Wouldn't it be easier to use Bls12-381 to get a high enough prime number to compute Ed25519?

Hi @schradeyannik , when we started building this library, the goal in mind was to create proofs for evm chains. Since most evm chains only have the pre-compiles supporting bn128, the circuits came to be in their current form. However, if a port to bls12 is required, please open an issue for the same

@schradeyannik following up on this, the main subgroup order for Bls12-381 is 73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001 in hex or 52435875175126190479447740508185965837690552500527637822603658699938581184513 in binary, which is smaller than 2^255-19. So, even using Bls12-381 won't reduce constraints in any capacity

@rahulghangas Yeah, noticed that as well after asking the question. Btw. I am building a system using two 128 bit numbers instead of 256 numbers. (Basically like you would create multi-register integers in asm)

@schradeyannik That sounds wonderful, would love to see this in action. Please do ping us if you'd like some help/want us to contribute anything