Add normalization to FpConfig for PartialEq and Eq
#800
Comments
|
Related: https://github.com/l2iterative/ark-bn254-r0/blob/main/src/fields/fr.rs Currently, without this flexibility in |
|
Sounds reasonable. Plonky2/3 does this for small prime fields, and holds a potentially non-canonical representation. |
|
This is reasonable |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Some software optimization for special primes uses unnormalized representations. For example, when two numbers are added together, the number does not always be smaller than the modulus. The same can hold for multiplication. In such situations, 1 and p+1 may both be valid results.
FpConfigallows certain level of flexibility.We can make sure serialization always handles the normalized representation, by implementing the
into_bigintin some special way.But the problem rests on
PartialEqandEq.Currently,
PartialEqandEqare auto-derived inFp, which is auto-derived inBigIntas well. It examines the u64 limbs and require each limb to be the same. If we have 1 and p+1,PartialEqandEqwill return negative for them.To solve this problem, it is advisable to add a method in
FpConfig, likely callednormalize, which supposedly modifyp+1into1. Instead of auto-deriving thePartialEqandEq, we implement them manually withnormalize.The text was updated successfully, but these errors were encountered: