github.com/ledgerwatch/erigon-lib@v1.0.0/pedersen_hash/elliptic_curve.h

github.com/ledgerwatch/erigon-lib@v1.0.0/pedersen_hash/elliptic_curve.h (about)

     1  #ifndef STARKWARE_ALGEBRA_ELLIPTIC_CURVE_H_
     2  #define STARKWARE_ALGEBRA_ELLIPTIC_CURVE_H_
     3  
     4  #include <cstddef>
     5  #include <optional>
     6  #include <utility>
     7  #include <vector>
     8  
     9  #include "gsl-lite.hpp"
    10  
    11  #include "big_int.h"
    12  
    13  namespace starkware {
    14  
    15  using std::size_t;
    16  
    17  /*
    18    Represents a point on an elliptic curve of the form: y^2 = x^3 + alpha*x + beta.
    19  */
    20  template <typename FieldElementT>
    21  class EcPoint {
    22   public:
    23    constexpr EcPoint(const FieldElementT& x, const FieldElementT& y) : x(x), y(y) {}
    24  
    25    bool operator==(const EcPoint& rhs) const { return x == rhs.x && y == rhs.y; }
    26    bool operator!=(const EcPoint& rhs) const { return !(*this == rhs); }
    27  
    28    /*
    29      Computes the point added to itself.
    30    */
    31    EcPoint Double(const FieldElementT& alpha) const;
    32  
    33    /*
    34      Returns the sum of two points. The added point must be different than both the original point
    35      and its negation.
    36    */
    37    EcPoint operator+(const EcPoint& rhs) const;
    38    EcPoint operator-() const { return EcPoint(x, -y); }
    39    EcPoint operator-(const EcPoint& rhs) const { return (*this) + (-rhs); }
    40  
    41    /*
    42      Returns a random point on the curve: y^2 = x^3 + alpha*x + beta.
    43    */
    44    static EcPoint Random(const FieldElementT& alpha, const FieldElementT& beta, Prng* prng);
    45  
    46    /*
    47      Returns one of the two points with the given x coordinate or nullopt if there is no such point.
    48    */
    49    static std::optional<EcPoint> GetPointFromX(
    50        const FieldElementT& x, const FieldElementT& alpha, const FieldElementT& beta);
    51  
    52    template <typename OtherFieldElementT>
    53    EcPoint<OtherFieldElementT> ConvertTo() const;
    54  
    55    /*
    56      Given the bool vector representing a scalar, and the alpha of the elliptic curve
    57      "y^2 = x^3 + alpha * x + beta" the point is on, returns scalar*point.
    58    */
    59    template <size_t N>
    60    EcPoint<FieldElementT> MultiplyByScalar(
    61        const BigInt<N>& scalar, const FieldElementT& alpha) const;
    62  
    63    FieldElementT x;
    64    FieldElementT y;
    65  
    66   private:
    67    /*
    68      Returns the sum of this point with a point in the form of std::optional, where std::nullopt
    69      represents the curve's zero element.
    70    */
    71    std::optional<EcPoint<FieldElementT>> AddOptionalPoint(
    72        const std::optional<EcPoint<FieldElementT>>& point, const FieldElementT& alpha) const;
    73  };
    74  
    75  }  // namespace starkware
    76  
    77  #include "elliptic_curve.inl"
    78  
    79  #endif  // STARKWARE_ALGEBRA_ELLIPTIC_CURVE_H_