I want to voice here a concern about KZG commitments, both in this implementation or the previous one for data availability. I worry that there aren’t that many members of this community that can actually vet the mathematics of it. There are plenty of blockchain devs that can take KZG as a blackbox, just as BLST signature verification for example, and vet for the validity and security of the rest of the implementation. There are plenty even that have basic classes on number theory or algebraic geometry that can easily understand KZG by itself but from there to vet for the security of it requires a specialization in cryptography.
Now some researchers from the EF that are qualified to make these statements, like Danrad Feist or Justin Drake can state “KZG are fine and can be taken as a blackbox”, but in order to vet this very statement a strong cryptography background is required.
I don’t mind taking as a blackbox elliptic curve cryptography or hashing algos like SHA256 that we currently use and that have been battle tested in production for over 30 years, ubiquitous in every system from ssh to our phones checksuming webpages. But KZG’s paper is 10 years old, with less than 100 citations (I understand that the whole theory of EC pairings has been more vetted though) and I doubt it has been battle tested not nearly as the cryptographic primitives that we currently depend on. I find quite concerning that we would have this “blackbox” in a blockchain that currently secures assets worth billions of any fiat currency.