ZKP Pasta Curves

Mina book[https://o1-labs.github.io/proof-systems/specs/pasta.html?highlight=pasta#pasta-curves]学习笔记

Pasta Curves

Pasta Curves is a fascinating innovation in cryptography designed by Zcash.

What are the Pasta Curves

The Pasta Curves are a pair of elliptic curves named Pallas and Vesta, specifically designed for use in the Halo 2 proof system, a core component of Zcash’s privacy features. These curves are named after the asteroids Pallas and Vesta, both discovered by German astronomer Heinrich Olbers.

ZKP Pasta Curves_第1张图片

ZKP Pasta Curves_第2张图片

What makes them special

The Pasta Curves have a unique property: the order of one curve (the number of points on the curve) is exactly the field size of the other. This means that Vesta’s field size is the order of Pallas, and vice versa. This seemingly simple design choice has significant implications for efficiency and security in cryptographic applications.

Benefits of the Pasta Curves

Improved efficiency: The special relationship between the curves allows for faster and more compact proofs in Halo 2, leading to smaller transaction sizes and improved scalability for Zcash.
Enhanced security: The unique structure of the curves makes them resistant to certain types of attacks, further strengthening the security of Zcash transactions.

  • Flexibility: The Pasta Curves can be used in various cryptographic constructions beyond Halo 2, potentially finding applications in other privacy-preserving technologies.
    Beyond the technical details:

  • The Pasta Curves’ name reflects the playful and collaborative spirit of the Zcash community. The choice of pasta-inspired names adds a touch of whimsy to a complex technical topic, highlighting the human element behind cryptographic research.

Some Technical Details

In this section, F p F_p Fp refers to the base field of Pallas, and the scalar field of Vesta; F q F_q Fq refers to the base field of Vesta, and the scalar field of Pallas. Note that ∣ F q ∣ > ∣ F p ∣ \vert F_q \vert > \vert F_p \vert Fq>Fp.

Pallas

curve equation: y 2 = x 3 + 5 y^2 = x^3 + 5 y2=x3+5
base field: 28948022309329048855892746252171976963363056481941560715954676764349967630337
scalar field: 28948022309329048855892746252171976963363056481941647379679742748393362948097
mina generator: (1,12418654782883325593414442427049395787963493412651469444558597405572177144507)
arkworks generator: (−1,2)
endo:

endo_q = 2D33357CB532458ED3552A23A8554E5005270D29D19FC7D27B7FD22F0201B547
endo_r = 397E65A7D7C1AD71AEE24B27E308F0A61259527EC1D4752E619D1840AF55F1B1

Vesta

curve equation: y 2 = x 3 + 5 y^2 = x^3 + 5 y2=x3+5

base field: 28948022309329048855892746252171976963363056481941647379679742748393362948097

scalar field: 28948022309329048855892746252171976963363056481941560715954676764349967630337

mina generator: (1,11426906929455361843568202299992114520848200991084027513389447476559454104162)

arkworks generator: (−1,2)

endo:

endo_q = 06819A58283E528E511DB4D81CF70F5A0FED467D47C033AF2AA9D2E050AA0E4F
endo_r = 12CCCA834ACDBA712CAAD5DC57AAB1B01D1F8BD237AD31491DAD5EBDFDFE4AB9

Conclusion

In conclusion, the Pasta Curves are a significant advancement in cryptography, offering improved efficiency, security, and flexibility for privacy-preserving technologies like Zcash. Their unique design and playful naming serve as a testament to the ingenuity and innovation within the Zcash community.

你可能感兴趣的:(零知识证明,零知识证明,笔记)