decaf377/ark_curve/
constants.rs

1use once_cell::sync::Lazy;
2
3use crate::{Fq, Fr};
4use ark_ff::{self, BigInteger256, Field};
5
6use ark_ed_on_bls12_377::{Fq as ArkFq, Fr as ArkFr};
7
8pub static ONE: Lazy<Fq> = Lazy::new(|| Fq::ONE);
9pub static TWO: Lazy<Fq> = Lazy::new(|| Fq::ONE + Fq::ONE);
10
11pub(crate) fn from_ark_fq(x: ArkFq) -> Fq {
12    BigInteger256::from(x).into()
13}
14
15fn from_ark_fr(x: ArkFr) -> Fr {
16    BigInteger256::from(x).into()
17}
18
19// Zeta is called QNR in the sage specification.
20pub const ZETA: Fq = Fq::from_montgomery_limbs([
21    5947794125541564500,
22    11292571455564096885,
23    11814268415718120036,
24    155746270000486182,
25]);
26
27// Constants used for square root computation //
28
29// N is the 2-adicity
30pub static N: u32 = 47;
31
32// M is `(p - 1) / 2^N` = 60001509534603559531609739528203892656505753216962260608619555
33pub static M: Lazy<BigInteger256> = Lazy::new(|| {
34    let elem: ArkFq =
35        ark_ff::MontFp!("60001509534603559531609739528203892656505753216962260608619555");
36    elem.into()
37});
38
39// (M-1)/2 = 30000754767301779765804869764101946328252876608481130304309777
40pub static M_MINUS_ONE_DIV_TWO: Lazy<BigInteger256> = Lazy::new(|| {
41    let elem: ArkFq =
42        ark_ff::MontFp!("30000754767301779765804869764101946328252876608481130304309777");
43    elem.into()
44});
45
46// ZETA**((1-M)/2) = 6762755396584113496485389421189479608933826763106393667349575256979972066439
47pub static ZETA_TO_ONE_MINUS_M_DIV_TWO: Lazy<Fq> = Lazy::new(|| {
48    from_ark_fq(ark_ff::MontFp!(
49        "6762755396584113496485389421189479608933826763106393667349575256979972066439"
50    ))
51});
52
53// G = ZETA^M
54// = 4732611889701835744065511820927274956354524915951001256593514693060564426294
55pub static G: Lazy<Fq> = Lazy::new(|| ZETA.pow(*M));
56
57// Choice of W in the square root algorithm.
58pub static SQRT_W: u32 = 8;
59
60// Canonical basepoint projective coordinates
61pub const B_X: Fq = Fq::from_montgomery_limbs([
62    5825153684096051627,
63    16988948339439369204,
64    186539475124256708,
65    1230075515893193738,
66]);
67pub const B_Y: Fq = Fq::from_montgomery_limbs([
68    9786171649960077610,
69    13527783345193426398,
70    10983305067350511165,
71    1251302644532346138,
72]);
73pub const B_T: Fq = Fq::from_montgomery_limbs([
74    7466800842436274004,
75    14314110021432015475,
76    14108125795146788134,
77    1305086759679105397,
78]);
79pub const B_Z: Fq = Fq::ONE;
80
81// Canonical basepoint affine coordinates
82pub const GENERATOR_X: Fq = Fq::from_montgomery_limbs([
83    5825153684096051627,
84    16988948339439369204,
85    186539475124256708,
86    1230075515893193738,
87]);
88pub const GENERATOR_Y: Fq = Fq::from_montgomery_limbs([
89    9786171649960077610,
90    13527783345193426398,
91    10983305067350511165,
92    1251302644532346138,
93]);
94
95// Modulus of basefield
96pub static R: Lazy<Fr> = Lazy::new(|| {
97    from_ark_fr(ark_ff::MontFp!(
98        "2111115437357092606062206234695386632838870926408408195193685246394721360383"
99    ))
100});
decaf377/ark_curve/constants.rs

decaf377/ark_curve/
constants.rs
