Conferences inherently create environments that facilitate the spread of infectious diseases, by bringing people together from various parts of the world — many of whom will have been in recent close proximity to large numbers of people due to air travel. Given the infectivity and immune-evasion capabilities of newer COVID-19 variants, it is almost a statistical certainty that there will be COVID-positive attendees at any typical conference. Two-way masking with FFP2/N95 or better masks, that is, masking by all participants and not just by those who know they are at greater risk, is the most effective means of preventing COVID transmission and consequent risks to health. Recent variants are significantly more transmissible and able to evade immune protection from current vaccines Enhanced transmissibility, infectivity, and immune resistance of the SARS-CoV-2 omicron XBB.1.5 variant In late 2022, the SARS-CoV-2 omicron BQ.1 and XBB lineages, characterised by amino acid substitutions in the spike protein that increase viral fitness, had become predominant in the western (BQ.1) and eastern (XBB) hemispheres. The BQ.1 lineages are descendants of BA.5, whereas the XBB lineage is the recombinant of two highly diversified BA.2 lineages. [...] Experiments using lentivirus-based pseudoviruses also showed approximately 3-fold increased infectivity of XBB.1.5 compared with XBB.1. These results suggest that XBB.1.5 exhibits a remarkably strong affinity to the human ACE2 receptor, which is attributed to the S486P substitution. Moreover, neutralisation assay revealed that XBB.1.5 was robustly resistant to BA.2 breakthrough infection sera (41-fold versus B.1.1, 20-fold versus BA.2) and BA.5 breakthrough infection sera (32-fold versus B.1.1, 9.5-fold versus BA.5).

Problem: Find $p$, $q$ prime and as small as feasible such that there exists a cycle $E_p/\mathbb{F}_p$ and $E_q/\mathbb{F}_q$, and some different $E'_p/\mathbb{F}_p$ has order $r = 2^{255} - 19$ times some small cofactor $h$. If $p$ and $q$ are prime then the cycle necessarily exists. $E'_p$ does not need to have $|D| = 3$, so the problem is essentially to find prime $p \equiv 1 \pmod{6}$ and $E'_p$, $p$ as small as feasible, so that $# E'_p = hr$, and then hope that one of the possibilities for $q$ is prime. The curve cycle search requires $p \equiv 1 \pmod{6}$. The problem statement does not require $E_p$ and $E_q$ to have any other nice properties. Constructing $p$ and $E'_p$ by Cocks--Pinch or Dupont--Enge--Morain would give $p$ and $q$ about twice the size of $hr$. So it is better to construct it more directly by CM. For a CM curve $E'_p$ we have $# E'_p = hr \in \left{p + 1 \pm T_p, p + 1 \pm \frac{3V}{2} \pm \frac{T_p}{2}\right}$ for integers $T_p$ and $V$. Without loss of generality assume $T_p$ and $V$ are positive; also the cycle condition requires $T_p \equiv 1 \pmod{6}$.

Pull Requests With Rules Labeled zcashd https://github.com/zcash/zcash/pull/5912 librustzcash https://github.com/zcash/librustzcash/pull/548 orchard https://github.com/zcash/orchard/pull/323 reddsa https://github.com/ZcashFoundation/reddsa/pull/27 7.1.2 Transaction Consensus Rules [x] TCR:tx-version-too-low The transaction version number MUST be greater than or equal to 1.

Hello. I'd like to talk to you about the decision to give out cloth masks at Zcon. All of the evidence shows that N95+ masks (as defined below) are substantially more effective. It hadn't even occurred to me when arguing for mandatory mask wearing that I needed to argue specifically for N95+ masks over cloth masks, because I thought this was well known. Why is ZF spending money on customizing masks that are inadequate to keep us safe? The evidence in favour of N95+ over cloth masks Definition: an N95+ mask is a mask that filters out at least 94% of particles 0.3 microns (0.3 μm) or above. This includes FFP2 masks (the European equivalent of N95) and N99 or FFP3 masks (which provide at least 98% filtration of partices 0.3 microns or above). ―What Are the Differences between FFP3, N95, And Surgical Masks? October 2021.

We are looking at commit 4339bd5ef227f67727b61e0454d45a1718e1a33a (feature/wallet_orchard-tx_builder on str4d's fork). src$ grep --context=50 -Irni --exclude='*.Po' sapling |tee ../sapling-50-context.cpp WARNING: We missed some things because my search for sprout wasn't always case insensitive. We went through everything again, up to ==cursor==. Search case-insensitively for "Sprout" librustzcash_init_zksnark_params: no params for Orchard other librustzcash.h: probably fine

These are the accompanying notes for my ZK Study Club talks on 25th June and 2nd July 2020. The slides are here. We use the notation $E_{p \rightarrow q}$ for an elliptic curve over $\mathbb{F}_p$ with large prime-order subgroup of order $q$. For curves that form cycles, $q$ is the order of the curve (i.e. it has cofactor $1$). Proof that CM curves form cycles Consider the elliptic curve $E_{p \rightarrow q}$ with $j$‑invariant $j_p$, and complex multiplication with positive discriminant $|D|$. Let $E_q$ be another CM curve over $\mathbb{F}_q$. Assume that if $j_p = 0$ then the $j$‑invariant of $E_q$ is also $0$. The CM norm equation of $E_{p \rightarrow q}$ is $4p = |D|V^2 + T_p^2$ for integers $V$ and $T_p$. Theorem: One of the possible orders for $E_q$ is $p$.

We have some set of expressions expressed as a DAG, that we need to compute on polynomials of different basis sizes. $L_0$ is the normal Lagrange basis with $n = 2^k$ evaluations. $L_i$ is the extended Lagrange basis with $2^i \cdot n = 2^{k+i}$ evaluations. $L_1$ has $2n$, $L_2$ has $4n$, $L_3$ has $8n$. Assume we have $p$ threads. We split each evaluation domain $L_i$ into $p$ sections, each of size $2^{k+i}/p$. Example: $gate_1 + y \cdot gate_2 + y^2 \cdot gate_3 + y^3 \cdot gate4 + y^4 \cdot gate_5$

By Daira Hopwood, Sean Bowe, and Ying Tong Lai [TOC] Overview Sinsemilla is a collision-resistant hash function and commitment scheme designed to be efficient in algebraic circuit models that support lookups, such as PLONK or Halo 2. The security properties of Sinsemilla are similar to Pedersen hashes; it is not designed to be used where a random oracle, PRF, or preimage-resistant hash is required. The only claimed security property of the hash function is collision-resistance for fixed-length inputs. Sinsemilla is roughly 4 times less efficient than the algebraic hashes Rescue and Poseidon inside a circuit, but around 19 times more efficient than Rescue outside a circuit. Unlike either of these hashes, the collision resistance property of Sinsemilla can be proven based on cryptographic assumptions that have been well-established for at least 20 years. Sinsemilla can also be used as a computationally binding and perfectly hiding commitment scheme.