Struct Affine 

pub struct Affine<P: DOCurveConfig> { /* private fields */ }

Affine coordinates for a point on an elliptic curve in double-odd form, over the base field P::BaseField.

Instead of using the (x,y)-coordinate system of the original double-odd paper (https://doubleodd.group/doubleodd.pdf), the (e,u)-coordinate system from the follow-up paper (https://doubleodd.group/doubleodd-jq.pdf) was implemented. This coordinate system allows for the new curve equation e**2 = (a-4*b)*u**4 - 2a*u**2 + 1, which is of the Jacobi quartic form, allowing for faster addition/doubling formulae. Additionally, these coordinates allow for more efficient en/decoding.

• In general: P = (e,u) = (u**2*(x - b/x),x/y)
• P and P+N are representants of the same group element.
• P+N = (-e,-u), -P = (e,-u), and -P+N = (-e,u)
• The group neutral is represented by the point at infinity O = (1,0) and N = O+N = (-1,0)

Implementations

impl<P: DOCurveConfig> Affine<P>

pub fn new(e: P::BaseField, u: P::BaseField) -> Self

pub const fn new_unchecked(e: P::BaseField, u: P::BaseField) -> Self

pub const fn identity() -> Self

Returns one of the representants for the identity, namely the point-at-infinity (1,0).

The other representant N=(-1,0) of the identity could also be returned, but the implementation of formulas only requires one representant.

pub fn get_point_from_u_unchecked( u: P::BaseField, greatest: bool, ) -> Option<Self>

pub fn get_e_from_u(u: P::BaseField) -> Option<P::BaseField>

pub fn get_es_from_u_unchecked( u: P::BaseField, ) -> Option<(P::BaseField, P::BaseField)>

pub fn is_on_curve(&self) -> bool

Checks if self is a valid point on the curve, using the curve equation e**2 = (a-4*b)*u**4 - 2a*u**2 + 1

Trait Implementations

impl<'a, P: DOCurveConfig> Add<&'a Projective<P>> for Affine<P>

type Output = Projective<P>

The resulting type after applying the + operator.

fn add(self, other: &'a Projective<P>) -> Projective<P>

Performs the + operation.

impl<P: DOCurveConfig> Add<Projective<P>> for Affine<P>

type Output = Projective<P>

The resulting type after applying the + operator.

fn add(self, other: Projective<P>) -> Projective<P>

Performs the + operation.

impl<P: DOCurveConfig, T: Borrow<Self>> Add<T> for Affine<P>

fn add(self, other: T) -> Projective<P>

Using Algorithm 3 from https://doubleodd.group/doubleodd-jq.pdf, simplified because both points are affine (n2 = 1, n5 = T1 + T2).

type Output = Projective<P>

The resulting type after applying the + operator.

impl<P: DOCurveConfig> AffineRepr for Affine<P>

fn mul_by_cofactor_to_group(&self) -> Self::Group

Multiplies this element by the cofactor and output the resulting projective element.

fn clear_cofactor(&self) -> Self

Performs cofactor clearing. The default method is simply to multiply by the cofactor. Some curves can implement a more efficient algorithm.

const GENERATOR: Self = P::GENERATOR

const ZERO: Self

type Config = P

type BaseField = <P as CurveConfig>::BaseField

The finite field over which this curve is defined.

type ScalarField = <P as CurveConfig>::ScalarField

type Group = Projective<P>

The projective representation of points on this curve.

fn xy(&self) -> Option<(Self::BaseField, Self::BaseField)>

Returns the x and y coordinates of this affine point.

fn generator() -> Self

Returns a fixed generator of unknown exponent.

fn zero() -> Self

Returns the point at infinity.

fn is_zero(&self) -> bool

Is self the point at infinity?

fn from_random_bytes(bytes: &[u8]) -> Option<Self>

Returns a group element if the set of bytes forms a valid group element, otherwise returns None. This function is primarily intended for sampling random group elements from a hash-function or RNG output.

fn mul_bigint(&self, by: impl AsRef<[u64]>) -> Self::Group

Performs scalar multiplication of this element with mixed addition.

fn x(&self) -> Option<Self::BaseField>

Returns the x coordinate of this affine point.

fn y(&self) -> Option<Self::BaseField>

Returns the y coordinate of this affine point.

fn into_group(self) -> Self::Group

Converts self into the projective representation.

fn mul_by_cofactor(&self) -> Self

Multiplies this element by the cofactor.

fn mul_by_cofactor_inv(&self) -> Self

Multiplies this element by the inverse of the cofactor in Self::ScalarField.

impl<P: DOCurveConfig> CanonicalDeserialize for Affine<P>

fn deserialize_with_mode<R: Read>( reader: R, compress: Compress, validate: Validate, ) -> Result<Self, SerializationError>

The general deserialize method that takes in customization flags.

fn deserialize_compressed<R>(reader: R) -> Result<Self, SerializationError>

where R: Read,

Reads Self from reader using the compressed form if applicable. Performs validation if applicable.

fn deserialize_compressed_unchecked<R>( reader: R, ) -> Result<Self, SerializationError>

where R: Read,

Reads Self from reader using the compressed form if applicable, without validating the deserialized value.

fn deserialize_uncompressed<R>(reader: R) -> Result<Self, SerializationError>

where R: Read,

Reads Self from reader using the uncompressed form. Performs validation if applicable.

