@silvana-one/mina-curves 0.3.0

package/dist/web/curve/constants.js

@@ -0,0 +1,323 @@
+export { PallasConstants, PoseidonConstants };
+const PallasConstants = {
+    name: "Pallas",
+    modulus: 28948022309329048855892746252171976963363056481941560715954676764349967630337n,
+    order: 28948022309329048855892746252171976963363056481941647379679742748393362948097n,
+    cofactor: 1n,
+    zero: { x: 1n, y: 1n, z: 0n },
+    one: {
+        x: 1n,
+        y: 12418654782883325593414442427049395787963493412651469444558597405572177144507n,
+        z: 1n,
+    },
+    hasEndomorphism: true,
+    a: 0n,
+    b: 5n,
+    hasCofactor: false,
+    p: 28948022309329048855892746252171976963363056481941560715954676764349967630337n,
+    twoadicRoot: 19814229590243028906643993866117402072516588566294623396325693409366934201135n,
+    twoadicity: 32n,
+    oddFactor: 6739986666787659948666753771754907668419893943225396963757154709741n,
+};
+const PoseidonConstants = {
+    stateSize: 3,
+    rate: 2,
+    fullRounds: 55,
+    power: 7n,
+    hasInitialRoundConstant: false,
+    mds: [
+        [
+            12035446894107573964500871153637039653510326950134440362813193268448863222019n,
+            25461374787957152039031444204194007219326765802730624564074257060397341542093n,
+            27667907157110496066452777015908813333407980290333709698851344970789663080149n,
+        ],
+        [
+            4491931056866994439025447213644536587424785196363427220456343191847333476930n,
+            14743631939509747387607291926699970421064627808101543132147270746750887019919n,
+            9448400033389617131295304336481030167723486090288313334230651810071857784477n,
+        ],
+        [
+            10525578725509990281643336361904863911009900817790387635342941550657754064843n,
+            27437632000253211280915908546961303399777448677029255413769125486614773776695n,
+            27566319851776897085443681456689352477426926500749993803132851225169606086988n,
+        ],
+    ],
+    roundConstants: [
+        [
+            21155079691556475130150866428468322463125560312786319980770950159250751855431n,
+            16883442198399350202652499677723930673110172289234921799701652810789093522349n,
+            17030687036425314703519085065002231920937594822150793091243263847382891822670n,
+        ],
+        [
+            25216718237129482752721276445368692059997901880654047883630276346421457427360n,
+            9054264347380455706540423067244764093107767235485930776517975315876127782582n,
+            26439087121446593160953570192891907825526260324480347638727375735543609856888n,
+        ],
+        [
+            15251000790817261169639394496851831733819930596125214313084182526610855787494n,
+            10861916012597714684433535077722887124099023163589869801449218212493070551767n,
+            18597653523270601187312528478986388028263730767495975370566527202946430104139n,
+        ],
+        [
+            15831416454198644276563319006805490049460322229057756462580029181847589006611n,
+            15171856919255965617705854914448645702014039524159471542852132430360867202292n,
+            15488495958879593647482715143904752785889816789652405888927117106448507625751n,
+        ],
+        [
+            19039802679983063488134304670998725949842655199289961967801223969839823940152n,
+            4720101937153217036737330058775388037616286510783561045464678919473230044408n,
+            10226318327254973427513859412126640040910264416718766418164893837597674300190n,
+        ],
+        [
+            20878756131129218406920515859235137275859844638301967889441262030146031838819n,
+            7178475685651744631172532830973371642652029385893667810726019303466125436953n,
+            1996970955918516145107673266490486752153434673064635795711751450164177339618n,
+        ],
+        [
+            15205545916434157464929420145756897321482314798910153575340430817222504672630n,
+            25660296961552699573824264215804279051322332899472350724416657386062327210698n,
+            13842611741937412200312851417353455040950878279339067816479233688850376089318n,
+        ],
+        [
+            1383799642177300432144836486981606294838630135265094078921115713566691160459n,
+            1135532281155277588005319334542025976079676424839948500020664227027300010929n,
+            4384117336930380014868572224801371377488688194169758696438185377724744869360n,
+        ],
+        [
