From 9e0719e6bebd46294f2379854caff3144a6d7875 Mon Sep 17 00:00:00 2001
From: Hamish Ivey-Law <426294+unzvfu@users.noreply.github.com>
Date: Tue, 1 Aug 2023 20:58:32 +1000
Subject: [PATCH] Better document constraints on addcy carries (#1139)

* Add missing constraints on addcy carries.

* Remove bit-checks; make documentation clearer.
---
 evm/src/arithmetic/addcy.rs | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/evm/src/arithmetic/addcy.rs b/evm/src/arithmetic/addcy.rs
index 40b7e093..3366e432 100644
--- a/evm/src/arithmetic/addcy.rs
+++ b/evm/src/arithmetic/addcy.rs
@@ -68,13 +68,14 @@ const GOLDILOCKS_INVERSE_65536: u64 = 18446462594437939201;
 
 /// Constrains x + y == z + cy*2^256, assuming filter != 0.
 ///
-/// NB: This function DOES NOT verify that cy is 0 or 1; the caller
-/// must do that.
-///
 /// Set `is_two_row_op=true` to allow the code to be called from the
 /// two-row `modular` code (for checking that the modular output is
 /// reduced).
 ///
+/// NB: This function ONLY verifies that cy is 0 or 1 when
+/// is_two_row_op=false; when is_two_row_op=true the caller must
+/// verify for itself.
+///
 /// Note that the digits of `x + y` are in `[0, 2*(2^16-1)]`
 /// (i.e. they are the sums of two 16-bit numbers), whereas the digits
 /// of `z` can only be in `[0, 2^16-1]`. In the function we check that: