implement arkworks-independent projective arithmetic ops

penumbra-zone · Jan 26, 2024 · 1f5ff9d · 1f5ff9d
1 parent c8157b6
commit 1f5ff9d
Show file tree

Hide file tree

Showing 4 changed files with 179 additions and 11 deletions.
diff --git a/src/smol_curve/element.rs b/src/smol_curve/element.rs
@@ -1,7 +1,7 @@
-use core::ops::{Add, Mul, Neg};
-use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};
+use core::ops::{Add, Neg};
+use subtle::{Choice, ConditionallySelectable};
 
-use crate::{Fq, Fr};
+use crate::Fq;
 
 /// COEFF_A = -1
 const COEFF_A: Fq = Fq::from_montgomery_limbs_64([
@@ -191,14 +191,6 @@ impl Add for Element {
     }
 }
 
-impl Mul<Fr> for Element {
-    type Output = Self;
-
-    fn mul(self, rhs: Fr) -> Self::Output {
-        Self::scalar_mul_vartime(self, &rhs.to_le_limbs())
-    }
-}
-
 impl Neg for Element {
     type Output = Self;
 
@@ -221,6 +213,8 @@ impl PartialEq for Element {
 mod test {
     use super::*;
 
+    use crate::Fr;
+
     #[test]
     fn test_basic_equalities() {
         assert_eq!(Element::GENERATOR, Element::GENERATOR);
@@ -258,6 +252,12 @@ mod test {
             Element::IDENTITY
         );
     }
+
+    #[test]
+    fn test_g_minus_g() {
+        let generator = Element::GENERATOR;
+        assert_eq!(generator - generator, Element::IDENTITY);
+    }
 }
 
 #[cfg(all(test, feature = "arkworks"))]
@@ -266,6 +266,8 @@ mod proptests {
     use ark_ff::{BigInt, PrimeField};
     use proptest::prelude::*;
 
+    use crate::Fr;
+
     prop_compose! {
         // Technically this might overflow, but we won't miss any values,
         // just return 0 if you overflow when consuming.

diff --git a/src/smol_curve/mod.rs b/src/smol_curve/mod.rs
@@ -1 +1,2 @@
 pub mod element;
+mod ops;
diff --git a/src/smol_curve/ops.rs b/src/smol_curve/ops.rs
@@ -0,0 +1,2 @@
+/// Group operations in projective coordinates.
+pub mod projective;
diff --git a/src/smol_curve/ops/projective.rs b/src/smol_curve/ops/projective.rs
@@ -0,0 +1,163 @@
+use core::ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign};
+
+use crate::{smol_curve::element::Element, Fr};
+
+// Element addition
+
+impl<'a, 'b> Add<&'b Element> for &'a Element {
+    type Output = Element;
+
+    fn add(self, other: &'b Element) -> Element {
+        self + *other
+    }
+}
+
+impl<'b> Add<&'b Element> for Element {
+    type Output = Element;
+    fn add(self, other: &'b Element) -> Element {
+        self + *other
+    }
+}
+
+impl<'a> Add<Element> for &'a Element {
+    type Output = Element;
+    fn add(self, other: Element) -> Element {
+        *self + other
+    }
+}
+
+impl<'b> AddAssign<&'b Element> for Element {
+    fn add_assign(&mut self, other: &'b Element) {
+        *self = *self + other
+    }
+}
+
+impl AddAssign<Element> for Element {
+    fn add_assign(&mut self, other: Element) {
+        *self += &other;
+    }
+}
+
+// Element subtraction
+
+impl Sub<Element> for Element {
+    type Output = Element;
+
+    fn sub(self, other: Element) -> Element {
+        self + other.neg()
+    }
+}
+
+impl<'a, 'b> Sub<&'b Element> for &'a Element {
+    type Output = Element;
+
+    fn sub(self, other: &'b Element) -> Element {
+        *self - *other
+    }
+}
+
+impl<'b> Sub<&'b Element> for Element {
+    type Output = Element;
+
+    fn sub(self, other: &'b Element) -> Element {
+        self - *other
+    }
+}
+
+impl<'a> Sub<Element> for &'a Element {
+    type Output = Element;
+
+    fn sub(self, other: Element) -> Element {
+        *self - other
+    }
+}
+
+impl<'b> SubAssign<&'b Element> for Element {
+    fn sub_assign(&mut self, other: &'b Element) {
+        *self = *self - other;
+    }
+}
+
+impl SubAssign<Element> for Element {
+    fn sub_assign(&mut self, other: Element) {
+        *self -= &other;
+    }
+}
+
+/// Scalar multiplication
+
+impl Mul<Fr> for Element {
+    type Output = Self;
+
+    fn mul(self, rhs: Fr) -> Self::Output {
+        Self::scalar_mul_vartime(self, &rhs.to_le_limbs())
+    }
+}
+
+impl<'b> MulAssign<&'b Fr> for Element {
+    fn mul_assign(&mut self, rhs: &'b Fr) {
+        *self = *self * rhs;
+    }
+}
+
+impl MulAssign<Fr> for Element {
+    fn mul_assign(&mut self, other: Fr) {
+        *self *= &other;
+    }
+}
+
+impl<'a, 'b> Mul<&'b Fr> for &'a Element {
+    type Output = Element;
+
+    fn mul(self, scalar: &'b Fr) -> Element {
+        scalar * self
+    }
+}
+
+impl<'a, 'b> Mul<&'b Element> for &'a Fr {
+    type Output = Element;
+
+    fn mul(self, point: &'b Element) -> Element {
+        point * self
+    }
+}
+
+impl<'b> Mul<&'b Fr> for Element {
+    type Output = Self;
+
+    fn mul(self, other: &'b Fr) -> Element {
+        self * *other
+    }
+}
+
+impl<'a> Mul<Fr> for &'a Element {
+    type Output = Element;
+
+    fn mul(self, other: Fr) -> Element {
+        *self * other
+    }
+}
+
+impl<'b> Mul<&'b Element> for Fr {
+    type Output = Element;
+
+    fn mul(self, other: &'b Element) -> Element {
+        other * self
+    }
+}
+
+impl<'a> Mul<Element> for &'a Fr {
+    type Output = Element;
+
+    fn mul(self, other: Element) -> Element {
+        other * *self
+    }
+}
+
+impl Mul<Element> for Fr {
+    type Output = Element;
+
+    fn mul(self, other: Element) -> Element {
+        other * self
+    }
+}