-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Further changes after making tables static #1065
Comments
I suggest we
We should get rid of the "signing"/"verification" terminology. But there's potential for bikeshedding. We could also just call it Does this sound good? As a next step, if desired, we could introduce a variant |
Concept ACK I'm not aware of the full scope of the context redesign discussions, but it seems like people find the no_precomp context useful. You mentioned the name |
…s available 55f8bc9 ecmult_gen: Improve comments about projective blinding (Tim Ruffing) 7a86955 ecmult_gen: Simplify code (no observable change) (Tim Ruffing) 4cc0b1b ecmult_gen: Skip RNG when creating blinding if no seed is available (Tim Ruffing) Pull request description: Running the RNG is pointless if no seed is available because the key will be fixed. The computation just wastes time. Previously, users could avoid this computation at least by asking for a context without signing capabilities. But since 3b0c218 we always build an ecmult_gen context, ignoring the context flags. Moreover, users could never avoid this pointless computation when asking for the creation of a signing context. This fixes one item in #1065. ACKs for top commit: sipa: ACK 55f8bc9 apoelstra: ACK 55f8bc9 Tree-SHA512: 5ccba56041f94fa8f40a8a56ce505369ff2e0ed20cd7f0bfc3fdfffa5fa7bf826a93602b9b2455a352865a9548ab4928e858c19bb5af7ec221594a3bf25c4f3d
More things to improve after #988:
secp256k1_ecmult_gen_context_build
at context creation. It currently computes fixed values which could be made static (open PR: ecmult_gen: Skip RNG when creating blinding if no seed is available #1120)--disable-shared CFLAGS="-fdata-sections -ffunction-sections -O2 -g" LDFLAGS="-Wl,--gc-sections"
)no_precomp
context are now effectively signing contexts. Theno_precomp
context is effectively a verification context., and name is misleading as no context uses dynamic precompuation now. The reason whyno_precomp
is different is that it's impossible to re-randomize it.no_precomp
context: Possibilities include: renaming it, deprecating it (its main user rust-secp256k1 won't like this), and/or promote it a full signing context, maybe with a verbose name such as "global-context-less-secure" in the spirit of what rust-secp256k1 is doing.The text was updated successfully, but these errors were encountered: