Comments (8)
If we directly provide cryptographic functions we will always be responsible for the final safety.
I believe that, in a true decentralized account system, the user will be able to create its account a cryptographic function chosen according to their needs (using systems such as https://neoresearch.io/smacco/).
By allowing this, the responsibility for quantum safety moves from the Blockchain to a superior layer.
from neo-vm.
More important than Zero Knowledge are the Cryptography Techniques, which ensures the possibility of Quantum-Safety in terms of users preferences.
from neo-vm.
Is this really a viable direction? It is indeed achievable to assemble some cryptographic operations with addition, multiplication and MODPOW in smart contracts, but what is the cost? I don't think anyone will actually use this method. Perhaps a more feasible approach is to provide cryptographic functions directly in the instruction set or interop services.
from neo-vm.
Sounds like a bit of a headache for wallets to deal with signing.
from neo-vm.
@erikzhang, we current think this is the best option to keep that flow of allowing flexibility for signatures.
With this PR we plan to include, for example, Schnorr signatures in terms of Verification Scripts.
We believe this is the best way to decentralize these Cryptographic mechanisms in a way that appeals to all users.
from neo-vm.
Is this really a viable direction?
Yes, I think so. A similar strategy has been also pursued by Ethereum group since 2017, in order to allow applications to develop and support zero knowledge. But as far as I know, they were only providing operations for an specific curve... I'm not still quite sure on the costs of supporting any curve, but my initial plan was for having a public smart contract with curve parameters on storage (so they don't get re-submitted), and support only Jacobian efficient computation.
It is indeed achievable to assemble some cryptographic operations with addition, multiplication and MODPOW in smart contracts, but what is the cost?
You mean, the computational cost? Again quoting eth for the MODPOW, they had a gas price proportional the operation, so as soon as we have decided over this, we can experiment with computational costs and see what price fits best. It can be expensive, as long as it's feasible for current and similar verification scripts.
I don't think anyone will actually use this method. Perhaps a more feasible approach is to provide cryptographic functions directly in the instruction set or interop services.
I believe that providing direct hardcoded support is the spirit of BItcoin, because it's not a Turing complete network (not intended to be), but flexible chains such as Neo will find many (so many!) useful applications for this. One example, as quoted by Vitor, is Schnorr signatures, which is important to compress multisig, and other applications is zero knowledge... RSA (for MODPOW only) can support online decryption, which has some applications too. But if this is viable, nothing would disallow users from having Bitcoin security secp256k1 on Neo, for example, or to use more bits (512 perhaps?) if desired.
From user perspective and wallets, they will only use operations that are safe and tested, and these can be proposed as future NEPs, for example, different curves and computing methods such as Schnorr, without the need to change core features of Neo. Regarding interop services, I agree that this may be a better solution (less opcodes the better).
But let's think more about it, I'm still not 100% confident on deeper implementation aspects of crypto security, directly on a smart contract, compared to a native (C# for example) implementation of these techniques. I need to study exacty how different curves such as 25519 are implemented, in a compatible manner. Let's discuss more.
from neo-vm.
We can propose this as a Native contract: neo-project/neo#303
from neo-vm.
I think this kind of features should not be implemented in VM layer.
from neo-vm.
Related Issues (20)
- Shallow-copy problem for OrderedDictionary.CopyTo in case of Array & Map type HOT 6
- Add 'utf8Size' opcode HOT 4
- Script checks are incomplete
- Can I integrate this vm in to my custom projects? HOT 1
- Efficient way to pass Map type to contract method? OpCode.PACKMAP? HOT 1
- Adapt code documentation of UNPACK opcode
- ReferenceCounter can become negative HOT 18
- Is this `MEMCPY` expected to push nothing to the stack?
- ScriptBuilder should have an emitPush overload that takes a ReadOnlySpan<byte>
- How to customize an interface in interoperation service layer HOT 3
- Presssure test on v3.3.0 cause execution failed HOT 1
- v3.3.0 need more than 30 hours for syncing mainnet even it's just about 1.7million blocks HOT 2
- What is the purpose of the second assert of this test? HOT 1
- Instruction pointer reading PUSHDATA4 operand size as *signed* int32 HOT 1
- Missing push in APPEND?
- EmitPush(bool) should convert stackitem to right type
- Buffer to Integer conversion inconsistency HOT 1
- Override GetString for Buffer/ByteString ? HOT 4
- Set Operation in a Get Function HOT 2
- Add Equatable for StackItem
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from neo-vm.