-
m-relay<kayabanerve:matrix.org> github.com/cypherstack/generalized-bulletproofs-code
-
m-relay<kayabanerve:matrix.org> > Overall, we find that the implementation is well written and appears suitable
-
m-relay<kayabanerve:matrix.org> for its intended purpose.
-
m-relay<kayabanerve:matrix.org> I found 6.2, 9.13 the most notable. 6.2 has the expected behavior, it just should've been documented. Monero proofs are defined of a specific size w.r.t. inputs so it wasn't at risk.
-
m-relay<kayabanerve:matrix.org> 9.8 would have been concerning if it wasn't resolved. There was a version if GBPs which failed correctness. There were two paths forward and I picked one. With hindsight, that decision was wrong and the other path was correct to the tune of ~600 bytes IIRC. Since the original version was only known to have an issue with correctness, not soundness, I reverted to the original and si<clipped message
-
m-relay<kayabanerve:matrix.org> mply accepted the reduced statement for which it's correct. I meant to follow up on that academia before the audit but this audit started without my awareness, preventing me from having the academia updated prior to audit. Instead, it was done with audit.