+            21725577575710270071808882335900370909424604447083353471892004026180492193649n,
+            676128913284806802699862508051022306366147359505124346651466289788974059668n,
+            25186611339598418732666781049829183886812651492845008333418424746493100589207n,
+        ],
+        [
+            10402240124664763733060094237696964473609580414190944671778761753887884341073n,
+            11918307118590866200687906627767559273324023585642003803337447146531313172441n,
+            16895677254395661024186292503536662354181715337630376909778003268311296637301n,
+        ],
+        [
+            23818602699032741669874498456696325705498383130221297580399035778119213224810n,
+            4285193711150023248690088154344086684336247475445482883105661485741762600154n,
+            19133204443389422404056150665863951250222934590192266371578950735825153238612n,
+        ],
+        [
+            5515589673266504033533906836494002702866463791762187140099560583198974233395n,
+            11830435563729472715615302060564876527985621376031612798386367965451821182352n,
+            7510711479224915247011074129666445216001563200717943545636462819681638560128n,
+        ],
+        [
+            24694843201907722940091503626731830056550128225297370217610328578733387733444n,
+            27361655066973784653563425664091383058914302579694897188019422193564924110528n,
+            21606788186194534241166833954371013788633495786419718955480491478044413102713n,
+        ],
+        [
+            19934060063390905409309407607814787335159021816537006003398035237707924006757n,
+            8495813630060004961768092461554180468161254914257386012937942498774724649553n,
+            27524960680529762202005330464726908693944660961000958842417927307941561848461n,
+        ],
+        [
+            15178481650950399259757805400615635703086255035073919114667254549690862896985n,
+            16164780354695672259791105197274509251141405713012804937107314962551600380870n,
+            10529167793600778056702353412758954281652843049850979705476598375597148191979n,
+        ],
+        [
+            721141070179074082553302896292167103755384741083338957818644728290501449040n,
+            22044408985956234023934090378372374883099115753118261312473550998188148912041n,
+            27068254103241989852888872162525066148367014691482601147536314217249046186315n,
+        ],
+        [
+            3880429241956357176819112098792744584376727450211873998699580893624868748961n,
+            17387097125522937623262508065966749501583017524609697127088211568136333655623n,
+            6256814421247770895467770393029354017922744712896100913895513234184920631289n,
+        ],
+        [
+            2942627347777337187690939671601251987500285937340386328746818861972711408579n,
+            24031654937764287280548628128490074801809101323243546313826173430897408945397n,
+            14401457902976567713827506689641442844921449636054278900045849050301331732143n,
+        ],
+        [
+            20170632877385406450742199836933900257692624353889848352407590794211839130727n,
+            24056496193857444725324410428861722338174099794084586764867109123681727290181n,
+            11257913009612703357266904349759250619633397075667824800196659858304604714965n,
+        ],
+        [
+            22228158921984425749199071461510152694025757871561406897041788037116931009246n,
+            9152163378317846541430311327336774331416267016980485920222768197583559318682n,
+            13906695403538884432896105059360907560653506400343268230130536740148070289175n,
+        ],
+        [
+            7220714562509721437034241786731185291972496952091254931195414855962344025067n,
+            27608867305903811397208862801981345878179337369367554478205559689592889691927n,
+            13288465747219756218882697408422850918209170830515545272152965967042670763153n,
+        ],
+        [
+            8251343892709140154567051772980662609566359215743613773155065627504813327653n,
+            22035238365102171608166944627493632660244312563934708756134297161332908879090n,
+            13560937766273321037807329177749403409731524715067067740487246745322577571823n,
+        ],
+        [
+            21652518608959234550262559135285358020552897349934571164032339186996805408040n,
+            22479086963324173427634460342145551255011746993910136574926173581069603086891n,
+            13676501958531751140966255121288182631772843001727158043704693838707387130095n,
+        ],
+        [
+            5680310394102577950568930199056707827608275306479994663197187031893244826674n,
+            25125360450906166639190392763071557410047335755341060350879819485506243289998n,
+            22659254028501616785029594492374243581602744364859762239504348429834224676676n,
+        ],
+        [
+            23101411405087512171421838856759448177512679869882987631073569441496722536782n,
+            24149774013240355952057123660656464942409328637280437515964899830988178868108n,
+            5782097512368226173095183217893826020351125522160843964147125728530147423065n,
+        ],
+        [
+            13540762114500083869920564649399977644344247485313990448129838910231204868111n,
+            20421637734328811337527547703833013277831804985438407401987624070721139913982n,
+            7742664118615900772129122541139124149525273579639574972380600206383923500701n,
+        ],
+        [
+            1109643801053963021778418773196543643970146666329661268825691230294798976318n,
+            16580663920817053843121063692728699890952505074386761779275436996241901223840n,
+            14638514680222429058240285918830106208025229459346033470787111294847121792366n,
+        ],
+        [
+            17080385857812672649489217965285727739557573467014392822992021264701563205891n,
+            26176268111736737558502775993925696791974738793095023824029827577569530708665n,
+            4382756253392449071896813428140986330161215829425086284611219278674857536001n,
+        ],
+        [
+            13934033814940585315406666445960471293638427404971553891617533231178815348902n,
+            27054912732979753314774418228399230433963143177662848084045249524271046173121n,
+            28916070403698593376490976676534962592542013020010643734621202484860041243391n,
+        ],
+        [
+            24820015636966360150164458094894587765384135259446295278101998130934963922381n,
+            7969535238488580655870884015145760954416088335296905520306227531221721881868n,
+            7690547696740080985104189563436871930607055124031711216224219523236060212249n,
+        ],
+        [
+            9712576468091272384496248353414290908377825697488757134833205246106605867289n,
+            12148698031438398980683630141370402088785182722473169207262735228500190477924n,
+            14359657643133476969781351728574842164124292705609900285041476162075031948227n,
+        ],
+        [
+            23563839965372067275137992801035780013422228997724286060975035719045352435470n,
+            4184634822776323233231956802962638484057536837393405750680645555481330909086n,
+            16249511905185772125762038789038193114431085603985079639889795722501216492487n,
+        ],
+        [
+            11001863048692031559800673473526311616702863826063550559568315794438941516621n,
+            4702354107983530219070178410740869035350641284373933887080161024348425080464n,
+            23751680507533064238793742311430343910720206725883441625894258483004979501613n,
+        ],
+        [
+            28670526516158451470169873496541739545860177757793329093045522432279094518766n,
+            3568312993091537758218792253361873752799472566055209125947589819564395417072n,
+            1819755756343439646550062754332039103654718693246396323207323333948654200950n,
+        ],
+        [
+            5372129954699791301953948907349887257752247843844511069896766784624930478273n,
+            17512156688034945920605615850550150476471921176481039715733979181538491476080n,
+            25777105342317622165159064911913148785971147228777677435200128966844208883059n,
+        ],
+        [
+            25350392006158741749134238306326265756085455157012701586003300872637887157982n,
+            20096724945283767296886159120145376967480397366990493578897615204296873954844n,
+            8063283381910110762785892100479219642751540456251198202214433355775540036851n,
+        ],
+        [
+            4393613870462297385565277757207010824900723217720226130342463666351557475823n,
+            9874972555132910032057499689351411450892722671352476280351715757363137891038n,
+            23590926474329902351439438151596866311245682682435235170001347511997242904868n,
+        ],
+        [
+            17723373371137275859467518615551278584842947963894791032296774955869958211070n,
+            2350345015303336966039836492267992193191479606566494799781846958620636621159n,
+            27755207882790211140683010581856487965587066971982625511152297537534623405016n,
