Struct ark_bls12_377::g1::Config

source · 
pub struct Config;

Trait Implementations§

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more

COFACTOR = (x - 1)^2 / 3 = 30631250834960419227450344600217059328

COFACTOR_INV = COFACTOR^{-1} mod r = 5285428838741532253824584287042945485047145357130994810877

Base field that the curve is defined over.
Finite prime field corresponding to an appropriate prime-order subgroup of the curve group.
Returns the “default value” for a type. Read more

COEFF_A = 228097355113300204138531148905234651262148041026195375645000724271212049151994375092458297304264351187709081232384

COEFF_B = 10189023633222963290707194929886294091415157242906428298294512798502806398782149227503530278436336312243746741931

Model parameters for the Twisted Edwards curve that is birationally equivalent to this curve.
This method tests for self and other values to be equal, and is used by ==.
This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

COEFF_A = 0

COEFF_B = 1

AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)

Helper method for computing elem * Self::COEFF_A. Read more
Performs cofactor clearing. The default method is simply to multiply by the cofactor. Some curves can implement a more efficient algorithm.
Helper method for computing elem + Self::COEFF_B. Read more
Check if the provided curve point is in the prime-order subgroup. Read more
Default implementation of group multiplication for projective coordinates
Default implementation of group multiplication for affine coordinates.
Default implementation for multi scalar multiplication
If uncompressed, serializes both x and y coordinates as well as a bit for whether it is infinity. If compressed, serializes x coordinate with two bits to encode whether y is positive, negative, or infinity.
If validate is Yes, calls check() to make sure the element is valid.

Bls12_377::G1 also has a twisted Edwards form. It can be obtained via the following script, implementing

  1. SW -> Montgomery -> TE1 transformation: https://en.wikipedia.org/wiki/Montgomery_curve
  2. TE1 -> TE2 normalization (enforcing a = -1)
# modulus
p = 0x1ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001
Fp = Zmod(p)

#####################################################
# Weierstrass curve: y² = x³ + A * x + B
#####################################################
# curve y^2 = x^3 + 1
WA = Fp(0)
WB = Fp(1)

#####################################################
# Montgomery curve: By² = x³ + A * x² + x
#####################################################
# root for x^3 + 1 = 0
alpha = -1
# s = 1 / (sqrt(3alpha^2 + a))
s = 1/(Fp(3).sqrt())

# MA = 3 * alpha * s
MA = Fp(228097355113300204138531148905234651262148041026195375645000724271212049151994375092458297304264351187709081232384)
# MB = s
MB = Fp(10189023633222963290707194929886294091415157242906428298294512798502806398782149227503530278436336312243746741931)

# #####################################################
# # Twisted Edwards curve 1: a * x² + y² = 1 + d * x² * y²
# #####################################################
# We first convert to TE form obtaining a curve with a != -1, and then
# apply a transformation to obtain a TE curve with a = -1.
# a = (MA+2)/MB
TE1a = Fp(61134141799337779744243169579317764548490943457438569789767076791016838392692895365021181670618017873462480451583)
# b = (MA-2)/MB
TE1d = Fp(197530284213631314266409564115575768987902569297476090750117185875703629955647927409947706468955342250977841006588)

# #####################################################
# # Twisted Edwards curve 2: a * x² + y² = 1 + d * x² * y²
# #####################################################
# a = -1
TE2a = Fp(-1)
# b = -TE1d/TE1a
TE2d = Fp(122268283598675559488486339158635529096981886914877139579534153582033676785385790730042363341236035746924960903179)

COEFF_A = -1

COEFF_D = 122268283598675559488486339158635529096981886914877139579534153582033676785385790730042363341236035746924960903179 mod q

AFFINE_GENERATOR_COEFFS = (GENERATOR_X, GENERATOR_Y)

Multiplication by a is multiply by -1.

Model parameters for the Montgomery curve that is birationally equivalent to this curve.
Checks that the current point is in the prime order subgroup given the point on the curve.
Performs cofactor clearing. The default method is simply to multiply by the cofactor. For some curve families though, it is sufficient to multiply by a smaller scalar.
Default implementation of group multiplication for projective coordinates
Default implementation of group multiplication for affine coordinates
Default implementation for multi scalar multiplication
If uncompressed, serializes both x and y coordinates. If compressed, serializes y coordinate with a bit to encode whether x is positive.
If validate is Yes, calls check() to make sure the element is valid. Read more

Auto Trait Implementations§

Blanket Implementations§

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more
Checks if this value is equivalent to the given key. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Should always be Self
The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.