Upgrade to work with latest ark-ff (#95)

Co-authored-by: Sun <huachuang20@gmail.com>
2026-01-09 07:21:30 +01:00 · 2022-03-07 13:12:03 -08:00
parent d0dc200f22
commit 1551d6d76c
231 changed files with 2830 additions and 4343 deletions
--- a/mnt6_298/scripts/base_field.sage
+++ b/mnt6_298/scripts/base_field.sage
@@ -0,0 +1,28 @@
+modulus = 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137
+
+assert(modulus.is_prime())
+
+Fp = GF(modulus)
+
+generator = Fp(0);
+for i in range(0, 20):
+    i = Fp(i);
+    neg_i = Fp(-i)
+    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
+        continue
+    elif i.is_primitive_root():
+        assert(i.is_primitive_root());
+        print("Generator: %d" % i)
+        generator = i
+        break
+    else:
+        assert(neg_i.is_primitive_root());
+        print("Generator: %d" % neg_i)
+        generator = neg_i
+        break
+
+
+two_adicity = valuation(modulus - 1, 2);
+trace = (modulus - 1) / 2**two_adicity;
+two_adic_root_of_unity = generator^trace
+print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/mnt6_298/scripts/scalar_field.sage
+++ b/mnt6_298/scripts/scalar_field.sage
@@ -0,0 +1,28 @@
+modulus = 475922286169261325753349249653048451545124879242694725395555128576210262817955800483758081
+
+assert(modulus.is_prime())
+
+Fp = GF(modulus)
+
+generator = Fp(0);
+for i in range(0, 20):
+    i = Fp(i);
+    neg_i = Fp(-i)
+    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
+        continue
+    elif i.is_primitive_root():
+        assert(i.is_primitive_root());
+        print("Generator: %d" % i)
+        generator = i
+        break
+    else:
+        assert(neg_i.is_primitive_root());
+        print("Generator: %d" % neg_i)
+        generator = neg_i
+        break
+
+
+two_adicity = valuation(modulus - 1, 2);
+trace = (modulus - 1) / 2**two_adicity;
+two_adic_root_of_unity = generator^trace
+print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/mnt6_298/src/constraints/curves.rs
+++ b/mnt6_298/src/constraints/curves.rs
@@ -1,6 +1,7 @@
-use crate::Parameters;
 use ark_r1cs_std::groups::mnt6;

+use crate::Parameters;
+
 /// An element of G1 in the MNT6-298 bilinear group.
 pub type G1Var = mnt6::G1Var<Parameters>;
 /// An element of G2 in the MNT6-298 bilinear group.
--- a/mnt6_298/src/constraints/fields.rs
+++ b/mnt6_298/src/constraints/fields.rs
@@ -1,13 +1,13 @@
-use crate::{Fq, Fq3Parameters, Fq6Parameters};
-
 use ark_r1cs_std::fields::{fp::FpVar, fp3::Fp3Var, fp6_2over3::Fp6Var};

+use crate::{Fq, Fq3Config, Fq6Config};
+
 /// A variable that is the R1CS equivalent of `crate::Fq`.
 pub type FqVar = FpVar<Fq>;
 /// A variable that is the R1CS equivalent of `crate::Fq3`.
-pub type Fq3Var = Fp3Var<Fq3Parameters>;
+pub type Fq3Var = Fp3Var<Fq3Config>;
 /// A variable that is the R1CS equivalent of `crate::Fq6`.
-pub type Fq6Var = Fp6Var<Fq6Parameters>;
+pub type Fq6Var = Fp6Var<Fq6Config>;

 #[test]
 fn mnt6_298_field_gadgets_test() {
--- a/mnt6_298/src/constraints/pairing.rs
+++ b/mnt6_298/src/constraints/pairing.rs
@@ -1,6 +1,7 @@
 use crate::Parameters;

-/// Specifies the constraints for computing a pairing in the MNT6-298 bilinear group.
+/// Specifies the constraints for computing a pairing in the MNT6-298 bilinear
+/// group.
 pub type PairingVar = ark_r1cs_std::pairing::mnt6::PairingVar<Parameters>;

