1. 引言
Housni等人论文《Families of SNARK-friendly 2-chains of elliptic curves》,已被欧密会2022 收录。 在该论文中指出:
- 基于BLS12-377/BW6-761 pair可改进Groth16性能。
- 基于BLS24-315/BW6-672 pair可改进基于KZG的Plonk性能。
代码实现见:
- https://github.com/yelhousni/gnark-crypto(Go语言)
在该代码库中,实现了以下曲线:
- BLS12-381 (Zcash)
- BN254 (Ethereum)
- BLS12-377 (ZEXE)
- BW6-761 (EC supporting pairing on BLS12-377 field of definition)
- BLS12-379 (alternative to BLS12-377 with higher 2-adicity)
- BW6-764 (EC supporting pairing on BLS12-379 field of definition)
- BLS24-315 (optmized for KZG-based SNARKs)
- BW6-633 (EC supporting pairing on BLS24-315 field of definition)
- BW6-672 (EC supporting pairing on BLS24-315 field of definition with conservative security)
- CP8-632 (EC supporting pairing on BLS24-315 field of definition with Cocks-Pinch family)
以上每个曲线的twistededwards文件夹都包含了配套的Twisted edwards curve。如:
- ZCash使用的BLS12-381配套的Twisted edwards curve为Jubjub
- 以太坊BN254使用的BN254配套的Twisted edwards curve为Baby-Jubjub
Twisted edwards curve有助于提升zkSNARK circuit中基于椭圆曲线运算的效率。
