Struct StarknetCurveConfig

pub struct StarknetCurveConfig;

The Stark curve in the arkworks short Weierstrass curve representation

Trait Implementations

impl CurveConfig for StarknetCurveConfig

const COFACTOR: &'static [u64]

The cofactor of this curve, represented as a sequence of little-endian limbs.

const COFACTOR_INV: Self::ScalarField

type BaseField = Fp<MontBackend<StarknetFqConfig, 4>, 4>

Base field that the curve is defined over.

type ScalarField = Fp<MontBackend<StarknetFrConfig, 4>, 4>

Finite prime field corresponding to an appropriate prime-order subgroup of the curve group.

fn cofactor_is_one() -> bool

impl SWCurveConfig for StarknetCurveConfig

See https://docs.starkware.co/starkex/crypto/stark-curve.html for curve parameters

const COEFF_A: Self::BaseField

Coefficient a of the curve equation.

const COEFF_B: Self::BaseField

Coefficient b of the curve equation.

const GENERATOR: Affine<Self>

Generator of the prime-order subgroup.

fn mul_by_a(elem: Self::BaseField) -> Self::BaseField

Helper method for computing elem * Self::COEFF_A.

fn add_b(elem: Self::BaseField) -> Self::BaseField

Helper method for computing elem + Self::COEFF_B.

fn is_in_correct_subgroup_assuming_on_curve(item: &Affine<Self>) -> bool

Check if the provided curve point is in the prime-order subgroup.

fn clear_cofactor(item: &Affine<Self>) -> Affine<Self>

Performs cofactor clearing. The default method is simply to multiply by the cofactor. Some curves can implement a more efficient algorithm.

fn mul_projective(base: &Projective<Self>, scalar: &[u64]) -> Projective<Self>

Default implementation of group multiplication for projective coordinates

fn mul_affine(base: &Affine<Self>, scalar: &[u64]) -> Projective<Self>

Default implementation of group multiplication for affine coordinates.

fn msm( bases: &[Affine<Self>], scalars: &[Self::ScalarField], ) -> Result<Projective<Self>, usize>

Default implementation for multi scalar multiplication

fn serialize_with_mode<W>( item: &Affine<Self>, writer: W, compress: Compress, ) -> Result<(), SerializationError>

where W: Write,

If uncompressed, serializes both x and y coordinates as well as a bit for whether it is infinity. If compressed, serializes x coordinate with two bits to encode whether y is positive, negative, or infinity.

fn deserialize_with_mode<R>( reader: R, compress: Compress, validate: Validate, ) -> Result<Affine<Self>, SerializationError>

where R: Read,

If validate is Yes, calls check() to make sure the element is valid.

fn serialized_size(compress: Compress) -> usize

impl SWUConfig for StarknetCurveConfig

Defines the \zeta constant for the SWU map to curve implementation

const ZETA: Self::BaseField

An element of the base field that is not a square root see [WB2019, Section 4]. It is also convenient to have $g(b/ZETA * a)$ to be square. In general we use a ZETA with low absolute value coefficients when they are represented as integers.