+        ],
+        [
+            6584607987789185408123601849106260907671314994378225066806060862710814193906n,
+            609759108847171587253578490536519506369136135254150754300671591987320319770n,
+            28435187585965602110074342250910608316032945187476441868666714022529803033083n,
+        ],
+        [
+            16016664911651770663938916450245705908287192964254704641717751103464322455303n,
+            17551273293154696089066968171579395800922204266630874071186322718903959339163n,
+            20414195497994754529479032467015716938594722029047207834858832838081413050198n,
+        ],
+        [
+            19773307918850685463180290966774465805537520595602496529624568184993487593855n,
+            24598603838812162820757838364185126333280131847747737533989799467867231166980n,
+            11040972566103463398651864390163813377135738019556270484707889323659789290225n,
+        ],
+        [
+            5189242080957784038860188184443287562488963023922086723850863987437818393811n,
+            1435203288979376557721239239445613396009633263160237764653161500252258220144n,
+            13066591163578079667911016543985168493088721636164837520689376346534152547210n,
+        ],
+        [
+            17345901407013599418148210465150865782628422047458024807490502489711252831342n,
+            22139633362249671900128029132387275539363684188353969065288495002671733200348n,
+            1061056418502836172283188490483332922126033656372467737207927075184389487061n,
+        ],
+        [
+            10241738906190857416046229928455551829189196941239601756375665129874835232299n,
+            27808033332417845112292408673209999320983657696373938259351951416571545364415n,
+            18820154989873674261497645724903918046694142479240549687085662625471577737140n,
+        ],
+        [
+            7983688435214640842673294735439196010654951226956101271763849527529940619307n,
+            17067928657801807648925755556866676899145460770352731818062909643149568271566n,
+            24472070825156236829515738091791182856425635433388202153358580534810244942762n,
+        ],
+        [
+            25752201169361795911258625731016717414310986450004737514595241038036936283227n,
+            26041505376284666160132119888949817249574689146924196064963008712979256107535n,
+            23977050489096115210391718599021827780049209314283111721864956071820102846008n,
+        ],
+        [
+            26678257097278788410676026718736087312816016749016738933942134600725962413805n,
+            10480026985951498884090911619636977502506079971893083605102044931823547311729n,
+            21126631300593007055117122830961273871167754554670317425822083333557535463396n,
+        ],
+        [
+            1564862894215434177641156287699106659379648851457681469848362532131406827573n,
+            13247162472821152334486419054854847522301612781818744556576865965657773174584n,
+            8673615954922496961704442777870253767001276027366984739283715623634850885984n,
+        ],
+        [
+            2794525076937490807476666942602262298677291735723129868457629508555429470085n,
+            4656175953888995612264371467596648522808911819700660048695373348629527757049n,
+            23221574237857660318443567292601561932489621919104226163978909845174616477329n,
+        ],
+        [
+            1878392460078272317716114458784636517603142716091316893054365153068227117145n,
+            2370412714505757731457251173604396662292063533194555369091306667486647634097n,
+            17409784861870189930766639925394191888667317762328427589153989811980152373276n,
+        ],
+        [
+            25869136641898166514111941708608048269584233242773814014385564101168774293194n,
+            11361209360311194794795494027949518465383235799633128250259863567683341091323n,
+            14913258820718821235077379851098720071902170702113538811112331615559409988569n,
+        ],
+        [
+            12957012022018304419868287033513141736995211906682903915897515954290678373899n,
+            17128889547450684566010972445328859295804027707361763477802050112063630550300n,
+            23329219085372232771288306767242735245018143857623151155581182779769305489903n,
+        ],
+        [
+            1607741027962933685476527275858938699728586794398382348454736018784568853937n,
+            2611953825405141009309433982109911976923326848135736099261873796908057448476n,
+            7372230383134982628913227482618052530364724821976589156840317933676130378411n,
+        ],
+        [
+            20203606758501212620842735123770014952499754751430660463060696990317556818571n,
+            4678361398979174017885631008335559529633853759463947250620930343087749944307n,
+            27176462634198471376002287271754121925750749676999036165457559387195124025594n,
+        ],
+        [
+            6361981813552614697928697527332318530502852015189048838072565811230204474643n,
+            13815234633287489023151647353581705241145927054858922281829444557905946323248n,
+            10888828634279127981352133512429657747610298502219125571406085952954136470354n,
+        ],
+    ],
+};
+//# sourceMappingURL=constants.js.map

package/dist/web/curve/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../src/curve/constants.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,CAAC;AAE9C,MAAM,eAAe,GAAG;IACtB,IAAI,EAAE,QAAQ;IACd,OAAO,EACL,8EAA8E;IAChF,KAAK,EACH,8EAA8E;IAChF,QAAQ,EAAE,EAAE;IACZ,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE;IAC7B,GAAG,EAAE;QACH,CAAC,EAAE,EAAE;QACL,CAAC,EAAE,8EAA8E;QACjF,CAAC,EAAE,EAAE;KACN;IACD,eAAe,EAAE,IAAI;IACrB,CAAC,EAAE,EAAE;IACL,CAAC,EAAE,EAAE;IACL,WAAW,EAAE,KAAK;IAClB,CAAC,EAAE,8EAA8E;IACjF,WAAW,EACT,8EAA8E;IAChF,UAAU,EAAE,GAAG;IACf,SAAS,EACP,oEAAoE;CACvE,CAAC;AAEF,MAAM,iBAAiB,GAAG;IACxB,SAAS,EAAE,CAAC;IACZ,IAAI,EAAE,CAAC;IACP,UAAU,EAAE,EAAE;IACd,KAAK,EAAE,EAAE;IACT,uBAAuB,EAAE,KAAK;IAC9B,GAAG,EAAE;QACH;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;KACF;IACD,cAAc,EAAE;QACd;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,6EAA6E;YAC7E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,4EAA4E;YAC5E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,4EAA4E;YAC5E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,6EAA6E;SAC9E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,6EAA6E;SAC9E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,6EAA6E;YAC7E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,4EAA4E;YAC5E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,6EAA6E;SAC9E;QACD;YACE,6EAA6E;YAC7E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,8EAA8E;YAC9E,8EAA8E;YAC9E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,6EAA6E;YAC7E,6EAA6E;SAC9E;QACD;YACE,8EAA8E;YAC9E,6EAA6E;YAC7E,8EAA8E;SAC/E;QACD;YACE,6EAA6E;YAC7E,8EAA8E;YAC9E,8EAA8E;SAC/E;KACF;CACF,CAAC"}

package/dist/web/curve/curve.d.ts

@@ -0,0 +1,50 @@
+export { Field, Bool, Scalar, PublicKey, Signature, Group, publicKeyToGroup, scale, sub, isEven, equal, power, add, mul, sqrt, dot, };
+type Field = bigint;
+type Bool = boolean;
+type Group = {
+    x: Field;
+    y: Field;
+};
+type PublicKey = {
+    x: Field;
+    isOdd: Bool;
+};
+type Scalar = bigint;
+type Signature = {
+    r: Field;
+    s: Scalar;
+};
+type GroupProjective = {
+    x: bigint;
+    y: bigint;
+    z: bigint;
+};
+/**
+ * A non-zero point on the Pallas curve in affine form { x, y }
+ */
+declare const Group: {
+    toProjective({ x, y }: Group): GroupProjective;
+    /**
+     * Convert a projective point to a non-zero affine point.
+     * Throws an error if the point is zero / infinity, i.e. if z === 0
+     */
+    fromProjective(point: GroupProjective): Group;
+};
+declare function sub(g: GroupProjective, h: GroupProjective): {
+    x: bigint;
+    y: bigint;
+    z: bigint;
+};
+declare function scale(g: GroupProjective, s: bigint): {
+    x: bigint;
+    y: bigint;
+    z: bigint;
+};
+declare function isEven(x: bigint): boolean;
+declare function equal(x: bigint, y: bigint): boolean;
+declare function power(a: bigint, n: bigint): bigint;
+declare function add(x: bigint, y: bigint): bigint;
+declare function mul(x: bigint, y: bigint): bigint;
+declare function dot(x: bigint[], y: bigint[]): bigint;
+declare function sqrt(n_: bigint, p: bigint, Q: bigint, c: bigint, M: bigint): bigint | undefined;
+declare function publicKeyToGroup({ x, isOdd }: PublicKey): Group;

package/dist/web/curve/curve.js

@@ -0,0 +1,307 @@
+import { PallasConstants } from "./constants.js";
+export { Group, publicKeyToGroup, scale, sub, isEven, equal, power, add, mul, sqrt, dot, };
+const projectiveZero = { x: 1n, y: 1n, z: 0n };
+/**
+ * A non-zero point on the Pallas curve in affine form { x, y }
+ */
+const Group = {
+    toProjective({ x, y }) {
+        return projectiveFromAffine({ x, y, infinity: false });
+    },
+    /**
+     * Convert a projective point to a non-zero affine point.
