Return base field element from commit_ivk()

Co-authored-by: Jack Grigg <jack@electriccoin.co>
2021-05-11 20:06:32 +08:00 · 2021-05-11 20:06:32 +08:00 · e0b8fd639a
parent fb08eeeb39
commit e0b8fd639a
2 changed files with 3 additions and 2 deletions
--- a/orchard_commitments.py
+++ b/orchard_commitments.py
@ -44,11 +44,11 @@ def rcm_trapdoor(rand):

 # https://zips.z.cash/protocol/nu5.pdf#concreteorchardnotecommit
 def commit_ivk(rivk: Scalar, ak: Fp, nk: Fp):
-    return Scalar(sinsemilla_short_commit(
+    return sinsemilla_short_commit(
        rivk,
        b"z.cash: Orchard-CommitIvk",
        i2lebsp(L_ORCHARD_BASE, ak.s) + i2lebsp(L_ORCHARD_BASE, nk.s)
-    ).s)
+    )

 def rivk_trapdoor(rand):
    return Scalar.random(rand)
--- a/orchard_pallas.py
+++ b/orchard_pallas.py
@ -229,6 +229,7 @@ class Point(object):
        return self.x

    def __mul__(self, s):
+        assert isinstance(s, Scalar)
        s = format(s.s, '0256b')
        ret = self.ZERO
        for c in s: