From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7D888C0011 for ; Thu, 30 Jun 2022 12:27:57 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 66DB281427 for ; Thu, 30 Jun 2022 12:27:57 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 66DB281427 Authentication-Results: smtp1.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=Rn5KRIOI X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -0.199 X-Spam-Level: X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HG6xbQy8YN3a for ; Thu, 30 Jun 2022 12:27:56 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org A752681426 Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) by smtp1.osuosl.org (Postfix) with ESMTPS id A752681426 for ; Thu, 30 Jun 2022 12:27:56 +0000 (UTC) Received: by mail-pg1-x529.google.com with SMTP id s206so9346019pgs.3 for ; Thu, 30 Jun 2022 05:27:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=JxwErEE96O5+HyBu95sHkOO7OL2HnU0CgxjRV2bjqw8=; b=Rn5KRIOIgkY3DauLrb1y5fjnMAO9ZliUmBUQVMaSunf2RrLpd4roLCUMi0FhHb2NM3 Jax19XeFx8OpCvYDaZIFLw7TpYWm/3wBIW8kzGL6zKZPp1xA0o0h4XEQqq9B4Ltq5nJ4 62/TyZTPDBOL1pShUBOqE/jiJmC4Az4D6Z0vKGq7YXTWGzKNQBwcmoCnF8VBewSa0LI/ /LFt5lhdvuaIE4qKi/uwnQbVaHAOIpsZP1NQ/Bik8a8wpwQkBfs5QhuwDltIT4H047cy IiFXe6KkDaYU8azKS4gophyynOnWSJXxGPqO4idpz7wZArh0JzmWJvb2H80cnXfSx4QH zGHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=JxwErEE96O5+HyBu95sHkOO7OL2HnU0CgxjRV2bjqw8=; b=D4LOa+lD0ETT1haoVhOm9iLTFvF1xemhC+H+fTS2O9fZbB4t7Y+pWJRLLDgHSSGVWT OzQuyI3SJsjmSr/zGunkzkpcsCXGmpCwiOiJmaf9TZjkgDLDbGAvu3s5sXspG9eTGTSX DTp6gPn+wrzY0Szj8t4U1eSa9obkesRcEMZY70KbjrEjLyPGARUiioyVwZi4bqLZtArZ laY6lZw+ACefJUhQvcvJC+qAnd0YG296m0f+ZL3HuBOg90DU8LKbOqq5ataZDWNoJJpt rhnQSQDa6vKwr9x6ZEzphRbvToYRmUEXJ3zPq9X0Y4S11dvD08PPliA3gO1aNm4s4Eiv mxTQ== X-Gm-Message-State: AJIora/yjrQax7MRqMCmPtxo8jmqYRkReilqtcd/O6RmpuKpB2+cTgVD hDKJvyKTd9GFoARlHlgftveA/0Doo7JTuUrcuo3tQSuLG/Q= X-Google-Smtp-Source: AGRyM1unR0CZXrqudeqbpDn6DWhFY1JYSElB2VWuqM0XzH/dKPe3OHGJZOkB1qcQN9L+7l9H7zEjXsgwZQ2WvoN+s/s= X-Received: by 2002:a05:6a00:1a0c:b0:523:1a23:957f with SMTP id g12-20020a056a001a0c00b005231a23957fmr15576551pfv.45.1656592075894; Thu, 30 Jun 2022 05:27:55 -0700 (PDT) MIME-Version: 1.0 From: abdelhamid bakhta Date: Thu, 30 Jun 2022 14:27:44 +0200 Message-ID: To: bitcoin-dev@lists.linuxfoundation.org Content-Type: multipart/alternative; boundary="00000000000038b23605e2a9663e" X-Mailman-Approved-At: Thu, 30 Jun 2022 13:54:42 +0000 Subject: [bitcoin-dev] RGB / Mimblewhimble: modularity of underlying ZK schemes X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2022 12:27:57 -0000 --00000000000038b23605e2a9663e Content-Type: text/plain; charset="UTF-8" Hi, I am wondering if there is some documentation about the modularity of the underlying ZK schemes used to bring privacy on RGB. Specifically, seeing that it currently uses Bulletproofs that are not Quantum Resistant, I am wondering how hard it would be to switch to a Quantum resistant alternative. Generally speaking, what is the design rationale for cryptographic primitives used in the Bitcoin ecosystem? What do people think about using ZK-Starks for some use cases like this? Has anyone started to experiment something on that front ? I am not sure about the most important criteria for RGB use cases between: - proving time - verification time - size of proofs - quantum resistance - communication complexity I am very curious about the particular choice of Bulletproofs in this context and cannot find any useful information about it. Thanks for your help. --00000000000038b23605e2a9663e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,
I am wondering if there is some documentation abou= t the modularity of the underlying ZK schemes used to bring privacy on RGB.= Specifically, seeing that it currently uses Bulletproofs that are not Quan= tum Resistant, I am wondering how hard it would be to switch to a Quantum r= esistant alternative. Generally speaking, what is the design rationale for = cryptographic primitives used in the Bitcoin ecosystem?
What do p= eople think about using ZK-Starks for some use cases like this? Has anyone = started to experiment something on that front=C2=A0?
I am not sur= e about the most important criteria for RGB use cases between:
- proving= time
- verification time
- size of proofs
- = quantum resistance=C2=A0
- communication complexity
I am very = curious about the particular choice of Bulletproofs in this context and can= not find any useful information about it.

Thanks f= or your help.
--00000000000038b23605e2a9663e--