I noticed in the presentation slides for the presentation delivered the next day (ZCash: Recent advances in privacy), one of the slides mentions they may use the MiMC or Friday primitives for more efficient hashing. In the same presentation it was mentioned that STARKs are currently 2 orders of magnitude too big for use in ZCash. Does anyone know if this would mean that in doing this in a future release, it would open the door to using STARKs for proving by reducing the proof size enough to be usable?
This is amazing research and deserves many more upvotes on this forum.
To clarify what this is: it is a hash function whose definition can be expressed as an extremely compact arithmetic formula, which means that proving its correct execution inside of a STARK can be done very efficiently. This greatly improves our chances of being able to use STARKs for (i) signature aggregation, particularly of quantum-resistant signatures, (ii) Merkle branches and witness compression. (ii) in particular means that the bandwidth requirements of a "stateless client" (see here) could go down by a factor of 5-10.
Once someone opens EIPs for these new primatives (the Starkware guys have said they will), how can we as a community best help to increase their visibility and priority? (Short of implementing them ourselves in all the different clients. :)
https://github.com/ethereum/EIPs/issues/152 has been open for a couple of years, and https://github.com/ethereum/EIPs/pull/1108 seems not to have made the cut for Constantinople (despite being primarily a testing effort), so it sometimes feels like foundational crypto functionality struggles to get the attention and traction that it merits, but I don't understand the EIP process well enough to know how best to lend my voice to their cause.
STARKs are 100x bigger than bulletproofs space-wise. However, bulletproofs take O(N) computational time to verify, making them impractical for succinct computation verification, whereas STARKs are ~O(log^2(N)).
谢谢 for schooling us Vitalik!
This sub definitely needs more important tech developments in vogue. As you can see the fluffier pieces get more traction.
With all these subscribers, we could be educating the next gen of devs starting right here.
Maybe Ethereum Foundation can discuss helping steer the direction and energy back to more deep tech focus. I will do my best to post more substance like this.