 #[test]
--- a/mnt6_298/src/curves/g1.rs
+++ b/mnt6_298/src/curves/g1.rs
@@ -2,7 +2,7 @@ use ark_ec::{
    mnt6,
    models::{ModelParameters, SWModelParameters},
 };
-use ark_ff::field_new;
+use ark_ff::MontFp;

 use crate::{Fq, Fr};

@@ -21,18 +21,15 @@ impl ModelParameters for Parameters {
    const COFACTOR: &'static [u64] = &[1];

    /// COFACTOR^(-1) mod r = 1
-    #[rustfmt::skip]
-    const COFACTOR_INV: Fr = field_new!(Fr, "1");
+    const COFACTOR_INV: Fr = MontFp!(Fr, "1");
 }

 impl SWModelParameters for Parameters {
    /// COEFF_A = 11
-    #[rustfmt::skip]
-    const COEFF_A: Fq = field_new!(Fq, "11");
+    const COEFF_A: Fq = MontFp!(Fq, "11");

    /// COEFF_B = 106700080510851735677967319632585352256454251201367587890185989362936000262606668469523074
-    #[rustfmt::skip]
-    const COEFF_B: Fq = field_new!(Fq, "106700080510851735677967319632585352256454251201367587890185989362936000262606668469523074");
+    const COEFF_B: Fq = MontFp!(Fq, "106700080510851735677967319632585352256454251201367587890185989362936000262606668469523074");

    /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@@ -41,8 +38,8 @@ impl SWModelParameters for Parameters {

 /// G1_GENERATOR_X =
 #[rustfmt::skip]
-pub const G1_GENERATOR_X: Fq = field_new!(Fq, "336685752883082228109289846353937104185698209371404178342968838739115829740084426881123453");
+pub const G1_GENERATOR_X: Fq = MontFp!(Fq, "336685752883082228109289846353937104185698209371404178342968838739115829740084426881123453");

 /// G1_GENERATOR_Y =
 #[rustfmt::skip]
-pub const G1_GENERATOR_Y: Fq = field_new!(Fq, "402596290139780989709332707716568920777622032073762749862342374583908837063963736098549800");
+pub const G1_GENERATOR_Y: Fq = MontFp!(Fq, "402596290139780989709332707716568920777622032073762749862342374583908837063963736098549800");
--- a/mnt6_298/src/curves/g2.rs
+++ b/mnt6_298/src/curves/g2.rs
@@ -3,7 +3,7 @@ use ark_ec::{
    mnt6::MNT6Parameters,
    models::{ModelParameters, SWModelParameters},
 };
-use ark_ff::field_new;
+use ark_ff::{CubicExt, MontFp};

 use crate::{g1, Fq, Fq3, Fr, FQ_ZERO};

@@ -36,27 +36,26 @@ impl ModelParameters for Parameters {

    /// COFACTOR^(-1) mod r =
    /// 79320381028210220958891541608841408590854146655427655872973753568875979721417185067925504
-    #[rustfmt::skip]
-    const COFACTOR_INV: Fr = field_new!(Fr, "79320381028210220958891541608841408590854146655427655872973753568875979721417185067925504");
+    const COFACTOR_INV: Fr = MontFp!(
+        Fr,
+        "79320381028210220958891541608841408590854146655427655872973753568875979721417185067925504"
+    );
 }

 /// MUL_BY_A_C0 = NONRESIDUE * COEFF_A = 5 * 11
-    #[rustfmt::skip]
-pub const MUL_BY_A_C0: Fq = field_new!(Fq, "55");
+pub const MUL_BY_A_C0: Fq = MontFp!(Fq, "55");

 /// MUL_BY_A_C1 = NONRESIDUE * COEFF_A
-    #[rustfmt::skip]
-pub const MUL_BY_A_C1: Fq = field_new!(Fq, "55");
+pub const MUL_BY_A_C1: Fq = MontFp!(Fq, "55");

 /// MUL_BY_A_C2 = COEFF_A
 pub const MUL_BY_A_C2: Fq = g1::Parameters::COEFF_A;

 impl SWModelParameters for Parameters {
    const COEFF_A: Fq3 = crate::Parameters::TWIST_COEFF_A;
-    #[rustfmt::skip]
-    const COEFF_B: Fq3 = field_new!(Fq3,
+    const COEFF_B: Fq3 = CubicExt!(
        // 5 * G1::COEFF_B
-        field_new!(Fq, "57578116384997352636487348509878309737146377454014423897662211075515354005624851787652233"),
+        MontFp!(Fq, "57578116384997352636487348509878309737146377454014423897662211075515354005624851787652233"),
        FQ_ZERO,
        FQ_ZERO,
    );
@@ -67,8 +66,7 @@ impl SWModelParameters for Parameters {

