π§ Motivation
Midnight needs native, in-circuit signature verification. Schnorr over the embedded Jubjub curve (BLS12-381's embedded curve) is the cheap, SNARK-friendly option β unlike foreign-field ECDSA (#475), which is expensive and blocked on foreign-field arithmetic. It's the substrate for multisig / FROST and any in-circuit signature check.
π Details
Pure stateless module: derivePublicKey, generateKeyPair, sign(sk, msg, nonce), verifySignature(pk, msg, sig), hashToScalar (Poseidon via transientHash), isValidPublicKey. Uses ecMulGenerator / ecMul / ecAdd over the embedded Jubjub curve.
Known blocker: EmbeddedFr decode failures for some Field values in ecMul / ecMulGenerator (SDK/runtime). PoC in #521.
Roadmap: Libraries β Jubjub Schnorr Signature Verification (Priority MNF: medium).
π§ Motivation
Midnight needs native, in-circuit signature verification. Schnorr over the embedded Jubjub curve (BLS12-381's embedded curve) is the cheap, SNARK-friendly option β unlike foreign-field ECDSA (#475), which is expensive and blocked on foreign-field arithmetic. It's the substrate for multisig / FROST and any in-circuit signature check.
π Details
Pure stateless module:
derivePublicKey,generateKeyPair,sign(sk, msg, nonce),verifySignature(pk, msg, sig),hashToScalar(Poseidon viatransientHash),isValidPublicKey. UsesecMulGenerator/ecMul/ecAddover the embedded Jubjub curve.Known blocker:
EmbeddedFrdecode failures for someFieldvalues inecMul/ecMulGenerator(SDK/runtime). PoC in #521.Roadmap: Libraries β Jubjub Schnorr Signature Verification (Priority MNF: medium).