Implement the remaining cryptographic protocols for Hyphae

We'll need:

1. Back-Maxwell Rangeproofs (requires Borromean Ring Signatures)
2. A ZKP compiler
3. Testvectors for Ristretto (a.k.a. Decaf for curve25519)

added bridgedb-distributors component::circumvention/bridgedb parent::22775 points::21 priority::medium resolution::wontfix rust severity::normal sponsor::19-can status::closed type::enhancement labels

Replying to isis:

We'll need:

1. Back-Maxwell Rangeproofs (requires Borromean Ring Signatures)

This is in dalek-rangeproofs.

2. A ZKP compiler

hdevalence implemented a Rust DSL using macros for generating NIZK from pseudo-Camenisch-Stadler notation. I've cursorily looked at it and given suggestions/ideas as he was making it, but I'd need to take a closer look to see if it's already at the point of being useful for Hyphae's proofs.

3. Testvectors for Ristretto (a.k.a. Decaf for curve25519)

We still don't have this, but there's a very long email thread on standardising Ristretto so that we're all doing the same thing.

Trac:
Sponsor: N/A to SponsorM-must
Keywords: SponsorM deleted, N/A added
Status: new to accepted

Trac:
Status: accepted to assigned
Owner: isis to gaba

Trac:
Owner: gaba to N/A

Trac:
Sponsor: SponsorM-must to Sponsor19-can
Points: 3 to 20

Trac:
Points: 20 to 21

It will not be implemented any time soon.

Trac:
Resolution: N/A to wontfix
Status: assigned to closed

closed

changed time estimate to 168h

moved to tpo/anti-censorship/bridgedb#22776 (closed)