Module sapling_crypto::jubjub
[−]
[src]
Jubjub is an elliptic curve defined over the BLS12-381 scalar field, Fr.
It is a Montgomery curve that takes the form y^2 = x^3 + Ax^2 + x where
A = 40962. This is the smallest integer choice of A such that:
(A - 2) / 4is a small integer (10240).A^2 - 4is quadratic residue.- The group order of the curve and its quadratic twist has a large prime factor.
Jubjub has s = 0x0e7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7
as the prime subgroup order, with cofactor 8. (The twist has cofactor 4.)
This curve is birationally equivalent to a twisted Edwards curve of the
form -x^2 + y^2 = 1 + dx^2y^2 with d = -(10240/10241). In fact, this equivalence
forms a group isomorphism, so points can be freely converted between the Montgomery
and twisted Edwards forms.
Modules
| edwards | |
| montgomery |
Structs
| Fs |
This is an element of the scalar field of the Jubjub curve. |
| FsRepr |
This is the underlying representation of an element of |
| JubjubParams |
These are the pre-computed parameters of the Jubjub curve. |
Enums
| PrimeOrder | |
| Unknown |