+     * Throws an error if the point is zero / infinity, i.e. if z === 0
+     */
+    fromProjective(point) {
+        let { x, y, infinity } = projectiveToAffine(point);
+        if (infinity)
+            throw Error("Group.fromProjective: point is infinity");
+        return { x, y };
+    },
+};
+const { p, a, b, twoadicRoot, twoadicity, oddFactor } = PallasConstants;
+function mod(x, p) {
+    x = x % p;
+    if (x < 0)
+        return x + p;
+    return x;
+}
+function projectiveDoubleA0(g, p) {
+    if (g.z === 0n)
+        return g;
+    let X1 = g.x, Y1 = g.y, Z1 = g.z;
+    if (Y1 === 0n)
+        throw Error("projectiveDouble: unhandled case");
+    // http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l
+    // A = X1^2
+    let A = mod(X1 * X1, p);
+    // B = Y1^2
+    let B = mod(Y1 * Y1, p);
+    // C = B^2
+    let C = mod(B * B, p);
+    // D = 2*((X1+B)^2-A-C)
+    let D = mod(2n * ((X1 + B) * (X1 + B) - A - C), p);
+    // E = 3*A
+    let E = 3n * A;
+    // F = E^2
+    let F = mod(E * E, p);
+    // X3 = F-2*D
+    let X3 = mod(F - 2n * D, p);
+    // Y3 = E*(D-X3)-8*C
+    let Y3 = mod(E * (D - X3) - 8n * C, p);
+    // Z3 = 2*Y1*Z1
+    let Z3 = mod(2n * Y1 * Z1, p);
+    return { x: X3, y: Y3, z: Z3 };
+}
+function projectiveDoubleAminus3(g, p) {
+    if (g.z === 0n)
+        return g;
+    let X1 = g.x, Y1 = g.y, Z1 = g.z;
+    if (Y1 === 0n)
+        throw Error("projectiveDouble: unhandled case");
+    // http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
+    // delta = Z1^2
+    let delta = mod(Z1 * Z1, p);
+    // gamma = Y1^2
+    let gamma = mod(Y1 * Y1, p);
+    // beta = X1*gamma
+    let beta = mod(X1 * gamma, p);
+    // alpha = 3*(X1-delta)*(X1+delta)
+    let alpha = mod((X1 - delta) * (X1 + delta), p);
+    alpha = alpha + alpha + alpha;
+    // X3 = alpha^2-8*beta
+    let X3 = mod(alpha * alpha - 8n * beta, p);
+    // Z3 = (Y1+Z1)^2-gamma-delta
+    let Z3 = mod((Y1 + Z1) * (Y1 + Z1) - gamma - delta, p);
+    // Y3 = alpha*(4*beta-X3)-8*gamma^2
+    let Y3 = mod(alpha * (4n * beta - X3) - 8n * gamma * gamma, p);
+    return { x: X3, y: Y3, z: Z3 };
+}
+function projectiveDouble(g, p, a) {
+    if (a === 0n)
+        return projectiveDoubleA0(g, p);
+    if (a + 3n === p)
+        return projectiveDoubleAminus3(g, p);
+    throw Error("Projective doubling is not implemented for general curve parameter a, only a = 0 and a = -3");
+}
+function projectiveNeg({ x, y, z }, p) {
+    return { x, y: y === 0n ? 0n : p - y, z };
+}
+function projectiveAdd(g, h, p, a) {
+    if (g.z === 0n)
+        return h;
+    if (h.z === 0n)
+        return g;
+    let X1 = g.x, Y1 = g.y, Z1 = g.z, X2 = h.x, Y2 = h.y, Z2 = h.z;
+    // http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl
+    // Z1Z1 = Z1^2
+    let Z1Z1 = mod(Z1 * Z1, p);
+    // Z2Z2 = Z2^2
+    let Z2Z2 = mod(Z2 * Z2, p);
+    // U1 = X1*Z2Z2
+    let U1 = mod(X1 * Z2Z2, p);
+    // U2 = X2*Z1Z1
+    let U2 = mod(X2 * Z1Z1, p);
