Expand description
This crate provides an implementation of the Jubjub elliptic curve and its associated
field arithmetic. See README.md
for more details about Jubjub.
API
AffinePoint
/ExtendedPoint
which are implementations of Jubjub group arithmeticAffineNielsPoint
/ExtendedNielsPoint
which are pre-processed Jubjub pointsFq
, which is the base field of JubjubFr
, which is the scalar field of Jubjubbatch_normalize
for converting manyExtendedPoint
s intoAffinePoint
s efficiently.
Constant Time
All operations are constant time unless explicitly noted; these functions will contain “vartime” in their name and they will be documented as variable time.
This crate uses the subtle
crate to perform constant-time operations.
Structs
- This is a pre-processed version of an affine point
(u, v)
in the form(v + u, v - u, u * v * 2d)
. This can be added to anExtendedPoint
. - This represents a Jubjub point in the affine
(u, v)
coordinates. - This is a pre-processed version of an extended point
(U, V, Z, T1, T2)
in the form(V + U, V - U, Z, T1 * T2 * 2d)
. - This represents an extended point
(U, V, Z, T1, T2)
withZ
nonzero, corresponding to the affine point(U/Z, V/Z)
. We always haveT1 * T2 = UV/Z
. - Represents an element of the scalar field $\mathbb{F}_q$ of the BLS12-381 elliptic curve construction.
- Represents an element of the scalar field $\mathbb{F}_r$ of the Jubjub elliptic curve construction.
- This represents a point in the prime-order subgroup of Jubjub, in extended coordinates.
Functions
- This takes a mutable slice of
ExtendedPoint
s and “normalizes” them using only a single inversion for the entire batch. This normalization results in all of the points having a Z-coordinate of one. Further, an iterator is returned which can be used to obtainAffinePoint
s for each element in the slice.
Type Definitions
- Represents an element of the base field $\mathbb{F}_q$ of the Jubjub elliptic curve construction.
- Represents an element of the scalar field $\mathbb{F}_r$ of the Jubjub elliptic curve construction.