Remove all bigint ** pow operators to improve compact w bad parsers.

paulmillr · Sep 11, 2022 · 75c244b · 75c244b
1 parent c70332a
commit 75c244b
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -368,7 +368,7 @@ Benchmarks measured with Apple M2 on MacOS 12 with node.js 18.8.
     getSharedSecret (precomputed) x 7,357 ops/sec @ 135μs/op
     Point.fromHex (decompression) x 13,725 ops/sec @ 72μs/op
     schnorr.sign x 770 ops/sec @ 1ms/op
-    schnorr.verify x 1,063 ops/sec @ 940μs/op
+    schnorr.verify x 1,093 ops/sec @ 914μs/op
 
 Compare to other libraries on M1 (`openssl` uses native bindings, not JS):
 

diff --git a/index.ts b/index.ts
@@ -18,7 +18,7 @@ const CURVE = Object.freeze({
   a: _0n,
   b: BigInt(7),
   // Field over which we'll do calculations. Verify with:
-  //   console.log(CURVE.P === (2n**256n - 2n**32n - 977n))
+  //   console.log(CURVE.P === (2n**256n - 2n**32n - 2n**9n - 2n**8n-2n**7n-2n**6n-2n**4n - 1n))
   P: BigInt('0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f'),
   // Curve order, total count of valid points in the field. Verify with:
   //   console.log(CURVE.n === (2n**256n - 432420386565659656852420866394968145599n))
@@ -112,8 +112,8 @@ class JacobianPoint {
     if (!(other instanceof JacobianPoint)) throw new TypeError('JacobianPoint expected');
     const { x: X1, y: Y1, z: Z1 } = this;
     const { x: X2, y: Y2, z: Z2 } = other;
-    const Z1Z1 = mod(Z1 ** _2n);
-    const Z2Z2 = mod(Z2 ** _2n);
+    const Z1Z1 = mod(Z1 * Z1);
+    const Z2Z2 = mod(Z2 * Z2);
     const U1 = mod(X1 * Z2Z2);
     const U2 = mod(X2 * Z1Z1);
     const S1 = mod(mod(Y1 * Z2) * Z2Z2);
@@ -134,12 +134,13 @@ class JacobianPoint {
   // Cost: 2M + 5S + 6add + 3*2 + 1*3 + 1*8.
   double(): JacobianPoint {
     const { x: X1, y: Y1, z: Z1 } = this;
-    const A = mod(X1 ** _2n);
-    const B = mod(Y1 ** _2n);
-    const C = mod(B ** _2n);
-    const D = mod(_2n * (mod((X1 + B) ** _2n) - A - C));
+    const A = mod(X1 * X1);
+    const B = mod(Y1 * Y1);
+    const C = mod(B * B);
+    const x1b = (X1 + B);
+    const D = mod(_2n * (mod(x1b * x1b) - A - C));
     const E = mod(_3n * A);
-    const F = mod(E ** _2n);
+    const F = mod(E * E);
     const X3 = mod(F - _2n * D);
     const Y3 = mod(E * (D - X3) - _8n * C);
     const Z3 = mod(_2n * Y1 * Z1);
@@ -158,8 +159,8 @@ class JacobianPoint {
     if (X2 === _0n || Y2 === _0n) return this;
     if (X1 === _0n || Y1 === _0n) return other;
     // We're using same code in equals()
-    const Z1Z1 = mod(Z1 ** _2n);
-    const Z2Z2 = mod(Z2 ** _2n);
+    const Z1Z1 = mod(Z1 * Z1);
+    const Z2Z2 = mod(Z2 * Z2);
     const U1 = mod(X1 * Z2Z2);
     const U2 = mod(X2 * Z1Z1);
     const S1 = mod(mod(Y1 * Z2) * Z2Z2);
@@ -174,10 +175,10 @@ class JacobianPoint {
         return JacobianPoint.ZERO;
       }
     }
-    const HH = mod(H ** _2n);
+    const HH = mod(H * H);
     const HHH = mod(H * HH);
     const V = mod(U1 * HH);
-    const X3 = mod(r ** _2n - HHH - _2n * V);
+    const X3 = mod(r * r - HHH - _2n * V);
     const Y3 = mod(r * (V - X3) - S1 * HHH);
     const Z3 = mod(Z1 * Z2 * H);
     return new JacobianPoint(X3, Y3, Z3);