Upgrade to work with latest `ark-ff` (#95)

Co-authored-by: Sun <huachuang20@gmail.com>
2 years ago · 1551d6d76c
231 changed files with 2826 additions and 4339 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -63,3 +63,4 @@ ark-ec = { git = "https://github.com/arkworks-rs/algebra" }
 ark-ff = { git = "https://github.com/arkworks-rs/algebra" }
 ark-serialize = { git = "https://github.com/arkworks-rs/algebra" }
 ark-algebra-test-templates = { git = "https://github.com/arkworks-rs/algebra" }
 ark-r1cs-std = { git = "https://github.com/arkworks-rs/r1cs-std" }
--- a/bls12_377/scripts/base_field.sage
+++ b/bls12_377/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bls12_377/scripts/scalar_field.sage
+++ b/bls12_377/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 8444461749428370424248824938781546531375899335154063827935233455917409239041
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 30):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bls12_377/src/constraints/curves.rs
+++ b/bls12_377/src/constraints/curves.rs
@ -1,11 +1,11 @@
 use crate::Parameters;
 use ark_ec::bls12::Bls12Parameters;
 use ark_ec::ModelParameters;
 use ark_ec::{bls12::Bls12Parameters, ModelParameters};
 use ark_r1cs_std::{
    fields::fp::FpVar,
    groups::{bls12, curves::twisted_edwards::AffineVar as TEAffineVar},
 };
 use crate::Parameters;
 /// An element of G1 in the BLS12-377 bilinear group.
 pub type G1Var = bls12::G1Var<Parameters>;
 /// An element of G2 in the BLS12-377 bilinear group.
--- a/bls12_377/src/constraints/fields.rs
+++ b/bls12_377/src/constraints/fields.rs
@ -1,16 +1,16 @@
 use crate::{Fq, Fq12Parameters, Fq2Parameters, Fq6Parameters};
 use ark_r1cs_std::fields::{fp::FpVar, fp12::Fp12Var, fp2::Fp2Var, fp6_3over2::Fp6Var};
 use crate::{Fq, Fq12Config, Fq2Config, Fq6Config};
 /// A variable that is the R1CS equivalent of `crate::Fq`.
 pub type FqVar = FpVar<Fq>;
 /// A variable that is the R1CS equivalent of `crate::Fq2`.
 pub type Fq2Var = Fp2Var<Fq2Parameters>;
 pub type Fq2Var = Fp2Var<Fq2Config>;
 /// A variable that is the R1CS equivalent of `crate::Fq6`.
 pub type Fq6Var = Fp6Var<Fq6Parameters>;
 pub type Fq6Var = Fp6Var<Fq6Config>;
 /// A variable that is the R1CS equivalent of `crate::Fq12`.
 pub type Fq12Var = Fp12Var<Fq12Parameters>;
 pub type Fq12Var = Fp12Var<Fq12Config>;
 #[test]
 fn bls12_377_field_test() {
--- a/bls12_377/src/constraints/pairing.rs
+++ b/bls12_377/src/constraints/pairing.rs
@ -1,6 +1,7 @@
 use crate::Parameters;
 /// Specifies the constraints for computing a pairing in the BLS12-377 bilinear group.
 /// Specifies the constraints for computing a pairing in the BLS12-377 bilinear
 /// group.
 pub type PairingVar = ark_r1cs_std::pairing::bls12::PairingVar<Parameters>;
 #[test]
--- a/bls12_377/src/curves/g1.rs
+++ b/bls12_377/src/curves/g1.rs
@ -4,7 +4,7 @@ use ark_ec::models::{
    },
    ModelParameters, MontgomeryModelParameters, SWModelParameters, TEModelParameters,
 };
 use ark_ff::{field_new, Zero};
 use ark_ff::{MontFp, Zero};
 use core::ops::Neg;
 use crate::{
@ -24,8 +24,10 @@ impl ModelParameters for Parameters {
    /// COFACTOR_INV = COFACTOR^{-1} mod r
    /// = 5285428838741532253824584287042945485047145357130994810877
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "5285428838741532253824584287042945485047145357130994810877");
    const COFACTOR_INV: Fr = MontFp!(
        Fr,
        "5285428838741532253824584287042945485047145357130994810877"
    );
 }
 impl SWModelParameters for Parameters {
@ -33,7 +35,6 @@ impl SWModelParameters for Parameters {
    const COEFF_A: Fq = FQ_ZERO;
    /// COEFF_B = 1
    #[rustfmt::skip]
    const COEFF_B: Fq = FQ_ONE;
    /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
@ -54,7 +55,6 @@ pub type G1TEProjective = TEGroupProjective;
 /// 1. SW -> Montgomery -> TE1 transformation: <https://en.wikipedia.org/wiki/Montgomery_curve>
 /// 2. TE1 -> TE2 normalization (enforcing `a = -1`)
 /// ``` sage
 ///
 /// # modulus
 /// p = 0x1ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001
 /// Fp = Zmod(p)
@ -96,15 +96,13 @@ pub type G1TEProjective = TEGroupProjective;
 /// TE2a = Fp(-1)
 /// # b = -TE1d/TE1a
 /// TE2d = Fp(122268283598675559488486339158635529096981886914877139579534153582033676785385790730042363341236035746924960903179)
 ///
 /// ```
 impl TEModelParameters for Parameters {
    /// COEFF_A = -1
    const COEFF_A: Fq = field_new!(Fq, "-1");
    const COEFF_A: Fq = MontFp!(Fq, "-1");
    /// COEFF_D = 122268283598675559488486339158635529096981886914877139579534153582033676785385790730042363341236035746924960903179 mod q
    #[rustfmt::skip]
    const COEFF_D: Fq = field_new!(Fq, "122268283598675559488486339158635529096981886914877139579534153582033676785385790730042363341236035746924960903179");
    const COEFF_D: Fq = MontFp!(Fq, "122268283598675559488486339158635529096981886914877139579534153582033676785385790730042363341236035746924960903179");
    /// AFFINE_GENERATOR_COEFFS = (GENERATOR_X, GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@ -124,7 +122,6 @@ impl TEModelParameters for Parameters {
 // It can be obtained via the following script, implementing
 // SW -> Montgomery transformation: <https://en.wikipedia.org/wiki/Montgomery_curve>
 // ``` sage
 //
 // # modulus
 // p=0x1ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001
 // Fp=Zmod(p)
@ -151,28 +148,25 @@ impl TEModelParameters for Parameters {
 // ```
 impl MontgomeryModelParameters for Parameters {
    /// COEFF_A = 228097355113300204138531148905234651262148041026195375645000724271212049151994375092458297304264351187709081232384
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "228097355113300204138531148905234651262148041026195375645000724271212049151994375092458297304264351187709081232384");
    const COEFF_A: Fq = MontFp!(Fq, "228097355113300204138531148905234651262148041026195375645000724271212049151994375092458297304264351187709081232384");
    /// COEFF_B = 10189023633222963290707194929886294091415157242906428298294512798502806398782149227503530278436336312243746741931
    #[rustfmt::skip]
    const COEFF_B: Fq = field_new!(Fq, "10189023633222963290707194929886294091415157242906428298294512798502806398782149227503530278436336312243746741931");
    const COEFF_B: Fq = MontFp!(Fq, "10189023633222963290707194929886294091415157242906428298294512798502806398782149227503530278436336312243746741931");
    type TEModelParameters = Parameters;
 }
 /// G1_GENERATOR_X =
 /// 81937999373150964239938255573465948239988671502647976594219695644855304257327692006745978603320413799295628339695
 #[rustfmt::skip]
 pub const G1_GENERATOR_X: Fq = field_new!(Fq, "81937999373150964239938255573465948239988671502647976594219695644855304257327692006745978603320413799295628339695");
 pub const G1_GENERATOR_X: Fq = MontFp!(Fq, "81937999373150964239938255573465948239988671502647976594219695644855304257327692006745978603320413799295628339695");
 /// G1_GENERATOR_Y =
 /// 241266749859715473739788878240585681733927191168601896383759122102112907357779751001206799952863815012735208165030
 #[rustfmt::skip]
 pub const G1_GENERATOR_Y: Fq = field_new!(Fq, "241266749859715473739788878240585681733927191168601896383759122102112907357779751001206799952863815012735208165030");
 pub const G1_GENERATOR_Y: Fq = MontFp!(Fq, "241266749859715473739788878240585681733927191168601896383759122102112907357779751001206799952863815012735208165030");
 // The generator for twisted Edward form is the same SW generator converted into the normalized TE form (TE2).
 // ``` sage
 // The generator for twisted Edward form is the same SW generator converted into
 // the normalized TE form (TE2).
 //``` sage
 // # following scripts in previous section
 // #####################################################
 // # Weierstrass curve generator
@ -216,10 +210,8 @@ pub const G1_GENERATOR_Y: Fq = field_new!(Fq, "241266749859715473739788878240585
 // ```
 /// TE_GENERATOR_X =
 /// 71222569531709137229370268896323705690285216175189308202338047559628438110820800641278662592954630774340654489393
 #[rustfmt::skip]
 pub const TE_GENERATOR_X: Fq = field_new!(Fq, "71222569531709137229370268896323705690285216175189308202338047559628438110820800641278662592954630774340654489393");
 pub const TE_GENERATOR_X: Fq = MontFp!(Fq, "71222569531709137229370268896323705690285216175189308202338047559628438110820800641278662592954630774340654489393");
 /// TE_GENERATOR_Y =
 /// 6177051365529633638563236407038680211609544222665285371549726196884440490905471891908272386851767077598415378235
 #[rustfmt::skip]
 pub const TE_GENERATOR_Y: Fq = field_new!(Fq, "6177051365529633638563236407038680211609544222665285371549726196884440490905471891908272386851767077598415378235");
 pub const TE_GENERATOR_Y: Fq = MontFp!(Fq, "6177051365529633638563236407038680211609544222665285371549726196884440490905471891908272386851767077598415378235");
--- a/bls12_377/src/curves/g2.rs
+++ b/bls12_377/src/curves/g2.rs
@ -1,5 +1,5 @@
 use ark_ec::models::{ModelParameters, SWModelParameters};
 use ark_ff::{field_new, Zero};
 use ark_ff::{MontFp, QuadExt, Zero};
 use crate::{fields::FQ_ZERO, g1, Fq, Fq2, Fr};
@ -26,17 +26,15 @@ impl ModelParameters for Parameters {
    /// COFACTOR_INV = COFACTOR^{-1} mod r
    /// = 6764900296503390671038341982857278410319949526107311149686707033187604810669
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "6764900296503390671038341982857278410319949526107311149686707033187604810669");
    const COFACTOR_INV: Fr = MontFp!(
        Fr,
        "6764900296503390671038341982857278410319949526107311149686707033187604810669"
    );
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = [0, 0]
    #[rustfmt::skip]
    const COEFF_A: Fq2 = field_new!(Fq2,
        g1::Parameters::COEFF_A,
        g1::Parameters::COEFF_A,
    );
    const COEFF_A: Fq2 = QuadExt!(g1::Parameters::COEFF_A, g1::Parameters::COEFF_A,);
    // As per https://eprint.iacr.org/2012/072.pdf,
    // this curve has b' = b/i, where b is the COEFF_B of G1, and x^6 -i is
@ -44,10 +42,9 @@ impl SWModelParameters for Parameters {
    // In our case, i = u (App A.3, T_6).
    /// COEFF_B = [0,
    /// 155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906]
    #[rustfmt::skip]
    const COEFF_B: Fq2 = field_new!(Fq2,
    const COEFF_B: Fq2 = QuadExt!(
        FQ_ZERO,
        field_new!(Fq, "155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906"),
        MontFp!(Fq, "155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906"),
    );
    /// AFFINE_GENERATOR_COEFFS = (G2_GENERATOR_X, G2_GENERATOR_Y)
@ -60,27 +57,21 @@ impl SWModelParameters for Parameters {
    }
 }
 #[rustfmt::skip]
 pub const G2_GENERATOR_X: Fq2 = field_new!(Fq2, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1);
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y: Fq2 = field_new!(Fq2, G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1);
 pub const G2_GENERATOR_X: Fq2 = QuadExt!(G2_GENERATOR_X_C0, G2_GENERATOR_X_C1);
 pub const G2_GENERATOR_Y: Fq2 = QuadExt!(G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1);
 /// G2_GENERATOR_X_C0 =
 /// 233578398248691099356572568220835526895379068987715365179118596935057653620464273615301663571204657964920925606294
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C0: Fq = field_new!(Fq, "233578398248691099356572568220835526895379068987715365179118596935057653620464273615301663571204657964920925606294");
 pub const G2_GENERATOR_X_C0: Fq = MontFp!(Fq, "233578398248691099356572568220835526895379068987715365179118596935057653620464273615301663571204657964920925606294");
 /// G2_GENERATOR_X_C1 =
 /// 140913150380207355837477652521042157274541796891053068589147167627541651775299824604154852141315666357241556069118
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C1: Fq = field_new!(Fq, "140913150380207355837477652521042157274541796891053068589147167627541651775299824604154852141315666357241556069118");
 pub const G2_GENERATOR_X_C1: Fq = MontFp!(Fq, "140913150380207355837477652521042157274541796891053068589147167627541651775299824604154852141315666357241556069118");
 /// G2_GENERATOR_Y_C0 =
 /// 63160294768292073209381361943935198908131692476676907196754037919244929611450776219210369229519898517858833747423
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C0: Fq = field_new!(Fq, "63160294768292073209381361943935198908131692476676907196754037919244929611450776219210369229519898517858833747423");
 pub const G2_GENERATOR_Y_C0: Fq = MontFp!(Fq, "63160294768292073209381361943935198908131692476676907196754037919244929611450776219210369229519898517858833747423");
 /// G2_GENERATOR_Y_C1 =
 /// 149157405641012693445398062341192467754805999074082136895788947234480009303640899064710353187729182149407503257491
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C1: Fq = field_new!(Fq, "149157405641012693445398062341192467754805999074082136895788947234480009303640899064710353187729182149407503257491");
 pub const G2_GENERATOR_Y_C1: Fq = MontFp!(Fq, "149157405641012693445398062341192467754805999074082136895788947234480009303640899064710353187729182149407503257491");
--- a/bls12_377/src/curves/mod.rs
+++ b/bls12_377/src/curves/mod.rs
@ -1,9 +1,10 @@
 use crate::*;
 use ark_ec::{
    bls12,
    bls12::{Bls12, Bls12Parameters, TwistType},
 };
 use crate::*;
 pub mod g1;
 pub mod g2;
@ -18,9 +19,9 @@ impl Bls12Parameters for Parameters {
    const X_IS_NEGATIVE: bool = false;
    const TWIST_TYPE: TwistType = TwistType::D;
    type Fp = Fq;
    type Fp2Params = Fq2Parameters;
    type Fp6Params = Fq6Parameters;
    type Fp12Params = Fq12Parameters;
    type Fp2Config = Fq2Config;
    type Fp6Config = Fq6Config;
    type Fp12Config = Fq12Config;
    type G1Parameters = g1::Parameters;
    type G2Parameters = g2::Parameters;
 }
--- a/bls12_377/src/curves/tests.rs
+++ b/bls12_377/src/curves/tests.rs
@ -1,25 +1,19 @@
 #![allow(unused_imports)]
 use crate::{
    g1, g2, Bls12_377, Fq, Fq12, Fq2, Fr, G1Affine, G1Projective, G1TEProjective, G2Affine,
    G2Projective,
 };
 use ark_ec::{
    models::SWModelParameters, short_weierstrass_jacobian, AffineCurve, PairingEngine,
    ProjectiveCurve,
 use ark_algebra_test_templates::{
    curves::{curve_tests, edwards_tests, sw_tests},
    generate_bilinearity_test, generate_g1_generator_raw_test, generate_g1_test, generate_g2_test,
    groups::group_test,
    msm::test_var_base_msm,
 };
 use ark_ec::{models::SWModelParameters, AffineCurve, PairingEngine};
 use ark_ff::{
    fields::{Field, FpParameters, PrimeField, SquareRootField},
    fields::{Field, PrimeField, SquareRootField},
    One, Zero,
 };
 use ark_serialize::CanonicalSerialize;
 use ark_std::{rand::Rng, test_rng};
 use core::ops::{AddAssign, MulAssign};
 use ark_algebra_test_templates::{
    curves::{curve_tests, edwards_tests, sw_tests},
    generate_bilinearity_test, generate_g1_generator_raw_test, generate_g1_test, generate_g2_test,
    groups::group_test,
    msm::test_var_base_msm,
 use crate::{
    g1, g2, Bls12_377, Fq, Fq12, Fr, G1Affine, G1Projective, G1TEProjective, G2Affine, G2Projective,
 };
 generate_g1_test!(bls12_377; curve_tests; sw_tests; edwards_tests; te_group_tests;);
--- a/bls12_377/src/fields/fq.rs
+++ b/bls12_377/src/fields/fq.rs
@ -1,121 +1,10 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger384 as BigInteger},
    fields::*,
 };
 use ark_ff::fields::{Fp384, MontBackend, MontConfig, MontFp};
 pub type Fq = Fp384<FqParameters>;
 #[derive(MontConfig)]
 #[modulus = "258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177"]
 #[generator = "15"]
 pub struct FqConfig;
 pub type Fq = Fp384<MontBackend<FqConfig, 6>>;
 pub struct FqParameters;
 impl Fp384Parameters for FqParameters {}
 impl FftParameters for FqParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 46u32;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        2022196864061697551u64,
        17419102863309525423u64,
        8564289679875062096u64,
        17152078065055548215u64,
        17966377291017729567u64,
        68610905582439508u64,
    ]);
 }
 impl FpParameters for FqParameters {
    /// MODULUS = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        0x8508c00000000001,
        0x170b5d4430000000,
        0x1ef3622fba094800,
        0x1a22d9f300f5138f,
        0xc63b05c06ca1493b,
        0x1ae3a4617c510ea,
    ]);
    const MODULUS_BITS: u32 = 377;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 7;
    /// R = 85013442423176922659824578519796707547925331718418265885885478904210582549405549618995257669764901891699128663912
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        202099033278250856u64,
        5854854902718660529u64,
        11492539364873682930u64,
        8885205928937022213u64,
        5545221690922665192u64,
        39800542322357402u64,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        0xb786686c9400cd22,
        0x329fcaab00431b1,
        0x22a5f11162d6b46d,
        0xbfdf7d03827dc3ac,
        0x837e92f041790bf9,
        0x6dfccb1e914b88,
    ]);
    const INV: u64 = 9586122913090633727u64;
    /// GENERATOR = -5
    /// Encoded in Montgomery form, so the value here is
    /// (-5 * R) % q = 92261639910053574722182574790803529333160366917737991650341130812388023949653897454961487930322210790384999596794
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        0xfc0b8000000002fa,
        0x97d39cf6e000018b,
        0x2072420fbfa05044,
        0xcbbcbd50d97c3802,
        0xbaf1ec35813f9eb,
        0x9974a2c0945ad2,
    ]);
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x4284600000000000,
        0xb85aea218000000,
        0x8f79b117dd04a400,
        0x8d116cf9807a89c7,
        0x631d82e03650a49d,
        0xd71d230be28875,
    ]);
    // T and T_MINUS_ONE_DIV_TWO, where MODULUS - 1 = 2^S * T
    // For T coprime to 2
    // T = (MODULUS - 1) // 2^S =
    // 3675842578061421676390135839012792950148785745837396071634149488243117337281387659330802195819009059
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0x7510c00000021423,
        0x88bee82520005c2d,
        0x67cc03d44e3c7bcd,
        0x1701b28524ec688b,
        0xe9185f1443ab18ec,
        0x6b8,
    ]);
    // (T - 1) // 2 =
    // 1837921289030710838195067919506396475074392872918698035817074744121558668640693829665401097909504529
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xba88600000010a11,
        0xc45f741290002e16,
        0xb3e601ea271e3de6,
        0xb80d94292763445,
        0x748c2f8a21d58c76,
        0x35c,
    ]);
 }
 #[allow(dead_code)]
 pub const FQ_ONE: Fq = Fq::new(FqParameters::R);
 #[allow(dead_code)]
 pub const FQ_ZERO: Fq = Fq::new(BigInt::new([0, 0, 0, 0, 0, 0]));
 pub const FQ_ONE: Fq = Fq::new(FqConfig::R);
 pub const FQ_ZERO: Fq = MontFp!(Fq, "0");
--- a/bls12_377/src/fields/fq12.rs
+++ b/bls12_377/src/fields/fq12.rs
@ -1,73 +1,73 @@
 use super::*;
 use ark_ff::{field_new, fields::*};
 use ark_ff::{fields::*, CubicExt, MontFp, QuadExt};
 pub type Fq12 = Fp12<Fq12Parameters>;
 use crate::*;
 pub type Fq12 = Fp12<Fq12Config>;
 #[derive(Clone, Copy)]
 pub struct Fq12Parameters;
 pub struct Fq12Config;
 impl Fp12Parameters for Fq12Parameters {
    type Fp6Params = Fq6Parameters;
 impl Fp12Config for Fq12Config {
    type Fp6Config = Fq6Config;
    const NONRESIDUE: Fq6 = field_new!(Fq6, FQ2_ZERO, FQ2_ONE, FQ2_ZERO);
    const NONRESIDUE: Fq6 = CubicExt!(FQ2_ZERO, FQ2_ONE, FQ2_ZERO);
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP12_C1: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^(((q^0) - 1) / 6)
        field_new!(Fq2, FQ_ONE, FQ_ZERO),
        QuadExt!(FQ_ONE, FQ_ZERO),
        // Fp2::NONRESIDUE^(((q^1) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "92949345220277864758624960506473182677953048909283248980960104381795901929519566951595905490535835115111760994353"),
        QuadExt!(
            MontFp!(Fq, "92949345220277864758624960506473182677953048909283248980960104381795901929519566951595905490535835115111760994353"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^2) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410946"),
        QuadExt!(
            MontFp!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410946"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^3) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "216465761340224619389371505802605247630151569547285782856803747159100223055385581585702401816380679166954762214499"),
        QuadExt!(
            MontFp!(Fq, "216465761340224619389371505802605247630151569547285782856803747159100223055385581585702401816380679166954762214499"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^4) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
        QuadExt!(
            MontFp!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^5) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "123516416119946754630746545296132064952198520638002533875843642777304321125866014634106496325844844051843001220146"),
        QuadExt!(
            MontFp!(Fq, "123516416119946754630746545296132064952198520638002533875843642777304321125866014634106496325844844051843001220146"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^6) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "-1"),
        QuadExt!(
            MontFp!(Fq, "-1"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^7) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "165715080792691229252027773188420350858440463845631411558924158284924566418821255823372982649037525009328560463824"),
        QuadExt!(
            MontFp!(Fq, "165715080792691229252027773188420350858440463845631411558924158284924566418821255823372982649037525009328560463824"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^8) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
        QuadExt!(
            MontFp!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^9) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "42198664672744474621281227892288285906241943207628877683080515507620245292955241189266486323192680957485559243678"),
        QuadExt!(
            MontFp!(Fq, "42198664672744474621281227892288285906241943207628877683080515507620245292955241189266486323192680957485559243678"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^10) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047232"),
        QuadExt!(
            MontFp!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047232"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^11) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "135148009893022339379906188398761468584194992116912126664040619889416147222474808140862391813728516072597320238031"),
        QuadExt!(
            MontFp!(Fq, "135148009893022339379906188398761468584194992116912126664040619889416147222474808140862391813728516072597320238031"),
            FQ_ZERO,
        ),
    ];
--- a/bls12_377/src/fields/fq2.rs
+++ b/bls12_377/src/fields/fq2.rs
@ -1,28 +1,26 @@
 use super::*;
 use ark_ff::{field_new, fields::*};
 use ark_ff::{fields::*, MontFp, QuadExt};
 pub type Fq2 = Fp2<Fq2Parameters>;
 use crate::*;
 pub struct Fq2Parameters;
 pub type Fq2 = Fp2<Fq2Config>;
 impl Fp2Parameters for Fq2Parameters {
 pub struct Fq2Config;
 impl Fp2Config for Fq2Config {
    type Fp = Fq;
    /// NONRESIDUE = -5
    #[rustfmt::skip]
    const NONRESIDUE: Fq = field_new!(Fq, "-5");
    const NONRESIDUE: Fq = MontFp!(Fq, "-5");
    /// QUADRATIC_NONRESIDUE = U
    #[rustfmt::skip]
    const QUADRATIC_NONRESIDUE: (Fq, Fq) = (FQ_ZERO, FQ_ONE);
    const QUADRATIC_NONRESIDUE: Fq2 = QuadExt!(FQ_ZERO, FQ_ONE);
    /// Coefficients for the Frobenius automorphism.
