Identity Mixer: Using IBM/mathlib instead of AMCL #292
Comments
yacovm
added a commit
to yacovm/fabric-ca
that referenced
this issue
Jun 1, 2022
This commit makes Fabric-CA use Mathlib instead of AMCL. Mathlib supports several curves, and they can now be configured by setting: - 'curveID' key in the server config - 'idemixCurveID' key in the client config The possible values for curve identifiers are: 'amcl.Fp256bn', 'gurvy.Bn254', 'amcl.Fp256Miraclbn' If not specified, it fallbacks to the first one in the list More details on the rational can be found in hyperledger#292 Signed-off-by: Yacov Manevich <[email protected]>
yacovm
added a commit
to yacovm/fabric-ca
that referenced
this issue
Jun 1, 2022
This commit makes Fabric-CA use Mathlib instead of AMCL. Mathlib supports several curves, and they can now be configured by setting: - 'curveID' key in the server config - 'idemixCurveID' key in the client config It's also possible to set the curve in the fabric-ca-client via setting IDEMIX_CURVE_ID env var. The possible values for curve identifiers are: 'amcl.Fp256bn', 'gurvy.Bn254', 'amcl.Fp256Miraclbn' If not specified, it fallbacks to the first one in the list More details on the rational can be found in hyperledger#292 Signed-off-by: Yacov Manevich <[email protected]>
yacovm
added a commit
to yacovm/fabric-ca
that referenced
this issue
Jun 2, 2022
This commit makes Fabric-CA use Mathlib instead of AMCL. Mathlib supports several curves, and they can now be configured by setting: - idemix.curve' key in the server config file - 'idemix.curve' key in the client config file - --idemix.curve flag when running the fabric-ca-client binary - --idemix.curve flag when running the fabric-ca-server binary The possible values for curve identifiers are: 'amcl.Fp256bn', 'gurvy.Bn254', 'amcl.Fp256Miraclbn' If not specified, it fallbacks to amcl.Fp256bn which is what used in previous versions of fabric-ca. More details on the rational can be found in hyperledger#292 Signed-off-by: Yacov Manevich <[email protected]>
yacovm
added a commit
to yacovm/fabric-ca
that referenced
this issue
Jun 2, 2022
This commit makes Fabric-CA use Mathlib instead of AMCL. Mathlib supports several curves, and they can now be configured by setting: - idemix.curve' key in the server config file - 'idemix.curve' key in the client config file - --idemix.curve flag when running the fabric-ca-client binary - --idemix.curve flag when running the fabric-ca-server binary The possible values for curve identifiers are: 'amcl.Fp256bn', 'gurvy.Bn254', 'amcl.Fp256Miraclbn' If not specified, it fallbacks to amcl.Fp256bn which is what used in previous versions of fabric-ca. More details on the rational can be found in hyperledger#292 Signed-off-by: Yacov Manevich <[email protected]>
yacovm
added a commit
to yacovm/fabric-ca
that referenced
this issue
Jun 2, 2022
This commit makes Fabric-CA use Mathlib instead of AMCL. Mathlib supports several curves, and they can now be configured by setting: - idemix.curve' key in the server config file - 'idemix.curve' key in the client config file - --idemix.curve flag when running the fabric-ca-client binary - --idemix.curve flag when running the fabric-ca-server binary The possible values for curve identifiers are: 'amcl.Fp256bn', 'gurvy.Bn254', 'amcl.Fp256Miraclbn' If not specified, it fallbacks to amcl.Fp256bn which is what used in previous versions of fabric-ca. More details on the rational can be found in hyperledger#292 Signed-off-by: Yacov Manevich <[email protected]>
denyeart
pushed a commit
that referenced
this issue
Jun 2, 2022
This commit makes Fabric-CA use Mathlib instead of AMCL. Mathlib supports several curves, and they can now be configured by setting: - idemix.curve' key in the server config file - 'idemix.curve' key in the client config file - --idemix.curve flag when running the fabric-ca-client binary - --idemix.curve flag when running the fabric-ca-server binary The possible values for curve identifiers are: 'amcl.Fp256bn', 'gurvy.Bn254', 'amcl.Fp256Miraclbn' If not specified, it fallbacks to amcl.Fp256bn which is what used in previous versions of fabric-ca. More details on the rational can be found in #292 Signed-off-by: Yacov Manevich <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the Identity Mixer (hereafter "idemix") implementation in fabric-CA uses an implementation from an old incarnation of Fabric.
Nowadays, Fabric doesn't contain an implementation of idemix and instead, it imports the official IBM implementation.
There are several problems with the current state of affairs:
Fabric-CA is the main tool for issuance of idemix credentials, and it currently restricts consumers of it to a specific elliptic curve and finite field package, while idemix itself can support a wider variety of credentials (for other elliptic curve and finite field packages).
What I propose is to refactor Fabric-CA such that it will use Mathlib, in alignment to the Fabric idemix implementation.
Then, Fabric-CA could issue every idemix credential that the Fabric version of idemix can consume.
Another advantage of doing this, is that the aforementioned elliptic curve implementation of gnark-crypto is much faster than the current implementation used by Fabric-CA, and consumers of idemix could get a performance boost by using a different elliptic curve implementation.
I propose to add to the idemix configuration of the Fabric-CA server (and similarly in the client) the following key which will toggle between the available curve and finite field packages.
The default curve, as mentioned above, will remain what Fabric-CA uses today, for backward compatibility.
The text was updated successfully, but these errors were encountered: