-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rework or get rid of scratch space #1302
Comments
In secp256k1-zkp the scratch space gets actual usage, and I find it has a much nicer API than malloc/free. The API lets us:
So I think it has more benefit than just replacing |
@apoelstra We've discussed this a bit IRL, and it seems to me there are just a whole lot of only vaguely-overlapping concerns:
My thinking is that the interface at least needs to be dropped from the API today, because it serves no purpose, and it seems to be guiding our thinking for future APIs. We can keep the internal logic for now - and possibly bring it back if it makes sense for a particular use case - but it's easier to discuss all of that without being pre-biased by the scratch API. |
@sipa these are all good points. concept ACK from me on removing the API from this library. |
In the case of The predictability of A downside of this approach is that adding more functions that dynamically allocate memory besides |
…es (BIP 327) 168c920 build: allow enabling the musig module in cmake (Jonas Nick) f411841 Add module "musig" that implements MuSig2 multi-signatures (BIP 327) (Jonas Nick) 0be7966 util: add constant-time is_zero_array function (Jonas Nick) c8fbdb1 group: add ge_to_bytes_ext and ge_from_bytes_ext (Jonas Nick) 85e224d group: add ge_to_bytes and ge_from_bytes (Jonas Nick) Pull request description: EDIT: based on #1518. Closes #1452. Most of the code is a copy from [libsecp256k1-zkp](https://github.com/BlockstreamResearch/secp256k1-zkp). The API added in this PR is identical with the exception of two modifications: 1. I removed the unused `scratch_space` argument from `secp256k1_musig_pubkey_agg`. This argument was intended to allow using `ecmult_multi` algorithms for key aggregation in the future. But at this point it's unclear whether the `scratch_space` object will remain in its current form (see #1302). 2. Support for adaptor signatures was removed and therefore the `adaptor` argument of `musig_nonce_process` was also removed. In contrast to the module in libsecp256k1-zkp, the module is non-experimental. I slightly cleaned up parts of the module, adjusted the code to the new definition of the VERIFY_CHECK macro and applied some simplifications that were possible because the module is now in the upstream repo (`ge_from_bytes`, `ge_to_bytes`). You can follow the changes I made to the libsecp256k1-zkp module at https://github.com/jonasnick/secp256k1-zkp/commits/musig2-upstream/. ACKs for top commit: sipa: reACK 168c920 real-or-random: reACK 168c920 theStack: re-ACK 168c920 Tree-SHA512: e3a599a8d5a466107b9a86f76582b8fb9dc87ec95416c784c3ef39d1c64686e6c739806ed6ba62c91793eb7fa418a6270cf999027ee7bd3dd85c67bc2c74f677
The scratch space has been removed from the public API in #1620. |
I didn't close this yet because we still have a scratch space in the code base that we intend to rework. |
Ok, sure, it's still in the code, just not in the public API. Nevermind. |
Our confidence in the scratch space code isn't particularly high. It reinvents bump allocation, but it had a few issues in the past. All the code that uses scratch space is currently unreachable from the public API (except that we have
secp256k1_scratch_create
andsecp256k1_scratch_destroy
themselves in the public API.A much simpler alternative is to get rid of scratch spaces and just assume the existence of
malloc
/free
and use these directly. The disadvantage of this is that it's a bit harder for platforms that don't havemalloc
.Another alternative is to rework the scratch space code. It may be possible to simply it and improve its usability.
I think our future directions on this should be guided by whatever we feel is best for our cases:
The text was updated successfully, but these errors were encountered: