solutions/zokrates_prover/.zokrates/stdlib/ecc/edwardsOnCurve.zok

from "ecc/babyjubjubParams" import BabyJubJubParams;

// Check if a point is on a twisted Edwards curve
// Curve parameters are defined with the last argument
// See appendix 3.3.1 of Zcash protocol specification:
// https://github.com/zcash/zips/blob/master/protocol/protocol.pdf
def main(field[2] pt, BabyJubJubParams context) -> bool {
    field a = context.JUBJUB_A;
    field d = context.JUBJUB_D;

    field uu = pt[0] * pt[0];
    field vv = pt[1] * pt[1];
    field uuvv = uu * vv;

    assert(a * uu + vv == 1 + d * uuvv);
    return true;
}
WIP 2023-12-05 06:06:28 +00:00			`from "ecc/babyjubjubParams" import BabyJubJubParams;`

			`// Check if a point is on a twisted Edwards curve`
			`// Curve parameters are defined with the last argument`
			`// See appendix 3.3.1 of Zcash protocol specification:`
			`// https://github.com/zcash/zips/blob/master/protocol/protocol.pdf`
			`def main(field[2] pt, BabyJubJubParams context) -> bool {`
			`field a = context.JUBJUB_A;`
			`field d = context.JUBJUB_D;`

			`field uu = pt[0] * pt[0];`
			`field vv = pt[1] * pt[1];`
			`field uuvv = uu * vv;`

			`assert(a * uu + vv == 1 + d * uuvv);`
			`return true;`
			`}`