Closed drskalman closed 3 years ago
I'm not sure we need a trait, either we need a second public key type, or else the sign_pok and verify_pok methods do serialization and deserialization.
We had a trait before largely because I made a mistake and thought we could avoid proofs-of-knowldge using Dan Boneh's trick on the full signer set, meaning we'd process the whole PKI together, which indicated a trait, but.. If there were 2^40 adversarial signers then one could break this approach using https://people.eecs.berkeley.edu/~daw/papers/genbday.html and now if the adversarial signer set has merely 256 signers then you can break this using https://eprint.iacr.org/2020/945.pdf
f4d137c would
b6ba31d
Sample interface is on the branch:
origin/skalman-pok-new-interface