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP2_C1: &'static [Fq] = &[
        // NONRESIDUE**(((q^0) - 1) / 2)
        FQ_ONE,
        // NONRESIDUE**(((q^1) - 1) / 2)
        field_new!(Fq, "-1"),
        MontFp!(Fq, "-1"),
    ];
    #[inline(always)]
@ -34,5 +32,5 @@ impl Fp2Parameters for Fq2Parameters {
    }
 }
 pub const FQ2_ZERO: Fq2 = field_new!(Fq2, FQ_ZERO, FQ_ZERO);
 pub const FQ2_ONE: Fq2 = field_new!(Fq2, FQ_ONE, FQ_ZERO);
 pub const FQ2_ZERO: Fq2 = QuadExt!(FQ_ZERO, FQ_ZERO);
 pub const FQ2_ONE: Fq2 = QuadExt!(FQ_ONE, FQ_ZERO);
--- a/bls12_377/src/fields/fq6.rs
+++ b/bls12_377/src/fields/fq6.rs
@ -1,69 +1,68 @@
 use super::*;
 use ark_ff::{field_new, fields::*};
 use ark_ff::{fields::*, MontFp, QuadExt};
 pub type Fq6 = Fp6<Fq6Parameters>;
 use crate::*;
 pub type Fq6 = Fp6<Fq6Config>;
 #[derive(Clone, Copy)]
 pub struct Fq6Parameters;
 pub struct Fq6Config;
 impl Fp6Parameters for Fq6Parameters {
    type Fp2Params = Fq2Parameters;
 impl Fp6Config for Fq6Config {
    type Fp2Config = Fq2Config;
    /// NONRESIDUE = U
    #[rustfmt::skip]
    const NONRESIDUE: Fq2 = field_new!(Fq2, FQ_ZERO, FQ_ONE);
    const NONRESIDUE: Fq2 = QuadExt!(FQ_ZERO, FQ_ONE);
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C1: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^(((q^0) - 1) / 3)
        field_new!(Fq2, FQ_ONE, FQ_ZERO),
        QuadExt!(FQ_ONE, FQ_ZERO),
        // Fp2::NONRESIDUE^(((q^1) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410946"),
        QuadExt!(
            MontFp!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410946"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^2) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
        QuadExt!(
            MontFp!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^3) - 1) / 3)
        field_new!(Fq2, field_new!(Fq, "-1"), FQ_ZERO),
        QuadExt!(MontFp!(Fq, "-1"), FQ_ZERO),
        // Fp2::NONRESIDUE^(((q^4) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
        QuadExt!(
            MontFp!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^(((q^5) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047232"),
        QuadExt!(
            MontFp!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047232"),
            FQ_ZERO,
        ),
    ];
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C2: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^((2*(q^0) - 2) / 3)
        field_new!(Fq2, FQ_ONE, FQ_ZERO),
        QuadExt!(FQ_ONE, FQ_ZERO),
        // Fp2::NONRESIDUE^((2*(q^1) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
        QuadExt!(
            MontFp!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
            FQ_ZERO
        ),
        // Fp2::NONRESIDUE^((2*(q^2) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
        QuadExt!(
            MontFp!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^((2*(q^3) - 2) / 3)
        field_new!(Fq2, FQ_ONE, FQ_ZERO),
        QuadExt!(FQ_ONE, FQ_ZERO),
        // Fp2::NONRESIDUE^((2*(q^4) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
        QuadExt!(
            MontFp!(Fq, "80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945"),
            FQ_ZERO,
        ),
        // Fp2::NONRESIDUE^((2*(q^5) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
        QuadExt!(
            MontFp!(Fq, "258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231"),
            FQ_ZERO,
        ),
    ];
@ -71,8 +70,8 @@ impl Fp6Parameters for Fq6Parameters {
    #[inline(always)]
    fn mul_fp2_by_nonresidue(fe: &Fq2) -> Fq2 {
        // Karatsuba multiplication with constant other = u.
        let c0 = Fq2Parameters::mul_fp_by_nonresidue(&fe.c1);
        let c0 = Fq2Config::mul_fp_by_nonresidue(&fe.c1);
        let c1 = fe.c0;
        field_new!(Fq2, c0, c1)
        QuadExt!(c0, c1)
    }
 }
--- a/bls12_377/src/fields/fr.rs
+++ b/bls12_377/src/fields/fr.rs
@ -1,5 +1,4 @@
 //! Bls12-377 scalar field.
 ///
 /// Roots of unity computed from modulus and R using this sage code:
 ///
 /// ```ignore
@ -19,105 +18,10 @@
 /// print("Gen: ", into_chunks(g * R % q, 64, 4))
 /// print("2-adic gen: ", into_chunks(g2 * R % q, 64, 4))
 /// ```
 use ark_ff::{
    biginteger::{BigInt, BigInteger256 as BigInteger},
    fields::*,
 };
 pub type Fr = Fp256<FrParameters>;
 pub struct FrParameters;
 impl Fp256Parameters for FrParameters {}
 impl FftParameters for FrParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 47;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        12646347781564978760u64,
        6783048705277173164u64,
        268534165941069093u64,
        1121515446318641358u64,
    ]);
 }
 impl FpParameters for FrParameters {
    /// MODULUS = 8444461749428370424248824938781546531375899335154063827935233455917409239041
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        725501752471715841u64,
        6461107452199829505u64,
        6968279316240510977u64,
        1345280370688173398u64,
    ]);
    const MODULUS_BITS: u32 = 253;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 3;
    /// R = 6014086494747379908336260804527802945383293308637734276299549080986809532403
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        9015221291577245683u64,
        8239323489949974514u64,
        1646089257421115374u64,
        958099254763297437u64,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        2726216793283724667u64,
        14712177743343147295u64,
        12091039717619697043u64,
        81024008013859129u64,
    ]);
    const INV: u64 = 725501752471715839u64;
    /// GENERATOR = 22
    /// Encoded in Montgomery form, so the value is
    /// (22 * R) % q =
    /// 5642976643016801619665363617888466827793962762719196659561577942948671127251
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        2984901390528151251u64,
        10561528701063790279u64,
        5476750214495080041u64,
        898978044469942640u64,
    ]);
    /// (r - 1)/2 =
    /// 4222230874714185212124412469390773265687949667577031913967616727958704619520
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x8508c00000000000,
        0xacd53b7f68000000,
        0x305a268f2e1bd800,
        0x955b2af4d1652ab,
    ]);
    // T and T_MINUS_ONE_DIV_TWO, where r - 1 = 2^s * t
    // For T coprime to 2
    /// t = (r - 1) / 2^s =
    /// 60001509534603559531609739528203892656505753216962260608619555
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0xedfda00000021423,
        0x9a3cb86f6002b354,
        0xcabd34594aacc168,
        0x2556,
    ]);
 use ark_ff::fields::{Fp256, MontBackend, MontConfig};
    /// (t - 1) / 2 =
    /// 30000754767301779765804869764101946328252876608481130304309777
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x76fed00000010a11,
        0x4d1e5c37b00159aa,
        0x655e9a2ca55660b4,
        0x12ab,
    ]);
 }
 #[derive(MontConfig)]
 #[modulus = "8444461749428370424248824938781546531375899335154063827935233455917409239041"]
 #[generator = "22"]
 pub struct FrConfig;
 pub type Fr = Fp256<MontBackend<FrConfig, 4>>;
--- a/bls12_377/src/fields/tests.rs
+++ b/bls12_377/src/fields/tests.rs
@ -1,9 +1,9 @@
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use ark_ff::{
    biginteger::{BigInt, BigInteger, BigInteger384},
    fields::{
        fp6_3over2::Fp6Parameters, FftField, FftParameters, Field, Fp2Parameters, FpParameters,
        PrimeField, SquareRootField,
    },
    fields::{FftField, Field, Fp2Config, Fp6Config, PrimeField, SquareRootField},
    One, UniformRand, Zero,
 };
 use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
@ -13,13 +13,9 @@ use core::{
    ops::{AddAssign, MulAssign, SubAssign},
 };
 use crate::{Fq, Fq12, Fq2, Fq2Parameters, Fq6, Fq6Parameters, FqParameters, Fr};
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use crate::{Fq, Fq12, Fq2, Fq2Config, Fq6, Fq6Config, FqConfig, Fr, FrConfig};
 generate_field_test!(bls12_377; fq2; fq6; fq12;);
 generate_field_test!(bls12_377; fq2; fq6; fq12; mont(6, 4); );
 generate_field_serialization_test!(bls12_377; fq2; fq6; fq12;);
 #[test]
@ -29,14 +25,14 @@ fn test_fq_repr_from() {
 #[test]
 fn test_fq_repr_is_odd() {
    assert!(!BigInteger384::from(0).is_odd());
    assert!(BigInteger384::from(0).is_even());
    assert!(BigInteger384::from(1).is_odd());
    assert!(!BigInteger384::from(1).is_even());
    assert!(!BigInteger384::from(324834872).is_odd());
    assert!(BigInteger384::from(324834872).is_even());
    assert!(BigInteger384::from(324834873).is_odd());
    assert!(!BigInteger384::from(324834873).is_even());
    assert!(!BigInteger384::from(0u64).is_odd());
    assert!(BigInteger384::from(0u64).is_even());
    assert!(BigInteger384::from(1u64).is_odd());
    assert!(!BigInteger384::from(1u64).is_even());
    assert!(!BigInteger384::from(324834872u64).is_odd());
    assert!(BigInteger384::from(324834872u64).is_even());
    assert!(BigInteger384::from(324834873u64).is_odd());
    assert!(!BigInteger384::from(324834873u64).is_even());
 }
 #[test]
@ -48,9 +44,9 @@ fn test_fq_repr_is_zero() {
 #[test]
 fn test_fq_repr_num_bits() {
    let mut a = BigInteger384::from(0);
    let mut a = BigInteger384::from(0u64);
    assert_eq!(0, a.num_bits());
    a = BigInteger384::from(1);
    a = BigInteger384::from(1u64);
    for i in 1..385 {
        assert_eq!(i, a.num_bits());
        a.mul2();
@ -60,15 +56,14 @@ fn test_fq_repr_num_bits() {
 #[test]
 fn test_fq_num_bits() {
    assert_eq!(FqParameters::MODULUS_BITS, 377);
    assert_eq!(FqParameters::CAPACITY, 376);
    assert_eq!(Fq::MODULUS_BIT_SIZE, 377);
 }
 #[test]
 fn test_fq_root_of_unity() {
    assert_eq!(FqParameters::TWO_ADICITY, 46);
    assert_eq!(Fq::TWO_ADICITY, 46);
    assert_eq!(
        Fq::multiplicative_generator().pow([
        Fq::GENERATOR.pow([
            0x7510c00000021423,
            0x88bee82520005c2d,
            0x67cc03d44e3c7bcd,
@ -76,20 +71,20 @@ fn test_fq_root_of_unity() {
            0xe9185f1443ab18ec,
            0x6b8
        ]),
        Fq::two_adic_root_of_unity()
        Fq::TWO_ADIC_ROOT_OF_UNITY
    );
    assert_eq!(
        Fq::two_adic_root_of_unity().pow([1 << FqParameters::TWO_ADICITY]),
        Fq::TWO_ADIC_ROOT_OF_UNITY.pow([1 << Fq::TWO_ADICITY]),
        Fq::one()
    );
    assert!(Fq::multiplicative_generator().sqrt().is_none());
    assert!(Fq::GENERATOR.sqrt().is_none());
 }
 #[test]
 fn test_fq_ordering() {
    // BigInteger384's ordering is well-tested, but we still need to make sure the
    // Fq elements aren't being compared in Montgomery form.
    for i in 0..100 {
    for i in 0..100u64 {
        assert!(Fq::from(BigInteger384::from(i + 1)) > Fq::from(BigInteger384::from(i)));
    }
 }
@ -102,11 +97,11 @@ fn test_fq_legendre() {
    assert_eq!(Zero, Fq::zero().legendre());
    assert_eq!(
        QuadraticResidue,
        Fq::from(BigInteger384::from(4)).legendre()
        Fq::from(BigInteger384::from(4u64)).legendre()
    );
    assert_eq!(
        QuadraticNonResidue,
        Fq::from(BigInteger384::from(5)).legendre()
        Fq::from(BigInteger384::from(5u64)).legendre()
    );
 }
@ -147,7 +142,7 @@ fn test_fq2_legendre() {
    // i^2 = -1
    let mut m1 = -Fq2::one();
    assert_eq!(QuadraticResidue, m1.legendre());
    m1 = Fq6Parameters::mul_fp2_by_nonresidue(&m1);
    m1 = Fq6Config::mul_fp2_by_nonresidue(&m1);
    assert_eq!(QuadraticNonResidue, m1.legendre());
 }
@ -158,8 +153,8 @@ fn test_fq2_mul_nonresidue() {
    let nqr = Fq2::new(Fq::zero(), Fq::one());
    let quadratic_non_residue = Fq2::new(
        Fq2Parameters::QUADRATIC_NONRESIDUE.0,
        Fq2Parameters::QUADRATIC_NONRESIDUE.1,
        Fq2Config::QUADRATIC_NONRESIDUE.c0,
        Fq2Config::QUADRATIC_NONRESIDUE.c1,
    );
    for _ in 0..1000 {
        let mut a = Fq2::rand(&mut rng);
--- a/bls12_377/src/lib.rs
+++ b/bls12_377/src/lib.rs
@ -9,15 +9,17 @@
 #![forbid(unsafe_code)]
 //! This library implements the BLS12_377 curve generated in [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962).
 //! The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree 12,
 //! defined over a 377-bit (prime) field. The main feature of this curve is that
 //! both the scalar field and the base field are highly 2-adic.
 //! (This is in contrast to the BLS12_381 curve for which only the scalar field is highly 2-adic.)
 //! The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree
 //! 12, defined over a 377-bit (prime) field. The main feature of this curve is
 //! that both the scalar field and the base field are highly 2-adic.
 //! (This is in contrast to the BLS12_381 curve for which only the scalar field
 //! is highly 2-adic.)
 //!
 //!
 //! Curve information:
 //! * Base field: q = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
 //! * Scalar field: r = 8444461749428370424248824938781546531375899335154063827935233455917409239041
 //! * Scalar field: r =
 //!   8444461749428370424248824938781546531375899335154063827935233455917409239041
 //! * valuation(q - 1, 2) = 46
 //! * valuation(r - 1, 2) = 47
 //! * G1 curve equation: y^2 = x^3 + 1
--- a/bls12_381/scripts/base_field.sage
+++ b/bls12_381/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bls12_381/scripts/scalar_field.sage
+++ b/bls12_381/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bls12_381/src/curves/g1.rs
+++ b/bls12_381/src/curves/g1.rs
@ -1,4 +1,3 @@
 use crate::*;
 use ark_ec::{
    bls12,
    bls12::Bls12Parameters,
@ -6,9 +5,11 @@ use ark_ec::{
    short_weierstrass_jacobian::GroupAffine,
    AffineCurve, ProjectiveCurve,
 };
 use ark_ff::{biginteger::BigInteger256, field_new, Zero};
 use ark_ff::{biginteger::BigInteger256, MontFp, Zero};
 use ark_std::ops::Neg;
 use crate::*;
 pub type G1Affine = bls12::G1Affine<crate::Parameters>;
 pub type G1Projective = bls12::G1Projective<crate::Parameters>;
@ -24,17 +25,18 @@ impl ModelParameters for Parameters {
    /// COFACTOR_INV = COFACTOR^{-1} mod r
    /// = 52435875175126190458656871551744051925719901746859129887267498875565241663483
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "52435875175126190458656871551744051925719901746859129887267498875565241663483");
    const COFACTOR_INV: Fr = MontFp!(
        Fr,
        "52435875175126190458656871551744051925719901746859129887267498875565241663483"
    );
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = 0
    const COEFF_A: Fq = field_new!(Fq, "0");
    const COEFF_A: Fq = MontFp!(Fq, "0");
    /// COEFF_B = 4
    #[rustfmt::skip]
    const COEFF_B: Fq = field_new!(Fq, "4");
    const COEFF_B: Fq = MontFp!(Fq, "4");
    /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@ -54,7 +56,8 @@ impl SWModelParameters for Parameters {
        let x = BigInteger256::new([crate::Parameters::X[0], 0, 0, 0]);
        // An early-out optimization described in Section 6.
        // If uP == P but P != point of infinity, then the point is not in the right subgroup.
        // If uP == P but P != point of infinity, then the point is not in the right
        // subgroup.
        let x_times_p = p.mul(x);
        if x_times_p.eq(p) && !p.infinity {
            return false;
@ -68,20 +71,19 @@ impl SWModelParameters for Parameters {
 /// G1_GENERATOR_X =
 /// 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507
 #[rustfmt::skip]
 pub const G1_GENERATOR_X: Fq = field_new!(Fq, "3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507");
 pub const G1_GENERATOR_X: Fq = MontFp!(Fq, "3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507");
 /// G1_GENERATOR_Y =
 /// 1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569
 #[rustfmt::skip]
 pub const G1_GENERATOR_Y: Fq = field_new!(Fq, "1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569");
 pub const G1_GENERATOR_Y: Fq = MontFp!(Fq, "1339506544944476473020471379941921221584933875938349620426543736416511423956333506472724655353366534992391756441569");
 /// BETA is a non-trivial cubic root of unity in Fq.
 pub const BETA: Fq = field_new!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350");
 pub const BETA: Fq = MontFp!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350");
 pub fn endomorphism(p: &GroupAffine<Parameters>) -> GroupAffine<Parameters> {
    // Endomorphism of the points on the curve.
    // endomorphism_p(x,y) = (BETA * x, y) where BETA is a non-trivial cubic root of unity in Fq.
    // endomorphism_p(x,y) = (BETA * x, y)
    // where BETA is a non-trivial cubic root of unity in Fq.
    let mut res = (*p).clone();
    res.x *= BETA;
    res
--- a/bls12_381/src/curves/g2.rs
+++ b/bls12_381/src/curves/g2.rs
@ -1,12 +1,13 @@
 use crate::*;
 use ark_ec::bls12::Bls12Parameters;
 use ark_ec::{
    bls12,
    bls12::Bls12Parameters,
    models::{ModelParameters, SWModelParameters},
    short_weierstrass_jacobian::GroupAffine,
    AffineCurve,
 };
 use ark_ff::{field_new, BigInt, Field, Zero};
 use ark_ff::{BigInt, Field, MontFp, QuadExt, Zero};
 use crate::*;
 pub type G2Affine = bls12::G2Affine<crate::Parameters>;
 pub type G2Projective = bls12::G2Projective<crate::Parameters>;
@ -35,16 +36,18 @@ impl ModelParameters for Parameters {
    /// COFACTOR_INV = COFACTOR^{-1} mod r
    /// 26652489039290660355457965112010883481355318854675681319708643586776743290055
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "26652489039290660355457965112010883481355318854675681319708643586776743290055");
    const COFACTOR_INV: Fr = MontFp!(
        Fr,
        "26652489039290660355457965112010883481355318854675681319708643586776743290055"
    );
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = [0, 0]
    const COEFF_A: Fq2 = field_new!(Fq2, g1::Parameters::COEFF_A, g1::Parameters::COEFF_A,);
    const COEFF_A: Fq2 = QuadExt!(g1::Parameters::COEFF_A, g1::Parameters::COEFF_A,);
    /// COEFF_B = [4, 4]
    const COEFF_B: Fq2 = field_new!(Fq2, g1::Parameters::COEFF_B, g1::Parameters::COEFF_B,);
    const COEFF_B: Fq2 = QuadExt!(g1::Parameters::COEFF_B, g1::Parameters::COEFF_B,);
    /// AFFINE_GENERATOR_COEFFS = (G2_GENERATOR_X, G2_GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@ -71,59 +74,55 @@ impl SWModelParameters for Parameters {
    }
 }
 pub const G2_GENERATOR_X: Fq2 = field_new!(Fq2, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1);
 pub const G2_GENERATOR_Y: Fq2 = field_new!(Fq2, G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1);
 pub const G2_GENERATOR_X: Fq2 = QuadExt!(G2_GENERATOR_X_C0, G2_GENERATOR_X_C1);
 pub const G2_GENERATOR_Y: Fq2 = QuadExt!(G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1);
 /// G2_GENERATOR_X_C0 =
 /// 352701069587466618187139116011060144890029952792775240219908644239793785735715026873347600343865175952761926303160
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C0: Fq = field_new!(Fq, "352701069587466618187139116011060144890029952792775240219908644239793785735715026873347600343865175952761926303160");
 pub const G2_GENERATOR_X_C0: Fq = MontFp!(Fq, "352701069587466618187139116011060144890029952792775240219908644239793785735715026873347600343865175952761926303160");
 /// G2_GENERATOR_X_C1 =
 /// 3059144344244213709971259814753781636986470325476647558659373206291635324768958432433509563104347017837885763365758
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C1: Fq = field_new!(Fq, "3059144344244213709971259814753781636986470325476647558659373206291635324768958432433509563104347017837885763365758");
 pub const G2_GENERATOR_X_C1: Fq = MontFp!(Fq, "3059144344244213709971259814753781636986470325476647558659373206291635324768958432433509563104347017837885763365758");
 /// G2_GENERATOR_Y_C0 =
 /// 1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C0: Fq = field_new!(Fq, "1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905");
 pub const G2_GENERATOR_Y_C0: Fq = MontFp!(Fq, "1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905");
 /// G2_GENERATOR_Y_C1 =
 /// 927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C1: Fq = field_new!(Fq, "927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582");
 pub const G2_GENERATOR_Y_C1: Fq = MontFp!(Fq, "927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582");
 // psi(x,y) = (x**p * PSI_X, y**p * PSI_Y) is the Frobenius composed
 // with the quadratic twist and its inverse
 // PSI_X = 1/(u+1)^((p-1)/3)
 pub const P_POWER_ENDOMORPHISM_COEFF_0 : Fq2 = field_new!(
    Fq2,
 pub const P_POWER_ENDOMORPHISM_COEFF_0 : Fq2 = QuadExt!(
    FQ_ZERO,
    field_new!(
       Fq,
       "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939437"
    MontFp!(
        Fq,
        "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939437"
    )
 );
 // PSI_Y = 1/(u+1)^((p-1)/2)
 pub const P_POWER_ENDOMORPHISM_COEFF_1: Fq2 = field_new!(
    Fq2,
    field_new!(
       Fq,
       "2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530"),
    field_new!(
       Fq,
       "1028732146235106349975324479215795277384839936929757896155643118032610843298655225875571310552543014690878354869257")
 pub const P_POWER_ENDOMORPHISM_COEFF_1: Fq2 = QuadExt!(
    MontFp!(
        Fq,
        "2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530"),
    MontFp!(
        Fq,
        "1028732146235106349975324479215795277384839936929757896155643118032610843298655225875571310552543014690878354869257")
 );
 pub fn p_power_endomorphism(p: &GroupAffine<Parameters>) -> GroupAffine<Parameters> {
    // The p-power endomorphism for G2 is defined as follows:
    // 1. Note that G2 is defined on curve E': y^2 = x^3 + 4(u+1). To map a point (x, y) in E' to (s, t) in E,
    //    one set s = x / ((u+1) ^ (1/3)), t = y / ((u+1) ^ (1/2)), because E: y^2 = x^3 + 4.
    // 2. Apply the Frobenius endomorphism (s, t) => (s', t'), another point on curve E,
    //    where s' = s^p, t' = t^p.
    // 1. Note that G2 is defined on curve E': y^2 = x^3 + 4(u+1).
    //    To map a point (x, y) in E' to (s, t) in E,
    //    one set s = x / ((u+1) ^ (1/3)), t = y / ((u+1) ^ (1/2)),
    //    because E: y^2 = x^3 + 4.
    // 2. Apply the Frobenius endomorphism (s, t) => (s', t'),
    //    another point on curve E, where s' = s^p, t' = t^p.
    // 3. Map the point from E back to E'; that is,
    //    one set x' = s' * ((u+1) ^ (1/3)), y' = t' * ((u+1) ^ (1/2)).
