Precompile for Elliptic Curve Linear Combinations
I have removed redundant content posted here.
Q4. Accepting points in compressed form adds extra overhead to every call, but allows caller to work with compressed coordinates. Is it worth it?
Q5. Cleverness allows you to use this precompile for modular square root. Is it possible to extract a modular inversion?
Q6. While a transaction has no assumption of privacy, this could be an issue when used in
eth_call. A constant time implementation also allows more code-reuse with applications that require more side-channel protection such as wallets. Should we implement constant time algorithms?
Q8. Is it worth exploring some hash to a curve point function or a generic pairing function?
- List of elliptic curve parameters.
- Database of optimal addition formulas.
- Mater Inc. Rust Finite Field implementation.
- And Elliptic Curve.
- Parity Finite Field Implementation.
- Standards for Efficient Cryptography 1 (SEC 1).
- Weierstrudel implementation of BN254.