26 lines
No EOL
958 B
Text
26 lines
No EOL
958 B
Text
import "ecc/edwardsAdd.code" as add
|
|
import "ecc/edwardsOnCurve.code" as assertOnCurve
|
|
// Function that implements scalar multiplication for a given base point
|
|
// Curve parameters are defined with the last argument
|
|
// https://github.com/zcash-hackworks/sapling-crypto/blob/master/src/jubjub/fs.rs#L555
|
|
def main(field[256] exponent, field[2] pt, field[10] context) -> (field[2]):
|
|
//FIXME: how to deal with bool checks
|
|
|
|
field[2] infinity = [context[2], context[3]]
|
|
|
|
field[2] doubledP = pt
|
|
field[2] accumulatedP = infinity
|
|
|
|
field j = 255
|
|
accumulatedP = if exponent[j] == 1 then doubledP else accumulatedP fi
|
|
|
|
for field i in 1..256 do
|
|
j = 255 - i
|
|
doubledP = add(doubledP, doubledP, context)
|
|
candidateP = add(accumulatedP, doubledP, context)
|
|
accumulatedP = if exponent[j] == 1 then candidateP else accumulatedP fi
|
|
endfor
|
|
|
|
1 == assertOnCurve(accumulatedP, context)
|
|
|
|
return accumulatedP |