halo2_ecc::ecc

Function scalar_multiply

Source
pub fn scalar_multiply<F: BigPrimeField, FC, C>(
    chip: &FC,
    ctx: &mut Context<F>,
    P: EcPoint<F, FC::FieldPoint>,
    scalar: Vec<AssignedValue<F>>,
    max_bits: usize,
    window_bits: usize,
) -> EcPoint<F, FC::FieldPoint>
where FC: FieldChip<F> + Selectable<F, FC::FieldPoint>, C: CurveAffineExt<Base = FC::FieldType>,
Expand description

Computes [scalar] * P on short Weierstrass curve y^2 = x^3 + b

  • scalar is represented as a reference array of AssignedValues
  • scalar = sum_i scalar_i * 2^{max_bits * i}
  • an array of length > 1 is needed when scalar exceeds the modulus of scalar field F

ยงAssumptions

  • window_bits != 0
  • The order of P is at least 2^{window_bits} (in particular, P is not the point at infinity)
  • The curve has no points of order 2.
  • scalar_i < 2^{max_bits} for all i
  • max_bits <= modulus::<F>.bits(), and equality only allowed when the order of P equals the modulus of F