cryptography

TIL; RNS
How long have y'all known?
I didn't know you could just do this. 😀

I'll try applying this to my simple ZK addition circuit and eliminate gates doing "the carry".

😄

https://youtu.be/NpAJLWEnSmM

TIL; Instead of monotonic nonces, I can just use nonces in dynamic accumulators to prevent double-spends/replay-attacks on the M3tering protocol.

Here is the best part!! 😁
- ✨ The validity of messages will no longer depend on ordering ✨
- only requires the same constant-size state like in the monotonic nonce implementation
- message validation only requires public parameters and anyone can easily validate messages given these parameters.

.
😮‍💨
Monotonic nonces have been a pain in the butt for our usecase (in embedded systems that stream large volumes of data in near real time). Because ordering matters here, any missing message in the stream makes all subsequent massages invalid 

(ie: once you reset the nonce on device to the last valid nonce, subsequent nonces gets replayed, and the protocol is forced to drop a stream of data that would have otherwise been valid)