    #[inline(always)]
    fn mul_by_a(elt: &Fq3) -> Fq3 {
-        field_new!(
-            Fq3,
+        CubicExt!(
            MUL_BY_A_C0 * &elt.c1,
            MUL_BY_A_C1 * &elt.c2,
            MUL_BY_A_C2 * &elt.c0,
@@ -76,33 +74,31 @@ impl SWModelParameters for Parameters {
    }
 }

-const G2_GENERATOR_X: Fq3 =
-    field_new!(Fq3, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1, G2_GENERATOR_X_C2);
-const G2_GENERATOR_Y: Fq3 =
-    field_new!(Fq3, G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1, G2_GENERATOR_Y_C2);
+const G2_GENERATOR_X: Fq3 = CubicExt!(G2_GENERATOR_X_C0, G2_GENERATOR_X_C1, G2_GENERATOR_X_C2);
+const G2_GENERATOR_Y: Fq3 = CubicExt!(G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1, G2_GENERATOR_Y_C2);

-pub const G2_GENERATOR_X_C0: Fq = field_new!(
+pub const G2_GENERATOR_X_C0: Fq = MontFp!(
    Fq,
    "421456435772811846256826561593908322288509115489119907560382401870203318738334702321297427"
 );
-pub const G2_GENERATOR_X_C1: Fq = field_new!(
+pub const G2_GENERATOR_X_C1: Fq = MontFp!(
    Fq,
    "103072927438548502463527009961344915021167584706439945404959058962657261178393635706405114"
 );
-pub const G2_GENERATOR_X_C2: Fq = field_new!(
+pub const G2_GENERATOR_X_C2: Fq = MontFp!(
    Fq,
    "143029172143731852627002926324735183809768363301149009204849580478324784395590388826052558"
 );

-pub const G2_GENERATOR_Y_C0: Fq = field_new!(
+pub const G2_GENERATOR_Y_C0: Fq = MontFp!(
    Fq,
    "464673596668689463130099227575639512541218133445388869383893594087634649237515554342751377"
 );
-pub const G2_GENERATOR_Y_C1: Fq = field_new!(
+pub const G2_GENERATOR_Y_C1: Fq = MontFp!(
    Fq,
    "100642907501977375184575075967118071807821117960152743335603284583254620685343989304941678"
 );
-pub const G2_GENERATOR_Y_C2: Fq = field_new!(
+pub const G2_GENERATOR_Y_C2: Fq = MontFp!(
    Fq,
    "123019855502969896026940545715841181300275180157288044663051565390506010149881373807142903"
 );
--- a/mnt6_298/src/curves/mod.rs
+++ b/mnt6_298/src/curves/mod.rs
@@ -1,11 +1,10 @@
-use ark_ff::{biginteger::BigInteger320, field_new, BigInt, Fp3};
-
 use ark_ec::{
    models::mnt6::{MNT6Parameters, MNT6},
    SWModelParameters,
 };
+use ark_ff::{biginteger::BigInteger320, BigInt, CubicExt, Fp3, MontFp};

-use crate::{Fq, Fq3, Fq3Parameters, Fq6Parameters, Fr};
+use crate::{Fq, Fq3Config, Fq6Config, Fr};

 pub mod g1;
 pub mod g2;
@@ -23,13 +22,9 @@ pub type MNT6_298 = MNT6<Parameters>;
 pub struct Parameters;

