Author: AdamISZ 2022-06-30 21:50:20
Published on: 2022-06-30T21:50:20+00:00
AdamISZ posted a suggested protocol for doing anti-Sybil that isn't too demanding for the users, but actually keeps a decent level of privacy. The protocol is mostly focused on a user/customer of a service/product/website, but it could be useful in e.g. anti-Sybil in things like Lightning. In order to address the question of how practical it might be to get genuinely big anonymity sets, AdamISZ did some research into sublinear ring signatures and found that Groth/Kohlweiss 2014 can give logarithmic scaled ring signatures, whose security is reducible to that of the Pedersen commitments (essentially ECDLP). The computational load matters, but it may be practical to get genuinely big anonymity sets. Through bilinear pairings crypto could give substantially more efficient constructions, but that would not work on 'bare' secp256k1, though there might be a sensible way of 'transferring' over to other curves. The original gist was migrated due to failures of github's new equation formatting feature, but comments are still on the gist or on a post linked in the update.
Updated on: 2023-06-15T21:51:52.201703+00:00