complete the function to create twisted curves with cofactor and endo

o1-labs · Dec 10, 2024 · df65376 · df65376
1 parent 0cc506e
commit df65376
Showing 1 changed file with 21 additions and 1 deletion.
diff --git a/crypto/elliptic-curve.ts b/crypto/elliptic-curve.ts
@@ -734,6 +734,12 @@ type TwistedCurveParams = {
    * Scalar field modulus = group order
    */
   order: bigint;
+  /**
+   * Cofactor = size of EC / order
+   *
+   * This can be left undefined if the cofactor is 1.
+   */
+  cofactor?: bigint;
   /**
    * Generator point
    */
@@ -746,6 +752,8 @@ type TwistedCurveParams = {
    * The `d` parameter in the curve equation ax^2 + y^2 = 1 + dx^2y^2
    */
   d: bigint;
+  endoBase?: bigint;
+  endoScalar?: bigint;
 };
 
 function twistedOnCurve(
@@ -973,13 +981,17 @@ function createCurveTwisted({
   name,
   modulus: p,
   order,
+  cofactor,
   generator,
   a,
   d,
 }: TwistedCurveParams) {
+  let hasCofactor = cofactor !== undefined && cofactor !== 1n;
+
   const Field = createField(p);
   const Scalar = createField(order);
   const one = { ...generator, infinity: false };
+  const Endo = undefined; // for Ed25519
 
   assert(a !== 0n, 'a must not be zero');
   assert(d !== 0n, 'd must not be zero');
@@ -999,11 +1011,19 @@ function createCurveTwisted({
     modulus: p,
     order,
     a,
-    b,
+    d,
+    cofactor,
+    hasCofactor,
 
     zero: twistedZero,
     one,
 
+    hasEndomorphism: Endo !== undefined,
+    get Endo() {
+      if (Endo === undefined) throw Error(`no endomorphism defined on ${name}`);
+      return Endo;
+    },
+
     from(g: { x: bigint; y: bigint }): GroupTwisted {
       if (g.x === 0n && g.y === 1n) return twistedZero;
       return { ...g, infinity: false };