    //
--- a/bls12_381/src/curves/mod.rs
+++ b/bls12_381/src/curves/mod.rs
@ -1,6 +1,6 @@
 use ark_ec::bls12::{Bls12, Bls12Parameters, TwistType};
 use crate::{Fq, Fq12Parameters, Fq2Parameters, Fq6Parameters};
 use crate::{Fq, Fq12Config, Fq2Config, Fq6Config};
 pub mod g1;
 pub mod g2;
@ -22,9 +22,9 @@ impl Bls12Parameters for Parameters {
    const X_IS_NEGATIVE: bool = true;
    const TWIST_TYPE: TwistType = TwistType::M;
    type Fp = Fq;
    type Fp2Params = Fq2Parameters;
    type Fp6Params = Fq6Parameters;
    type Fp12Params = Fq12Parameters;
    type Fp2Config = Fq2Config;
    type Fp6Config = Fq6Config;
    type Fp12Config = Fq12Config;
    type G1Parameters = self::g1::Parameters;
    type G2Parameters = self::g2::Parameters;
 }
--- a/bls12_381/src/curves/tests.rs
+++ b/bls12_381/src/curves/tests.rs
@ -1,23 +1,16 @@
 #![allow(unused_imports)]
 use ark_ec::{
    models::SWModelParameters,
    short_weierstrass_jacobian::{GroupAffine, GroupProjective},
    AffineCurve, PairingEngine, ProjectiveCurve,
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_generator_raw_test, generate_g1_test,
    generate_g2_test, groups::*, msm::*,
 };
 use ark_ec::{models::SWModelParameters, AffineCurve, PairingEngine, ProjectiveCurve};
 use ark_ff::{
    fields::{Field, FpParameters, PrimeField, SquareRootField},
    BitIteratorBE, One, UniformRand, Zero,
    fields::{Field, PrimeField, SquareRootField},
    One, UniformRand, Zero,
 };
 use ark_serialize::CanonicalSerialize;
 use ark_std::{rand::Rng, test_rng};
 use core::ops::{AddAssign, MulAssign};
 use crate::{g1, g2, Bls12_381, Fq, Fq12, Fq2, Fr, G1Affine, G1Projective, G2Affine, G2Projective};
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_generator_raw_test, generate_g1_test,
    generate_g2_test, groups::*, msm::*,
 };
 use ark_ec::group::Group;
 generate_g1_test!(bls12_381; curve_tests; sw_tests;);
 generate_g2_test!(bls12_381; curve_tests; sw_tests;);
--- a/bls12_381/src/fields/fq.rs
+++ b/bls12_381/src/fields/fq.rs
@ -1,115 +1,10 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger384 as BigInteger},
    field_new,
    fields::{FftParameters, Fp384, Fp384Parameters, FpParameters},
 };
 use ark_ff::fields::{Fp384, MontBackend, MontConfig, MontFp};
 pub type Fq = Fp384<FqParameters>;
 #[derive(MontConfig)]
 #[modulus = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787"]
 #[generator = "2"]
 pub struct FqConfig;
 pub type Fq = Fp384<MontBackend<FqConfig, 6>>;
 pub struct FqParameters;
 impl Fp384Parameters for FqParameters {}
 impl FftParameters for FqParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 1;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        0x43f5fffffffcaaae,
        0x32b7fff2ed47fffd,
        0x7e83a49a2e99d69,
        0xeca8f3318332bb7a,
        0xef148d1ea0f4c069,
        0x40ab3263eff0206,
    ]);
 }
 impl FpParameters for FqParameters {
    /// MODULUS = 4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        0xb9feffffffffaaab,
        0x1eabfffeb153ffff,
        0x6730d2a0f6b0f624,
        0x64774b84f38512bf,
        0x4b1ba7b6434bacd7,
        0x1a0111ea397fe69a,
    ]);
    const MODULUS_BITS: u32 = 381;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 3;
    /// R = 3380320199399472671518931668520476396067793891014375699959770179129436917079669831430077592723774664465579537268733
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        0x760900000002fffd,
        0xebf4000bc40c0002,
        0x5f48985753c758ba,
        0x77ce585370525745,
        0x5c071a97a256ec6d,
        0x15f65ec3fa80e493,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        0xf4df1f341c341746,
        0xa76e6a609d104f1,
        0x8de5476c4c95b6d5,
        0x67eb88a9939d83c0,
        0x9a793e85b519952d,
        0x11988fe592cae3aa,
    ]);
    const INV: u64 = 0x89f3fffcfffcfffd;
    /// GENERATOR = 2
    /// Encoded in Montgomery form, so the value is
    /// 2 * R % q = 2758230843577277949620073511305048635578704962089743514587482222134842183668501798417467556318533664893264801977679
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        0x321300000006554f,
        0xb93c0018d6c40005,
        0x57605e0db0ddbb51,
        0x8b256521ed1f9bcb,
        0x6cf28d7901622c03,
        0x11ebab9dbb81e28c,
    ]);
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xdcff7fffffffd555,
        0xf55ffff58a9ffff,
        0xb39869507b587b12,
        0xb23ba5c279c2895f,
        0x258dd3db21a5d66b,
        0xd0088f51cbff34d,
    ]);
    /// T and T_MINUS_ONE_DIV_TWO, where MODULUS - 1 = 2^S * T
    /// For T coprime to 2
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0xdcff7fffffffd555,
        0xf55ffff58a9ffff,
        0xb39869507b587b12,
        0xb23ba5c279c2895f,
        0x258dd3db21a5d66b,
        0xd0088f51cbff34d,
    ]);
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xee7fbfffffffeaaa,
        0x7aaffffac54ffff,
        0xd9cc34a83dac3d89,
        0xd91dd2e13ce144af,
        0x92c6e9ed90d2eb35,
        0x680447a8e5ff9a6,
    ]);
 }
 pub const FQ_ONE: Fq = field_new!(Fq, "1");
 pub const FQ_ZERO: Fq = field_new!(Fq, "0");
 pub const FQ_ONE: Fq = MontFp!(Fq, "1");
 pub const FQ_ZERO: Fq = MontFp!(Fq, "0");
--- a/bls12_381/src/fields/fq12.rs
+++ b/bls12_381/src/fields/fq12.rs
@ -1,76 +1,77 @@
 use ark_ff::{fields::*, CubicExt, MontFp, QuadExt};
 use crate::*;
 use ark_ff::{field_new, fields::*};
 pub type Fq12 = Fp12<Fq12Parameters>;
 pub type Fq12 = Fp12<Fq12Config>;
 #[derive(Clone, Copy)]
 pub struct Fq12Parameters;
 pub struct Fq12Config;
 impl Fp12Parameters for Fq12Parameters {
    type Fp6Params = Fq6Parameters;
 impl Fp12Config for Fq12Config {
    type Fp6Config = Fq6Config;
    const NONRESIDUE: Fq6 = field_new!(Fq6, FQ2_ZERO, FQ2_ONE, FQ2_ZERO);
    const NONRESIDUE: Fq6 = CubicExt!(FQ2_ZERO, FQ2_ONE, FQ2_ZERO);
    const FROBENIUS_COEFF_FP12_C1: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^(((q^0) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "1"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "1"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^1) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "3850754370037169011952147076051364057158807420970682438676050522613628423219637725072182697113062777891589506424760"),
            field_new!(Fq, "151655185184498381465642749684540099398075398968325446656007613510403227271200139370504932015952886146304766135027"),
        QuadExt!(
            MontFp!(Fq, "3850754370037169011952147076051364057158807420970682438676050522613628423219637725072182697113062777891589506424760"),
            MontFp!(Fq, "151655185184498381465642749684540099398075398968325446656007613510403227271200139370504932015952886146304766135027"),
        ),
        // Fp2::NONRESIDUE^(((q^2) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620351"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620351"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^3) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530"),
            field_new!(Fq, "1028732146235106349975324479215795277384839936929757896155643118032610843298655225875571310552543014690878354869257"),
        QuadExt!(
            MontFp!(Fq, "2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530"),
            MontFp!(Fq, "1028732146235106349975324479215795277384839936929757896155643118032610843298655225875571310552543014690878354869257"),
        ),
        // Fp2::NONRESIDUE^(((q^4) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^5) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "3125332594171059424908108096204648978570118281977575435832422631601824034463382777937621250592425535493320683825557"),
            field_new!(Fq, "877076961050607968509681729531255177986764537961432449499635504522207616027455086505066378536590128544573588734230"),
        QuadExt!(
            MontFp!(Fq, "3125332594171059424908108096204648978570118281977575435832422631601824034463382777937621250592425535493320683825557"),
            MontFp!(Fq, "877076961050607968509681729531255177986764537961432449499635504522207616027455086505066378536590128544573588734230"),
        ),
        // Fp2::NONRESIDUE^(((q^6) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "-1"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "-1"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^7) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "151655185184498381465642749684540099398075398968325446656007613510403227271200139370504932015952886146304766135027"),
            field_new!(Fq, "3850754370037169011952147076051364057158807420970682438676050522613628423219637725072182697113062777891589506424760"),
        QuadExt!(
            MontFp!(Fq, "151655185184498381465642749684540099398075398968325446656007613510403227271200139370504932015952886146304766135027"),
            MontFp!(Fq, "3850754370037169011952147076051364057158807420970682438676050522613628423219637725072182697113062777891589506424760"),
        ),
        // Fp2::NONRESIDUE^(((q^8) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^9) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "1028732146235106349975324479215795277384839936929757896155643118032610843298655225875571310552543014690878354869257"),
            field_new!(Fq, "2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530"),
        QuadExt!(
            MontFp!(Fq, "1028732146235106349975324479215795277384839936929757896155643118032610843298655225875571310552543014690878354869257"),
            MontFp!(Fq, "2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530"),
        ),
        // Fp2::NONRESIDUE^(((q^10) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939437"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939437"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^11) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "877076961050607968509681729531255177986764537961432449499635504522207616027455086505066378536590128544573588734230"),
            field_new!(Fq, "3125332594171059424908108096204648978570118281977575435832422631601824034463382777937621250592425535493320683825557"),
        QuadExt!(
            MontFp!(Fq, "877076961050607968509681729531255177986764537961432449499635504522207616027455086505066378536590128544573588734230"),
            MontFp!(Fq, "3125332594171059424908108096204648978570118281977575435832422631601824034463382777937621250592425535493320683825557"),
        ),
    ];
 }
--- a/bls12_381/src/fields/fq2.rs
+++ b/bls12_381/src/fields/fq2.rs
@ -1,28 +1,26 @@
 use ark_ff::{fields::*, MontFp, QuadExt};
 use crate::*;
 use ark_ff::{field_new, fields::*};
 pub type Fq2 = Fp2<Fq2Parameters>;
 pub type Fq2 = Fp2<Fq2Config>;
 pub struct Fq2Parameters;
 pub struct Fq2Config;
 impl Fp2Parameters for Fq2Parameters {
 impl Fp2Config for Fq2Config {
    type Fp = Fq;
    /// NONRESIDUE = -1
    #[rustfmt::skip]
    const NONRESIDUE: Fq = field_new!(Fq, "-1");
    const NONRESIDUE: Fq = MontFp!(Fq, "-1");
    /// QUADRATIC_NONRESIDUE = (U + 1)
    #[rustfmt::skip]
    const QUADRATIC_NONRESIDUE: (Fq, Fq) = (FQ_ONE, FQ_ONE);
    const QUADRATIC_NONRESIDUE: Fq2 = QuadExt!(FQ_ONE, FQ_ONE);
    /// Coefficients for the Frobenius automorphism.
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP2_C1: &'static [Fq] = &[
        // Fq(-1)**(((q^0) - 1) / 2)
        field_new!(Fq, "1"),
        MontFp!(Fq, "1"),
        // Fq(-1)**(((q^1) - 1) / 2)
        field_new!(Fq, "-1"),
        MontFp!(Fq, "-1"),
    ];
    #[inline(always)]
@ -31,5 +29,5 @@ impl Fp2Parameters for Fq2Parameters {
    }
 }
 pub const FQ2_ZERO: Fq2 = field_new!(Fq2, FQ_ZERO, FQ_ZERO);
 pub const FQ2_ONE: Fq2 = field_new!(Fq2, FQ_ONE, FQ_ZERO);
 pub const FQ2_ZERO: Fq2 = QuadExt!(FQ_ZERO, FQ_ZERO);
 pub const FQ2_ONE: Fq2 = QuadExt!(FQ_ONE, FQ_ZERO);
--- a/bls12_381/src/fields/fq6.rs
+++ b/bls12_381/src/fields/fq6.rs
@ -1,86 +1,82 @@
 use ark_ff::{fields::*, MontFp, QuadExt};
 use crate::*;
 use ark_ff::{field_new, fields::*};
 pub type Fq6 = Fp6<Fq6Parameters>;
 pub type Fq6 = Fp6<Fq6Config>;
 #[derive(Clone, Copy)]
 pub struct Fq6Parameters;
 pub struct Fq6Config;
 impl Fp6Parameters for Fq6Parameters {
    type Fp2Params = Fq2Parameters;
 impl Fp6Config for Fq6Config {
    type Fp2Config = Fq2Config;
    /// NONRESIDUE = (U + 1)
    #[rustfmt::skip]
    const NONRESIDUE: Fq2 = field_new!(Fq2,
        field_new!(Fq, "1"),
        field_new!(Fq, "1"),
    );
    const NONRESIDUE: Fq2 = QuadExt!(FQ_ONE, FQ_ONE);
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C1: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^(((q^0) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "1"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "1"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^1) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "0"),
            field_new!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
        QuadExt!(
            MontFp!(Fq, "0"),
            MontFp!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
        ),
        // Fp2::NONRESIDUE^(((q^2) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^3) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "0"),
            field_new!(Fq, "1"),
        QuadExt!(
            MontFp!(Fq, "0"),
            MontFp!(Fq, "1"),
        ),
        // Fp2::NONRESIDUE^(((q^4) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^5) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "0"),
            field_new!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
        QuadExt!(
            MontFp!(Fq, "0"),
            MontFp!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
        ),
 ];
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C2: &'static [Fq2] = &[
        // Fq2(u + 1)**(((2q^0) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "1"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "1"),
            MontFp!(Fq, "0"),
        ),
        // Fq2(u + 1)**(((2q^1) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939437"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939437"),
            MontFp!(Fq, "0"),
        ),
        // Fq2(u + 1)**(((2q^2) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436"),
            MontFp!(Fq, "0"),
        ),
        // Fq2(u + 1)**(((2q^3) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "-1"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "-1"),
            MontFp!(Fq, "0"),
        ),
        // Fq2(u + 1)**(((2q^4) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350"),
            MontFp!(Fq, "0"),
        ),
        // Fq2(u + 1)**(((2q^5) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620351"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(Fq, "793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620351"),
            MontFp!(Fq, "0"),
        ),
    ];
--- a/bls12_381/src/fields/fr.rs
+++ b/bls12_381/src/fields/fr.rs
@ -1,100 +1,7 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger256 as BigInteger},
    fields::{FftParameters, Fp256, Fp256Parameters, FpParameters},
 };
 use ark_ff::fields::{Fp256, MontBackend, MontConfig};
 pub type Fr = Fp256<FrParameters>;
 pub struct FrParameters;
 impl Fp256Parameters for FrParameters {}
 impl FftParameters for FrParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 32;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        0xb9b58d8c5f0e466a,
        0x5b1b4c801819d7ec,
        0xaf53ae352a31e64,
        0x5bf3adda19e9b27b,
    ]);
 }
 impl FpParameters for FrParameters {
    /// MODULUS = 52435875175126190479447740508185965837690552500527637822603658699938581184513
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        0xffffffff00000001,
        0x53bda402fffe5bfe,
        0x3339d80809a1d805,
        0x73eda753299d7d48,
    ]);
    const MODULUS_BITS: u32 = 255;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 1;
    /// R = 10920338887063814464675503992315976177888879664585288394250266608035967270910
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        0x1fffffffe,
        0x5884b7fa00034802,
        0x998c4fefecbc4ff5,
        0x1824b159acc5056f,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        0xc999e990f3f29c6d,
        0x2b6cedcb87925c23,
        0x5d314967254398f,
        0x748d9d99f59ff11,
    ]);
    const INV: u64 = 0xfffffffeffffffff;
    /// GENERATOR = 7
    /// Encoded in Montgomery form, so the value here is
    /// 7 * R % q = 24006497034320510773280787438025867407531605151569380937148207556313189711857
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        0xefffffff1,
        0x17e363d300189c0f,
        0xff9c57876f8457b0,
        0x351332208fc5a8c4,
    ]);
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x7fffffff80000000,
        0xa9ded2017fff2dff,
        0x199cec0404d0ec02,
        0x39f6d3a994cebea4,
    ]);
    // T and T_MINUS_ONE_DIV_TWO, where MODULUS - 1 = 2^S * T
    // For T coprime to 2
    // T = (MODULUS - 1) / 2^S =
    // 12208678567578594777604504606729831043093128246378069236549469339647
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0xfffe5bfeffffffff,
        0x9a1d80553bda402,
        0x299d7d483339d808,
        0x73eda753,
    ]);
    // (T - 1) / 2 =
    // 6104339283789297388802252303364915521546564123189034618274734669823
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x7fff2dff7fffffff,
        0x4d0ec02a9ded201,
        0x94cebea4199cec04,
        0x39f6d3a9,
    ]);
 }
 #[derive(MontConfig)]
 #[modulus = "52435875175126190479447740508185965837690552500527637822603658699938581184513"]
 #[generator = "7"]
 pub struct FrConfig;
 pub type Fr = Fp256<MontBackend<FrConfig, 4>>;
--- a/bls12_381/src/fields/mod.rs
+++ b/bls12_381/src/fields/mod.rs
@ -23,5 +23,5 @@ pub mod fq12;
 #[cfg(feature = "curve")]
 pub use self::fq12::*;
 #[cfg(all(feature = "curve", feature = "std", test))]
 #[cfg(all(feature = "curve", test))]
 mod tests;
--- a/bls12_381/src/fields/tests.rs
+++ b/bls12_381/src/fields/tests.rs
@ -1,22 +1,23 @@
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use ark_ff::{
    biginteger::{BigInt, BigInteger, BigInteger384},
    fields::{
        FftField, FftParameters, Field, Fp12Parameters, Fp2Parameters, Fp6Parameters, FpParameters,
        SquareRootField,
    },
    fields::{FftField, Field, Fp12Config, Fp2Config, Fp6Config, PrimeField, SquareRootField},
    One, UniformRand, Zero,
 };
 use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
 use ark_std::{
    cmp::Ordering,
    ops::{AddAssign, MulAssign, SubAssign},
    rand::Rng,
    test_rng,
    test_rng, vec,
 };
 use crate::{Fq, Fq12, Fq12Parameters, Fq2, Fq2Parameters, Fq6, Fq6Parameters, FqParameters, Fr};
 use ark_algebra_test_templates::{fields::*, generate_field_test};
 use crate::{Fq, Fq12, Fq12Config, Fq2, Fq2Config, Fq6, Fq6Config, FqConfig, Fr, FrConfig};
 generate_field_test!(bls12_381; fq2; fq6; fq12;);
 generate_field_test!(bls12_381; fq2; fq6; fq12; mont(6, 4); );
 generate_field_serialization_test!(bls12_381; fq2; fq6; fq12;);
 #[test]
 fn test_negative_one() {
@ -35,9 +36,9 @@ fn test_negative_one() {
 fn test_frob_coeffs() {
    let nqr = -Fq::one();
    assert_eq!(Fq2Parameters::FROBENIUS_COEFF_FP2_C1[0], Fq::one());
    assert_eq!(Fq2Config::FROBENIUS_COEFF_FP2_C1[0], Fq::one());
    assert_eq!(
        Fq2Parameters::FROBENIUS_COEFF_FP2_C1[1],
        Fq2Config::FROBENIUS_COEFF_FP2_C1[1],
        nqr.pow([
            0xdcff7fffffffd555,
            0xf55ffff58a9ffff,
@ -50,9 +51,9 @@ fn test_frob_coeffs() {
    let nqr = Fq2::new(Fq::one(), Fq::one());
    assert_eq!(Fq6Parameters::FROBENIUS_COEFF_FP6_C1[0], Fq2::one());
    assert_eq!(Fq6Config::FROBENIUS_COEFF_FP6_C1[0], Fq2::one());
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C1[1],
        Fq6Config::FROBENIUS_COEFF_FP6_C1[1],
        nqr.pow([
            0x9354ffffffffe38e,
            0xa395554e5c6aaaa,
@ -63,7 +64,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C1[2],
        Fq6Config::FROBENIUS_COEFF_FP6_C1[2],
        nqr.pow([
            0xb78e0000097b2f68,
            0xd44f23b47cbd64e3,
@ -80,7 +81,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C1[3],
        Fq6Config::FROBENIUS_COEFF_FP6_C1[3],
        nqr.pow([
            0xdbc6fcd6f35b9e06,
            0x997dead10becd6aa,
@ -103,7 +104,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C1[4],
        Fq6Config::FROBENIUS_COEFF_FP6_C1[4],
        nqr.pow([
            0x4649add3c71c6d90,
            0x43caa6528972a865,
@ -132,7 +133,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C1[5],
        Fq6Config::FROBENIUS_COEFF_FP6_C1[5],
        nqr.pow([
            0xf896f792732eb2be,
            0x49c86a6d1dc593a1,
@ -167,9 +168,9 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(Fq6Parameters::FROBENIUS_COEFF_FP6_C2[0], Fq2::one());
    assert_eq!(Fq6Config::FROBENIUS_COEFF_FP6_C2[0], Fq2::one());
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C2[1],
        Fq6Config::FROBENIUS_COEFF_FP6_C2[1],
        nqr.pow([
            0x26a9ffffffffc71c,
            0x1472aaa9cb8d5555,
@ -180,7 +181,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C2[2],
        Fq6Config::FROBENIUS_COEFF_FP6_C2[2],
        nqr.pow([
            0x6f1c000012f65ed0,
            0xa89e4768f97ac9c7,
@ -197,7 +198,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C2[3],
        Fq6Config::FROBENIUS_COEFF_FP6_C2[3],
        nqr.pow([
            0xb78df9ade6b73c0c,
            0x32fbd5a217d9ad55,
@ -220,7 +221,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C2[4],
        Fq6Config::FROBENIUS_COEFF_FP6_C2[4],
        nqr.pow([
            0x8c935ba78e38db20,
            0x87954ca512e550ca,
@ -249,7 +250,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq6Parameters::FROBENIUS_COEFF_FP6_C2[5],
        Fq6Config::FROBENIUS_COEFF_FP6_C2[5],
        nqr.pow([
            0xf12def24e65d657c,
            0x9390d4da3b8b2743,
@ -284,9 +285,9 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(Fq12Parameters::FROBENIUS_COEFF_FP12_C1[0], Fq2::one());
    assert_eq!(Fq12Config::FROBENIUS_COEFF_FP12_C1[0], Fq2::one());
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[1],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[1],
        nqr.pow([
            0x49aa7ffffffff1c7,
            0x51caaaa72e35555,
@ -297,7 +298,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[2],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[2],
        nqr.pow([
            0xdbc7000004bd97b4,
            0xea2791da3e5eb271,
@ -314,7 +315,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[3],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[3],
        nqr.pow(vec![
            0x6de37e6b79adcf03,
            0x4cbef56885f66b55,
@ -337,7 +338,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[4],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[4],
        nqr.pow(vec![
            0xa324d6e9e38e36c8,
            0xa1e5532944b95432,
@ -366,7 +367,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[5],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[5],
        nqr.pow(vec![
            0xfc4b7bc93997595f,
            0xa4e435368ee2c9d0,
@ -401,7 +402,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[6],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[6],
        nqr.pow(vec![
            0x21219610a012ba3c,
            0xa5c19ad35375325,
@ -442,7 +443,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[7],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[7],
        nqr.pow(vec![
            0x742754a1f22fdb,
            0x2a1955c2dec3a702,
@ -489,7 +490,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[8],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[8],
        nqr.pow(vec![
            0x802f5720d0b25710,
            0x6714f0a258b85c7c,
@ -542,7 +543,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[9],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[9],
        nqr.pow(vec![
            0x4af4accf7de0b977,
            0x742485e21805b4ee,
@ -601,7 +602,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[10],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[10],
        nqr.pow(vec![
            0xe5953a4f96cdda44,
            0x336b2d734cbc32bb,
@ -666,7 +667,7 @@ fn test_frob_coeffs() {
        ])
    );
    assert_eq!(
        Fq12Parameters::FROBENIUS_COEFF_FP12_C1[11],
        Fq12Config::FROBENIUS_COEFF_FP12_C1[11],
        nqr.pow(vec![
            0x107db680942de533,
            0x6262b24d2052393b,
@ -750,7 +751,6 @@ fn test_neg_one() {
        0xef148d1ea0f4c069,
        0x40ab3263eff0206,
    ];
    println!("{:?}", thing);
    let negative_one = Fq::new(BigInt::new(thing));
    assert_eq!(negative_one, o);
@ -763,14 +763,14 @@ fn test_fq_repr_from() {
 #[test]
 fn test_fq_repr_is_odd() {
    assert!(!BigInteger384::from(0).is_odd());
    assert!(BigInteger384::from(0).is_even());
    assert!(BigInteger384::from(1).is_odd());
    assert!(!BigInteger384::from(1).is_even());
    assert!(!BigInteger384::from(324834872).is_odd());
    assert!(BigInteger384::from(324834872).is_even());
    assert!(BigInteger384::from(324834873).is_odd());
    assert!(!BigInteger384::from(324834873).is_even());
    assert!(!BigInteger384::from(0u64).is_odd());
    assert!(BigInteger384::from(0u64).is_even());
    assert!(BigInteger384::from(1u64).is_odd());
    assert!(!BigInteger384::from(1u64).is_even());
    assert!(!BigInteger384::from(324834872u64).is_odd());
    assert!(BigInteger384::from(324834872u64).is_even());
    assert!(BigInteger384::from(324834873u64).is_odd());
    assert!(!BigInteger384::from(324834873u64).is_even());
 }
 #[test]
@ -902,7 +902,7 @@ fn test_fq_repr_divn() {
 #[test]
 fn test_fq_repr_mul2() {
    let mut a = BigInteger384::from(23712937547);
    let mut a = BigInteger384::from(23712937547u64);
    a.mul2();
    assert_eq!(a, BigInt::new([0xb0acd6c96, 0x0, 0x0, 0x0, 0x0, 0x0]));
    for _ in 0..60 {
@ -934,9 +934,9 @@ fn test_fq_repr_mul2() {
 #[test]
 fn test_fq_repr_num_bits() {
    let mut a = BigInteger384::from(0);
    let mut a = BigInteger384::from(0u64);
    assert_eq!(0, a.num_bits());
    a = BigInteger384::from(1);
    a = BigInteger384::from(1u64);
    for i in 1..385 {
        assert_eq!(i, a.num_bits());
        a.mul2();
@ -956,7 +956,7 @@ fn test_fq_repr_sub_noborrow() {
        0xad0eb3948a5c34fd,
        0xd56f7b5ab8b5ce8,
    ]);
    t.sub_noborrow(&BigInt::new([
    t.sub_with_borrow(&BigInt::new([
        0xc7867917187ca02b,
        0x5d75679d4911ffef,
        0x8c5b3e48b1a71c15,
@ -991,12 +991,12 @@ fn test_fq_repr_sub_noborrow() {
        assert!(b < c);
        let mut csub_ba = c;
        csub_ba.sub_noborrow(&b);
        csub_ba.sub_noborrow(&a);
        csub_ba.sub_with_borrow(&b);
        csub_ba.sub_with_borrow(&a);
        let mut csub_ab = c;
        csub_ab.sub_noborrow(&a);
        csub_ab.sub_noborrow(&b);
        csub_ab.sub_with_borrow(&a);
        csub_ab.sub_with_borrow(&b);
        assert_eq!(csub_ab, csub_ba);
    }
@ -1010,7 +1010,7 @@ fn test_fq_repr_sub_noborrow() {
        0x4b1ba7b6434bacd7,
        0x1a0111ea397fe69a,
    ]);
    qplusone.sub_noborrow(&BigInt::new([
    qplusone.sub_with_borrow(&BigInt::new([
        0xb9feffffffffaaac,
        0x1eabfffeb153ffff,
        0x6730d2a0f6b0f624,
@ -1043,7 +1043,7 @@ fn test_fq_repr_add_nocarry() {
        0xad0eb3948a5c34fd,
        0xd56f7b5ab8b5ce8,
    ]);
    t.add_nocarry(&BigInt::new([
    t.add_with_carry(&BigInt::new([
        0xc7867917187ca02b,
        0x5d75679d4911ffef,
        0x8c5b3e48b1a71c15,
@ -1074,28 +1074,28 @@ fn test_fq_repr_add_nocarry() {
        c.0[5] >>= 3;
        let mut abc = a;
        abc.add_nocarry(&b);
        abc.add_nocarry(&c);
        abc.add_with_carry(&b);
        abc.add_with_carry(&c);
        let mut acb = a;
        acb.add_nocarry(&c);
        acb.add_nocarry(&b);
        acb.add_with_carry(&c);
        acb.add_with_carry(&b);
        let mut bac = b;
        bac.add_nocarry(&a);
        bac.add_nocarry(&c);
        bac.add_with_carry(&a);
        bac.add_with_carry(&c);
        let mut bca = b;
        bca.add_nocarry(&c);
        bca.add_nocarry(&a);
        bca.add_with_carry(&c);
        bca.add_with_carry(&a);
        let mut cab = c;
        cab.add_nocarry(&a);
        cab.add_nocarry(&b);
        cab.add_with_carry(&a);
        cab.add_with_carry(&b);
        let mut cba = c;
        cba.add_nocarry(&b);
        cba.add_nocarry(&a);
        cba.add_with_carry(&b);
        cba.add_with_carry(&a);
        assert_eq!(abc, acb);
        assert_eq!(abc, bac);
@ -1113,7 +1113,7 @@ fn test_fq_repr_add_nocarry() {
        0xffffffffffffffff,
        0xffffffffffffffff,
    ]);
    x.add_nocarry(&BigInteger384::from(1));
    x.add_with_carry(&BigInteger384::from(1u64));
    assert!(x.is_zero());
 }
@ -1132,19 +1132,15 @@ fn test_fq2_sqrt() {
 #[test]
 fn test_fq_num_bits() {
    assert_eq!(FqParameters::MODULUS_BITS, 381);
    assert_eq!(FqParameters::CAPACITY, 380);
    assert_eq!(Fq::MODULUS_BIT_SIZE, 381);
 }
 #[test]
 fn test_fq_root_of_unity() {
    assert_eq!(FqParameters::TWO_ADICITY, 1);
    assert_eq!(
        Fq::multiplicative_generator(),
        Fq::from(BigInteger384::from(2))
    );
    assert_eq!(Fq::TWO_ADICITY, 1);
    assert_eq!(Fq::GENERATOR, Fq::from(BigInteger384::from(2u64)));
    assert_eq!(
        Fq::multiplicative_generator().pow([
        Fq::GENERATOR.pow([
            0xdcff7fffffffd555,
            0xf55ffff58a9ffff,
            0xb39869507b587b12,
@ -1152,13 +1148,13 @@ fn test_fq_root_of_unity() {
            0x258dd3db21a5d66b,
            0xd0088f51cbff34d,
        ]),
        Fq::two_adic_root_of_unity()
        Fq::TWO_ADIC_ROOT_OF_UNITY
    );
    assert_eq!(
        Fq::two_adic_root_of_unity().pow([1 << FqParameters::TWO_ADICITY]),
        Fq::TWO_ADIC_ROOT_OF_UNITY.pow([1 << Fq::TWO_ADICITY]),
        Fq::one()
    );
    assert!(Fq::multiplicative_generator().sqrt().is_none());
    assert!(Fq::GENERATOR.sqrt().is_none());
 }
 // #[test]
@ -1173,7 +1169,7 @@ fn test_fq_root_of_unity() {
 fn test_fq_ordering() {
    // BigInteger384's ordering is well-tested, but we still need to make sure the
    // Fq elements aren't being compared in Montgomery form.
