* Add MultiScalar recoding from "Efficient and Secure Algorithms for GLV-Based Scalar Multiplication" by Faz et al
* precompute cube root of unity - Add VM precomputation of Fp - workaround upstream bug https://github.com/nim-lang/Nim/issues/14585
* Add the φ-accelerated lookup table builder
* Add a dedicated bithacks file
* cosmetic import consistency
* Build the φ precompute table with n-1 EC additions instead of 2^(n-1) additions
* remove binary
* Add the GLV precomputations to the sage scripts
* You can't avoid it, bigint multiplication is needed at one point
* Add bigint multiplication discarding some low words
* Implement the lattice decomposition in sage
* Proper decomposition for BN254
* Prepare the code for a new scalar mul
* We compile, and now debugging hunt
* More helpers to debug GLV scalar Mul
* Fix conditional negation
* Endomorphism accelerated scalar mul working for BN254 curve
* Implement endomorphism acceleration for BLS12-381 (needed cofactor clearing of the point)
* fix nimble test script after bench rename
* Add sage script for BN254
* Implement (failing) scalar multiplication tests
* Add a first test against sagemath
* Finish the tests against SAGE for BN254
* Add significant test coverage of scalar multiplication with reference checks for BN254_Snarks and BLS12_381
* Mention that the inverse of 0 is 0 (TODO tests)
* Introduce "Higher-Kinded tower extensions"
* rename isCOmplexExtension -> fromComplexExtension
* update benchmarks with the new tower scheme
* Try to recover some speed on mul/squaring for an optimal tower (but this was not it)
* Elliptic curve and Twisted curve templates - initial commit
* Support EC Add on G2 (Sextic Twisted curve for BN and BLS12 families)
* Refactor the config parser to prepare for elliptic coefficient support
* Add elliptic curve parameter for BN254 (Snarks), BLS12-381 and Zexe curve BLS12-377
* Add accessors to curve parameters
* Allow computing the right-hand-side of of Weierstrass equation "y² = x³ + a x + b"
* Randomized test infrastructure for elliptic curves
* Start a testing suite on ellptic curve addition (failing)
* detail projective addition
* Fix EC addition test (forgot initializing Z=1 and that there ar emultiple infinity points)
* Test with random Z coordinate + add elliptic curve test to test suite
* fix reference to the (deactivated) addchain inversion for BN curves [skip ci]
* .nims file leftover [skip ci]
* Allow tagging BarretoNaehrig family
* Refactor the constant generation and fix XDeclaredButNotUsed
* BN field inversion via addition chain (but slower than generic :/ so deactivated)
* Lay out the refactoring objectives and tradeoffs
* Refactor the 32 and 64-bit primitives [skip ci]
* BigInts and Modular BigInts compile
* Make the bigints test compile
* Fix modular reduction
* Fix reduction tests vs GMP
* Implement montegomery mul, pow, inverse, WIP finite field compilation
* Make FiniteField compile
* Fix exponentiation compilation
* Fix Montgomery magic constant computation for 2^64 words
* Fix typo in non-optimized CIOS - passing finite fields IO tests
* Add limbs comparisons [skip ci]
* Fix on precomputation of the Montgomery magic constant
* Passing all tests including 𝔽p2
* modular addition, the test for mersenne prime was wrong
* update benches
* Fix "nimble test" + typo on out-of-place field addition
* bigint division, normalization is needed: https://travis-ci.com/github/mratsim/constantine/jobs/298359743
* missing conversion in subborrow non-x86 fallback - https://travis-ci.com/github/mratsim/constantine/jobs/298359744
* Fix little-endian serialization
* Constantine32 flag to run 32-bit constantine on 64-bit machines
* IO Field test, ensure that BaseType is used instead of uint64 when the prime can field in uint32
* Implement proper addcarry and subborrow fallback for the compile-time VM
* Fix export issue when the logical wordbitwidth == physical wordbitwidth - passes all tests (32-bit and 64-bit)
* Fix uint128 on ARM
* Fix C++ conditional copy and ARM addcarry/subborrow
* Add investigation for SIGFPE in Travis
* Fix debug display for unsafeDiv2n1n
* multiplexer typo
* moveMem bug in glibc of Ubuntu 16.04?
* Was probably missing an early clobbered register annotation on conditional mov
* Note on Montgomery-friendly moduli
* Strongly suspect a GCC before GCC 7 codegen bug (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87139)
* hex conversion was (for debugging) not taking requested order into account + inlining comment
* Use 32-bit limbs on ARM64, uint128 builtin __udivti4 bug?
* Revert "Use 32-bit limbs on ARM64, uint128 builtin __udivti4 bug?"
This reverts commit 087f9aa7fb40bbd058d05cbd8eec7fc082911f49.
* Fix subborrow fallback for non-x86 (need to maks the borrow)
* reorg the codebase + add/update READMEs in folders with research
* fix readme
* update pairing implementation papers
* Seperate hash-to-curve in its own folder, distinguish between norms, research and presentations
* Better markdown line breaks
* Add in-depth analysis of towers of extension fields for BN curve
* Fix Colm Ó hÉigeartaigh name and add Hash-to-Curve reference
- Fix montyMagic, modular inversion mode 2^2k was missing an iteration
- Fix test for buffer size in BigInt serialization
- Add UINT/Hex serialization for finite fields
- Montgomery conversion and redc
Mamy Ratsimbazafy