Uses Zig 0.15 and requires the LLVM backend for several components, as it is impossible to generate efficient machine code without intrinsics.
There is no particular focus of this project, just an accumulation of cool algorithms I have implemented over time.
NOTE: Is not audited nor has any proven security or correctness. Use at your own risk!
Some notable implementations:
- AVX512 (52-bit limb) Edwards25519
- EdDSA 225 (compatible with
curve25519-dalek) - Fiat-Shamir transcripts (comptime verified to be used correctly)
- Strobe implementation
- Basic finite field implementation, to-be-optimized
- Short Weierstrass
- BLS12-381
- BN-254 (has pairing checks implemented)
- ChaCha (8,20), heavily SIMD optimized for AVX512
- Pedersen Commitments
- Many sigma-protocols based off of Pedersen commitments
- Bulletproofs implementation
- Falcon-{512,1024} signature verification (no signing, yet)
- (Non-linkable) Ring signature demo, similar to Triptych construction