Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Unknown/PrimeOrder marker types inside circuit #51

Open
ebfull opened this issue Mar 10, 2018 · 2 comments
Open

Use Unknown/PrimeOrder marker types inside circuit #51

ebfull opened this issue Mar 10, 2018 · 2 comments
Labels
code improvement to librustzcash repo

Comments

@ebfull
Copy link
Collaborator

ebfull commented Mar 10, 2018

These are used outside the circuit a lot, but it seems they would be very handy inside the circuit. Then, you could have a "compress" method defined only for prime order points, never using get_x when the mapping isn't actually injective.
@daira
Copy link

daira commented Mar 18, 2018

Remember that the correctness of the Montgomery-curve addition depends on a subtle (but proven) argument about the indices of the inputs, so there would be a loophole in this typing if the premises of that argument didn't hold. I guess it could still rule out some classes of mistake.

@daira
Copy link

daira commented Feb 4, 2019
edited
Loading

I really don't like the fact that PrimeOrder doesn't mean that the point is of prime order; it only means that it's in the prime-order subgroup. I think it should be renamed to PrimeSubgroup. I will open a ticket.

@daira daira mentioned this issue Feb 4, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
code improvement to librustzcash repo
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@daira @ebfull @str4d