This is a request for funding for a research project in compliance with Grin’s open research problems (https://grin.mw/open-research-problems).
As this is my first funding request, the project is kept narrow and focused. It is my intention, however, to contribute to Grin’s research in the long term.
The project is to address the first problem on the list, which is to further investigate BLS signatures and their suitability to Grin (see also https://github.com/mimblewimble/grin/issues/2504).
The funding sought are for €5000 and the project time frame is a single month.
After discussing with several community members, it is my understanding that the main interest in BLS signatures is for kernel aggregation (due to the (non-interactive) signature aggregation ability), while the worries are mainly about the security guarantees.
After reviewing the materials on Grin’s different platforms and talking with community members, it seems to me that the disadvantages of BLS are fairly articulated, while the potential benefits are to be further investigated.
The main objectives of the project are the following:
Put simple the security assumptions and explain the known vulnerabilities due to state-of-the-art attacks.
Initial research on how BLS could be used for kernel aggregation.
Get myself exposed to other features and research problems, like scriptless scripts and non-interactive transactions.
The last two objectives are an initial preparation for future contribution.
In more detail, my plan is the following:
Review the security of BLS and pairing-based cryptography – I have very good knowledge in the area, yet there are new assessments (due to recent attacks) about the size of the curve’s base field needed in order to obtain a desired bit security.
Review how BLS may enable kernel aggregation and hopefully proposing an initial construction – the advantage of BLS is straightforward due to the signature and public key aggregation ability; it remains to understand how such construction should look for the purposes of Grin, I had some discussion about it on keybase.
Study GandalfThePink’s “BLS signatures in Mimblewimble” proposal (https://github.com/mimblewimble/grin/issues/2504#issuecomment-467446197), which includes kernel aggregation and some sort of non-interactive transaction process – I have already started studying this proposal, yet the full construction remains unclear.
Understand the implications on scriptless scripts – I have no prior knowledge.
[optional] Addressing related issues, if raised (e.g. efficiency: since the arithmetic involved in BLS is more complicated than simple elliptic curve operations, verification is significantly less efficient than other (elliptic curve based) signature schemes).
My plan is to finalise the project in one month time.
My formal education is at the level of a PhD, which is in mathematics and specifically the mathematics of public key cryptography; this also includes post-quantum cryptography. I worked as a post doctoral researcher for a year and a half, and for over a year, until recently, I have been working as a researcher for a funded blockchain project (still in development, currently running testnet) - I am not involved with this project anymore.
I got exposed to mimblewimble about a year ago. My interest in this novel approach was immediate, but I was too busy to carefully study it. I would like to change this now.
The funding would allow me to put a focus on researching mimblewimble.