arnaucube/gnark-plonky2-verifier
1
0
Fork 0
mirror of https://github.com/arnaucube/gnark-plonky2-verifier.git synced 2026-01-12 09:01:32 +01:00
Code Issues Projects Releases Wiki Activity

remove check that they say is unnecessary

Browse Source
This commit is contained in:
Jacob Jackson
2022-10-05 22:08:11 +00:00
parent ad21fd775f
commit d61e54c60e
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
edwards_curve/eddsa25519.go
View File

@@ -56,16 +56,16 @@ func bits_to_scalar(c *EdCurve, s []frontend.Variable) EdCoordinate {
// } // }
func bits_to_element(c *EdCurve, input []frontend.Variable) EdPoint { func bits_to_element(c *EdCurve, input []frontend.Variable) EdPoint {
L := emulated.NewElement[Ed25519Scalars](rEd25519) // L := emulated.NewElement[Ed25519Scalars](rEd25519)
unchecked_point := decodepoint(c, input) unchecked_point := decodepoint(c, input)
// TODO: https://github.com/warner/python-pure25519 says this check is not necessary: // // TODO: https://github.com/warner/python-pure25519 says this check is not necessary:
// // //
// > This library is conservative, and performs full subgroup-membership checks on decoded // // > This library is conservative, and performs full subgroup-membership checks on decoded
// > points, which adds considerable overhead. The Curve25519/Ed25519 algorithms were // // > points, which adds considerable overhead. The Curve25519/Ed25519 algorithms were
// > designed to not require these checks, so a careful application might be able to // // > designed to not require these checks, so a careful application might be able to
// > improve on this slightly (Ed25519 verify down to 6.2ms, DH-finish to 3.2ms). // // > improve on this slightly (Ed25519 verify down to 6.2ms, DH-finish to 3.2ms).
c.AssertIsZero(c.ScalarMul(unchecked_point, L)) // c.AssertIsZero(c.ScalarMul(unchecked_point, L))
return unchecked_point return unchecked_point
} }