-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce CurveAffine
trait
#48
Open
str4d
wants to merge
1
commit into
main
Choose a base branch
from
curveaffine
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -92,16 +92,16 @@ pub trait Group: | |
fn double(&self) -> Self; | ||
} | ||
|
||
/// Efficient representation of an elliptic curve point guaranteed. | ||
pub trait Curve: | ||
Group + GroupOps<<Self as Curve>::AffineRepr> + GroupOpsOwned<<Self as Curve>::AffineRepr> | ||
{ | ||
/// Efficient representation of an elliptic curve point. | ||
pub trait Curve: Group + GroupOps<Self::Affine> + GroupOpsOwned<Self::Affine> { | ||
/// The affine representation for this elliptic curve. | ||
type AffineRepr; | ||
type Affine: CurveAffine<Curve = Self, Scalar = Self::Scalar> | ||
+ Mul<Self::Scalar, Output = Self> | ||
+ for<'r> Mul<&'r Self::Scalar, Output = Self>; | ||
|
||
/// Converts a batch of projective elements into affine elements. This function will | ||
/// panic if `p.len() != q.len()`. | ||
fn batch_normalize(p: &[Self], q: &mut [Self::AffineRepr]) { | ||
fn batch_normalize(p: &[Self], q: &mut [Self::Affine]) { | ||
assert_eq!(p.len(), q.len()); | ||
|
||
for (p, q) in p.iter().zip(q.iter_mut()) { | ||
|
@@ -110,7 +110,42 @@ pub trait Curve: | |
} | ||
|
||
/// Converts this element into its affine representation. | ||
fn to_affine(&self) -> Self::AffineRepr; | ||
fn to_affine(&self) -> Self::Affine; | ||
} | ||
|
||
/// Affine representation of an elliptic curve point. | ||
pub trait CurveAffine: | ||
GroupEncoding | ||
+ Copy | ||
+ fmt::Debug | ||
+ Eq | ||
+ Send | ||
+ Sync | ||
+ 'static | ||
+ Neg<Output = Self> | ||
+ Mul<<Self::Curve as Group>::Scalar, Output = Self::Curve> | ||
+ for<'r> Mul<&'r <Self::Curve as Group>::Scalar, Output = Self::Curve> | ||
{ | ||
/// The efficient representation for this elliptic curve. | ||
type Curve: Curve<Affine = Self, Scalar = Self::Scalar>; | ||
|
||
/// Scalars modulo the order of this group's scalar field. | ||
/// | ||
/// This associated type is temporary, and will be removed once downstream users have | ||
/// migrated to using `Curve` as the primary generic bound. | ||
type Scalar: PrimeField; | ||
|
||
/// Returns the additive identity. | ||
fn identity() -> Self; | ||
Comment on lines
+138
to
+139
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If we end up landing #42 in its current form, then we'd do the obvious thing and replace these methods with |
||
|
||
/// Returns a fixed generator of unknown exponent. | ||
fn generator() -> Self; | ||
|
||
/// Determines if this point represents the additive identity. | ||
fn is_identity(&self) -> Choice; | ||
|
||
/// Converts this affine point to its efficient representation. | ||
fn to_curve(&self) -> Self::Curve; | ||
} | ||
|
||
pub trait GroupEncoding: Sized { | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,50 +1,14 @@ | ||
use core::fmt; | ||
use core::ops::{Mul, Neg}; | ||
use ff::PrimeField; | ||
use subtle::Choice; | ||
|
||
use crate::{Curve, Group, GroupEncoding}; | ||
use crate::{Curve, CurveAffine, Group, GroupEncoding}; | ||
|
||
/// This trait represents an element of a prime-order cryptographic group. | ||
pub trait PrimeGroup: Group + GroupEncoding {} | ||
|
||
/// Efficient representation of an elliptic curve point guaranteed to be | ||
/// in the correct prime order subgroup. | ||
pub trait PrimeCurve: Curve<AffineRepr = <Self as PrimeCurve>::Affine> + PrimeGroup { | ||
type Affine: PrimeCurveAffine<Curve = Self, Scalar = Self::Scalar> | ||
+ Mul<Self::Scalar, Output = Self> | ||
+ for<'r> Mul<&'r Self::Scalar, Output = Self>; | ||
} | ||
pub trait PrimeCurve: Curve + PrimeGroup {} | ||
|
||
/// Affine representation of an elliptic curve point guaranteed to be | ||
/// in the correct prime order subgroup. | ||
pub trait PrimeCurveAffine: GroupEncoding | ||
+ Copy | ||
+ Clone | ||
+ Sized | ||
+ Send | ||
+ Sync | ||
+ fmt::Debug | ||
+ PartialEq | ||
+ Eq | ||
+ 'static | ||
+ Neg<Output = Self> | ||
+ Mul<<Self as PrimeCurveAffine>::Scalar, Output = <Self as PrimeCurveAffine>::Curve> | ||
+ for<'r> Mul<&'r <Self as PrimeCurveAffine>::Scalar, Output = <Self as PrimeCurveAffine>::Curve> | ||
{ | ||
type Scalar: PrimeField; | ||
type Curve: PrimeCurve<Affine = Self, Scalar = Self::Scalar>; | ||
|
||
/// Returns the additive identity. | ||
fn identity() -> Self; | ||
|
||
/// Returns a fixed generator of unknown exponent. | ||
fn generator() -> Self; | ||
|
||
/// Determines if this point represents the point at infinity; the | ||
/// additive identity. | ||
fn is_identity(&self) -> Choice; | ||
pub trait PrimeCurveAffine: CurveAffine {} | ||
|
||
/// Converts this element to its curve representation. | ||
fn to_curve(&self) -> Self::Curve; | ||
} | ||
impl<C: CurveAffine> PrimeCurveAffine for C where C::Curve: PrimeCurve {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I want to remove this associated type (and instead use
<Self::Curve as Group>::Scalar
, but for annoying historical type-checking reasons we used (the equivalent of)C: PrimeCurveAffine
as the main generic parameter in https://github.com/zcash/halo2. I want to change it to useC: PrimeCurve
instead (orG: PrimeGroup
where I can), but before I can do that I need to kill theCurveExt
trait (zcash/pasta_curves#41). So this associated type will stay until that is complete (though I hope to complete 41 in the same release cycle as this PR).On that note, it would be good to know if any other downstream dependencies do the same thing.