fn deserialize_uncompressed_unchecked<R>( reader: R, ) -> Result<Self, SerializationError>

where R: Read,

Reads Self from reader using the uncompressed form, without validating the deserialized value.

impl<P: DOCurveConfig> CanonicalSerialize for Affine<P>

fn serialize_with_mode<W: Write>( &self, writer: W, compress: Compress, ) -> Result<(), SerializationError>

The general serialize method that takes in customization flags.

fn serialized_size(&self, compress: Compress) -> usize

Returns the size in bytes of the serialized version of self with the given compression mode.

fn serialize_compressed<W>(&self, writer: W) -> Result<(), SerializationError>

where W: Write,

Serializes self into writer using the compressed form if applicable.

fn compressed_size(&self) -> usize

Returns the size in bytes of the compressed serialized version of self.

fn serialize_uncompressed<W>(&self, writer: W) -> Result<(), SerializationError>

where W: Write,

Serializes self into writer using the uncompressed form.

fn uncompressed_size(&self) -> usize

Returns the size in bytes of the uncompressed serialized version of self.

impl<P: DOCurveConfig> Clone for Affine<P>

where P::BaseField: Copy,

fn clone(&self) -> Self

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<P: DOCurveConfig> Debug for Affine<P>

fn fmt(&self, f: &mut Formatter<'_>) -> FmtResult

Formats the value using the given formatter.

impl<P: DOCurveConfig> Default for Affine<P>

fn default() -> Self

Returns the “default value” for a type.

impl<P: DOCurveConfig> Display for Affine<P>

fn fmt(&self, f: &mut Formatter<'_>) -> FmtResult

Formats the value using the given formatter.

impl<P: DOCurveConfig> Distribution<Affine<P>> for Standard

fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> Affine<P>

Generates a uniformly random point in the prime-order subgroup.

fn sample_iter<R>(self, rng: R) -> DistIter<Self, R, T>

where R: Rng, Self: Sized,

Create an iterator that generates random values of T, using rng as the source of randomness.

fn map<F, S>(self, func: F) -> DistMap<Self, F, T, S>

where F: Fn(T) -> S, Self: Sized,

Create a distribution of values of ‘S’ by mapping the output of Self through the closure F

impl<P: DOCurveConfig> From<Affine<P>> for Projective<P>

fn from(p: Affine<P>) -> Self

Converts to this type from the input type.

impl<P: DOCurveConfig> From<Projective<P>> for Affine<P>

fn from(p: Projective<P>) -> Self

Converts to this type from the input type.

impl<P: DOCurveConfig> Hash for Affine<P>

where P::BaseField: Hash,

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl<P: DOCurveConfig, T: Borrow<P::ScalarField>> Mul<T> for Affine<P>

type Output = Projective<P>

The resulting type after applying the * operator.

fn mul(self, other: T) -> Self::Output

Performs the * operation.

impl<P: DOCurveConfig> Neg for Affine<P>

type Output = Affine<P>

The resulting type after applying the - operator.

fn neg(self) -> Self

Performs the unary - operation.

impl<P: DOCurveConfig> PartialEq<Affine<P>> for Projective<P>

fn eq(&self, other: &Affine<P>) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<P: DOCurveConfig> PartialEq<Projective<P>> for Affine<P>

fn eq(&self, other: &Projective<P>) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<P: DOCurveConfig> PartialEq for Affine<P>

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<'a, P: DOCurveConfig> Sub<&'a Projective<P>> for Affine<P>

type Output = Projective<P>

The resulting type after applying the - operator.

fn sub(self, other: &'a Projective<P>) -> Projective<P>

Performs the - operation.

impl<P: DOCurveConfig> Sub<Projective<P>> for Affine<P>

type Output = Projective<P>

The resulting type after applying the - operator.

fn sub(self, other: Projective<P>) -> Projective<P>

Performs the - operation.

impl<P: DOCurveConfig, T: Borrow<Self>> Sub<T> for Affine<P>

type Output = Projective<P>

The resulting type after applying the - operator.

fn sub(self, other: T) -> Projective<P>

Performs the - operation.

impl<M: DOCurveConfig, ConstraintF: Field> ToConstraintField<ConstraintF> for Affine<M>

where M::BaseField: ToConstraintField<ConstraintF>,

fn to_field_elements(&self) -> Option<Vec<ConstraintF>>

impl<P: DOCurveConfig> Valid for Affine<P>

fn check(&self) -> Result<(), SerializationError>

Checks whether self is valid. If self is valid, returns Ok(()). Otherwise, returns an error describing the failure. This method is called by deserialize_with_mode if validate is Validate::Yes.

const TRIVIAL_CHECK: bool = false

Whether the check method is trivial (i.e. always returns Ok(())). If this is true, the batch_check method will skip all checks and return Ok(()). This should be set to true for types where check is trivial, e.g. integers, field elements, etc. This is false by default. This is primarily an optimization to skip unnecessary checks in batch_check.

fn batch_check<'a>( batch: impl Iterator<Item = &'a Self> + Send, ) -> Result<(), SerializationError>

where Self: 'a,

Checks whether all items in batch are valid. If all items are valid, returns Ok(()). Otherwise, returns an error describing the first failure.

impl<P: DOCurveConfig> Zeroize for Affine<P>

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl<P: DOCurveConfig> Copy for Affine<P>

where P::BaseField: Copy,

impl<P: DOCurveConfig> Eq for Affine<P>