secp256k1 feels more like a culty inside thing than anything projects adopt for actual technical reasons.

They do it because "we do blockchain stuff, and Bitcoin used it, so look we are blockchain because we have that curve somewhere in our stack".

I guess there are some special efficiency gains you can gain with koblitz curves but that's almost never the reason why it's adopted.

ćƒ•ć‚©ćƒ­ćƒ¼

tbh a fraction of me is convinced by that conspiracy theory around NSA and NIST curves

Ā· Ā· Web Ā· 1 Ā· 0 Ā· 1
yeah, if that's your threat model and you *need* to use either NIST P-curves or Koblitz curves, sure. But nowadays you just have better choices with Edwards curves and Decaf abstractions to eliminate the torsion issues
ćƒ­ć‚°ć‚¤ćƒ³ć—ć¦ä¼šč©±ć«å‚åŠ 
Fedibird

꧘怅ćŖē›®ēš„恫ä½æćˆć‚‹ć€ę—„ęœ¬ć®ę±Žē”Øćƒžć‚¹ćƒˆćƒ‰ćƒ³ć‚µćƒ¼ćƒćƒ¼ć§ć™ć€‚å®‰å®šć—ćŸåˆ©ē”Øē’°å¢ƒćØć€å¤šę•°ć®ē‹¬č‡Ŗę©Ÿčƒ½ć‚’ęä¾›ć—ć¦ć„ć¾ć™ć€‚