Trait halo2_proofs::arithmetic::CurveExt

[]
pub trait CurveExt: PrimeCurve<Affine = Self::AffineExt, Scalar = Self::ScalarExt> + Group + Default + ConditionallySelectable + ConstantTimeEq + From<Self::Affine> + Group<Scalar = Self::Scalar> {
    type ScalarExt: FieldExt;
    type Base: FieldExt;
    type AffineExt: CurveAffine + Mul<Self::ScalarExt>
    where
        <Self::AffineExt as CurveAffine>::CurveExt == Self,
        <Self::AffineExt as CurveAffine>::ScalarExt == Self::ScalarExt,
        <Self::AffineExt as Mul<Self::ScalarExt>>::Output == Self,
        <Self::AffineExt as Mul<Self::ScalarExt>>::Output == Self;

    const CURVE_ID: &'static str;

    fn endo(&self) -> Self;
    fn jacobian_coordinates(&self) -> (Self::Base, Self::Base, Self::Base);
    fn hash_to_curve(domain_prefix: &'a str) -> Box<dyn Fn(&[u8]) + 'a, Global>;
    fn is_on_curve(&self) -> Choice;
    fn a() -> Self::Base;
    fn b() -> Self::Base;
    fn new_jacobian(
        x: Self::Base, 
        y: Self::Base, 
        z: Self::Base
    ) -> CtOption<Self>;
}
Expand description

This trait is a common interface for dealing with elements of an elliptic curve group in a “projective” form, where that arithmetic is usually more efficient.

Requires the alloc feature flag because of hash_to_curve.

Required Associated Types

The scalar field of this elliptic curve.

The base field over which this elliptic curve is constructed.

The affine version of the curve

Required Associated Constants

CURVE_ID used for hash-to-curve.

Required Methods

Apply the curve endomorphism by multiplying the x-coordinate by an element of multiplicative order 3.

Return the Jacobian coordinates of this point.

Requests a hasher that accepts messages and returns near-uniformly distributed elements in the group, given domain prefix domain_prefix.

This method is suitable for use as a random oracle.

Example
use pasta_curves::arithmetic::CurveExt;
fn pedersen_commitment<C: CurveExt>(
    x: C::ScalarExt,
    r: C::ScalarExt,
) -> C::Affine {
    let hasher = C::hash_to_curve("z.cash:example_pedersen_commitment");
    let g = hasher(b"g");
    let h = hasher(b"h");
    (g * x + &(h * r)).to_affine()
}

Returns whether or not this element is on the curve; should always be true unless an “unchecked” API was used.

Returns the curve constant a.

Returns the curve constant b.

Obtains a point given Jacobian coordinates $X : Y : Z$, failing if the coordinates are not on the curve.

Implementations on Foreign Types

Apply the curve endomorphism by multiplying the x-coordinate by an element of multiplicative order 3.

Apply the curve endomorphism by multiplying the x-coordinate by an element of multiplicative order 3.

Implementors