Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EIP4844: Update cryptography API and Fiat-Shamir logic #3038
EIP4844: Update cryptography API and Fiat-Shamir logic #3038
Changes from 1 commit
429e597
22a4dcd
b5959a1
642f138
ff528a2
91476fe
090dc7e
30d19a3
0eb82cf
7631c18
fe7af4b
46b6b24
889deff
83ca385
cbc170b
89d4ae0
b9dfdaf
033567b
e81d54c
463948e
a33a423
31ad8a5
0174521
dfcf33c
d98c103
80d4d09
c8b8b53
5354a96
0e2e477
db619e2
cb46b11
af48987
1c9a8db
186a2eb
c130995
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small nit:
h + DOMAIN_SEPARATOR_EVAL_PROTOCOL
is more natural thanDOMAIN_SEPARATOR_EVAL_PROTOCOL + h
because the previous transcript stateh
may already be saved in the hash buffer and so starting a new protocol would just mean we appendDOMAIN_SEPARATOR_EVAL_PROTOCOL
to the bufferThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it should be the other way around:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Switching h to be appended first instead of second, should not change random oracle collisions I think, unless the hash function is bad.
Instead of thinking of putting it at the beginning of the hash function, I'm thinking of putting it at the beginning of the sub protocol. Ie each new protocol if given a unique domain separator will effectively have a "different" hash function or RO
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do not believe that what you suggest functions as a domain separator. If your hashed string is
"DOMAIN_SEPARATOR_PROTOCOL1" + TRANSCRIPT_PROTOCOL1 + "DOMAIN_SEPARATOR_PROTOCOL2" + TRANSCRIPT_PROTOCOL2
,then what guarantees you that
"DOMAIN_SEPARATOR_PROTOCOL2"
does not appear somewhere inTRANSCRIPT_PROTOCOL1
?