    for i in 0..100 {
    for i in 0..100u64 {
        assert!(Fq::from(BigInteger384::from(i + 1)) > Fq::from(BigInteger384::from(i)));
    }
 }
@ -1192,11 +1188,11 @@ fn test_fq_legendre() {
    assert_eq!(
        QuadraticNonResidue,
        Fq::from(BigInteger384::from(2)).legendre()
        Fq::from(BigInteger384::from(2u64)).legendre()
    );
    assert_eq!(
        QuadraticResidue,
        Fq::from(BigInteger384::from(4)).legendre()
        Fq::from(BigInteger384::from(4u64)).legendre()
    );
    let e = BigInt::new([
@ -1252,7 +1248,10 @@ fn test_fq2_basics() {
 #[test]
 fn test_fq2_squaring() {
    let a = Fq2::new(Fq::one(), Fq::one()).square(); // u + 1
    assert_eq!(a, Fq2::new(Fq::zero(), Fq::from(BigInteger384::from(2)),)); // 2u
    assert_eq!(
        a,
        Fq2::new(Fq::zero(), Fq::from(BigInteger384::from(2u64)),)
    ); // 2u
    let a = Fq2::new(Fq::zero(), Fq::one()).square(); // u
    assert_eq!(a, {
@ -1737,7 +1736,7 @@ fn test_fq2_legendre() {
    // i^2 = -1
    let mut m1 = -Fq2::one();
    assert_eq!(QuadraticResidue, m1.legendre());
    m1 = Fq6Parameters::mul_fp2_by_nonresidue(&m1);
    m1 = Fq6Config::mul_fp2_by_nonresidue(&m1);
    assert_eq!(QuadraticNonResidue, m1.legendre());
 }
@ -1750,7 +1749,7 @@ fn test_fq2_mul_nonresidue() {
    for _ in 0..1000 {
        let mut a = Fq2::rand(&mut rng);
        let mut b = a;
        a = Fq6Parameters::mul_fp2_by_nonresidue(&a);
        a = Fq6Config::mul_fp2_by_nonresidue(&a);
        b.mul_assign(&nqr);
        assert_eq!(a, b);
@ -1766,7 +1765,7 @@ fn test_fq6_mul_nonresidue() {
    for _ in 0..1000 {
        let mut a = Fq6::rand(&mut rng);
        let mut b = a;
        a = Fq12Parameters::mul_fp6_by_nonresidue(&a);
        a = Fq12Config::mul_fp6_by_nonresidue(&a);
        b.mul_assign(&nqr);
        assert_eq!(a, b);
--- a/bls12_381/src/lib.rs
+++ b/bls12_381/src/lib.rs
@ -9,15 +9,16 @@
 #![forbid(unsafe_code)]
 //! This library implements the BLS12_381 curve generated by [Sean Bowe](https://electriccoin.co/blog/new-snark-curve/).
 //! The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree 12,
 //! defined over a 381-bit (prime) field.
 //! This curve was intended to replace the BN254 curve to provide a higher security
 //! level without incurring a large performance overhead.
 //! The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree
 //! 12, defined over a 381-bit (prime) field.
 //! This curve was intended to replace the BN254 curve to provide a higher
 //! security level without incurring a large performance overhead.
 //!
 //!
 //! Curve information:
 //! * Base field: q = 4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787
 //! * Scalar field: r = 52435875175126190479447740508185965837690552500527637822603658699938581184513
 //! * Scalar field: r =
 //!   52435875175126190479447740508185965837690552500527637822603658699938581184513
 //! * valuation(q - 1, 2) = 1
 //! * valuation(r - 1, 2) = 32
 //! * G1 curve equation: y^2 = x^3 + 4
--- a/bn254/scripts/base_field.sage
+++ b/bn254/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 21888242871839275222246405745257275088696311157297823662689037894645226208583
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bn254/scripts/scalar_field.sage
+++ b/bn254/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 21888242871839275222246405745257275088548364400416034343698204186575808495617
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bn254/src/curves/g1.rs
+++ b/bn254/src/curves/g1.rs
@ -1,5 +1,5 @@
 use ark_ec::models::{ModelParameters, SWModelParameters};
 use ark_ff::{field_new, Zero};
 use ark_ff::{MontFp, Zero};
 use crate::{Fq, Fr};
@ -14,15 +14,15 @@ impl ModelParameters for Parameters {
    const COFACTOR: &'static [u64] = &[0x1];
    /// COFACTOR_INV = COFACTOR^{-1} mod r = 1
    const COFACTOR_INV: Fr = field_new!(Fr, "1");
    const COFACTOR_INV: Fr = MontFp!(Fr, "1");
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = 0
    const COEFF_A: Fq = field_new!(Fq, "0");
    const COEFF_A: Fq = MontFp!(Fq, "0");
    /// COEFF_B = 3
    const COEFF_B: Fq = field_new!(Fq, "3");
    const COEFF_B: Fq = MontFp!(Fq, "3");
    /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@ -35,7 +35,7 @@ impl SWModelParameters for Parameters {
 }
 /// G1_GENERATOR_X = 1
 pub const G1_GENERATOR_X: Fq = field_new!(Fq, "1");
 pub const G1_GENERATOR_X: Fq = MontFp!(Fq, "1");
 /// G1_GENERATOR_Y = 2
 pub const G1_GENERATOR_Y: Fq = field_new!(Fq, "2");
 pub const G1_GENERATOR_Y: Fq = MontFp!(Fq, "2");
--- a/bn254/src/curves/g2.rs
+++ b/bn254/src/curves/g2.rs
@ -1,5 +1,5 @@
 use ark_ec::models::{ModelParameters, SWModelParameters};
 use ark_ff::{field_new, Zero};
 use ark_ff::{MontFp, QuadExt, Zero};
 use crate::{Fq, Fq2, Fr};
@ -11,7 +11,7 @@ impl ModelParameters for Parameters {
    type ScalarField = Fr;
    /// COFACTOR = (36 * X^4) + (36 * X^3) + (30 * X^2) + 6*X + 1
    ///          = 21888242871839275222246405745257275088844257914179612981679871602714643921549
    /// 21888242871839275222246405745257275088844257914179612981679871602714643921549
    #[rustfmt::skip]
    const COFACTOR: &'static [u64] = &[
        0x345f2299c0f9fa8d,
@ -21,21 +21,27 @@ impl ModelParameters for Parameters {
    ];
    /// COFACTOR_INV = COFACTOR^{-1} mod r
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "10944121435919637613327163357776759465618812564592884533313067514031822496649");
    const COFACTOR_INV: Fr = MontFp!(
        Fr,
        "10944121435919637613327163357776759465618812564592884533313067514031822496649"
    );
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = [0, 0]
    #[rustfmt::skip]
    const COEFF_A: Fq2 = field_new!(Fq2, field_new!(Fq, "0"), field_new!(Fq, "0"));
    const COEFF_A: Fq2 = QuadExt!(MontFp!(Fq, "0"), MontFp!(Fq, "0"));
    /// COEFF_B = 3/(u+9)
    ///         = (19485874751759354771024239261021720505790618469301721065564631296452457478373, 266929791119991161246907387137283842545076965332900288569378510910307636690)
    #[rustfmt::skip]
    const COEFF_B: Fq2 = field_new!(Fq2,
        field_new!(Fq, "19485874751759354771024239261021720505790618469301721065564631296452457478373"),
        field_new!(Fq, "266929791119991161246907387137283842545076965332900288569378510910307636690"),
    /// (19485874751759354771024239261021720505790618469301721065564631296452457478373, 266929791119991161246907387137283842545076965332900288569378510910307636690)
    const COEFF_B: Fq2 = QuadExt!(
        MontFp!(
            Fq,
            "19485874751759354771024239261021720505790618469301721065564631296452457478373"
        ),
        MontFp!(
            Fq,
            "266929791119991161246907387137283842545076965332900288569378510910307636690"
        ),
    );
    /// AFFINE_GENERATOR_COEFFS = (G2_GENERATOR_X, G2_GENERATOR_Y)
@ -48,27 +54,33 @@ impl SWModelParameters for Parameters {
    }
 }
 #[rustfmt::skip]
 pub const G2_GENERATOR_X: Fq2 = field_new!(Fq2, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1);
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y: Fq2 = field_new!(Fq2, G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1);
 pub const G2_GENERATOR_X: Fq2 = QuadExt!(G2_GENERATOR_X_C0, G2_GENERATOR_X_C1);
 pub const G2_GENERATOR_Y: Fq2 = QuadExt!(G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1);
 /// G2_GENERATOR_X_C0 =
 /// 10857046999023057135944570762232829481370756359578518086990519993285655852781
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C0: Fq = field_new!(Fq, "10857046999023057135944570762232829481370756359578518086990519993285655852781");
 pub const G2_GENERATOR_X_C0: Fq = MontFp!(
    Fq,
    "10857046999023057135944570762232829481370756359578518086990519993285655852781"
 );
 /// G2_GENERATOR_X_C1 =
 /// 11559732032986387107991004021392285783925812861821192530917403151452391805634
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C1: Fq = field_new!(Fq, "11559732032986387107991004021392285783925812861821192530917403151452391805634");
 pub const G2_GENERATOR_X_C1: Fq = MontFp!(
    Fq,
    "11559732032986387107991004021392285783925812861821192530917403151452391805634"
 );
 /// G2_GENERATOR_Y_C0 =
 /// 8495653923123431417604973247489272438418190587263600148770280649306958101930
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C0: Fq = field_new!(Fq, "8495653923123431417604973247489272438418190587263600148770280649306958101930");
 pub const G2_GENERATOR_Y_C0: Fq = MontFp!(
    Fq,
    "8495653923123431417604973247489272438418190587263600148770280649306958101930"
 );
 /// G2_GENERATOR_Y_C1 =
 /// 4082367875863433681332203403145435568316851327593401208105741076214120093531
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C1: Fq = field_new!(Fq, "4082367875863433681332203403145435568316851327593401208105741076214120093531");
 pub const G2_GENERATOR_Y_C1: Fq = MontFp!(
    Fq,
    "4082367875863433681332203403145435568316851327593401208105741076214120093531"
 );
--- a/bn254/src/curves/mod.rs
+++ b/bn254/src/curves/mod.rs
@ -1,9 +1,11 @@
 use crate::*;
 use ark_ec::{
    bn,
    bn::{Bn, BnParameters, TwistType},
 };
 use ark_ff::field_new;
 use ark_ff::{MontFp, QuadExt};
 use crate::*;
 pub mod g1;
 pub mod g2;
@ -22,33 +24,31 @@ impl BnParameters for Parameters {
        -1, 0, 0, 1, 0, 1, 1,
    ];
    const TWIST_MUL_BY_Q_X: Fq2 = field_new!(
        Fq2,
        field_new!(
    const TWIST_MUL_BY_Q_X: Fq2 = QuadExt!(
        MontFp!(
            Fq,
            "21575463638280843010398324269430826099269044274347216827212613867836435027261"
        ),
        field_new!(
        MontFp!(
            Fq,
            "10307601595873709700152284273816112264069230130616436755625194854815875713954"
        ),
    );
    const TWIST_MUL_BY_Q_Y: Fq2 = field_new!(
        Fq2,
        field_new!(
    const TWIST_MUL_BY_Q_Y: Fq2 = QuadExt!(
        MontFp!(
            Fq,
            "2821565182194536844548159561693502659359617185244120367078079554186484126554"
        ),
        field_new!(
        MontFp!(
            Fq,
            "3505843767911556378687030309984248845540243509899259641013678093033130930403"
        ),
    );
    const TWIST_TYPE: TwistType = TwistType::D;
    type Fp = Fq;
    type Fp2Params = Fq2Parameters;
    type Fp6Params = Fq6Parameters;
    type Fp12Params = Fq12Parameters;
    type Fp2Config = Fq2Config;
    type Fp6Config = Fq6Config;
    type Fp12Config = Fq12Config;
    type G1Parameters = g1::Parameters;
    type G2Parameters = g2::Parameters;
 }
--- a/bn254/src/curves/tests.rs
+++ b/bn254/src/curves/tests.rs
@ -1,18 +1,15 @@
 #![allow(unused_imports)]
 use ark_ec::{models::SWModelParameters, AffineCurve, PairingEngine, ProjectiveCurve};
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test, groups::*, msm::*,
 };
 use ark_ec::{AffineCurve, PairingEngine};
 use ark_ff::{
    fields::{Field, FpParameters, PrimeField, SquareRootField},
    One, Zero,
    fields::{Field, PrimeField},
    One,
 };
 use ark_serialize::CanonicalSerialize;
 use ark_std::{rand::Rng, test_rng};
 use core::ops::{AddAssign, MulAssign};
 use crate::{g1, g2, Bn254, Fq, Fq12, Fq2, Fr, G1Affine, G1Projective, G2Affine, G2Projective};
 use core::ops::MulAssign;
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test, groups::*, msm::*,
 };
 use crate::{g1, g2, Bn254, Fq12, Fr, G1Affine, G1Projective, G2Affine, G2Projective};
 generate_g1_test!(bn254; curve_tests; sw_tests;);
 generate_g2_test!(bn254; curve_tests; sw_tests;);
--- a/bn254/src/fields/fq.rs
+++ b/bn254/src/fields/fq.rs
@ -1,100 +1,10 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger256 as BigInteger},
    field_new,
    fields::*,
 };
 use ark_ff::fields::{Fp256, MontBackend, MontConfig, MontFp};
 pub type Fq = Fp256<FqParameters>;
 #[derive(MontConfig)]
 #[modulus = "21888242871839275222246405745257275088696311157297823662689037894645226208583"]
 #[generator = "3"]
 pub struct FqConfig;
 pub type Fq = Fp256<MontBackend<FqConfig, 4>>;
 pub struct FqParameters;
 impl Fp256Parameters for FqParameters {}
 impl FftParameters for FqParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 1;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        0x68c3488912edefaa,
        0x8d087f6872aabf4f,
        0x51e1a24709081231,
        0x2259d6b14729c0fa,
    ]);
 }
 impl FpParameters for FqParameters {
    /// MODULUS = 21888242871839275222246405745257275088696311157297823662689037894645226208583
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        0x3c208c16d87cfd47,
        0x97816a916871ca8d,
        0xb85045b68181585d,
        0x30644e72e131a029,
    ]);
    const MODULUS_BITS: u32 = 254;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 2;
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        0xd35d438dc58f0d9d,
        0x0a78eb28f5c70b3d,
        0x666ea36f7879462c,
        0xe0a77c19a07df2f,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        0xf32cfc5b538afa89,
        0xb5e71911d44501fb,
        0x47ab1eff0a417ff6,
        0x6d89f71cab8351f,
    ]);
    const INV: u64 = 9786893198990664585u64;
    // GENERATOR = 3
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        0x7a17caa950ad28d7,
        0x1f6ac17ae15521b9,
        0x334bea4e696bd284,
        0x2a1f6744ce179d8e,
    ]);
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x9e10460b6c3e7ea3,
        0xcbc0b548b438e546,
        0xdc2822db40c0ac2e,
        0x183227397098d014,
    ]);
    // T and T_MINUS_ONE_DIV_TWO, where MODULUS - 1 = 2^S * T
    // T = (MODULUS - 1) // 2^S =
    // 10944121435919637611123202872628637544348155578648911831344518947322613104291
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0x9e10460b6c3e7ea3,
        0xcbc0b548b438e546,
        0xdc2822db40c0ac2e,
        0x183227397098d014,
    ]);
    // (T - 1) // 2 =
    // 5472060717959818805561601436314318772174077789324455915672259473661306552145
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x4f082305b61f3f51,
        0x65e05aa45a1c72a3,
        0x6e14116da0605617,
        0xc19139cb84c680a,
    ]);
 }
 pub const FQ_ONE: Fq = field_new!(Fq, "1");
 pub const FQ_ZERO: Fq = field_new!(Fq, "0");
 pub const FQ_ONE: Fq = MontFp!(Fq, "1");
 pub const FQ_ZERO: Fq = MontFp!(Fq, "0");
--- a/bn254/src/fields/fq12.rs
+++ b/bn254/src/fields/fq12.rs
@ -1,77 +1,119 @@
 use super::*;
 use ark_ff::{field_new, fields::*};
 use ark_ff::{fields::*, CubicExt, MontFp, QuadExt};
 pub type Fq12 = Fp12<Fq12Parameters>;
 use crate::*;
 pub type Fq12 = Fp12<Fq12Config>;
 #[derive(Clone, Copy)]
 pub struct Fq12Parameters;
 pub struct Fq12Config;
 impl Fp12Parameters for Fq12Parameters {
    type Fp6Params = Fq6Parameters;
 impl Fp12Config for Fq12Config {
    type Fp6Config = Fq6Config;
    const NONRESIDUE: Fq6 = field_new!(Fq6, FQ2_ZERO, FQ2_ONE, FQ2_ZERO);
    const NONRESIDUE: Fq6 = CubicExt!(FQ2_ZERO, FQ2_ONE, FQ2_ZERO);
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP12_C1: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^(((q^0) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "1"),
            field_new!(Fq, "0"),
        ),
        QuadExt!(MontFp!(Fq, "1"), MontFp!(Fq, "0"),),
        // Fp2::NONRESIDUE^(((q^1) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "8376118865763821496583973867626364092589906065868298776909617916018768340080"),
            field_new!(Fq, "16469823323077808223889137241176536799009286646108169935659301613961712198316"),
        QuadExt!(
            MontFp!(
                Fq,
                "8376118865763821496583973867626364092589906065868298776909617916018768340080"
            ),
            MontFp!(
                Fq,
                "16469823323077808223889137241176536799009286646108169935659301613961712198316"
            ),
        ),
        // Fp2::NONRESIDUE^(((q^2) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "21888242871839275220042445260109153167277707414472061641714758635765020556617"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "21888242871839275220042445260109153167277707414472061641714758635765020556617"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^3) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "11697423496358154304825782922584725312912383441159505038794027105778954184319"),
            field_new!(Fq, "303847389135065887422783454877609941456349188919719272345083954437860409601"),
        QuadExt!(
            MontFp!(
                Fq,
                "11697423496358154304825782922584725312912383441159505038794027105778954184319"
            ),
            MontFp!(
                Fq,
                "303847389135065887422783454877609941456349188919719272345083954437860409601"
            ),
        ),
        // Fp2::NONRESIDUE^(((q^4) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "21888242871839275220042445260109153167277707414472061641714758635765020556616"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "21888242871839275220042445260109153167277707414472061641714758635765020556616"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^5) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "3321304630594332808241809054958361220322477375291206261884409189760185844239"),
            field_new!(Fq, "5722266937896532885780051958958348231143373700109372999374820235121374419868"),
        QuadExt!(
            MontFp!(
                Fq,
                "3321304630594332808241809054958361220322477375291206261884409189760185844239"
            ),
            MontFp!(
                Fq,
                "5722266937896532885780051958958348231143373700109372999374820235121374419868"
            ),
        ),
        // Fp2::NONRESIDUE^(((q^6) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "-1"),
            field_new!(Fq, "0"),
        ),
        QuadExt!(MontFp!(Fq, "-1"), MontFp!(Fq, "0"),),
        // Fp2::NONRESIDUE^(((q^7) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "13512124006075453725662431877630910996106405091429524885779419978626457868503"),
            field_new!(Fq, "5418419548761466998357268504080738289687024511189653727029736280683514010267"),
        QuadExt!(
            MontFp!(
                Fq,
                "13512124006075453725662431877630910996106405091429524885779419978626457868503"
            ),
            MontFp!(
                Fq,
                "5418419548761466998357268504080738289687024511189653727029736280683514010267"
            ),
        ),
        // Fp2::NONRESIDUE^(((q^8) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "2203960485148121921418603742825762020974279258880205651966"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "2203960485148121921418603742825762020974279258880205651966"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^9) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "10190819375481120917420622822672549775783927716138318623895010788866272024264"),
            field_new!(Fq, "21584395482704209334823622290379665147239961968378104390343953940207365798982"),
        QuadExt!(
            MontFp!(
                Fq,
                "10190819375481120917420622822672549775783927716138318623895010788866272024264"
            ),
            MontFp!(
                Fq,
                "21584395482704209334823622290379665147239961968378104390343953940207365798982"
            ),
        ),
        // Fp2::NONRESIDUE^(((q^10) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "2203960485148121921418603742825762020974279258880205651967"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "2203960485148121921418603742825762020974279258880205651967"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^11) - 1) / 6)
        field_new!(Fq2,
            field_new!(Fq, "18566938241244942414004596690298913868373833782006617400804628704885040364344"),
            field_new!(Fq, "16165975933942742336466353786298926857552937457188450663314217659523851788715"),
        QuadExt!(
            MontFp!(
                Fq,
                "18566938241244942414004596690298913868373833782006617400804628704885040364344"
            ),
            MontFp!(
                Fq,
                "16165975933942742336466353786298926857552937457188450663314217659523851788715"
            ),
        ),
    ];
 }
--- a/bn254/src/fields/fq2.rs
+++ b/bn254/src/fields/fq2.rs
@ -1,31 +1,26 @@
 use super::*;
 use ark_ff::{field_new, fields::*};
 use ark_ff::{fields::*, MontFp, QuadExt};
 pub type Fq2 = Fp2<Fq2Parameters>;
 use crate::*;
 pub struct Fq2Parameters;
 pub type Fq2 = Fp2<Fq2Config>;
 impl Fp2Parameters for Fq2Parameters {
 pub struct Fq2Config;
 impl Fp2Config for Fq2Config {
    type Fp = Fq;
    /// NONRESIDUE = -1
    #[rustfmt::skip]
    const NONRESIDUE: Fq = field_new!(Fq, "-1");
    const NONRESIDUE: Fq = MontFp!(Fq, "-1");
    /// QUADRATIC_NONRESIDUE = U+2
    #[rustfmt::skip]
    const QUADRATIC_NONRESIDUE: (Fq, Fq) = (
        field_new!(Fq, "2"),
        field_new!(Fq, "1"),
    );
    const QUADRATIC_NONRESIDUE: Fq2 = QuadExt!(MontFp!(Fq, "2"), MontFp!(Fq, "1"));
    /// Coefficients for the Frobenius automorphism.
