zcash-hackworks / bn

Pairing cryptography library in Rust
Other
161 stars 133 forks source link

wrong paper in the readme? #3

Closed Geal closed 8 years ago

Geal commented 8 years ago

in the README, the paper link points to the SNARK paper. Shouldn't it be Pairing-Friendly Elliptic Curves of Prime Order?

ebfull commented 8 years ago

Good catch, the link should be [BCTV14] which explains that the curve instantiation we use is tailored for use in SNARKs. (We pick a special group order for efficiency purposes.) We also use some other optimizations that are cited in the paper. The BN paper you mention is the foundation of the construction, though.

I'm sorry if these papers lead you down a rabbit hole of confusing citations, I can try my best to clear things up for you or ask the cryptographers on our team for more information.

ebfull commented 8 years ago

Note that this library implements what is provided by the ate-pairing library and is based on a (simpler) implementation our cryptographers implemented in libsnark.

ebfull commented 8 years ago

I updated the README to point to the current best description of our curve and optimizations, though it's not incredibly formal or detailed.