--- Log opened Mon Jan 17 00:00:32 2022
03:02 -!- luke-jr [~luke-jr@user/luke-jr] has quit [Quit: ZNC - http://znc.sourceforge.net]
03:04 -!- luke-jr [~luke-jr@user/luke-jr] has joined #secp256k1
09:43 < real_or_random> hm, so now all contexts created via context_create() are implicitly signing contexts
09:43 < real_or_random> and this was a deliberate decision.
09:44 < sipa> right
09:44 < real_or_random> but that means you always need to go through the "blinding setup"
09:44 < real_or_random> even if you just want to perform verification
09:44 < sipa> how so?
09:45 < real_or_random> https://github.com/bitcoin-core/secp256k1/blob/master/src/secp256k1.c#L101
09:45 < sipa> Ah, the setup, yes, but not necessarily actually call context_randomize()
09:45 < real_or_random> indeed
09:45 < real_or_random> so I think we should make the initial blinding setup also static
09:45 < real_or_random> at the moment it just computed a deterministic function if I'm not mistaken 
09:46 < sipa> It should also be very fast.
09:47 < real_or_random> well it does a few rfc6979 things and an ecmult
09:47 < sipa> It shouldn't?
09:47 < sipa> It's called with seed32==NULL.
09:47 < sipa> so just a gej_set_ge, gej_neg, scalar_set_int
09:48 < real_or_random> there's no return 
09:48 < sipa> Oh.
09:48 < real_or_random> (and there's a reason for this -- I thought about this earlier, just can't remember)
09:49 < sipa> I can't remember.
09:50 < real_or_random> hm idk. but there's no reason why it couldn't be static at least
09:50 < sipa> Agree.
09:50 < sipa> Can we do that after #1058? :)
09:51 < real_or_random> yep sure
09:52 < real_or_random> are there any further changes planned in #1058? 
09:52 < sipa> Not from me.
09:53 < real_or_random> ok, I hope I can have a look soon... 
09:53 < sipa> There isn't a nice .md file like there is for safegcd, but there is a long description in the source code itself (which could be turned into an explainer later, I guess).
09:54 < real_or_random> yeah and the paper is easy to read, I think ^^
09:55 < real_or_random> than the safegcd paper
09:56 < real_or_random> *easier. just because the algorithm is much simpler
09:56 < sipa> "The paper" is really just one paragraph in a paper.
09:56 < sipa> Though we have a bunch of optimizations beyond what the paper describes.
09:56 < real_or_random> yep I know. ^^
10:13 < real_or_random> to track this: https://github.com/bitcoin-core/secp256k1/issues/1065
10:15 < sipa> great
10:48 -!- t-bast [~t-bast@user/t-bast] has joined #secp256k1
11:33 -!- yakshaver123 is now known as yakshaver
12:10 -!- t-bast [~t-bast@user/t-bast] has quit [Quit: Leaving]
19:42 -!- halosghost1 [~halosghos@user/halosghost] has joined #secp256k1
19:44 -!- halosghost [~halosghos@user/halosghost] has quit [Ping timeout: 250 seconds]
21:04 -!- halosghost1 is now known as halosghost
22:30 -!- elsirion_ [~quassel@gateway/tor-sasl/elsirion] has joined #secp256k1
22:30 -!- elsirion [~quassel@gateway/tor-sasl/elsirion] has quit [Ping timeout: 276 seconds]
--- Log closed Tue Jan 18 00:00:33 2022