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP2_C1: &'static [Fq] = &[
        // NONRESIDUE**(((q^0) - 1) / 2)
        field_new!(Fq, "1"),
        MontFp!(Fq, "1"),
        // NONRESIDUE**(((q^1) - 1) / 2)
        field_new!(Fq, "-1"),
        MontFp!(Fq, "-1"),
    ];
    #[inline(always)]
@ -34,5 +29,5 @@ impl Fp2Parameters for Fq2Parameters {
    }
 }
 pub const FQ2_ZERO: Fq2 = field_new!(Fq2, FQ_ZERO, FQ_ZERO);
 pub const FQ2_ONE: Fq2 = field_new!(Fq2, FQ_ONE, FQ_ZERO);
 pub const FQ2_ZERO: Fq2 = QuadExt!(FQ_ZERO, FQ_ZERO);
 pub const FQ2_ONE: Fq2 = QuadExt!(FQ_ONE, FQ_ZERO);
--- a/bn254/src/fields/fq6.rs
+++ b/bn254/src/fields/fq6.rs
@ -1,82 +1,123 @@
 use super::*;
 use ark_ff::{field_new, fields::*};
 use ark_ff::{fields::*, MontFp, QuadExt};
 pub type Fq6 = Fp6<Fq6Parameters>;
 use crate::*;
 pub type Fq6 = Fp6<Fq6Config>;
 #[derive(Clone, Copy)]
 pub struct Fq6Parameters;
 pub struct Fq6Config;
 impl Fp6Parameters for Fq6Parameters {
    type Fp2Params = Fq2Parameters;
 impl Fp6Config for Fq6Config {
    type Fp2Config = Fq2Config;
    /// NONRESIDUE = U+9
    #[rustfmt::skip]
    const NONRESIDUE: Fq2 = field_new!(Fq2, field_new!(Fq, "9"), field_new!(Fq, "1"));
    const NONRESIDUE: Fq2 = QuadExt!(MontFp!(Fq, "9"), MontFp!(Fq, "1"));
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C1: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^(((q^0) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "1"),
            field_new!(Fq, "0"),
        ),
        QuadExt!(MontFp!(Fq, "1"), MontFp!(Fq, "0"),),
        // Fp2::NONRESIDUE^(((q^1) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "21575463638280843010398324269430826099269044274347216827212613867836435027261"),
            field_new!(Fq, "10307601595873709700152284273816112264069230130616436755625194854815875713954"),
        QuadExt!(
            MontFp!(
                Fq,
                "21575463638280843010398324269430826099269044274347216827212613867836435027261"
            ),
            MontFp!(
                Fq,
                "10307601595873709700152284273816112264069230130616436755625194854815875713954"
            ),
        ),
        // Fp2::NONRESIDUE^(((q^2) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "21888242871839275220042445260109153167277707414472061641714758635765020556616"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "21888242871839275220042445260109153167277707414472061641714758635765020556616"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^3) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "3772000881919853776433695186713858239009073593817195771773381919316419345261"),
            field_new!(Fq, "2236595495967245188281701248203181795121068902605861227855261137820944008926"),
        QuadExt!(
            MontFp!(
                Fq,
                "3772000881919853776433695186713858239009073593817195771773381919316419345261"
            ),
            MontFp!(
                Fq,
                "2236595495967245188281701248203181795121068902605861227855261137820944008926"
            ),
        ),
        // Fp2::NONRESIDUE^(((q^4) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "2203960485148121921418603742825762020974279258880205651966"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "2203960485148121921418603742825762020974279258880205651966"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^(((q^5) - 1) / 3)
        field_new!(Fq2,
            field_new!(Fq, "18429021223477853657660792034369865839114504446431234726392080002137598044644"),
            field_new!(Fq, "9344045779998320333812420223237981029506012124075525679208581902008406485703"),
        QuadExt!(
            MontFp!(
                Fq,
                "18429021223477853657660792034369865839114504446431234726392080002137598044644"
            ),
            MontFp!(
                Fq,
                "9344045779998320333812420223237981029506012124075525679208581902008406485703"
            ),
        ),
    ];
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C2: &'static [Fq2] = &[
        // Fp2::NONRESIDUE^((2*(q^0) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "1"),
            field_new!(Fq, "0"),
        ),
        QuadExt!(MontFp!(Fq, "1"), MontFp!(Fq, "0"),),
        // Fp2::NONRESIDUE^((2*(q^1) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "2581911344467009335267311115468803099551665605076196740867805258568234346338"),
            field_new!(Fq, "19937756971775647987995932169929341994314640652964949448313374472400716661030"),
        QuadExt!(
            MontFp!(
                Fq,
                "2581911344467009335267311115468803099551665605076196740867805258568234346338"
            ),
            MontFp!(
                Fq,
                "19937756971775647987995932169929341994314640652964949448313374472400716661030"
            ),
        ),
        // Fp2::NONRESIDUE^((2*(q^2) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "2203960485148121921418603742825762020974279258880205651966"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "2203960485148121921418603742825762020974279258880205651966"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^((2*(q^3) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "5324479202449903542726783395506214481928257762400643279780343368557297135718"),
            field_new!(Fq, "16208900380737693084919495127334387981393726419856888799917914180988844123039"),
        QuadExt!(
            MontFp!(
                Fq,
                "5324479202449903542726783395506214481928257762400643279780343368557297135718"
            ),
            MontFp!(
                Fq,
                "16208900380737693084919495127334387981393726419856888799917914180988844123039"
            ),
        ),
        // Fp2::NONRESIDUE^((2*(q^4) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "21888242871839275220042445260109153167277707414472061641714758635765020556616"),
            field_new!(Fq, "0"),
        QuadExt!(
            MontFp!(
                Fq,
                "21888242871839275220042445260109153167277707414472061641714758635765020556616"
            ),
            MontFp!(Fq, "0"),
        ),
        // Fp2::NONRESIDUE^((2*(q^5) - 2) / 3)
        field_new!(Fq2,
            field_new!(Fq, "13981852324922362344252311234282257507216387789820983642040889267519694726527"),
            field_new!(Fq, "7629828391165209371577384193250820201684255241773809077146787135900891633097"),
        QuadExt!(
            MontFp!(
                Fq,
                "13981852324922362344252311234282257507216387789820983642040889267519694726527"
            ),
            MontFp!(
                Fq,
                "7629828391165209371577384193250820201684255241773809077146787135900891633097"
            ),
        ),
    ];
@ -85,8 +126,8 @@ impl Fp6Parameters for Fq6Parameters {
        // (c0+u*c1)*(9+u) = (9*c0-c1)+u*(9*c1+c0)
        let mut f = *fe;
        f.double_in_place().double_in_place().double_in_place();
        let c0 = f.c0 + fe.c0 + Fq2Parameters::mul_fp_by_nonresidue(&fe.c1);
        let c0 = f.c0 + fe.c0 + Fq2Config::mul_fp_by_nonresidue(&fe.c1);
        let c1 = f.c1 + fe.c1 + fe.c0;
        field_new!(Fq2, c0, c1)
        QuadExt!(c0, c1)
    }
 }
--- a/bn254/src/fields/fr.rs
+++ b/bn254/src/fields/fr.rs
@ -1,103 +1,7 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger256 as BigInteger},
    fields::*,
 };
 use ark_ff::fields::{Fp256, MontBackend, MontConfig};
 pub type Fr = Fp256<FrParameters>;
 pub struct FrParameters;
 impl Fp256Parameters for FrParameters {}
 impl FftParameters for FrParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 28;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        7164790868263648668u64,
        11685701338293206998u64,
        6216421865291908056u64,
        1756667274303109607u64,
    ]);
 }
 impl FpParameters for FrParameters {
    /// MODULUS = 21888242871839275222246405745257275088548364400416034343698204186575808495617
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        4891460686036598785u64,
        2896914383306846353u64,
        13281191951274694749u64,
        3486998266802970665u64,
    ]);
    const MODULUS_BITS: u32 = 254;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 2;
    /// R = pow(2, 256) % MODULUS
    ///   = 6350874878119819312338956282401532410528162663560392320966563075034087161851
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        12436184717236109307u64,
        3962172157175319849u64,
        7381016538464732718u64,
        1011752739694698287u64,
    ]);
    /// R2 = R * R % MODULUS
    ///    = 944936681149208446651664254269745548490766851729442924617792859073125903783
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        1997599621687373223u64,
        6052339484930628067u64,
        10108755138030829701u64,
        150537098327114917u64,
    ]);
    /// INV = (-MODULUS) ^ {-1} % pow(2, 64) = 14042775128853446655
    const INV: u64 = 14042775128853446655u64;
    /// GENERATOR = 5
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        1949230679015292902u64,
        16913946402569752895u64,
        5177146667339417225u64,
        1571765431670520771u64,
    ]);
    /// (MODULUS - 1)/2 =
    /// 10944121435919637611123202872628637544274182200208017171849102093287904247808
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xa1f0fac9f8000000,
        0x9419f4243cdcb848,
        0xdc2822db40c0ac2e,
        0x183227397098d014,
    ]);
    // T and T_MINUS_ONE_DIV_TWO, where r - 1 = 2^s * t
    /// T = (MODULUS - 1) / 2^s =
    /// 81540058820840996586704275553141814055101440848469862132140264610111
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0x9b9709143e1f593f,
        0x181585d2833e8487,
        0x131a029b85045b68,
        0x30644e72e,
    ]);
    /// (T - 1) / 2 =
    /// 40770029410420498293352137776570907027550720424234931066070132305055
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xcdcb848a1f0fac9f,
        0x0c0ac2e9419f4243,
        0x098d014dc2822db4,
        0x183227397,
    ]);
 }
 #[derive(MontConfig)]
 #[modulus = "21888242871839275222246405745257275088548364400416034343698204186575808495617"]
 #[generator = "5"]
 pub struct FrConfig;
 pub type Fr = Fp256<MontBackend<FrConfig, 4>>;
--- a/bn254/src/fields/tests.rs
+++ b/bn254/src/fields/tests.rs
@ -1,9 +1,9 @@
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use ark_ff::{
    biginteger::{BigInt, BigInteger, BigInteger256},
    fields::{
        fp6_3over2::Fp6Parameters, FftField, FftParameters, Field, FpParameters, PrimeField,
        SquareRootField,
    },
    fields::{FftField, Field, Fp6Config, PrimeField, SquareRootField},
    One, UniformRand, Zero,
 };
 use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
@ -13,12 +13,9 @@ use core::{
    ops::{AddAssign, MulAssign, SubAssign},
 };
 use crate::{Fq, Fq12, Fq2, Fq6, Fq6Parameters, FqParameters, Fr};
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use crate::{Fq, Fq12, Fq2, Fq6, Fq6Config, FqConfig, Fr, FrConfig};
 generate_field_test!(bn254; fq2; fq6; fq12;);
 generate_field_test!(bn254; fq2; fq6; fq12; mont(4, 4); );
 generate_field_serialization_test!(bn254; fq2; fq6; fq12;);
 #[test]
@ -28,14 +25,14 @@ fn test_fq_repr_from() {
 #[test]
 fn test_fq_repr_is_odd() {
    assert!(!BigInteger256::from(0).is_odd());
    assert!(BigInteger256::from(0).is_even());
    assert!(BigInteger256::from(1).is_odd());
    assert!(!BigInteger256::from(1).is_even());
    assert!(!BigInteger256::from(324834872).is_odd());
    assert!(BigInteger256::from(324834872).is_even());
    assert!(BigInteger256::from(324834873).is_odd());
    assert!(!BigInteger256::from(324834873).is_even());
    assert!(!BigInteger256::from(0u64).is_odd());
    assert!(BigInteger256::from(0u64).is_even());
    assert!(BigInteger256::from(1u64).is_odd());
    assert!(!BigInteger256::from(1u64).is_even());
    assert!(!BigInteger256::from(324834872u64).is_odd());
    assert!(BigInteger256::from(324834872u64).is_even());
    assert!(BigInteger256::from(324834873u64).is_odd());
    assert!(!BigInteger256::from(324834873u64).is_even());
 }
 #[test]
@ -47,9 +44,9 @@ fn test_fq_repr_is_zero() {
 #[test]
 fn test_fq_repr_num_bits() {
    let mut a = BigInteger256::from(0);
    let mut a = BigInteger256::from(0u64);
    assert_eq!(0, a.num_bits());
    a = BigInteger256::from(1);
    a = BigInteger256::from(1u64);
    for i in 1..257 {
        assert_eq!(i, a.num_bits());
        a.mul2();
@ -59,34 +56,33 @@ fn test_fq_repr_num_bits() {
 #[test]
 fn test_fq_num_bits() {
    assert_eq!(FqParameters::MODULUS_BITS, 254);
    assert_eq!(FqParameters::CAPACITY, 253);
    assert_eq!(Fq::MODULUS_BIT_SIZE, 254);
 }
 #[test]
 fn test_fq_root_of_unity() {
    assert_eq!(FqParameters::TWO_ADICITY, 1);
    assert_eq!(Fq::TWO_ADICITY, 1);
    assert_eq!(
        Fq::multiplicative_generator().pow([
        Fq::GENERATOR.pow([
            0x9e10460b6c3e7ea3,
            0xcbc0b548b438e546,
            0xdc2822db40c0ac2e,
            0x183227397098d014,
        ]),
        Fq::two_adic_root_of_unity()
        Fq::TWO_ADIC_ROOT_OF_UNITY
    );
    assert_eq!(
        Fq::two_adic_root_of_unity().pow([1 << FqParameters::TWO_ADICITY]),
        Fq::TWO_ADIC_ROOT_OF_UNITY.pow([1 << Fq::TWO_ADICITY]),
        Fq::one()
    );
    assert!(Fq::multiplicative_generator().sqrt().is_none());
    assert!(Fq::GENERATOR.sqrt().is_none());
 }
 #[test]
 fn test_fq_ordering() {
    // BigInteger256's ordering is well-tested, but we still need to make sure the
    // Fq elements aren't being compared in Montgomery form.
    for i in 0..100 {
    for i in 0..100u64 {
        assert!(Fq::from(BigInteger256::from(i + 1)) > Fq::from(BigInteger256::from(i)));
    }
 }
@ -99,11 +95,11 @@ fn test_fq_legendre() {
    assert_eq!(Zero, Fq::zero().legendre());
    assert_eq!(
        QuadraticResidue,
        Fq::from(BigInteger256::from(4)).legendre()
        Fq::from(BigInteger256::from(4u64)).legendre()
    );
    assert_eq!(
        QuadraticNonResidue,
        Fq::from(BigInteger256::from(5)).legendre()
        Fq::from(BigInteger256::from(5u64)).legendre()
    );
 }
@ -144,7 +140,7 @@ fn test_fq2_legendre() {
    // i^2 = -1
    let mut m1 = -Fq2::one();
    assert_eq!(QuadraticResidue, m1.legendre());
    m1 = Fq6Parameters::mul_fp2_by_nonresidue(&m1);
    m1 = Fq6Config::mul_fp2_by_nonresidue(&m1);
    assert_eq!(QuadraticNonResidue, m1.legendre());
 }
--- a/bn254/src/lib.rs
+++ b/bn254/src/lib.rs
@ -20,14 +20,17 @@
 //!
 //!
 //! Curve information:
 //! * Base field: q = 21888242871839275222246405745257275088696311157297823662689037894645226208583
 //! * Scalar field: r = 21888242871839275222246405745257275088548364400416034343698204186575808495617
 //! * Base field: q =
 //!   21888242871839275222246405745257275088696311157297823662689037894645226208583
 //! * Scalar field: r =
 //!   21888242871839275222246405745257275088548364400416034343698204186575808495617
 //! * valuation(q - 1, 2) = 1
 //! * valuation(r - 1, 2) = 28
 //! * G1 curve equation: y^2 = x^3 + 3
 //! * G2 curve equation: y^2 = x^3 + B, where
 //!    * B = 3/(u+9) where Fq2 is represented as Fq\[u\]/(u^2+1)
 //!        = Fq2(19485874751759354771024239261021720505790618469301721065564631296452457478373, 266929791119991161246907387137283842545076965332900288569378510910307636690)
 //!    * B = 3/(u+9) where Fq2 is represented as Fq\[u\]/(u^2+1) =
 //!      Fq2(19485874751759354771024239261021720505790618469301721065564631296452457478373,
 //!      266929791119991161246907387137283842545076965332900288569378510910307636690)
 #[cfg(feature = "curve")]
 mod curves;
--- a/bw6_761/scripts/base_field.sage
+++ b/bw6_761/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068299
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bw6_761/scripts/scalar_field.sage
+++ b/bw6_761/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/bw6_761/src/curves/g1.rs
+++ b/bw6_761/src/curves/g1.rs
@ -1,9 +1,10 @@
 use crate::{Fq, Fr};
 use ark_ec::{
    models::{ModelParameters, SWModelParameters},
    short_weierstrass_jacobian::{GroupAffine, GroupProjective},
 };
 use ark_ff::field_new;
 use ark_ff::MontFp;
 use crate::{Fq, Fr};
 pub type G1Affine = GroupAffine<Parameters>;
 pub type G1Projective = GroupProjective<Parameters>;
@ -29,19 +30,15 @@ impl ModelParameters for Parameters {
    /// COFACTOR^(-1) mod r =
    /// 91141326767669940707819291241958318717982251277713150053234367522357946997763584490607453720072232540829942217804
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "91141326767669940707819291241958318717982251277713150053234367522357946997763584490607453720072232540829942217804");
    const COFACTOR_INV: Fr = MontFp!(Fr, "91141326767669940707819291241958318717982251277713150053234367522357946997763584490607453720072232540829942217804");
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = 0
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "0");
    const COEFF_A: Fq = MontFp!(Fq, "0");
    /// COEFF_B = -1
    #[rustfmt::skip]
    const COEFF_B: Fq = field_new!(Fq, "-1");
    const COEFF_B: Fq = MontFp!(Fq, "-1");
    /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@ -55,10 +52,8 @@ impl SWModelParameters for Parameters {
 /// G1_GENERATOR_X =
 /// 6238772257594679368032145693622812838779005809760824733138787810501188623461307351759238099287535516224314149266511977132140828635950940021790489507611754366317801811090811367945064510304504157188661901055903167026722666149426237
 #[rustfmt::skip]
 pub const G1_GENERATOR_X: Fq = field_new!(Fq, "6238772257594679368032145693622812838779005809760824733138787810501188623461307351759238099287535516224314149266511977132140828635950940021790489507611754366317801811090811367945064510304504157188661901055903167026722666149426237");
 pub const G1_GENERATOR_X: Fq = MontFp!(Fq, "6238772257594679368032145693622812838779005809760824733138787810501188623461307351759238099287535516224314149266511977132140828635950940021790489507611754366317801811090811367945064510304504157188661901055903167026722666149426237");
 /// G1_GENERATOR_Y =
 /// 2101735126520897423911504562215834951148127555913367997162789335052900271653517958562461315794228241561913734371411178226936527683203879553093934185950470971848972085321797958124416462268292467002957525517188485984766314758624099
 #[rustfmt::skip]
 pub const G1_GENERATOR_Y: Fq = field_new!(Fq, "2101735126520897423911504562215834951148127555913367997162789335052900271653517958562461315794228241561913734371411178226936527683203879553093934185950470971848972085321797958124416462268292467002957525517188485984766314758624099");
 pub const G1_GENERATOR_Y: Fq = MontFp!(Fq, "2101735126520897423911504562215834951148127555913367997162789335052900271653517958562461315794228241561913734371411178226936527683203879553093934185950470971848972085321797958124416462268292467002957525517188485984766314758624099");
--- a/bw6_761/src/curves/g2.rs
+++ b/bw6_761/src/curves/g2.rs
@ -1,9 +1,10 @@
 use crate::{Fq, Fr};
 use ark_ec::{
    models::{ModelParameters, SWModelParameters},
    short_weierstrass_jacobian::{GroupAffine, GroupProjective},
 };
 use ark_ff::field_new;
 use ark_ff::MontFp;
 use crate::{Fq, Fr};
 pub type G2Affine = GroupAffine<Parameters>;
 pub type G2Projective = GroupProjective<Parameters>;
@ -29,23 +30,20 @@ impl ModelParameters for Parameters {
    /// COFACTOR^(-1) mod r =
    /// 214911522365886453591244899095480747723790054550866810551297776298664428889000553861210287833206024638187939842124
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "214911522365886453591244899095480747723790054550866810551297776298664428889000553861210287833206024638187939842124");
    const COFACTOR_INV: Fr = MontFp!(Fr, "214911522365886453591244899095480747723790054550866810551297776298664428889000553861210287833206024638187939842124");
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = 0
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "0");
    const COEFF_A: Fq = MontFp!(Fq, "0");
    /// COEFF_B = 4
    #[rustfmt::skip]
    const COEFF_B: Fq = field_new!(Fq, "4");
    const COEFF_B: Fq = MontFp!(Fq, "4");
    /// AFFINE_GENERATOR_COEFFS = (G2_GENERATOR_X, G2_GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
        (G2_GENERATOR_X, G2_GENERATOR_Y);
    #[inline(always)]
    fn mul_by_a(_elem: &Self::BaseField) -> Self::BaseField {
        use ark_ff::Zero;
@ -55,10 +53,8 @@ impl SWModelParameters for Parameters {
 /// G2_GENERATOR_X =
 ///  6445332910596979336035888152774071626898886139774101364933948236926875073754470830732273879639675437155036544153105017729592600560631678554299562762294743927912429096636156401171909259073181112518725201388196280039960074422214428
 #[rustfmt::skip]
 pub const G2_GENERATOR_X: Fq = field_new!(Fq, "6445332910596979336035888152774071626898886139774101364933948236926875073754470830732273879639675437155036544153105017729592600560631678554299562762294743927912429096636156401171909259073181112518725201388196280039960074422214428");
 pub const G2_GENERATOR_X: Fq = MontFp!(Fq, "6445332910596979336035888152774071626898886139774101364933948236926875073754470830732273879639675437155036544153105017729592600560631678554299562762294743927912429096636156401171909259073181112518725201388196280039960074422214428");
 /// G2_GENERATOR_Y =
 /// 562923658089539719386922163444547387757586534741080263946953401595155211934630598999300396317104182598044793758153214972605680357108252243146746187917218885078195819486220416605630144001533548163105316661692978285266378674355041
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y: Fq = field_new!(Fq, "562923658089539719386922163444547387757586534741080263946953401595155211934630598999300396317104182598044793758153214972605680357108252243146746187917218885078195819486220416605630144001533548163105316661692978285266378674355041");
 pub const G2_GENERATOR_Y: Fq = MontFp!(Fq, "562923658089539719386922163444547387757586534741080263946953401595155211934630598999300396317104182598044793758153214972605680357108252243146746187917218885078195819486220416605630144001533548163105316661692978285266378674355041");
--- a/bw6_761/src/curves/mod.rs
+++ b/bw6_761/src/curves/mod.rs
@ -1,10 +1,11 @@
 use crate::*;
 use ark_ec::{
    bw6,
    bw6::{BW6Parameters, TwistType, BW6},
 };
 use ark_ff::{biginteger::BigInteger768 as BigInteger, BigInt};
 use crate::*;
 pub mod g1;
 pub mod g2;
@ -47,8 +48,8 @@ impl BW6Parameters for Parameters {
    const ATE_LOOP_COUNT_2_IS_NEGATIVE: bool = false;
    const TWIST_TYPE: TwistType = TwistType::M;
    type Fp = Fq;
    type Fp3Params = Fq3Parameters;
    type Fp6Params = Fq6Parameters;
    type Fp3Config = Fq3Config;
    type Fp6Config = Fq6Config;
    type G1Parameters = g1::Parameters;
    type G2Parameters = g2::Parameters;
 }
--- a/bw6_761/src/curves/tests.rs
+++ b/bw6_761/src/curves/tests.rs
@ -1,15 +1,13 @@
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test, groups::*, msm::*,
 };
 use ark_ec::{AffineCurve, PairingEngine};
 use ark_ff::{Field, One, PrimeField};
 use ark_std::{rand::Rng, test_rng};
 use core::ops::MulAssign;
 use crate::*;
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test, groups::*, msm::*,
 };
 use core::ops::MulAssign;
 generate_g1_test!(bw6_761; curve_tests; sw_tests;);
 generate_g2_test!(bw6_761; curve_tests; sw_tests;);
 generate_bilinearity_test!(BW6_761, Fq6);
--- a/bw6_761/src/fields/fq.rs
+++ b/bw6_761/src/fields/fq.rs
@ -1,175 +1,10 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger768 as BigInteger},
    field_new,
    fields::{FftParameters, Fp768, Fp768Parameters, FpParameters},
 };
 use ark_ff::fields::{Fp768, MontBackend, MontConfig, MontFp};
 pub type Fq = Fp768<FqParameters>;
 #[derive(MontConfig)]
 #[modulus = "6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068299"]
 #[generator = "2"]
 pub struct FqConfig;
 pub type Fq = Fp768<MontBackend<FqConfig, 12>>;
 pub struct FqParameters;
 pub const FQ_ONE: Fq = field_new!(Fq, "1");
 pub const FQ_ZERO: Fq = field_new!(Fq, "0");
 impl Fp768Parameters for FqParameters {}
 impl FftParameters for FqParameters {
    type BigInt = BigInteger;
    // The internal representation of this type is six 64-bit unsigned
    // integers in little-endian order. Values are always in
    // Montgomery form; i.e., Scalar(a) = aR mod p, with R=2^768.