 impl MNT6Parameters for Parameters {
-    const TWIST: Fp3<Self::Fp3Params> = field_new!(Fq3, FQ_ZERO, FQ_ONE, FQ_ZERO);
-    #[rustfmt::skip]
-    const TWIST_COEFF_A: Fp3<Self::Fp3Params> = field_new!(Fq3,
-        FQ_ZERO,
-        FQ_ZERO,
-        g1::Parameters::COEFF_A,
-    );
+    const TWIST: Fp3<Self::Fp3Config> = CubicExt!(FQ_ZERO, FQ_ONE, FQ_ZERO);
+    const TWIST_COEFF_A: Fp3<Self::Fp3Config> =
+        CubicExt!(FQ_ZERO, FQ_ZERO, g1::Parameters::COEFF_A,);
    const ATE_LOOP_COUNT: &'static [u64] = &[0xdc9a1b671660000, 0x46609756bec2a33f, 0x1eef55];
    const ATE_IS_LOOP_COUNT_NEG: bool = true;
    const FINAL_EXPONENT_LAST_CHUNK_1: BigInteger320 = BigInt::new([0x1, 0x0, 0x0, 0x0, 0x0]);
@@ -38,11 +33,11 @@ impl MNT6Parameters for Parameters {
        BigInt::new([0xdc9a1b671660000, 0x46609756bec2a33f, 0x1eef55, 0x0, 0x0]);
    type Fp = Fq;
    type Fr = Fr;
-    type Fp3Params = Fq3Parameters;
-    type Fp6Params = Fq6Parameters;
+    type Fp3Config = Fq3Config;
+    type Fp6Config = Fq6Config;
    type G1Parameters = self::g1::Parameters;
    type G2Parameters = self::g2::Parameters;
 }

-pub const FQ_ZERO: Fq = field_new!(Fq, "0");
-pub const FQ_ONE: Fq = field_new!(Fq, "1");
+pub const FQ_ZERO: Fq = MontFp!(Fq, "0");
+pub const FQ_ONE: Fq = MontFp!(Fq, "1");
--- a/mnt6_298/src/curves/tests.rs
+++ b/mnt6_298/src/curves/tests.rs
@@ -1,16 +1,14 @@
-use ark_ec::{AffineCurve, PairingEngine, ProjectiveCurve};
-use ark_ff::{Field, One, PrimeField, UniformRand};
-use ark_std::{rand::Rng, test_rng};
-
-use crate::*;
-
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test,
    generate_product_of_pairings_test, groups::*, msm::*,
 };
-
+use ark_ec::{AffineCurve, PairingEngine, ProjectiveCurve};
+use ark_ff::{Field, One, PrimeField, UniformRand};
+use ark_std::{rand::Rng, test_rng};
 use core::ops::MulAssign;

+use crate::*;
+
 generate_g1_test!(mnt6_298; curve_tests; sw_tests;);
 generate_g2_test!(mnt6_298; curve_tests; sw_tests;);
 generate_bilinearity_test!(MNT6_298, Fq6);
--- a/mnt6_298/src/fields/fq.rs
+++ b/mnt6_298/src/fields/fq.rs
@@ -1 +1 @@
-pub use ark_mnt4_298::{Fr as Fq, FrParameters as FqParameters};
+pub use ark_mnt4_298::{Fr as Fq, FrConfig as FqConfig};
--- a/mnt6_298/src/fields/fq3.rs
+++ b/mnt6_298/src/fields/fq3.rs
@@ -1,23 +1,23 @@
-use crate::{fq::Fq, FQ_ZERO};
 use ark_ff::{
-    field_new,
-    fields::fp3::{Fp3, Fp3Parameters},
+    fields::fp3::{Fp3, Fp3Config},
+    CubicExt, MontFp,
 };

-pub type Fq3 = Fp3<Fq3Parameters>;
+use crate::{fq::Fq, FQ_ZERO};

-pub struct Fq3Parameters;
+pub type Fq3 = Fp3<Fq3Config>;

-impl Fp3Parameters for Fq3Parameters {
+pub struct Fq3Config;
+
+impl Fp3Config for Fq3Config {
    type Fp = Fq;

-    #[rustfmt::skip]
-    const NONRESIDUE: Fq = field_new!(Fq, "5");
+    const NONRESIDUE: Fq = MontFp!(Fq, "5");

    const TWO_ADICITY: u32 = 34;

    #[rustfmt::skip]
-    const T_MINUS_ONE_DIV_TWO: &'static [u64] = &[
+    const TRACE_MINUS_ONE_DIV_TWO: &'static [u64] = &[
        0x69232b75663933bd,
        0xca650efcfc00ee0,
        0x77ca3963fe36f720,
@@ -34,21 +34,18 @@ impl Fp3Parameters for Fq3Parameters {
        0x6878f58,
    ];

