ago

kayabaNerve commented 1 year ago

This indirection potentially reduces the trits of security for any scalar proved to be some DLog, weakening the trits of security for the ZK property of curve trees.