str4d
commented
3 years ago This crate used to contain a BLS12-381 implementation; it is to that implementation that the comment applied. I think the comment is just outdated at this point. It's true that we can't guarantee that downstream crates implement pairings with constant time operations, but there's nothing in the pairing traits that prevents them from doing so (e.g. Options in APIs).
randombit
Hi. We're trying to understand the comment in the readme that "This library does not make any guarantees about constant-time operations, memory access patterns, or resistance to side-channel attacks."
Reviewing this code I don't see any obvious problems; it's just providing traits. Is the intention of this warning to be simply that the library is not able to guarantee anything about crates which may implement the traits in
pairing? Is there anything that we should be aware of wrt this crate when used in conjunction with https://github.com/zkcrypto/bls12_381 which does state as being constant-time outside of documented vartime operations?