Implementations
These are implementations which I have authored. This list is not exhaustive.
Plookup
Short description : A protocol for table lookups.
Paper : https://eprint.iacr.org/2020/315.pdf
Implementation : https://github.com/kevaundray/plookup
Discussion : Comments, corrections and suggestions were sent to the authors regarding the security proof.
Qesa
Short description : A zero knowledge protocol using the DLOG which allows for efficient quadratic constraints.
Paper : https://eprint.iacr.org/2019/944.pdf
Implementation : https://github.com/crate-crypto/qesa
Discussion : Comments, corrections and suggestions were sent to the authors regarding the prover runtime. See paper for more details.
PLONK
Short description : A zero knowledge protocol which allows for efficient evaluation of custom constraints.
Paper : https://eprint.iacr.org/2019/953.pdf
Implementation : https://github.com/dusk-network/plonk
Discussion : Comments and corrections were sent to the authors. This implementation separates the commitment scheme from the constraint system and therefore works for all homomorphic commitment schemes.
Ed448-Goldilocks with Decaf
Short description : Multiple isogenous elliptic curves with a protocol for removing the cofactor.
Papers :
- https://eprint.iacr.org/2015/625.pdf
- https://www.shiftleft.org/papers/decaf/decaf.pdf
- https://www.shiftleft.org/papers/isogeny/isogeny.pdf
- https://www.shiftleft.org/papers/fff/fff.pdf
Implementation : https://github.com/crate-crypto/Ed448-Goldilocks
Discussion : The main purpose of this codebase was to port the reference implementation from C into Rust with a clearer structure.
X448
Short description : Elliptic-Curve Diffie-Hellman. A key agreement protocol to generate a shared secret.
Paper : https://tools.ietf.org/html/rfc7748#page-7
Implementation : https://github.com/crate-crypto/x448
MLSAG - Schnorr derived ring signature
Short description : A schnorr derived ring signature scheme.
Paper : https://eprint.iacr.org/2019/654
Implementation : https://github.com/crate-crypto/MLSAG
Discussion : Comments, corrections and suggestions were sent to the authors regarding the security proof. Benchmarks were sent to the Monero community as a normative comparison to the CLSAG implementation with Ristretto.
CLSAG
Short description : A schnorr derived ring signature scheme. Using an aggregation trick, it achieves improvements over MLSAG.
Paper : https://eprint.iacr.org/2019/654
Implementation : https://github.com/crate-crypto/CLSAG
Discussion : Comments, corrections and suggestions were sent to the authors regarding the security proof. Benchmarks were sent to the Monero community suggesting that using Ristretto increases the verification time and consequently can allow one to increase the ring size of the Monero blockchain.
JubJub
Short description : A twisted edwards curve. It’s main use case is as an embedded curve in Zk-Snarks with bls12-381.
Implementation : https://github.com/crate-crypto/go-jubjub
Discussion : This is a reference implementation of the first Rust implementation.
Other
These are codebases which I have previously authored, contributed a significant amount of code to, or codebases which I have enjoyed contributed to. This list is not exhaustive.
Dusk-Blockchain
Short description : A full node implementation of the dusk protocol.
Implementation : https://github.com/dusk-network/dusk-blockchain
Although I was once the author of this project, it has changed significantly enough to be put in Other.
Discussion : This full node implementation also required the implementation of a variant of RingCT, the bulletproofs rangeproofs protocol and a wallet to interact with the full node.
Neo-Go
Short description : A full node implementation of the neo protocol.
Implementation : https://github.com/nspcc-dev/neo-go
Although I was once the author of this project, it has changed significantly enough to be put in Other.
Discussion : This was originally a reference implementation of https://github.com/decred/dcrd with significant modifications applied to account for the simpler protocol in Neo. The reference was used as, at the time, it was one of the only readable modular implementations of a full node. The current implementation may differ from my original vision, as I have not been the maintainer for a few years.
ZkVM
Implementation : https://github.com/stellar/slingshot
Short description : A zero knowledge virtual machine using bulletproofs.
Discussion : Code contributions were made, however my main contributions were to the specification.