    // (MODULUS - 1) % 2^TWO_ADICITY == 0
    const TWO_ADICITY: u32 = 1;
    // least_quadratic_nonresidue(MODULUS) in Sage.
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        17481284903592032950u64,
        10104133845767975835u64,
        8607375506753517913u64,
        13706168424391191299u64,
        9580010308493592354u64,
        14241333420363995524u64,
        6665632285037357566u64,
        5559902898979457045u64,
        15504799981718861253u64,
        8332096944629367896u64,
        18005297320867222879u64,
        58811391084848524u64,
    ]);
 }
 impl FpParameters for FqParameters {
    /// MODULUS = 6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068299
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
       0xf49d00000000008b,
       0xe6913e6870000082,
       0x160cf8aeeaf0a437,
       0x98a116c25667a8f8,
       0x71dcd3dc73ebff2e,
       0x8689c8ed12f9fd90,
       0x03cebaff25b42304,
       0x707ba638e584e919,
       0x528275ef8087be41,
       0xb926186a81d14688,
       0xd187c94004faff3e,
       0x122e824fb83ce0a
    ]);
    const MODULUS_BITS: u32 = 761;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    // gap to 64-bit machine word
    const REPR_SHAVE_BITS: u32 = 7;
    // 2^768 % MODULUS
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        144959613005956565u64,
        6509995272855063783u64,
        11428286765660613342u64,
        15738672438262922740u64,
        17071399330169272331u64,
        13899911246788437003u64,
        12055474021000362245u64,
        2545351818702954755u64,
        8887388221587179644u64,
        5009280847225881135u64,
        15539704305423854047u64,
        23071597697427581u64,
    ]);
    // R^2
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        14305184132582319705u64,
        8868935336694416555u64,
        9196887162930508889u64,
        15486798265448570248u64,
        5402985275949444416u64,
        10893197322525159598u64,
        3204916688966998390u64,
        12417238192559061753u64,
        12426306557607898622u64,
        1305582522441154384u64,
        10311846026977660324u64,
        48736111365249031u64,
    ]);
    // (-1/MODULUS) % 2^64
    const INV: u64 = 744663313386281181u64;
    /// GENERATOR = 2
    // primitive_root(MODULUS)
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        289919226011913130u64,
        13019990545710127566u64,
        4409829457611675068u64,
        13030600802816293865u64,
        15696054586628993047u64,
        9353078419867322391u64,
        5664203968291172875u64,
        5090703637405909511u64,
        17774776443174359288u64,
        10018561694451762270u64,
        12632664537138156478u64,
        46143195394855163u64,
    ]);
    // (MODULUS - 1) / 2
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x7a4e800000000045,
        0xf3489f3438000041,
        0x0b067c577578521b,
        0x4c508b612b33d47c,
        0x38ee69ee39f5ff97,
        0x4344e476897cfec8,
        0x81e75d7f92da1182,
        0xb83dd31c72c2748c,
        0x29413af7c043df20,
        0x5c930c3540e8a344,
        0x68c3e4a0027d7f9f,
        0x9174127dc1e705,
    ]);
    // T =
    // 3445725192157866269698394841137828771239834456268075054756895080104811711121745868043841591644705843820432283876893306725580879560277123879674755849562650799475802549689254425186271815711798397975949850214984556421382456559534149
    // (MODULUS - 1) / 2 ^ TWO_ADICITY
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0x7a4e800000000045,
        0xf3489f3438000041,
        0x0b067c577578521b,
        0x4c508b612b33d47c,
        0x38ee69ee39f5ff97,
        0x4344e476897cfec8,
        0x81e75d7f92da1182,
        0xb83dd31c72c2748c,
        0x29413af7c043df20,
        0x5c930c3540e8a344,
        0x68c3e4a0027d7f9f,
        0x9174127dc1e705,
    ]);
    // (T - 1)/2 =
    // 1722862596078933134849197420568914385619917228134037527378447540052405855560872934021920795822352921910216141938446653362790439780138561939837377924781325399737901274844627212593135907855899198987974925107492278210691228279767074
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xbd27400000000022,
        0xf9a44f9a1c000020,
        0x05833e2bbabc290d,
        0xa62845b09599ea3e,
        0x1c7734f71cfaffcb,
        0x21a2723b44be7f64,
        0x40f3aebfc96d08c1,
        0x5c1ee98e39613a46,
        0x14a09d7be021ef90,
        0xae49861aa07451a2,
        0xb461f250013ebfcf,
        0x48ba093ee0f382,
    ]);
 }
 pub const FQ_ONE: Fq = MontFp!(Fq, "1");
 pub const FQ_ZERO: Fq = MontFp!(Fq, "0");
--- a/bw6_761/src/fields/fq3.rs
+++ b/bw6_761/src/fields/fq3.rs
@ -1,6 +1,6 @@
 use ark_ff::{
    field_new,
    fields::fp3::{Fp3, Fp3Parameters},
    fields::fp3::{Fp3, Fp3Config},
    CubicExt, MontFp,
 };
 use crate::{
@ -8,24 +8,23 @@ use crate::{
    Fq,
 };
 pub type Fq3 = Fp3<Fq3Parameters>;
 pub type Fq3 = Fp3<Fq3Config>;
 pub struct Fq3Parameters;
 pub struct Fq3Config;
 impl Fp3Parameters for Fq3Parameters {
 impl Fp3Config for Fq3Config {
    type Fp = Fq;
    /// NONRESIDUE = -4
    // Fq3 = Fq\[u\]/u^3+4
    #[rustfmt::skip]
    const NONRESIDUE: Fq = field_new!(Fq, "-4");
    const NONRESIDUE: Fq = MontFp!(Fq, "-4");
    // (MODULUS^3 - 1) % 2^TWO_ADICITY == 0
    const TWO_ADICITY: u32 = 1;
    // (T-1)/2 with T = (MODULUS^3-1) / 2^TWO_ADICITY
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: &'static [u64] = &[
    const TRACE_MINUS_ONE_DIV_TWO: &'static [u64] = &[
        0xb5e7c000000a3eac,
        0xf79b99dbf41cf4ab,
        0xe9372b1919e55ee5,
@ -65,27 +64,24 @@ impl Fp3Parameters for Fq3Parameters {
    ];
    // NONRESIDUE^T % q
    #[rustfmt::skip]
    const QUADRATIC_NONRESIDUE_TO_T: (Fq, Fq, Fq) = (
        field_new!(Fq, "6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068298"),
    const QUADRATIC_NONRESIDUE_TO_T: Fq3 = CubicExt!(
        MontFp!(Fq, "6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068298"),
        FQ_ZERO,
        FQ_ZERO,
    );
    // NQR ^ (MODULUS^i - 1)/3, i=0,1,2 with NQR = u = (0,1,0)
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP3_C1: &'static [Fq] = &[
        FQ_ONE,
        field_new!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"),
        field_new!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292650"),
        MontFp!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"),
        MontFp!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292650"),
    ];
    // NQR ^ (2*MODULUS^i - 2)/3, i=0,1,2 with NQR = u = (0,1,0)
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP3_C2: &'static [Fq] = &[
        FQ_ONE,
        field_new!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292650"),
        field_new!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"),
        MontFp!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292650"),
        MontFp!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"),
    ];
    #[inline(always)]
--- a/bw6_761/src/fields/fq6.rs
+++ b/bw6_761/src/fields/fq6.rs
@ -1,27 +1,26 @@
 use crate::{Fq, Fq3, Fq3Parameters, FQ_ONE, FQ_ZERO};
 use ark_ff::{
    field_new,
    fields::fp6_2over3::{Fp6, Fp6Parameters},
    fields::fp6_2over3::{Fp6, Fp6Config},
    CubicExt, MontFp,
 };
 pub type Fq6 = Fp6<Fq6Parameters>;
 use crate::{Fq, Fq3, Fq3Config, FQ_ONE, FQ_ZERO};
 pub struct Fq6Parameters;
 pub type Fq6 = Fp6<Fq6Config>;
 impl Fp6Parameters for Fq6Parameters {
    type Fp3Params = Fq3Parameters;
 pub struct Fq6Config;
 impl Fp6Config for Fq6Config {
    type Fp3Config = Fq3Config;
    /// NONRESIDUE = (0, 1, 0)
    #[rustfmt::skip]
    const NONRESIDUE: Fq3 = field_new!(Fq3, FQ_ZERO, FQ_ONE, FQ_ZERO);
    const NONRESIDUE: Fq3 = CubicExt!(FQ_ZERO, FQ_ONE, FQ_ZERO);
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C1: &'static [Fq] = &[
        field_new!(Fq, "1"),
        field_new!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775649"),
        field_new!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"),
        field_new!(Fq, "-1"),
        field_new!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292650"),
        field_new!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292651"),
        MontFp!(Fq, "1"),
        MontFp!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775649"),
        MontFp!(Fq, "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"),
        MontFp!(Fq, "-1"),
        MontFp!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292650"),
        MontFp!(Fq, "1968985824090209297278610739700577151397666382303825728450741611566800370218827257750865013421937292370006175842381275743914023380727582819905021229583192207421122272650305267822868639090213645505120388400344940985710520836292651"),
    ];
 }
--- a/bw6_761/src/fields/fr.rs
+++ b/bw6_761/src/fields/fr.rs
@ -1 +1 @@
 pub use ark_bls12_377::{Fq as Fr, FqParameters as FrParameters};
 pub use ark_bls12_377::{Fq as Fr, FqConfig as FrConfig};
--- a/bw6_761/src/fields/tests.rs
+++ b/bw6_761/src/fields/tests.rs
@ -1,14 +1,12 @@
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use ark_ff::{Field, One, PrimeField, SquareRootField, UniformRand, Zero};
 use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
 use ark_std::{rand::Rng, test_rng};
 use core::ops::{AddAssign, MulAssign, SubAssign};
 use crate::*;
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use core::ops::{AddAssign, MulAssign, SubAssign};
 generate_field_test!(bw6_761; fq3; fq6;);
 generate_field_test!(bw6_761; fq3; fq6; mont(12, 6); );
 generate_field_serialization_test!(bw6_761;);
--- a/bw6_761/src/lib.rs
+++ b/bw6_761/src/lib.rs
@ -9,9 +9,10 @@
 #![forbid(unsafe_code)]
 //! This library implements the BW6_761 curve generated in [\[EG20\]](https://eprint.iacr.org/2020/351).
 //! The name denotes that it is a curve generated using the Brezing--Weng method, and that
 //! its embedding degree is 6.
 //! The main feature of this curve is that the scalar field equals the base field of the BLS12_377 curve.
 //! The name denotes that it is a curve generated using the Brezing--Weng
 //! method, and that its embedding degree is 6.
 //! The main feature of this curve is that the scalar field equals the base
 //! field of the BLS12_377 curve.
 //!
 //! Curve information:
 //! * Base field: q = 6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068299
--- a/cp6_782/scripts/base_field.sage
+++ b/cp6_782/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/cp6_782/scripts/scalar_field.sage
+++ b/cp6_782/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/cp6_782/src/curves/g1.rs
+++ b/cp6_782/src/curves/g1.rs
@ -2,7 +2,7 @@ use ark_ec::{
    models::{ModelParameters, SWModelParameters},
    short_weierstrass_jacobian::{GroupAffine, GroupProjective},
 };
 use ark_ff::field_new;
 use ark_ff::MontFp;
 use crate::{Fq, Fr};
@ -31,18 +31,15 @@ impl ModelParameters for Parameters {
    /// COFACTOR^(-1) mod r =
    /// 163276846538158998893990986356139314746223949404500031940624325017036397274793417940375498603127780919653358641788
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "163276846538158998893990986356139314746223949404500031940624325017036397274793417940375498603127780919653358641788");
    const COFACTOR_INV: Fr = MontFp!(Fr, "163276846538158998893990986356139314746223949404500031940624325017036397274793417940375498603127780919653358641788");
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = 5
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "5");
    const COEFF_A: Fq = MontFp!(Fq, "5");
    /// COEFF_B = 17764315118651679038286329069295091506801468118146712649886336045535808055361274148466772191243305528312843236347777260247138934336850548243151534538734724191505953341403463040067571652261229308333392040104884438208594329793895206056414
    #[rustfmt::skip]
    const COEFF_B: Fq = field_new!(Fq, "17764315118651679038286329069295091506801468118146712649886336045535808055361274148466772191243305528312843236347777260247138934336850548243151534538734724191505953341403463040067571652261229308333392040104884438208594329793895206056414");
    const COEFF_B: Fq = MontFp!(Fq, "17764315118651679038286329069295091506801468118146712649886336045535808055361274148466772191243305528312843236347777260247138934336850548243151534538734724191505953341403463040067571652261229308333392040104884438208594329793895206056414");
    /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@ -51,10 +48,8 @@ impl SWModelParameters for Parameters {
 /// G1_GENERATOR_X =
 /// 5511163824921585887915590525772884263960974614921003940645351443740084257508990841338974915037175497689287870585840954231884082785026301437744745393958283053278991955159266640440849940136976927372133743626748847559939620888818486853646
 #[rustfmt::skip]
 pub const G1_GENERATOR_X: Fq = field_new!(Fq, "5511163824921585887915590525772884263960974614921003940645351443740084257508990841338974915037175497689287870585840954231884082785026301437744745393958283053278991955159266640440849940136976927372133743626748847559939620888818486853646");
 pub const G1_GENERATOR_X: Fq = MontFp!(Fq, "5511163824921585887915590525772884263960974614921003940645351443740084257508990841338974915037175497689287870585840954231884082785026301437744745393958283053278991955159266640440849940136976927372133743626748847559939620888818486853646");
 /// G1_GENERATOR_Y =
 /// 7913123550914612057135582061699117755797758113868200992327595317370485234417808273674357776714522052694559358668442301647906991623400754234679697332299689255516547752391831738454121261248793568285885897998257357202903170202349380518443
 #[rustfmt::skip]
 pub const G1_GENERATOR_Y: Fq = field_new!(Fq, "7913123550914612057135582061699117755797758113868200992327595317370485234417808273674357776714522052694559358668442301647906991623400754234679697332299689255516547752391831738454121261248793568285885897998257357202903170202349380518443");
 pub const G1_GENERATOR_Y: Fq = MontFp!(Fq, "7913123550914612057135582061699117755797758113868200992327595317370485234417808273674357776714522052694559358668442301647906991623400754234679697332299689255516547752391831738454121261248793568285885897998257357202903170202349380518443");
--- a/cp6_782/src/curves/g2.rs
+++ b/cp6_782/src/curves/g2.rs
@ -2,7 +2,7 @@ use ark_ec::{
    models::{ModelParameters, SWModelParameters},
    short_weierstrass_jacobian::{GroupAffine, GroupProjective},
 };
 use ark_ff::field_new;
 use ark_ff::{CubicExt, MontFp};
 use crate::{Fq, Fq3, Fr, FQ_ZERO};
@ -55,25 +55,18 @@ impl ModelParameters for Parameters {
    /// COFACTOR^(-1) mod r =
    /// 45586359457219724873147353901735745013467692594291916855200979604570630929674383405372210802279573887880950375598
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "45586359457219724873147353901735745013467692594291916855200979604570630929674383405372210802279573887880950375598");
    const COFACTOR_INV: Fr = MontFp!(Fr, "45586359457219724873147353901735745013467692594291916855200979604570630929674383405372210802279573887880950375598");
 }
 impl SWModelParameters for Parameters {
    /// COEFF_A = (0, 0, COEFF_A * TWIST^2) = (0, 0, 5)
    #[rustfmt::skip]
    const COEFF_A: Fq3 = field_new!(Fq3,
        FQ_ZERO,
        FQ_ZERO,
        field_new!(Fq, "5"),
    );
    const COEFF_A: Fq3 = CubicExt!(FQ_ZERO, FQ_ZERO, MontFp!(Fq, "5"),);
    /// COEFF_B = (G1::COEFF_B * TWIST^3, 0, 0) =
    /// (7237353553714858194254855835825640240663090882935418626687402315497764195116318527743248304684159666286416318482685337633828994152723793439622384740540789612754127688659139509552568164770448654259255628317166934203899992395064470477612,
    /// 0, 0)
    #[rustfmt::skip]
    const COEFF_B: Fq3 = field_new!(Fq3,
        field_new!(Fq, "7237353553714858194254855835825640240663090882935418626687402315497764195116318527743248304684159666286416318482685337633828994152723793439622384740540789612754127688659139509552568164770448654259255628317166934203899992395064470477612"),
    const COEFF_B: Fq3 = CubicExt!(
        MontFp!(Fq, "7237353553714858194254855835825640240663090882935418626687402315497764195116318527743248304684159666286416318482685337633828994152723793439622384740540789612754127688659139509552568164770448654259255628317166934203899992395064470477612"),
        FQ_ZERO,
        FQ_ZERO,
    );
@ -83,37 +76,29 @@ impl SWModelParameters for Parameters {
        (G2_GENERATOR_X, G2_GENERATOR_Y);
 }
 const G2_GENERATOR_X: Fq3 =
    field_new!(Fq3, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1, G2_GENERATOR_X_C2);
 const G2_GENERATOR_Y: Fq3 =
    field_new!(Fq3, G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1, G2_GENERATOR_Y_C2);
 const G2_GENERATOR_X: Fq3 = CubicExt!(G2_GENERATOR_X_C0, G2_GENERATOR_X_C1, G2_GENERATOR_X_C2);
 const G2_GENERATOR_Y: Fq3 = CubicExt!(G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1, G2_GENERATOR_Y_C2);
 /// G2_GENERATOR_X_C0 =
 /// 13426761183630949215425595811885033211332897733228446437546263564078445562454176776915160094418980045665397361295624472103734543457352048745726512354895954850428989867542989474136256025045975283415690491751906307188562464175510373683338
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C0: Fq = field_new!(Fq, "13426761183630949215425595811885033211332897733228446437546263564078445562454176776915160094418980045665397361295624472103734543457352048745726512354895954850428989867542989474136256025045975283415690491751906307188562464175510373683338");
 pub const G2_GENERATOR_X_C0: Fq = MontFp!(Fq, "13426761183630949215425595811885033211332897733228446437546263564078445562454176776915160094418980045665397361295624472103734543457352048745726512354895954850428989867542989474136256025045975283415690491751906307188562464175510373683338");
 /// G2_GENERATOR_X_C1 =
 /// 20471601555918880743198170952645906008198510944268658573129351735028343217532386920456705632337352161031960990613816401042894531220068552819818037605513359562118363589199569321421558696125646867661360498323171027455638052943806292028610
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C1: Fq = field_new!(Fq, "20471601555918880743198170952645906008198510944268658573129351735028343217532386920456705632337352161031960990613816401042894531220068552819818037605513359562118363589199569321421558696125646867661360498323171027455638052943806292028610");
 pub const G2_GENERATOR_X_C1: Fq = MontFp!(Fq, "20471601555918880743198170952645906008198510944268658573129351735028343217532386920456705632337352161031960990613816401042894531220068552819818037605513359562118363589199569321421558696125646867661360498323171027455638052943806292028610");
 /// G2_GENERATOR_X_C2 =
 /// 3905053196875761830053608605277158152930144841844497593936739534395003062685449846381431331169369910535935138116320442345524758217411779027270883193856999691582831339845600938304719916501940381093815781408183227875600753651697934495980
 #[rustfmt::skip]
 pub const G2_GENERATOR_X_C2: Fq = field_new!(Fq, "3905053196875761830053608605277158152930144841844497593936739534395003062685449846381431331169369910535935138116320442345524758217411779027270883193856999691582831339845600938304719916501940381093815781408183227875600753651697934495980");
 pub const G2_GENERATOR_X_C2: Fq = MontFp!(Fq, "3905053196875761830053608605277158152930144841844497593936739534395003062685449846381431331169369910535935138116320442345524758217411779027270883193856999691582831339845600938304719916501940381093815781408183227875600753651697934495980");
 /// G2_GENERATOR_Y_C0 =
 /// 8567517639523571619872938228644013584947463594196306323477160496987712111576624702939472765993995586889532559039169098780892505598589581147768095093536988446010255611523736706017580686335404469207486594272103717837888228343074699140243
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C0: Fq = field_new!(Fq, "8567517639523571619872938228644013584947463594196306323477160496987712111576624702939472765993995586889532559039169098780892505598589581147768095093536988446010255611523736706017580686335404469207486594272103717837888228343074699140243");
 pub const G2_GENERATOR_Y_C0: Fq = MontFp!(Fq, "8567517639523571619872938228644013584947463594196306323477160496987712111576624702939472765993995586889532559039169098780892505598589581147768095093536988446010255611523736706017580686335404469207486594272103717837888228343074699140243");
 /// G2_GENERATOR_Y_C1 =
 /// 3890537069205870914984502594450293167889863914413852788876350245583932846980126025043974070704295857226211547108005650399870458089721518559480870503159804530091559886149680718531004778697982910253701559194337987238111062202037698927752
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C1: Fq = field_new!(Fq, "3890537069205870914984502594450293167889863914413852788876350245583932846980126025043974070704295857226211547108005650399870458089721518559480870503159804530091559886149680718531004778697982910253701559194337987238111062202037698927752");
 pub const G2_GENERATOR_Y_C1: Fq = MontFp!(Fq, "3890537069205870914984502594450293167889863914413852788876350245583932846980126025043974070704295857226211547108005650399870458089721518559480870503159804530091559886149680718531004778697982910253701559194337987238111062202037698927752");
 /// G2_GENERATOR_Y_C2 =
 /// 10936269922612615564271188303104593362724754284143779051599749016735041389483971486958818324356025479751246744831831158558101688599198721653921723013062333636402617118847009085485166284126970598561393411916461254016145116183331671450721
