status-im/EIPs
2
0
Fork 0
mirror of https://github.com/status-im/EIPs.git synced 2025-01-27 07:05:47 +00:00
Code Issues Projects Releases Wiki Activity

Trying to explain why a generator appears

Browse Source
This commit is contained in:
Yoichi Hirai 2017-12-04 21:53:01 +01:00 committed by GitHub
parent f61b4665fb
commit 231cba1730
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
EIPS/eip-197.md
View File

@ -34,7 +34,7 @@ Address: 0x8
For a cyclic group `G` (written additively) of prime order `q` let `log_P: G -> F_q` be the discrete logarithm on this group with respect to a generator `P`, i.e. `log_P(x)` is the smallest non-negative integer `n` such that `n * P = x`.
The precompiled contract is defined as follows, where the two groups `G_1` and `G_2` and their generators `P_1` and `P_2` are defined below. Both generators have the same prime order `q` and the actual choice of the generators does not matter, as long as they have order `q`.
The precompiled contract is defined as follows, where the two groups `G_1` and `G_2` are defined by their generators `P_1` and `P_2` below. Both generators have the same prime order `q`.
```
Input: (a1, b1, a2, b2, ..., ak, bk) from (G_1 x G_2)^k
@ -68,7 +68,7 @@ P2 = (
)
```
Note that `G_2` is the only group of order `q` of that elliptic curve over the field `F_p^2`.
Note that `G_2` is the only group of order `q` of that elliptic curve over the field `F_p^2`. Any other generator of order `q` instead of `P2` would define the same `G_2`. However, a skeptical reader can compare `q * P2` and `P2` to check the existence of a group of order `q` on `G_2`.
### Encoding