diff --git a/README.md b/README.md index 1512819..b9f35a6 100644 --- a/README.md +++ b/README.md @@ -363,7 +363,7 @@ import { randomBytes } from '@noble/hashes/utils'; const Fp = Field(2n ** 255n - 19n); const ed25519 = twistedEdwards({ - a: -1n, + a: Fp.create(-1n), d: Fp.div(-121665n, 121666n), // -121665n/121666n mod p Fp: Fp, n: 2n ** 252n + 27742317777372353535851937790883648493n, @@ -887,7 +887,6 @@ Upgrading from [@noble/bls12-381](https://github.com/paulmillr/noble-bls12-381): - PointG2.fromSignature -> Signature.decode, PointG2.toSignature -> Signature.encode - Fp2 ORDER was corrected - ## Resources Useful articles about the library or its primitives: diff --git a/src/ed25519.ts b/src/ed25519.ts index ed47c3b..2f881fc 100644 --- a/src/ed25519.ts +++ b/src/ed25519.ts @@ -97,13 +97,13 @@ const Fp = Field(ED25519_P, undefined, true); const ed25519Defaults = { // Param: a - a: BigInt(-1), - // Equal to -121665/121666 over finite field. + a: BigInt(-1), // Fp.create(-1) is proper; our way still works and is faster + // d is equal to -121665/121666 over finite field. // Negative number is P - number, and division is invert(number, P) d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'), // Finite field 𝔽p over which we'll do calculations; 2n ** 255n - 19n Fp, - // Subgroup order: how many points ed25519 has + // Subgroup order: how many points curve has // 2n ** 252n + 27742317777372353535851937790883648493n; n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'), // Cofactor