 #[rustfmt::skip]
 pub const G2_GENERATOR_Y_C2: Fq = field_new!(Fq, "10936269922612615564271188303104593362724754284143779051599749016735041389483971486958818324356025479751246744831831158558101688599198721653921723013062333636402617118847009085485166284126970598561393411916461254016145116183331671450721");
 pub const G2_GENERATOR_Y_C2: Fq = MontFp!(Fq, "10936269922612615564271188303104593362724754284143779051599749016735041389483971486958818324356025479751246744831831158558101688599198721653921723013062333636402617118847009085485166284126970598561393411916461254016145116183331671450721");
--- a/cp6_782/src/curves/mod.rs
+++ b/cp6_782/src/curves/mod.rs
@ -1,9 +1,8 @@
 use ark_ec::{models::SWModelParameters, PairingEngine};
 use ark_ff::{
    biginteger::BigInteger832,
    field_new,
    fields::{BitIteratorBE, Field},
    BigInt, One,
    BigInt, CubicExt, One,
 };
 use crate::{Fq, Fq3, Fq6, Fr, FQ_ONE, FQ_ZERO};
@ -154,7 +153,7 @@ impl CP6_782 {
 }
 /// TWIST = (0, 1, 0)
 pub const TWIST: Fq3 = field_new!(Fq3, FQ_ZERO, FQ_ONE, FQ_ZERO);
 pub const TWIST: Fq3 = CubicExt!(FQ_ZERO, FQ_ONE, FQ_ZERO);
 /// ATE_IS_LOOP_COUNT_NEG = false
 pub const ATE_IS_LOOP_COUNT_NEG: bool = false;
--- a/cp6_782/src/curves/tests.rs
+++ b/cp6_782/src/curves/tests.rs
@ -1,15 +1,13 @@
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test, groups::*, msm::*,
 };
 use ark_ec::{AffineCurve, PairingEngine};
 use ark_ff::{Field, One, PrimeField};
 use ark_std::{rand::Rng, test_rng};
 use core::ops::MulAssign;
 use crate::*;
 use ark_algebra_test_templates::{
    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test, groups::*, msm::*,
 };
 use core::ops::MulAssign;
 generate_g1_test!(cp6_782; curve_tests; sw_tests;);
 generate_g2_test!(cp6_782; curve_tests; sw_tests;);
 generate_bilinearity_test!(CP6_782, Fq6);
--- a/cp6_782/src/fields/fq.rs
+++ b/cp6_782/src/fields/fq.rs
@ -1,169 +1,10 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger832 as BigInteger},
    fields::{FftParameters, Fp832, Fp832Parameters, FpParameters},
 };
 use ark_ff::fields::{Fp832, MontBackend, MontConfig, MontFp};
 pub type Fq = Fp832<FqParameters>;
 #[derive(MontConfig)]
 #[modulus = "22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577"]
 #[generator = "13"]
 pub struct FqConfig;
 pub type Fq = Fp832<MontBackend<FqConfig, 13>>;
 pub struct FqParameters;
 pub const FQ_ONE: Fq = ark_ff::field_new!(Fq, "1");
 pub const FQ_ZERO: Fq = ark_ff::field_new!(Fq, "0");
 impl Fp832Parameters for FqParameters {}
 impl FftParameters for FqParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 3;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        18044746167194862600u64,
        63590321303744709u64,
        5009346151370959890u64,
        2859114157767503991u64,
        8301813204852325413u64,
        5629414263664332594u64,
        2637340888701394641u64,
        17433538052687852753u64,
        2230763098934759248u64,
        3785382115983092023u64,
        8895511354022222370u64,
        15792083141709071785u64,
        1328u64,
    ]);
 }
 impl FpParameters for FqParameters {
    /// MODULUS = 22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        0xdace79b57b942ae9,
        0x545d85c16dfd424a,
        0xee135c065f4d26b7,
        0x9c2f764a12c4024b,
        0x1ad533049cfe6a39,
        0x52a3fb77c79c1320,
        0xab3596c8617c5792,
        0x830c728d80f9d78b,
        0x6a7223ee72023d07,
        0xbc5d176b746af026,
        0xe959283d8f526663,
        0xc4d2263babf8941f,
        0x3848,
    ]);
    const MODULUS_BITS: u32 = 782;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 50;
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        11190988450819017841u64,
        16170411717126802030u64,
        2265463223430229059u64,
        16946880912571045974u64,
        11155248462028513229u64,
        12855672356664541314u64,
        8489376931127408159u64,
        2655797810825538098u64,
        9648483887143916718u64,
        17514963461276738952u64,
        16777089214204267338u64,
        15649035958020076168u64,
        8659u64,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        13983406830510863714u64,
        17863856572171232656u64,
        1698388424046564526u64,
        1773634430448388392u64,
        8684647957094413275u64,
        3992637317298078843u64,
        18420879196616862245u64,
        3238482510270583127u64,
        7928200707794018216u64,
        10024831010452223910u64,
        9613847725664942650u64,
        15361265984156787358u64,
        7833u64,
    ]);
    const INV: u64 = 14469047335842394791u64;
    /// GENERATOR = 13
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        16669393626057438558u64,
        1640520694378723217u64,
        1598646156981121135u64,
        12401834967100173388u64,
        2356467520877704673u64,
        14759118825104212161u64,
        5556628239575210651u64,
        5317520392768798654u64,
        16398429955031064995u64,
        3556102264904210145u64,
        8166834915717907988u64,
        11926665585800594452u64,
        11716u64,
    ]);
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0x6d673cdabdca1574,
        0xaa2ec2e0b6fea125,
        0xf709ae032fa6935b,
        0xce17bb2509620125,
        0xd6a99824e7f351c,
        0x2951fdbbe3ce0990,
        0xd59acb6430be2bc9,
        0xc1863946c07cebc5,
        0x353911f739011e83,
        0xde2e8bb5ba357813,
        0xf4ac941ec7a93331,
        0x6269131dd5fc4a0f,
        0x1c24,
    ]);
    // (T - 1)/2 =
    // 1398117143679731058146671387906315933423474966581074036386468539227923378278626533764529938634242576261128410962740119034868607201414583335758422276643816405480145410934911750070786645716409577212967755581539567265673914343284832551598
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xadace79b57b942ae,
        0x7545d85c16dfd424,
        0xbee135c065f4d26b,
        0x99c2f764a12c4024,
        0x1ad533049cfe6a3,
        0x252a3fb77c79c132,
        0xbab3596c8617c579,
        0x7830c728d80f9d78,
        0x66a7223ee72023d0,
        0x3bc5d176b746af02,
        0xfe959283d8f52666,
        0x8c4d2263babf8941,
        0x384,
    ]);
    // T =
    // 2796234287359462116293342775812631866846949933162148072772937078455846756557253067529059877268485152522256821925480238069737214402829166671516844553287632810960290821869823500141573291432819154425935511163079134531347828686569665103197
    #[rustfmt::skip]
    const T: BigInteger = BigInt::new([
        0x5b59cf36af72855d,
        0xea8bb0b82dbfa849,
        0x7dc26b80cbe9a4d6,
        0x3385eec942588049,
        0x35aa660939fcd47,
        0x4a547f6ef8f38264,
        0x7566b2d90c2f8af2,
        0xf0618e51b01f3af1,
        0xcd4e447dce4047a0,
        0x778ba2ed6e8d5e04,
        0xfd2b2507b1ea4ccc,
        0x189a44c7757f1283,
        0x709,
    ]);
 }
 pub const FQ_ONE: Fq = MontFp!(Fq, "1");
 pub const FQ_ZERO: Fq = MontFp!(Fq, "0");
--- a/cp6_782/src/fields/fq3.rs
+++ b/cp6_782/src/fields/fq3.rs
@ -1,25 +1,24 @@
 use crate::{fields::FQ_ZERO, Fq};
 use ark_ff::{
    field_new,
    fields::fp3::{Fp3, Fp3Parameters},
    Field,
    fields::fp3::{Fp3, Fp3Config},
    CubicExt, Field, MontFp,
 };
 pub type Fq3 = Fp3<Fq3Parameters>;
 use crate::{fields::FQ_ZERO, Fq};
 pub type Fq3 = Fp3<Fq3Config>;
 pub struct Fq3Parameters;
 pub struct Fq3Config;
 impl Fp3Parameters for Fq3Parameters {
 impl Fp3Config for Fq3Config {
    type Fp = Fq;
    /// NONRESIDUE = 13
    #[rustfmt::skip]
    const NONRESIDUE: Fq = field_new!(Fq, "13");
    const NONRESIDUE: Fq = MontFp!(Fq, "13");
    const TWO_ADICITY: u32 = 3;
    #[rustfmt::skip]
    const T_MINUS_ONE_DIV_TWO: &'static [u64] = &[
    const TRACE_MINUS_ONE_DIV_TWO: &'static [u64] = &[
        0x62730e2cd2029617,
        0x660647f735cb88cf,
        0x274359d60784f69d,
@ -59,25 +58,22 @@ impl Fp3Parameters for Fq3Parameters {
        0x2b87fda171,
    ];
    #[rustfmt::skip]
    const QUADRATIC_NONRESIDUE_TO_T: (Fq, Fq, Fq) = (
        field_new!(Fq, "5759691735434357221228070840130186543101559976323700017469395641639510585333061695996665166662748527158637897523704071820491869715512532675375604262649010727161924084052120196921150869218319839231115277876207074651754402338718419191428"),
    const QUADRATIC_NONRESIDUE_TO_T: Fq3 = CubicExt!(
        MontFp!(Fq, "5759691735434357221228070840130186543101559976323700017469395641639510585333061695996665166662748527158637897523704071820491869715512532675375604262649010727161924084052120196921150869218319839231115277876207074651754402338718419191428"),
        FQ_ZERO,
        FQ_ZERO,
    );
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP3_C1: &'static [Fq] = &[
        field_new!(Fq, "1"),
        field_new!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756861"),
        field_new!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068715"),
        MontFp!(Fq, "1"),
        MontFp!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756861"),
        MontFp!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068715"),
    ];
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP3_C2: &'static [Fq] = &[
        field_new!(Fq, "1"),
        field_new!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068715"),
        field_new!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756861"),
        MontFp!(Fq, "1"),
        MontFp!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068715"),
        MontFp!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756861"),
    ];
    #[inline(always)]
--- a/cp6_782/src/fields/fq6.rs
+++ b/cp6_782/src/fields/fq6.rs
@ -1,27 +1,26 @@
 use crate::{Fq, Fq3, Fq3Parameters, FQ_ONE, FQ_ZERO};
 use ark_ff::{
    field_new,
    fields::fp6_2over3::{Fp6, Fp6Parameters},
    fields::fp6_2over3::{Fp6, Fp6Config},
    CubicExt, MontFp,
 };
 pub type Fq6 = Fp6<Fq6Parameters>;
 use crate::{Fq, Fq3, Fq3Config, FQ_ONE, FQ_ZERO};
 pub struct Fq6Parameters;
 pub type Fq6 = Fp6<Fq6Config>;
 impl Fp6Parameters for Fq6Parameters {
    type Fp3Params = Fq3Parameters;
 pub struct Fq6Config;
 impl Fp6Config for Fq6Config {
    type Fp3Config = Fq3Config;
    /// NONRESIDUE = (0, 1, 0).
    #[rustfmt::skip]
    const NONRESIDUE: Fq3 = field_new!(Fq3, FQ_ZERO, FQ_ONE, FQ_ZERO);
    const NONRESIDUE: Fq3 = CubicExt!(FQ_ZERO, FQ_ONE, FQ_ZERO);
    #[rustfmt::skip]
    const FROBENIUS_COEFF_FP6_C1: &'static [Fq] = &[
        field_new!(Fq, "1"),
        field_new!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756862"),
        field_new!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756861"),
        field_new!(Fq, "22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825576"),
        field_new!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068715"),
        field_new!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068716"),
        MontFp!(Fq, "1"),
        MontFp!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756862"),
        MontFp!(Fq, "2416169158604010336818399199316106389588878314690767988978701685873498866746813334102117883272276610365242925950967572554030909749205624998805208910209389668659757274773858916683688639755413288353778854399286396639505385648830027756861"),
        MontFp!(Fq, "22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825576"),
        MontFp!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068715"),
        MontFp!(Fq, "19953705140271686593528343007184948545186721150606416593204794941773275185711211206130361134875604609812811649452874332003866805473427708373329547516091672819022569300184729084448897691707139947053705234905346679611277243843727293068716"),
    ];
 }
--- a/cp6_782/src/fields/fr.rs
+++ b/cp6_782/src/fields/fr.rs
@ -1 +1 @@
 pub use ark_bls12_377::{Fq as Fr, FqParameters as FrParameters};
 pub use ark_bls12_377::{Fq as Fr, FqConfig as FrConfig};
--- a/cp6_782/src/fields/mod.rs
+++ b/cp6_782/src/fields/mod.rs
@ -10,5 +10,5 @@ pub use self::fq3::*;
 pub mod fq6;
 pub use self::fq6::*;
 #[cfg(all(feature = "cp6_782", test))]
 #[cfg(test)]
 mod tests;
--- a/cp6_782/src/fields/tests.rs
+++ b/cp6_782/src/fields/tests.rs
@ -1,14 +1,12 @@
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use ark_ff::{Field, One, PrimeField, SquareRootField, UniformRand, Zero};
 use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
 use ark_std::{rand::Rng, test_rng};
 use core::ops::{AddAssign, MulAssign, SubAssign};
 use crate::*;
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use core::ops::{AddAssign, MulAssign, SubAssign};
 generate_field_test!(cp6_782; fq3; fq6;);
 generate_field_test!(cp6_782; fq3; fq6; mont(13, 6); );
 generate_field_serialization_test!(cp6_782;);
--- a/cp6_782/src/lib.rs
+++ b/cp6_782/src/lib.rs
@ -9,8 +9,9 @@
 #![forbid(unsafe_code)]
 //! This library implements the CP6_782 curve generated in [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962).
 //! The name denotes that it was generated using the Cocks--Pinch method for the embedding degree 6.
 //! The main feature of this curve is that the scalar field equals the base field of the BLS12_377 curve.
 //! The name denotes that it was generated using the Cocks--Pinch method for the
 //! embedding degree 6. The main feature of this curve is that the scalar field
 //! equals the base field of the BLS12_377 curve.
 //!
 //! Curve information:
 //! * Base field: q = 22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577
--- a/curve-benches/benches/bn254.rs
+++ b/curve-benches/benches/bn254.rs
@ -7,8 +7,8 @@ use ark_bn254::{
 };
 use ark_ec::{PairingEngine, ProjectiveCurve};
 use ark_ff::{
    biginteger::{BigInteger256 as FrRepr, BigInteger256 as FqRepr},
    BigInteger, Field, PrimeField, SquareRootField, UniformRand,
    biginteger::BigInteger256 as FrRepr, BigInteger, Field, PrimeField, SquareRootField,
    UniformRand,
 };
 mod g1 {
--- a/curve-benches/benches/ed_on_bls12_381.rs
+++ b/curve-benches/benches/ed_on_bls12_381.rs
@ -4,8 +4,8 @@ use ark_std::ops::{AddAssign, MulAssign, SubAssign};
 use ark_ec::ProjectiveCurve;
 use ark_ed_on_bls12_381::{fq::Fq, fr::Fr, EdwardsAffine as GAffine, EdwardsProjective as G};
 use ark_ff::{
    biginteger::{BigInteger256 as FrRepr, BigInteger256 as FqRepr},
    BigInteger, Field, PrimeField, SquareRootField, UniformRand,
    biginteger::BigInteger256 as FrRepr, BigInteger, Field, PrimeField, SquareRootField,
    UniformRand,
 };
 mod g {
--- a/curve-benches/benches/pallas.rs
+++ b/curve-benches/benches/pallas.rs
@ -3,8 +3,8 @@ use ark_std::ops::{AddAssign, MulAssign, SubAssign};
 use ark_ec::ProjectiveCurve;
 use ark_ff::{
    biginteger::{BigInteger256 as FrRepr, BigInteger256 as FqRepr},
    BigInteger, Field, PrimeField, SquareRootField, UniformRand,
    biginteger::BigInteger256 as FrRepr, BigInteger, Field, PrimeField, SquareRootField,
    UniformRand,
 };
 use ark_pallas::{fq::Fq, fr::Fr, Affine as GAffine, Projective as G};
--- a/curve-benches/benches/vesta.rs
+++ b/curve-benches/benches/vesta.rs
@ -3,8 +3,8 @@ use ark_std::ops::{AddAssign, MulAssign, SubAssign};
 use ark_ec::ProjectiveCurve;
 use ark_ff::{
    biginteger::{BigInteger256 as FrRepr, BigInteger256 as FqRepr},
    BigInteger, Field, PrimeField, SquareRootField, UniformRand,
    biginteger::BigInteger256 as FrRepr, BigInteger, Field, PrimeField, SquareRootField,
    UniformRand,
 };
 use ark_vesta::{fq::Fq, fr::Fr, Affine as GAffine, Projective as G};
--- a/curve-benches/src/macros/ec.rs
+++ b/curve-benches/src/macros/ec.rs
@ -231,7 +231,7 @@ macro_rules! ec_bench {
            let g = <$projective>::rand(&mut rng).into_affine();
            let v: Vec<_> = (0..SAMPLES).map(|_| g).collect();
            let scalars: Vec<_> = (0..SAMPLES)
                .map(|_| Fr::rand(&mut rng).into_repr())
                .map(|_| Fr::rand(&mut rng).into_bigint())
                .collect();
            b.bench_n(1, |b| {
                b.iter(|| ark_ec::msm::VariableBase::msm(&v, &scalars));
--- a/curve-benches/src/macros/field.rs
+++ b/curve-benches/src/macros/field.rs
@ -343,7 +343,7 @@ macro_rules! prime_field {
            let mut count = 0;
            b.iter(|| {
                let mut tmp = v[count].0;
                n_fold!(tmp, v, add_nocarry, count);
                n_fold!(tmp, v, add_with_carry, count);
                count = (count + 1) % SAMPLES;
                tmp
            });
@ -369,7 +369,7 @@ macro_rules! prime_field {
            let mut count = 0;
            b.iter(|| {
                let mut tmp = v[count].0;
                n_fold!(tmp, v, sub_noborrow, count);
                n_fold!(tmp, v, sub_with_borrow, count);
                count = (count + 1) % SAMPLES;
                tmp;
            });
@ -432,7 +432,7 @@ macro_rules! prime_field {
            let mut count = 0;
            b.iter(|| {
                count = (count + 1) % SAMPLES;
                v[count].into_repr();
                v[count].into_bigint();
            });
        }
@ -442,7 +442,7 @@ macro_rules! prime_field {
            let mut rng = ark_std::test_rng();
            let v: Vec<$f_repr_type> = (0..SAMPLES)
                .map(|_| $f::rand(&mut rng).into_repr())
                .map(|_| $f::rand(&mut rng).into_bigint())
                .collect();
            let mut count = 0;
--- a/curve-constraint-tests/src/lib.rs
+++ b/curve-constraint-tests/src/lib.rs
@ -5,8 +5,7 @@ pub mod fields {
    use ark_ff::{BitIteratorLE, Field, UniformRand};
    use ark_r1cs_std::prelude::*;
    use ark_relations::r1cs::{ConstraintSystem, SynthesisError};
    use ark_std::test_rng;
    use ark_std::vec::Vec;
    use ark_std::{test_rng, vec::Vec};
    pub fn field_test<F, ConstraintF, AF>() -> Result<(), SynthesisError>
    where
@ -235,7 +234,7 @@ pub mod curves {
        short_weierstrass_jacobian::GroupProjective as SWProjective,
        twisted_edwards_extended::GroupProjective as TEProjective, ProjectiveCurve,
    };
    use ark_ff::{BitIteratorLE, Field, FpParameters, One, PrimeField};
    use ark_ff::{BitIteratorLE, Field, One, PrimeField};
    use ark_relations::r1cs::{ConstraintSystem, SynthesisError};
    use ark_std::{test_rng, vec::Vec, UniformRand};
@ -323,23 +322,22 @@ pub mod curves {
            }
            assert!(cs.is_satisfied().unwrap());
            let modulus = <C::ScalarField as PrimeField>::Params::MODULUS
                .as_ref()
                .to_vec();
            let modulus = <C::ScalarField as PrimeField>::MODULUS.as_ref().to_vec();
            let mut max = modulus.clone();
            for limb in &mut max {
                *limb = u64::MAX;
            }
            let modulus_last_limb_bits = <C::ScalarField as PrimeField>::Params::MODULUS_BITS % 64;
            let modulus_last_limb_bits = <C::ScalarField as PrimeField>::MODULUS_BIT_SIZE % 64;
            *max.last_mut().unwrap() >>= 64 - modulus_last_limb_bits;
            let scalars = [
                C::ScalarField::rand(&mut rng).into_repr().as_ref().to_vec(),
                vec![u64::rand(&mut rng)],
                (-C::ScalarField::one()).into_repr().as_ref().to_vec(),
                <C::ScalarField as PrimeField>::Params::MODULUS
                C::ScalarField::rand(&mut rng)
                    .into_bigint()
                    .as_ref()
                    .to_vec(),
                vec![u64::rand(&mut rng)],
                (-C::ScalarField::one()).into_bigint().as_ref().to_vec(),
                <C::ScalarField as PrimeField>::MODULUS.as_ref().to_vec(),
                max,
                vec![0; 50],
                vec![1000012341233u64; 36],
@ -585,13 +583,13 @@ pub mod pairing {
            };
            let (ans3_g, ans3_n) = {
                let s_iter = BitIteratorLE::without_trailing_zeros(s.into_repr())
                let s_iter = BitIteratorLE::without_trailing_zeros(s.into_bigint())
                    .map(Boolean::constant)
                    .collect::<Vec<_>>();
                let mut ans_g = P::pairing(a_prep_g, b_prep_g)?;
                let mut ans_n = E::pairing(a, b);
                ans_n = ans_n.pow(s.into_repr());
                ans_n = ans_n.pow(s.into_bigint());
                ans_g = ans_g.pow_le(&s_iter)?;
                (ans_g, ans_n)
--- a/ed_on_bls12_377/scripts/base_field.sage
+++ b/ed_on_bls12_377/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 8444461749428370424248824938781546531375899335154063827935233455917409239041
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 30):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_377/scripts/scalar_field.sage
+++ b/ed_on_bls12_377/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 2111115437357092606062206234695386632838870926408408195193685246394721360383
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 30):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_377/src/constraints/curves.rs
+++ b/ed_on_bls12_377/src/constraints/curves.rs
@ -1,7 +1,6 @@
 use crate::*;
 use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar;
 use crate::constraints::FqVar;
 use crate::{constraints::FqVar, *};
 /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`.
 pub type EdwardsVar = AffineVar<EdwardsParameters, FqVar>;
--- a/ed_on_bls12_377/src/constraints/fields.rs
+++ b/ed_on_bls12_377/src/constraints/fields.rs
@ -1,6 +1,7 @@
 use crate::fq::Fq;
 use ark_r1cs_std::fields::fp::FpVar;
 use crate::fq::Fq;
 /// A variable that is the R1CS equivalent of `crate::Fq`.
