Expand description
This crate provides an implementation of the Jubjub elliptic curve and its associated
field arithmetic. See README.md
for more details about Jubjub.
API
AffinePoint
/ExtendedPoint
which are implementations of Jubjub group arithmeticAffineNielsPoint
/ExtendedNielsPoint
which are pre-processed Jubjub pointsFq
, which is the base field of JubjubFr
, which is the scalar field of Jubjubbatch_normalize
for converting manyExtendedPoint
s intoAffinePoint
s efficiently.
Constant Time
All operations are constant time unless explicitly noted; these functions will contain “vartime” in their name and they will be documented as variable time.
This crate uses the subtle
crate to perform constant-time operations.
Structs
This is a pre-processed version of an affine point (u, v)
in the form (v + u, v - u, u * v * 2d)
. This can be added to an
ExtendedPoint
.
This represents a Jubjub point in the affine (u, v)
coordinates.
This is a pre-processed version of an extended point (U, V, Z, T1, T2)
in the form (V + U, V - U, Z, T1 * T2 * 2d)
.
This represents an extended point (U, V, Z, T1, T2)
with Z
nonzero, corresponding to the affine point
(U/Z, V/Z)
. We always have T1 * T2 = UV/Z
.
Represents an element of the scalar field $\mathbb{F}_q$ of the BLS12-381 elliptic curve construction.
Represents an element of the scalar field $\mathbb{F}_r$ of the Jubjub elliptic curve construction.
This represents a point in the prime-order subgroup of Jubjub, in extended coordinates.
Functions
This takes a mutable slice of ExtendedPoint
s and “normalizes” them using
only a single inversion for the entire batch. This normalization results in
all of the points having a Z-coordinate of one. Further, an iterator is
returned which can be used to obtain AffinePoint
s for each element in the
slice.