decaf377/ark_curve/
edwards.rs

1use ark_ec::{
2    twisted_edwards::{Affine, MontCurveConfig, Projective, TECurveConfig},
3    CurveConfig,
4};
5
6use crate::ark_curve::constants::{GENERATOR_X, GENERATOR_Y};
7use crate::{Fq, Fr};
8
9#[derive(Clone, Default, PartialEq, Eq)]
10pub struct Decaf377EdwardsConfig;
11
12// These types should not be exported. They are similar to `EdwardsAffine` and
13// `EdwardsProjective` from the `ark_ed_on_bls12_377` crate, except using our own
14// `Decaf377Config` that has the cofactor set to 1. Consumers of this
15// library should use the `AffinePoint` and `Element` (projective)
16// types.
17pub type EdwardsAffine = Affine<Decaf377EdwardsConfig>;
18pub type EdwardsProjective = Projective<Decaf377EdwardsConfig>;
19
20impl CurveConfig for Decaf377EdwardsConfig {
21    type BaseField = Fq;
22    type ScalarField = Fr;
23
24    const COFACTOR: &'static [u64] = &[1];
25
26    const COFACTOR_INV: Fr = Fr::ONE;
27}
28
29impl TECurveConfig for Decaf377EdwardsConfig {
30    /// COEFF_A = -1
31    const COEFF_A: Fq = Fq::from_montgomery_limbs([
32        10157024534604021774,
33        16668528035959406606,
34        5322190058819395602,
35        387181115924875961,
36    ]);
37
38    /// COEFF_D = 3021
39    const COEFF_D: Fq = Fq::from_montgomery_limbs([
40        15008245758212136496,
41        17341409599856531410,
42        648869460136961410,
43        719771289660577536,
44    ]);
45
46    const GENERATOR: EdwardsAffine = EdwardsAffine::new_unchecked(GENERATOR_X, GENERATOR_Y);
47
48    type MontCurveConfig = Decaf377EdwardsConfig;
49
50    /// Multiplication by `a` is just negation.
51    #[inline(always)]
52    fn mul_by_a(elem: Self::BaseField) -> Self::BaseField {
53        -elem
54    }
55
56    fn is_in_correct_subgroup_assuming_on_curve(_: &Affine<Self>) -> bool {
57        true
58    }
59}
60
61impl MontCurveConfig for Decaf377EdwardsConfig {
62    const COEFF_A: Fq = Fq::from_montgomery_limbs([
63        13800168384327121454,
64        6841573379969807446,
65        12529593083398462246,
66        853978956621483129,
67    ]);
68
69    const COEFF_B: Fq = Fq::from_montgomery_limbs([
70        7239382437352637935,
71        14509846070439283655,
72        5083066350480839936,
73        1265663645916442191,
74    ]);
75
76    type TECurveConfig = Decaf377EdwardsConfig;
77}