RFC 0163: EC Host Functions #163
Open
+294
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ggwpez
reviewed
Jan 26, 2026
|
|
||
| All host functions return `Result<Vec<u8>, ()>`, where: | ||
| - On success, the `Ok` variant contains the result encoded using the ArkScale codec as described above | ||
| - On error, the `Err` variant contains an empty unit type `()` |
Member
There was a problem hiding this comment.
Why not define an error enum? I assume there could be some error like decoding.
Member
Author
There was a problem hiding this comment.
Yeah. There are currently 3 possible error variants:
- decode
- msm args length mismatch
- multi miller loop args length mismatch
I'll add the error enum
drskalman
reviewed
Jan 28, 2026
| - **BLS12-381**: Pairing-friendly curve widely used for BLS signatures and zkSNARKs | ||
| - **Ed-on-BLS12-381-Bandersnatch**: Twisted Edwards curve for in-circuit operations within BLS12-381 zkSNARKs | ||
|
|
||
| **TODO**: Which additional curves should be included in this first iteration (e.g. Ed25519, BLS12-377, etc)? |
There was a problem hiding this comment.
Quoting @@AlistairStewart we need Pastas curves for variety of reasons in order to use Curve Tree for RingProof in order to scale ring size to O(10^6). It also open us to use a considerable amount of well implemented audited zk code from Zcash. I think @coax1d has already implemented those host call for both curves. I'm not sure where they are.
Member
Author
There was a problem hiding this comment.
They've been added to arkworks-extensions crate. I can add these to the hostcalls
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposal for a set of host functions for performing computationally intensive elliptic curve operations in Polkadot runtimes. These host functions enable efficient execution of cryptographic primitives that would otherwise be significantly expensive when executed in the runtime.
Rendered
CC @drskalman @burdges