-    #[rustfmt::skip]
-    const QUADRATIC_NONRESIDUE_TO_T: (Fq, Fq, Fq) = (
-        field_new!(Fq, "154361449678783505076984156275977937654331103361174469632346230549735979552469642799720052"),
+    const QUADRATIC_NONRESIDUE_TO_T: Fq3 = CubicExt!(
+        MontFp!(Fq, "154361449678783505076984156275977937654331103361174469632346230549735979552469642799720052"),
        FQ_ZERO,
        FQ_ZERO,
    );

-    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP3_C1: &'static [Fq] = &[
-        field_new!(Fq, "1"),
-        field_new!(Fq, "471738898967521029133040851318449165997304108729558973770077319830005517129946578866686956"),
-        field_new!(Fq, "4183387201740296620308398334599285547820769823264541783190415909159130177461911693276180"),
+        MontFp!(Fq, "1"),
+        MontFp!(Fq, "471738898967521029133040851318449165997304108729558973770077319830005517129946578866686956"),
+        MontFp!(Fq, "4183387201740296620308398334599285547820769823264541783190415909159130177461911693276180"),
    ];

-    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP3_C2: &'static [Fq] = &[
        Self::FROBENIUS_COEFF_FP3_C1[0],
        Self::FROBENIUS_COEFF_FP3_C1[2],
--- a/mnt6_298/src/fields/fq6.rs
+++ b/mnt6_298/src/fields/fq6.rs
@@ -1,24 +1,25 @@
-use crate::{Fq, Fq3, Fq3Parameters, FQ_ONE, FQ_ZERO};
 use ark_ff::{
-    field_new,
-    fields::fp6_2over3::{Fp6, Fp6Parameters},
+    fields::fp6_2over3::{Fp6, Fp6Config},
+    CubicExt, MontFp,
 };

-pub type Fq6 = Fp6<Fq6Parameters>;
+use crate::{Fq, Fq3, Fq3Config, FQ_ONE, FQ_ZERO};

-pub struct Fq6Parameters;
+pub type Fq6 = Fp6<Fq6Config>;

-impl Fp6Parameters for Fq6Parameters {
-    type Fp3Params = Fq3Parameters;
+pub struct Fq6Config;

-    const NONRESIDUE: Fq3 = field_new!(Fq3, FQ_ZERO, FQ_ONE, FQ_ZERO);
+impl Fp6Config for Fq6Config {
+    type Fp3Config = Fq3Config;
+
+    const NONRESIDUE: Fq3 = CubicExt!(FQ_ZERO, FQ_ONE, FQ_ZERO);

    const FROBENIUS_COEFF_FP6_C1: &'static [Fq] = &[
-        field_new!(Fq, "1"),
-        field_new!(Fq, "471738898967521029133040851318449165997304108729558973770077319830005517129946578866686957"),
-        field_new!(Fq, "471738898967521029133040851318449165997304108729558973770077319830005517129946578866686956"),
-        field_new!(Fq, "475922286169261325753349249653048451545124878552823515553267735739164647307408490559963136"),
-        field_new!(Fq, "4183387201740296620308398334599285547820769823264541783190415909159130177461911693276180"),
-        field_new!(Fq, "4183387201740296620308398334599285547820769823264541783190415909159130177461911693276181"),
+        MontFp!(Fq, "1"),
+        MontFp!(Fq, "471738898967521029133040851318449165997304108729558973770077319830005517129946578866686957"),
+        MontFp!(Fq, "471738898967521029133040851318449165997304108729558973770077319830005517129946578866686956"),
+        MontFp!(Fq, "475922286169261325753349249653048451545124878552823515553267735739164647307408490559963136"),
+        MontFp!(Fq, "4183387201740296620308398334599285547820769823264541783190415909159130177461911693276180"),
+        MontFp!(Fq, "4183387201740296620308398334599285547820769823264541783190415909159130177461911693276181"),
    ];
 }
--- a/mnt6_298/src/fields/fr.rs
+++ b/mnt6_298/src/fields/fr.rs
@@ -1 +1 @@
-pub use ark_mnt4_298::{Fq as Fr, FqParameters as FrParameters};
+pub use ark_mnt4_298::{Fq as Fr, FqConfig as FrConfig};
--- a/mnt6_298/src/fields/mod.rs
+++ b/mnt6_298/src/fields/mod.rs
@@ -10,5 +10,5 @@ pub use self::fq3::*;
 pub mod fq6;
 pub use self::fq6::*;