 pub type FqVar = FpVar<Fq>;
--- a/ed_on_bls12_377/src/curves/mod.rs
+++ b/ed_on_bls12_377/src/curves/mod.rs
@ -1,9 +1,10 @@
 use crate::{fq::Fq, fr::Fr};
 use ark_ec::{
    models::{ModelParameters, MontgomeryModelParameters, TEModelParameters},
    twisted_edwards_extended::{GroupAffine, GroupProjective},
 };
 use ark_ff::field_new;
 use ark_ff::MontFp;
 use crate::{fq::Fq, fr::Fr};
 #[cfg(test)]
 mod tests;
@ -23,18 +24,18 @@ impl ModelParameters for EdwardsParameters {
    /// COFACTOR_INV =
    /// 527778859339273151515551558673846658209717731602102048798421311598680340096
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "527778859339273151515551558673846658209717731602102048798421311598680340096");
    const COFACTOR_INV: Fr = MontFp!(
        Fr,
        "527778859339273151515551558673846658209717731602102048798421311598680340096"
    );
 }
 impl TEModelParameters for EdwardsParameters {
    /// COEFF_A = -1
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "-1");
    const COEFF_A: Fq = MontFp!(Fq, "-1");
    /// COEFF_D = 3021
    #[rustfmt::skip]
    const COEFF_D: Fq = field_new!(Fq, "3021");
    const COEFF_D: Fq = MontFp!(Fq, "3021");
    /// Generated randomly
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) = (GENERATOR_X, GENERATOR_Y);
@ -52,22 +53,31 @@ impl TEModelParameters for EdwardsParameters {
 impl MontgomeryModelParameters for EdwardsParameters {
    /// COEFF_A = 0x8D26E3FADA9010A26949031ECE3971B93952AD84D4753DDEDB748DA37E8F552
    ///         = 3990301581132929505568273333084066329187552697088022219156688740916631500114
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "3990301581132929505568273333084066329187552697088022219156688740916631500114");
    const COEFF_A: Fq = MontFp!(
        Fq,
        "3990301581132929505568273333084066329187552697088022219156688740916631500114"
    );
    /// COEFF_B = 0x9D8F71EEC83A44C3A1FBCEC6F5418E5C6154C2682B8AC231C5A3725C8170AAD
    ///         = 4454160168295440918680551605697480202188346638066041608778544715000777738925
    #[rustfmt::skip]
    const COEFF_B: Fq = field_new!(Fq, "4454160168295440918680551605697480202188346638066041608778544715000777738925");
    const COEFF_B: Fq = MontFp!(
        Fq,
        "4454160168295440918680551605697480202188346638066041608778544715000777738925"
    );
    type TEModelParameters = EdwardsParameters;
 }
 /// GENERATOR_X =
 /// 4497879464030519973909970603271755437257548612157028181994697785683032656389,
 #[rustfmt::skip]
 const GENERATOR_X: Fq = field_new!(Fq, "4497879464030519973909970603271755437257548612157028181994697785683032656389");
 const GENERATOR_X: Fq = MontFp!(
    Fq,
    "4497879464030519973909970603271755437257548612157028181994697785683032656389"
 );
 /// GENERATOR_Y =
 /// 4357141146396347889246900916607623952598927460421559113092863576544024487809
 #[rustfmt::skip]
 const GENERATOR_Y: Fq = field_new!(Fq, "4357141146396347889246900916607623952598927460421559113092863576544024487809");
 const GENERATOR_Y: Fq = MontFp!(
    Fq,
    "4357141146396347889246900916607623952598927460421559113092863576544024487809"
 );
--- a/ed_on_bls12_377/src/curves/tests.rs
+++ b/ed_on_bls12_377/src/curves/tests.rs
@ -1,11 +1,9 @@
 use ark_algebra_test_templates::{curves::*, groups::*};
 use ark_ec::{AffineCurve, ProjectiveCurve};
 use ark_std::rand::Rng;
 use ark_std::test_rng;
 use ark_std::{rand::Rng, test_rng};
 use crate::*;
 use ark_algebra_test_templates::{curves::*, groups::*};
 #[test]
 fn test_projective_curve() {
    curve_tests::<EdwardsProjective>();
--- a/ed_on_bls12_377/src/fields/fq.rs
+++ b/ed_on_bls12_377/src/fields/fq.rs
@ -1 +1 @@
 pub use ark_bls12_377::{Fr as Fq, FrParameters as FqParameters};
 pub use ark_bls12_377::{Fr as Fq, FrConfig as FqConfig};
--- a/ed_on_bls12_377/src/fields/fr.rs
+++ b/ed_on_bls12_377/src/fields/fr.rs
@ -1,83 +1,7 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger256 as BigInteger},
    fields::{FftParameters, Fp256, Fp256Parameters, FpParameters},
 };
 use ark_ff::fields::{Fp256, MontBackend, MontConfig};
 pub type Fr = Fp256<FrParameters>;
 pub struct FrParameters;
 impl Fp256Parameters for FrParameters {}
 impl FftParameters for FrParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 1;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        15170730761708361161u64,
        13670723686578117817u64,
        12803492266614043665u64,
        50861023252832611u64,
    ]);
 }
 impl FpParameters for FrParameters {
    /// MODULUS = 2111115437357092606062206234695386632838870926408408195193685246394721360383
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        13356249993388743167u64,
        5950279507993463550u64,
        10965441865914903552u64,
        336320092672043349u64,
    ]);
    const MODULUS_BITS: u32 = 251;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 5;
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        16632263305389933622u64,
        10726299895124897348u64,
        16608693673010411502u64,
        285459069419210737u64,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        3987543627614508126u64,
        17742427666091596403u64,
        14557327917022607905u64,
        322810149704226881u64,
    ]);
    const INV: u64 = 9659935179256617473u64;
    // 70865795004005329077606947863872807680085016823885970091001235374859923341923
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        11289572479685143826u64,
        11383637369941080925u64,
        2288212753973340071u64,
        82014976407880291u64,
    ]);
    #[rustfmt::skip]
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        6678124996694371583u64,
        2975139753996731775u64,
        14706092969812227584u64,
        168160046336021674u64,
    ]);
    const T: BigInteger = Self::MODULUS_MINUS_ONE_DIV_TWO;
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        0xae56bba6b0cff67f,
        0x14a4e8ebf10f22bf,
        0x660b44d1e5c37b00,
        0x12ab655e9a2ca55,
    ]);
 }
 #[derive(MontConfig)]
 #[modulus = "2111115437357092606062206234695386632838870926408408195193685246394721360383"]
 #[generator = "5"]
 pub struct FrConfig;
 pub type Fr = Fp256<MontBackend<FrConfig, 4>>;
--- a/ed_on_bls12_377/src/fields/mod.rs
+++ b/ed_on_bls12_377/src/fields/mod.rs
@ -4,5 +4,5 @@ pub mod fr;
 pub use fq::*;
 pub use fr::*;
 #[cfg(all(feature = "ed_on_bls12_377", test))]
 #[cfg(test)]
 mod tests;
--- a/ed_on_bls12_377/src/fields/tests.rs
+++ b/ed_on_bls12_377/src/fields/tests.rs
@ -1,24 +1,15 @@
 use ark_std::rand::Rng;
 use ark_std::test_rng;
 use crate::{Fq, Fr};
 use ark_algebra_test_templates::fields::*;
 #[test]
 fn test_fr() {
    let mut rng = test_rng();
    let a: Fr = rng.gen();
    let b: Fr = rng.gen();
    field_test(a, b);
    primefield_test::<Fr>();
 }
 #[test]
 fn test_fq() {
    let mut rng = test_rng();
    let a: Fq = rng.gen();
    let b: Fq = rng.gen();
    field_test(a, b);
    primefield_test::<Fq>();
 }
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use ark_ff::{
    fields::{Field, PrimeField, SquareRootField},
    One, UniformRand, Zero,
 };
 use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
 use ark_std::{rand::Rng, test_rng};
 use core::ops::{AddAssign, MulAssign, SubAssign};
 use crate::{Fq, FqConfig, Fr, FrConfig};
 generate_field_test!(ed_on_bls12_377; mont(4, 4); );
 generate_field_serialization_test!(ed_on_bls12_377;);
--- a/ed_on_bls12_377/src/lib.rs
+++ b/ed_on_bls12_377/src/lib.rs
@ -8,14 +8,16 @@
 )]
 #![forbid(unsafe_code)]
 //! This library implements a twisted Edwards curve whose base field is the scalar field of the
 //! curve BLS12-377.  This allows defining cryptographic primitives that use elliptic curves over
 //! the scalar field of the latter curve. This curve was generated as part of the paper
 //! [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962).
 //! This library implements a twisted Edwards curve whose base field is the
 //! scalar field of the curve BLS12-377.  This allows defining cryptographic
 //! primitives that use elliptic curves over the scalar field of the latter
 //! curve. This curve was generated as part of the paper [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962).
 //!
 //! Curve information:
 //! * Base field: q = 8444461749428370424248824938781546531375899335154063827935233455917409239041
 //! * Scalar field: r = 2111115437357092606062206234695386632838870926408408195193685246394721360383
 //! * Base field: q =
 //!   8444461749428370424248824938781546531375899335154063827935233455917409239041
 //! * Scalar field: r =
 //!   2111115437357092606062206234695386632838870926408408195193685246394721360383
 //! * Valuation(q - 1, 2) = 47
 //! * Valuation(r - 1, 2) = 1
 //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where
--- a/ed_on_bls12_381/scripts/base_field.sage
+++ b/ed_on_bls12_381/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_381/scripts/scalar_field.sage
+++ b/ed_on_bls12_381/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 6554484396890773809930967563523245729705921265872317281365359162392183254199
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_381/src/constraints/curves.rs
+++ b/ed_on_bls12_381/src/constraints/curves.rs
@ -1,7 +1,6 @@
 use crate::*;
 use ark_r1cs_std::groups::curves::{short_weierstrass::ProjectiveVar, twisted_edwards::AffineVar};
 use crate::constraints::FqVar;
 use crate::{constraints::FqVar, *};
 /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`.
 pub type EdwardsVar = AffineVar<JubjubParameters, FqVar>;
--- a/ed_on_bls12_381/src/curves/mod.rs
+++ b/ed_on_bls12_381/src/curves/mod.rs
@ -1,4 +1,3 @@
 use crate::{Fq, Fr};
 use ark_ec::{
    models::{ModelParameters, MontgomeryModelParameters, TEModelParameters},
    short_weierstrass_jacobian::{
@ -7,7 +6,9 @@ use ark_ec::{
    twisted_edwards_extended::{GroupAffine, GroupProjective},
    SWModelParameters,
 };
 use ark_ff::field_new;
 use ark_ff::MontFp;
 use crate::{Fq, Fr};
 #[cfg(test)]
 mod tests;
@ -64,18 +65,21 @@ impl ModelParameters for JubjubParameters {
    /// COFACTOR^(-1) mod r =
    /// 819310549611346726241370945440405716213240158234039660170669895299022906775
    #[rustfmt::skip]
    const COFACTOR_INV: Fr = field_new!(Fr, "819310549611346726241370945440405716213240158234039660170669895299022906775");
    const COFACTOR_INV: Fr = MontFp!(
        Fr,
        "819310549611346726241370945440405716213240158234039660170669895299022906775"
    );
 }
 impl TEModelParameters for JubjubParameters {
    /// COEFF_A = -1
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "-1");
    const COEFF_A: Fq = MontFp!(Fq, "-1");
    /// COEFF_D = (10240/10241) mod q
    #[rustfmt::skip]
    const COEFF_D: Fq = field_new!(Fq, "19257038036680949359750312669786877991949435402254120286184196891950884077233");
    const COEFF_D: Fq = MontFp!(
        Fq,
        "19257038036680949359750312669786877991949435402254120286184196891950884077233"
    );
    /// AFFINE_GENERATOR_COEFFS = (GENERATOR_X, GENERATOR_Y)
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) = (GENERATOR_X, GENERATOR_Y);
@ -91,28 +95,36 @@ impl TEModelParameters for JubjubParameters {
 impl MontgomeryModelParameters for JubjubParameters {
    /// COEFF_A = 40962
    #[rustfmt::skip]
    const COEFF_A: Fq = field_new!(Fq, "40962");
    const COEFF_A: Fq = MontFp!(Fq, "40962");
    /// COEFF_B = -40964
    #[rustfmt::skip]
    const COEFF_B: Fq = field_new!(Fq, "-40964");
    const COEFF_B: Fq = MontFp!(Fq, "-40964");
    type TEModelParameters = JubjubParameters;
 }
 #[rustfmt::skip]
 const GENERATOR_X: Fq = field_new!(Fq, "8076246640662884909881801758704306714034609987455869804520522091855516602923");
 #[rustfmt::skip]
 const GENERATOR_Y: Fq = field_new!(Fq, "13262374693698910701929044844600465831413122818447359594527400194675274060458");
 const GENERATOR_X: Fq = MontFp!(
    Fq,
    "8076246640662884909881801758704306714034609987455869804520522091855516602923"
 );
 const GENERATOR_Y: Fq = MontFp!(
    Fq,
    "13262374693698910701929044844600465831413122818447359594527400194675274060458"
 );
 impl SWModelParameters for JubjubParameters {
    /// COEFF_A = 52296097456646850916096512823759002727550416093741407922227928430486925478210
    #[rustfmt::skip]
    const COEFF_A: Self::BaseField = field_new!(Fq, "52296097456646850916096512823759002727550416093741407922227928430486925478210");
    const COEFF_A: Self::BaseField = MontFp!(
        Fq,
        "52296097456646850916096512823759002727550416093741407922227928430486925478210"
    );
    /// COEFF_B = 48351165704696163914533707656614864561753505123260775585269522553028192119009
    #[rustfmt::skip]
    const COEFF_B: Self::BaseField = field_new!(Fq, "48351165704696163914533707656614864561753505123260775585269522553028192119009");
    const COEFF_B: Self::BaseField = MontFp!(
        Fq,
        "48351165704696163914533707656614864561753505123260775585269522553028192119009"
    );
    /// generators
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
@ -120,8 +132,13 @@ impl SWModelParameters for JubjubParameters {
 }
 /// x coordinate for SW curve generator
 #[rustfmt::skip]
 const SW_GENERATOR_X: Fq = field_new!(Fq, "33835869156188682335217394949746694649676633840125476177319971163079011318731");
 const SW_GENERATOR_X: Fq = MontFp!(
    Fq,
    "33835869156188682335217394949746694649676633840125476177319971163079011318731"
 );
 /// y coordinate for SW curve generator
 #[rustfmt::skip]
 const SW_GENERATOR_Y: Fq = field_new!(Fq, "43777270878440091394432848052353307184915192688165709016756678962558652055320");
 const SW_GENERATOR_Y: Fq = MontFp!(
    Fq,
    "43777270878440091394432848052353307184915192688165709016756678962558652055320"
 );
--- a/ed_on_bls12_381/src/curves/tests.rs
+++ b/ed_on_bls12_381/src/curves/tests.rs
@ -1,11 +1,10 @@
 use ark_algebra_test_templates::{curves::*, groups::*};
 use ark_ec::{AffineCurve, ProjectiveCurve};
 use ark_ff::{bytes::FromBytes, Zero};
 use ark_std::{rand::Rng, str::FromStr, test_rng};
 use crate::*;
 use ark_algebra_test_templates::{curves::*, groups::*};
 #[test]
 fn test_projective_curve() {
    curve_tests::<EdwardsProjective>();
--- a/ed_on_bls12_381/src/fields/fq.rs
+++ b/ed_on_bls12_381/src/fields/fq.rs
@ -1 +1 @@
 pub use ark_bls12_381::{Fr as Fq, FrParameters as FqParameters};
 pub use ark_bls12_381::{Fr as Fq, FrConfig as FqConfig};
--- a/ed_on_bls12_381/src/fields/fr.rs
+++ b/ed_on_bls12_381/src/fields/fr.rs
@ -1,81 +1,7 @@
 use ark_ff::{
    biginteger::{BigInt, BigInteger256 as BigInteger},
    fields::{FftParameters, Fp256, Fp256Parameters, FpParameters},
 };
 use ark_ff::fields::{Fp256, MontBackend, MontConfig};
 pub type Fr = Fp256<FrParameters>;
 pub struct FrParameters;
 impl Fp256Parameters for FrParameters {}
 impl FftParameters for FrParameters {
    type BigInt = BigInteger;
    const TWO_ADICITY: u32 = 1;
    #[rustfmt::skip]
    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
        0xaa9f02ab1d6124de,
        0xb3524a6466112932,
        0x7342261215ac260b,
        0x4d6b87b1da259e2,
    ]);
 }
 impl FpParameters for FrParameters {
    /// MODULUS = 6554484396890773809930967563523245729705921265872317281365359162392183254199.
    #[rustfmt::skip]
    const MODULUS: BigInteger = BigInt::new([
        0xd0970e5ed6f72cb7,
        0xa6682093ccc81082,
        0x6673b0101343b00,
        0xe7db4ea6533afa9,
    ]);
    const MODULUS_BITS: u32 = 252;
    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
    const REPR_SHAVE_BITS: u32 = 4;
    #[rustfmt::skip]
    const R: BigInteger = BigInt::new([
        0x25f80bb3b99607d9,
        0xf315d62f66b6e750,
        0x932514eeeb8814f4,
        0x9a6fc6f479155c6,
    ]);
    #[rustfmt::skip]
    const R2: BigInteger = BigInt::new([
        0x67719aa495e57731,
        0x51b0cef09ce3fc26,
        0x69dab7fac026e9a5,
        0x4f6547b8d127688,
    ]);
    const INV: u64 = 0x1ba3a358ef788ef9;
    #[rustfmt::skip]
    const GENERATOR: BigInteger = BigInt::new([
        0x720b1b19d49ea8f1,
        0xbf4aa36101f13a58,
        0x5fa8cc968193ccbb,
        0xe70cbdc7dccf3ac,
    ]);
    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        7515249040934278747,
        5995434913520945217,
        9454073218019761536,
        522094803716528084,
    ]);
    const T: BigInteger = Self::MODULUS_MINUS_ONE_DIV_TWO;
    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
        12980996557321915181,
        2997717456760472608,
        4727036609009880768,
        261047401858264042,
    ]);
 }
 #[derive(MontConfig)]
 #[modulus = "6554484396890773809930967563523245729705921265872317281365359162392183254199"]
 #[generator = "6"]
 pub struct FrConfig;
 pub type Fr = Fp256<MontBackend<FrConfig, 4>>;
--- a/ed_on_bls12_381/src/fields/mod.rs
+++ b/ed_on_bls12_381/src/fields/mod.rs
@ -4,5 +4,5 @@ pub mod fr;
 pub use fq::*;
 pub use fr::*;
 #[cfg(all(feature = "ed_on_bls12_381", test))]
 #[cfg(test)]
 mod tests;
--- a/ed_on_bls12_381/src/fields/tests.rs
+++ b/ed_on_bls12_381/src/fields/tests.rs
@ -1,33 +1,20 @@
 use crate::{Fq, Fr};
 use ark_algebra_test_templates::{
    fields::*, generate_field_serialization_test, generate_field_test,
 };
 use ark_ff::{
    biginteger::BigInteger256 as BigInteger,
    bytes::{FromBytes, ToBytes},
    fields::{Field, LegendreSymbol::*, SquareRootField},
    One, Zero,
    fields::{Field, LegendreSymbol::*, PrimeField, SquareRootField},
    One, UniformRand, Zero,
 };
 use ark_std::test_rng;
 use ark_algebra_test_templates::fields::*;
 use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
 use ark_std::{rand::Rng, str::FromStr, test_rng};
 use core::ops::{AddAssign, MulAssign, SubAssign};
 use ark_std::{rand::Rng, str::FromStr};
 #[test]
 fn test_fr() {
    let mut rng = test_rng();
    let a: Fr = rng.gen();
    let b: Fr = rng.gen();
    field_test(a, b);
    primefield_test::<Fr>();
 }
 use crate::{Fq, FqConfig, Fr, FrConfig};
 #[test]
 fn test_fq() {
    let mut rng = test_rng();
    let a: Fq = rng.gen();
    let b: Fq = rng.gen();
    field_test(a, b);
    primefield_test::<Fq>();
 }
 generate_field_test!(ed_on_bls12_381; mont(4, 4); );
 generate_field_serialization_test!(ed_on_bls12_381;);
 #[test]
 fn test_fq_add() {
@ -148,22 +135,6 @@ fn test_fq_sub() {
    assert_eq!(f1 - &f2, f3);
 }
 #[test]
 fn test_fq_double_in_place() {
    let mut f1 = Fq::from_str(
        "29729289787452206300641229002276778748586801323231253291984198106063944136114",
    )
    .unwrap();
    let f3 = Fq::from_str(
        "7022704399778222121834717496367591659483050145934868761364737512189307087715",
    )
    .unwrap();
    assert!(!f1.is_zero());
    assert!(!f3.is_zero());
    f1.double_in_place();
    assert_eq!(f1, f3);
 }
 #[test]
 fn test_fq_double_in_place_thrice() {
    let mut f1 = Fq::from_str(
@ -280,22 +251,9 @@ fn test_fq_square_in_place() {
    assert_eq!(f1, f3);
 }
 #[test]
 fn test_fq_sqrt() {
    let f1 = Fq::from_str(
        "10875927553327821418567659853801220899541454800710193788767706167237535308235",
    )
    .unwrap();
    let f3 = Fq::from_str(
        "10816221372957505053219354782681292880545918527618367765651802809826238616708",
    )
    .unwrap();
    assert_eq!(f1.sqrt().unwrap(), f3);
 }
 #[test]
 fn test_fq_from_str() {
    let f1_from_repr = Fq::from(BigInteger([
    let f1_from_repr = Fq::from(BigInteger::new([
        0xab8a2535947d1a77,
        0x9ba74cbfda0bbcda,
        0xe928b59724d60baf,
@ -305,7 +263,7 @@ fn test_fq_from_str() {
        "13026376210409056429264774981357153555336288129100724591327877625017068755575",
    )
    .unwrap();
    let f2_from_repr = Fq::from(BigInteger([
    let f2_from_repr = Fq::from(BigInteger::new([
        0x97e9103775d2f35c,
        0xbe6756b6c587544b,
        0x6ee38c3afd88ef4b,
@ -324,14 +282,14 @@ fn test_fq_legendre() {
    assert_eq!(QuadraticResidue, Fq::one().legendre());
    assert_eq!(Zero, Fq::zero().legendre());
    let e = BigInteger([
    let e = BigInteger::new([
        0x0dbc5349cd5664da,
        0x8ac5b6296e3ae29d,
        0x127cb819feceaa3b,
        0x3a6b21fb03867191,
    ]);
    assert_eq!(QuadraticResidue, Fq::from(e).legendre());
    let e = BigInteger([
    let e = BigInteger::new([
        0x96341aefd047c045,
        0x9b5f4254500a4d65,
        0x1ee08223b68ac240,
@ -342,7 +300,7 @@ fn test_fq_legendre() {
 #[test]
 fn test_fq_bytes() {
    let f1_from_repr = Fq::from(BigInteger([
    let f1_from_repr = Fq::from(BigInteger::new([
        0xab8a2535947d1a77,
        0x9ba74cbfda0bbcda,
        0xe928b59724d60baf,
@ -358,19 +316,19 @@ fn test_fq_bytes() {
 #[test]
 fn test_fr_add() {
    let f1 = Fr::from(BigInteger([
    let f1 = Fr::from(BigInteger::new([
        0xc81265fb4130fe0c,
        0xb308836c14e22279,
        0x699e887f96bff372,
        0x84ecc7e76c11ad,
    ]));
    let f2 = Fr::from(BigInteger([
    let f2 = Fr::from(BigInteger::new([
        0x71875719b422efb8,
        0x43658e68a93612,
        0x9fa756be2011e833,
        0xaa2b2cb08dac497,
    ]));
    let f3 = Fr::from(BigInteger([
    let f3 = Fr::from(BigInteger::new([
        0x3999bd14f553edc4,
        0xb34be8fa7d8b588c,
        0x945df3db6d1dba5,
@ -381,19 +339,19 @@ fn test_fr_add() {
 #[test]
 fn test_fr_mul() {
    let f1 = Fr::from(BigInteger([
    let f1 = Fr::from(BigInteger::new([
        0xc81265fb4130fe0c,
        0xb308836c14e22279,
        0x699e887f96bff372,
        0x84ecc7e76c11ad,
    ]));
    let f2 = Fr::from(BigInteger([
    let f2 = Fr::from(BigInteger::new([
        0x71875719b422efb8,
        0x43658e68a93612,
        0x9fa756be2011e833,
        0xaa2b2cb08dac497,
    ]));
    let f3 = Fr::from(BigInteger([
    let f3 = Fr::from(BigInteger::new([
        0x6d6618ac6b4a8381,
        0x5b9eb35d711ee1da,
        0xce83310e6ac4105d,
@ -404,7 +362,7 @@ fn test_fr_mul() {
 #[test]
 fn test_fr_bytes() {
    let f1_from_repr = Fr::from(BigInteger([
    let f1_from_repr = Fr::from(BigInteger::new([
        0xc81265fb4130fe0c,
        0xb308836c14e22279,
        0x699e887f96bff372,
@ -420,7 +378,7 @@ fn test_fr_bytes() {
 #[test]
 fn test_fr_from_str() {
    let f100_from_repr = Fr::from(BigInteger([0x64, 0, 0, 0]));
    let f100_from_repr = Fr::from(BigInteger::new([0x64, 0, 0, 0]));
    let f100 = Fr::from_str("100").unwrap();
    assert_eq!(f100_from_repr, f100);
 }
--- a/ed_on_bls12_381_bandersnatch/Cargo.toml
+++ b/ed_on_bls12_381_bandersnatch/Cargo.toml
@ -25,10 +25,10 @@ ark-curve-constraint-tests = { path = "../curve-constraint-tests", default-featu
 [features]
 default = []
 std = [ 
    "ark-std/std", 
    "ark-ff/std", 
    "ark-ec/std", 
    "ark-bls12-381/std" 
 std = [
    "ark-std/std",
    "ark-ff/std",
    "ark-ec/std",
    "ark-bls12-381/std"
 ]
 r1cs = ["ark-r1cs-std"]
--- a/ed_on_bls12_381_bandersnatch/scripts/base_field.sage
+++ b/ed_on_bls12_381_bandersnatch/scripts/base_field.sage
@ -0,0 +1,28 @@
 modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_381_bandersnatch/scripts/scalar_field.sage
+++ b/ed_on_bls12_381_bandersnatch/scripts/scalar_field.sage
@ -0,0 +1,28 @@
 modulus = 13108968793781547619861935127046491459309155893440570251786403306729687672801
 assert(modulus.is_prime())
 Fp = GF(modulus)
 generator = Fp(0);
 for i in range(0, 20):
    i = Fp(i);
    neg_i = Fp(-i)
    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
        continue
    elif i.is_primitive_root():
        assert(i.is_primitive_root());
        print("Generator: %d" % i)
        generator = i
        break
    else:
        assert(neg_i.is_primitive_root());
        print("Generator: %d" % neg_i)
        generator = neg_i
        break
 two_adicity = valuation(modulus - 1, 2);
 trace = (modulus - 1) / 2**two_adicity;
 two_adic_root_of_unity = generator^trace
 print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_381_bandersnatch/src/constraints/curves.rs
+++ b/ed_on_bls12_381_bandersnatch/src/constraints/curves.rs
@ -1,6 +1,7 @@
 use crate::{constraints::FqVar, *};
 use ark_r1cs_std::groups::curves::{short_weierstrass::ProjectiveVar, twisted_edwards::AffineVar};
 use crate::{constraints::FqVar, *};
 /// A variable that is the R1CS equivalent of `crate::BandersnatchParameters`.
 pub type EdwardsVar = AffineVar<BandersnatchParameters, FqVar>;