More broadly speaking, we want a bunch of CT functions in the standard library:
- addition of CT commitments (need to be careful about asset types)
- multiplication by 64-bit integers (can do up to 19 decimal digits, and can do ratios)
- equality proofs of values
- equality proofs of asset IDs
- rangeproofs
- exact value/asset proofs
- proofs that a value/asset is in a short list
Need to think a bit about how to organize these in the stdlib.
Many of these also need supporting "signer-side" code which can produce the proofs, and which would need to be constant-time etc.
Originally posted by @apoelstra in #5 (comment)
More broadly speaking, we want a bunch of CT functions in the standard library:
Need to think a bit about how to organize these in the stdlib.
Many of these also need supporting "signer-side" code which can produce the proofs, and which would need to be constant-time etc.
Originally posted by @apoelstra in #5 (comment)