Trait halo2_proofs::arithmetic::CurveExt
[−]pub trait CurveExt: PrimeCurve<Affine = Self::AffineExt, Scalar = Self::ScalarExt> + Group + Default + ConditionallySelectable + ConstantTimeEq + From<Self::Affine> + Group<Scalar = Self::Scalar> {
type ScalarExt: FieldExt;
type Base: FieldExt;
type AffineExt: CurveAffine + Mul<Self::ScalarExt>
where
<Self::AffineExt as CurveAffine>::CurveExt == Self,
<Self::AffineExt as CurveAffine>::ScalarExt == Self::ScalarExt,
<Self::AffineExt as Mul<Self::ScalarExt>>::Output == Self,
<Self::AffineExt as Mul<Self::ScalarExt>>::Output == Self;
const CURVE_ID: &'static str;
fn endo(&self) -> Self;
fn jacobian_coordinates(&self) -> (Self::Base, Self::Base, Self::Base);
fn hash_to_curve(domain_prefix: &'a str) -> Box<dyn Fn(&[u8]) + 'a, Global>;
fn is_on_curve(&self) -> Choice;
fn a() -> Self::Base;
fn b() -> Self::Base;
fn new_jacobian(
x: Self::Base,
y: Self::Base,
z: Self::Base
) -> CtOption<Self>;
}
Expand description
This trait is a common interface for dealing with elements of an elliptic curve group in a “projective” form, where that arithmetic is usually more efficient.
Requires the alloc
feature flag because of hash_to_curve
.
Required Associated Types
The affine version of the curve
Required Associated Constants
Required Methods
fn endo(&self) -> Self
fn endo(&self) -> Self
Apply the curve endomorphism by multiplying the x-coordinate by an element of multiplicative order 3.
Return the Jacobian coordinates of this point.
Requests a hasher that accepts messages and returns near-uniformly
distributed elements in the group, given domain prefix domain_prefix
.
This method is suitable for use as a random oracle.
Example
use pasta_curves::arithmetic::CurveExt;
fn pedersen_commitment<C: CurveExt>(
x: C::ScalarExt,
r: C::ScalarExt,
) -> C::Affine {
let hasher = C::hash_to_curve("z.cash:example_pedersen_commitment");
let g = hasher(b"g");
let h = hasher(b"h");
(g * x + &(h * r)).to_affine()
}
fn is_on_curve(&self) -> Choice
fn is_on_curve(&self) -> Choice
Returns whether or not this element is on the curve; should always be true unless an “unchecked” API was used.
fn new_jacobian(x: Self::Base, y: Self::Base, z: Self::Base) -> CtOption<Self>
fn new_jacobian(x: Self::Base, y: Self::Base, z: Self::Base) -> CtOption<Self>
Obtains a point given Jacobian coordinates $X : Y : Z$, failing if the coordinates are not on the curve.
Implementations on Foreign Types
impl CurveExt for Eq
impl CurveExt for Eq
fn endo(&self) -> Eq
fn endo(&self) -> Eq
Apply the curve endomorphism by multiplying the x-coordinate by an element of multiplicative order 3.
type ScalarExt = Fp
type Base = Fq
type AffineExt = EqAffine
const CURVE_ID: &'static str = "vesta"
fn hash_to_curve(domain_prefix: &'a str) -> Box<dyn Fn(&[u8]) + 'a, Global>
fn a() -> <Eq as CurveExt>::Base
fn b() -> <Eq as CurveExt>::Base
fn new_jacobian(
x: <Eq as CurveExt>::Base,
y: <Eq as CurveExt>::Base,
z: <Eq as CurveExt>::Base
) -> CtOption<Eq>
fn jacobian_coordinates(&self) -> (Fq, Fq, Fq)
fn is_on_curve(&self) -> Choice
impl CurveExt for Ep
impl CurveExt for Ep
fn endo(&self) -> Ep
fn endo(&self) -> Ep
Apply the curve endomorphism by multiplying the x-coordinate by an element of multiplicative order 3.