+    // S1 = Y1*Z2*Z2Z2
+    let S1 = mod(Y1 * Z2 * Z2Z2, p);
+    // S2 = Y2*Z1*Z1Z1
+    let S2 = mod(Y2 * Z1 * Z1Z1, p);
+    // H = U2-U1
+    let H = mod(U2 - U1, p);
+    // H = 0 <==> x1 = X1/Z1^2 = X2/Z2^2 = x2 <==> degenerate case (Z3 would become 0)
+    if (H === 0n) {
+        // if S1 = S2 <==> y1 = y2, the points are equal, so we double instead
+        if (S1 === S2)
+            return projectiveDouble(g, p, a);
+        // if S1 = -S2, the points are inverse, so return zero
+        if (mod(S1 + S2, p) === 0n)
+            return projectiveZero;
+        throw Error("projectiveAdd: invalid point");
+    }
+    // I = (2*H)^2
+    let I = mod((H * H) << 2n, p);
+    // J = H*I
+    let J = mod(H * I, p);
+    // r = 2*(S2-S1)
+    let r = 2n * (S2 - S1);
+    // V = U1*I
+    let V = mod(U1 * I, p);
+    // X3 = r^2-J-2*V
+    let X3 = mod(r * r - J - 2n * V, p);
+    // Y3 = r*(V-X3)-2*S1*J
+    let Y3 = mod(r * (V - X3) - 2n * S1 * J, p);
+    // Z3 = ((Z1+Z2)^2-Z1Z1-Z2Z2)*H
+    let Z3 = mod(((Z1 + Z2) * (Z1 + Z2) - Z1Z1 - Z2Z2) * H, p);
+    return { x: X3, y: Y3, z: Z3 };
+}
+function projectiveSub(g, h, p, a) {
+    return projectiveAdd(g, projectiveNeg(h, p), p, a);
+}
+function getProjectiveDouble(p, a) {
+    if (a === 0n)
+        return projectiveDoubleA0;
+    if (a + 3n === p)
+        return projectiveDoubleAminus3;
+    throw Error("Projective doubling is not implemented for general curve parameter a, only a = 0 and a = -3");
+}
+function bigIntToBits(x) {
+    if (x < 0n) {
+        throw Error(`bigIntToBits: negative numbers are not supported, got ${x}`);
+    }
+    let bits = [];
+    for (; x > 0n; x >>= 1n) {
+        let bit = !!(x & 1n);
+        bits.push(bit);
+    }
+    return bits;
+}
+function projectiveScale(g, x, p, a) {
+    let double = getProjectiveDouble(p, a);
+    let bits = typeof x === "bigint" ? bigIntToBits(x) : x;
+    let h = projectiveZero;
+    for (let bit of bits) {
+        if (bit)
+            h = projectiveAdd(h, g, p, a);
+        g = double(g, p);
+    }
+    return h;
+}
+function sub(g, h) {
+    return projectiveSub(g, h, p, PallasConstants.a);
+}
+function scale(g, s) {
+    return projectiveScale(g, s, p, PallasConstants.a);
+}
+function projectiveFromAffine({ x, y, infinity, }) {
+    if (infinity)
+        return projectiveZero;
+    return { x, y, z: 1n };
+}
+function projectiveToAffine(g) {
+    let z = g.z;
+    if (z === 0n) {
+        // infinity
+        return { x: 0n, y: 0n, infinity: true };
+    }
+    else if (z === 1n) {
+        // already normalized affine form
+        return { x: g.x, y: g.y, infinity: false };
+    }
+    else {
+        let zinv = inverse(z, p); // we checked for z === 0, so inverse exists
+        let zinv_squared = mod(zinv * zinv, p);
+        // x/z^2
+        let x = mod(g.x * zinv_squared, p);
+        // y/z^3
+        let y = mod(g.y * zinv * zinv_squared, p);
+        return { x: x, y: y, infinity: false };
+    }
+}