-#[cfg(all(feature = "mnt6_298", test))]
+#[cfg(test)]
 mod tests;
--- a/mnt6_298/src/fields/tests.rs
+++ b/mnt6_298/src/fields/tests.rs
@@ -1,18 +1,21 @@
-use ark_ff::{
-    fields::{models::fp6_2over3::*, quadratic_extension::QuadExtParameters},
-    Field,
+use ark_algebra_test_templates::{
+    fields::*, generate_field_serialization_test, generate_field_test,
 };
-use ark_std::{rand::Rng, test_rng};
-
-use crate::*;
-use ark_algebra_test_templates::{fields::*, generate_field_test};
-
+use ark_ff::{
+    fields::{models::fp6_2over3::*, quadratic_extension::QuadExtConfig, SquareRootField},
+    Field, PrimeField,
+};
+use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
+use ark_std::{rand::Rng, test_rng, One, UniformRand, Zero};
 use core::ops::{AddAssign, MulAssign, SubAssign};

-generate_field_test!(mnt6_298;);
+use crate::*;
+
+generate_field_test!(mnt6_298; fq3; fq6; mont(5, 5); );
+generate_field_serialization_test!(mnt6_298;);

 #[test]
-fn test_fq3() {
+fn test_fq3_more() {
    let mut rng = test_rng();
    let a: Fq3 = rng.gen();
    let b: Fq3 = rng.gen();
@@ -20,16 +23,7 @@ fn test_fq3() {
    sqrt_field_test(a);
    frobenius_test::<Fq3, _>(Fq::characteristic(), 13);
    assert_eq!(
-        a * Fq6Parameters::NONRESIDUE,
-        <Fp6ParamsWrapper<Fq6Parameters>>::mul_base_field_by_nonresidue(&a)
+        a * Fq6Config::NONRESIDUE,
+        <Fp6ConfigWrapper<Fq6Config>>::mul_base_field_by_nonresidue(&a)
    );
 }
-
-#[test]
-fn test_fq6() {
-    let mut rng = test_rng();
-    let a: Fq6 = rng.gen();
-    let b: Fq6 = rng.gen();
-    field_test(a, b);
-    frobenius_test::<Fq6, _>(Fq::characteristic(), 13);
-}
--- a/mnt6_298/src/lib.rs
+++ b/mnt6_298/src/lib.rs
@@ -10,14 +10,17 @@

 //! This library implements the MNT6_298 curve generated in
 //! [\[BCTV14\]](https://eprint.iacr.org/2014/595).  The name denotes that it is a
-//! Miyaji--Nakabayashi--Takano curve of embedding degree 6, defined over a 298-bit (prime) field.
-//! The main feature of this curve is that its scalar field and base field respectively equal the
-//! base field and scalar field of MNT4_298.
+//! Miyaji--Nakabayashi--Takano curve of embedding degree 6, defined over a
+//! 298-bit (prime) field. The main feature of this curve is that its scalar
+//! field and base field respectively equal the base field and scalar field of
+//! MNT4_298.
 //!
 //!
 //! Curve information:
-//! * Base field: q = 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137
-//! * Scalar field: r = 475922286169261325753349249653048451545124879242694725395555128576210262817955800483758081
+//! * Base field: q =
+//!   475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137
+//! * Scalar field: r =
+//!   475922286169261325753349249653048451545124879242694725395555128576210262817955800483758081
 //! * valuation(q - 1, 2) = 34
 //! * valuation(r - 1, 2) = 17
 //! * G1 curve equation: y^2 = x^3 + ax + b, where
@@ -26,7 +29,8 @@
 //! * G2 curve equation: y^2 = x^3 + Ax + B, where
 //!    * A = Fq2 = (0, 0, a)
 //!    * B = Fq2(b * NON_RESIDUE, 0, 0)
-//!    * NON_RESIDUE = 5 is the cubic non-residue used to construct the field extension Fq3
+//!    * NON_RESIDUE = 5 is the cubic non-residue used to construct the field
+//!      extension Fq3

 #[cfg(feature = "r1cs")]
 pub mod constraints;