Derive a note's randomness from the ephemeral shared secret. #8999
Labels
C-aztec.nr
Component: Aztec smart contract framework
C-pxe
Component: PXE (Private eXecution Envrionment)
team-fairies
Nico's team
Comments
nventuro
added
C-aztec.nr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Computing the randomness as the hash of the shared secret
S(see the new definition forShere: #8969) means the recipient doesn't need to be told what it is, so we can remove it from the logs and save DA costs.Note that the key changes don't enable this: this optimization had always been available. It also doesn't change the trust assumption re. the recipient, since they're still freely choosing a 'random' value for the
eskgeneration, even if the randomness itself is derived.While this optimization is nice in theory, it will wreak havoc a bit with our
NoteInterface, since we won't simply be able to serialize the data structure and place it in the logs: likely the logs will need to know more about how notes work in order to cooperate during log creation.The text was updated successfully, but these errors were encountered: