halo2curves_axiom/secq256k1/
curve.rs

1use crate::ff::WithSmallOrderMulGroup;
2use crate::ff::{Field, PrimeField};
3use crate::group::Curve;
4use crate::group::{prime::PrimeCurveAffine, Group, GroupEncoding};
5use crate::hash_to_curve::svdw_hash_to_curve;
6use crate::secp256k1::{Fp, Fq};
7use crate::{
8    impl_add_binop_specify_output, impl_binops_additive, impl_binops_additive_specify_output,
9    impl_binops_multiplicative, impl_binops_multiplicative_mixed, impl_sub_binop_specify_output,
10    new_curve_impl,
11};
12use crate::{Coordinates, CurveAffine, CurveAffineExt, CurveExt};
13use core::cmp;
14use core::fmt::Debug;
15use core::iter::Sum;
16use core::ops::{Add, Mul, Neg, Sub};
17use rand::RngCore;
18use subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption};
19
20#[cfg(feature = "derive_serde")]
21use serde::{Deserialize, Serialize};
22
23const SECQ_GENERATOR_X: Fq = Fq::from_raw([
24    0xA24288E37702EDA6,
25    0x3134E45A097781A6,
26    0xB6B06C87A2CE32E2,
27    0x76C39F5585CB160E,
28]);
29
30const SECQ_GENERATOR_Y: Fq = Fq::from_raw([
31    0xA4120DDAD952677F,
32    0xD18983D26E8DC055,
33    0xDC2D265A8E82A7F7,
34    0x3FFC646C7B2918B5,
35]);
36
37const SECQ_A: Fq = Fq::from_raw([0, 0, 0, 0]);
38const SECQ_B: Fq = Fq::from_raw([7, 0, 0, 0]);
39
40new_curve_impl!(
41    (pub),
42    Secq256k1,
43    Secq256k1Affine,
44    true,
45    Fq,
46    Fp,
47    (SECQ_GENERATOR_X, SECQ_GENERATOR_Y),
48    SECQ_A,
49    SECQ_B,
50    "secq256k1",
51    |curve_id, domain_prefix| svdw_hash_to_curve(curve_id, domain_prefix, Secq256k1::SVDW_Z),
52);
53
54impl group::cofactor::CofactorGroup for Secq256k1 {
55    type Subgroup = Secq256k1;
56
57    fn clear_cofactor(&self) -> Self {
58        *self
59    }
60
61    fn into_subgroup(self) -> CtOption<Self::Subgroup> {
62        CtOption::new(self, 1.into())
63    }
64
65    fn is_torsion_free(&self) -> Choice {
66        1.into()
67    }
68}
69
70impl Secq256k1 {
71    const SVDW_Z: Fq = Fq::ONE;
72}
73
74#[cfg(test)]
75mod tests {
76    use crate::secq256k1::Fq;
77    use crate::CurveExt;
78    use ff::WithSmallOrderMulGroup;
79
80    use super::Secq256k1;
81
82    #[test]
83    fn test_hash_to_curve() {
84        crate::tests::curve::hash_to_curve_test::<Secq256k1>();
85    }
86
87    #[test]
88    fn test_curve() {
89        crate::tests::curve::curve_tests::<Secq256k1>();
90    }
91
92    #[test]
93    fn test_endo_consistency() {
94        let g = Secq256k1::generator();
95        assert_eq!(g * Fq::ZETA, g.endo());
96    }
97
98    #[test]
99    fn test_serialization() {
100        crate::tests::curve::random_serialization_test::<Secq256k1>();
101        #[cfg(feature = "derive_serde")]
102        crate::tests::curve::random_serde_test::<Secq256k1>();
103    }
104}