+// inverting with EGCD, 1/a in Z_p
+function inverse(a, p) {
+    a = mod(a, p);
+    if (a === 0n)
+        return undefined;
+    let b = p;
+    let x = 0n;
+    let y = 1n;
+    let u = 1n;
+    let v = 0n;
+    while (a !== 0n) {
+        let q = b / a;
+        let r = mod(b, a);
+        let m = x - u * q;
+        let n = y - v * q;
+        b = a;
+        a = r;
+        x = u;
+        y = v;
+        u = m;
+        v = n;
+    }
+    if (b !== 1n)
+        return undefined;
+    return mod(x, p);
+}
+function isEven(x) {
+    return !(mod(x, p) & 1n);
+}
+function equal(x, y) {
+    // We check if x and y are both in the range [0, p). If they are, can do a simple comparison. Otherwise, we need to reduce them to the proper canonical field range.
+    let x_ = x >= 0n && x < p ? x : mod(x, p);
+    let y_ = y >= 0n && y < p ? y : mod(y, p);
+    return x_ === y_;
+}
+// modular exponentiation, a^n % p
+function power(a, n) {
+    a = mod(a, p);
+    let x = 1n;
+    for (; n > 0n; n >>= 1n) {
+        if (n & 1n)
+            x = mod(x * a, p);
+        a = mod(a * a, p);
+    }
+    return x;
+}
+function add(x, y) {
+    return mod(x + y, p);
+}
+function mul(x, y) {
+    return mod(x * y, p);
+}
+function dot(x, y) {
+    let z = 0n;
+    let n = x.length;
+    for (let i = 0; i < n; i++) {
+        z += x[i] * y[i];
+    }
+    return mod(z, p);
+}
+function sqrt(n_, p, Q, c, M) {
+    // https://en.wikipedia.org/wiki/Tonelli-Shanks_algorithm#The_algorithm
+    // variable naming is the same as in that link ^
+    // Q is what we call `t` elsewhere - the odd factor in p - 1
+    // c is a known primitive root of unity
+    // M is the twoadicity = exponent of 2 in factorization of p - 1
+    const n = mod(n_, p);
+    if (n === 0n)
+        return 0n;
+    let t = power(n, (Q - 1n) >> 1n); // n^(Q - 1)/2
+    let R = mod(t * n, p); // n^((Q - 1)/2 + 1) = n^((Q + 1)/2)
+    t = mod(t * R, p); // n^((Q - 1)/2 + (Q + 1)/2) = n^Q
+    while (true) {
+        if (t === 1n)
+            return R;
+        // use repeated squaring to find the least i, 0 < i < M, such that t^(2^i) = 1
+        let i = 0n;
+        let s = t;
+        while (s !== 1n) {
+            s = mod(s * s, p);
+            i = i + 1n;
+        }
+        if (i === M)
+            return undefined; // no solution
+        let b = power(c, 1n << (M - i - 1n)); // c^(2^(M-i-1))
+        M = i;
+        c = mod(b * b, p);
+        t = mod(t * c, p);
+        R = mod(R * b, p);
+    }
+}
+function sqrt_internal(x) {
+    return sqrt(x, p, oddFactor, twoadicRoot, twoadicity);
+}
+function negate(x) {
+    return x === 0n ? 0n : mod(-x, p);
+}
+function publicKeyToGroup({ x, isOdd }) {
+    const ySquared = add(mul(x, mul(x, x)), b);
+    let y = sqrt_internal(ySquared);
+    if (y === undefined) {
+        throw Error("PublicKey.toGroup: not a valid group element");
+    }
+    if (isOdd !== !!(y & 1n))
+        y = negate(y);
+    return { x, y };
+}
+//# sourceMappingURL=curve.js.map