mirror of https://github.com/status-im/EIPs.git
Trying to explain why a generator appears
This commit is contained in:
Yoichi Hirai
GitHub
parent
f61b4665fb
commit
231cba1730
|
|
@ -34,7 +34,7 @@ Address: 0x8
|
||||||
|
|
||||||
For a cyclic group `G` (written additively) of prime order `q` let `log_P: G -> F_q` be the discrete logarithm on this group with respect to a generator `P`, i.e. `log_P(x)` is the smallest non-negative integer `n` such that `n * P = x`.
|
For a cyclic group `G` (written additively) of prime order `q` let `log_P: G -> F_q` be the discrete logarithm on this group with respect to a generator `P`, i.e. `log_P(x)` is the smallest non-negative integer `n` such that `n * P = x`.
|
||||||
|
|
||||||
The precompiled contract is defined as follows, where the two groups `G_1` and `G_2` and their generators `P_1` and `P_2` are defined below. Both generators have the same prime order `q` and the actual choice of the generators does not matter, as long as they have order `q`.
|
The precompiled contract is defined as follows, where the two groups `G_1` and `G_2` are defined by their generators `P_1` and `P_2` below. Both generators have the same prime order `q`.
|
||||||
|
|
||||||
```
|
```
|
||||||
Input: (a1, b1, a2, b2, ..., ak, bk) from (G_1 x G_2)^k
|
Input: (a1, b1, a2, b2, ..., ak, bk) from (G_1 x G_2)^k
|
||||||
|
|
@ -68,7 +68,7 @@ P2 = (
|
||||||
)
|
)
|
||||||
```
|
```
|
||||||
|
|
||||||
Note that `G_2` is the only group of order `q` of that elliptic curve over the field `F_p^2`.
|
Note that `G_2` is the only group of order `q` of that elliptic curve over the field `F_p^2`. Any other generator of order `q` instead of `P2` would define the same `G_2`. However, a skeptical reader can compare `q * P2` and `P2` to check the existence of a group of order `q` on `G_2`.
|
||||||
|
|
||||||
|
|
||||||
### Encoding
|
### Encoding
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue