Optimized ecmul on secp256k1
k06a opened this issue · 1 comments
k06a commented
Recently Vitalik Buterin proposed to abuse ecrecover
to compute hashed result of ecmul
:
https://ethresear.ch/t/you-can-kinda-abuse-ecrecover-to-do-ecmul-in-secp256k1-today/2384
I had implemented his idea: https://github.com/1Address/ecsol/blob/master/contracts/EC.sol
It uses about 32K gas to call ecmulVerify
.
barryWhiteHat commented
I think this cannot be used for snark verification as you need to do pairing additons and multiplications which i don't think is possible with secp256k1