Preconditions of fe_equal_var are weaker than documented #946

issue real-or-random openend this issue on May 14, 2021
  1. real-or-random commented at 6:43 pm on May 14, 2021: contributor

    From IRC:

    <roconnor> The documentation for secp256k1_fe_equal_var suggest both inputs have to have magnitude 1; however only the first input needs to have magnitude 1. <roconnor> thus this call to fe_normalize_weak could be eliminated. <roconnor> But it is so very not critical, I’m not sure it is even worth PRing. <real_or_random> roconnor: same thing happens in secp256k1_gej_eq_x_var which is used in ECDSA verification. but ok, the speedup is still negligible <real_or_random> but I believe it’s worth a PR (or an issue) because it would improve the internal docs

  2. roconnor-blockstream commented at 2:46 pm on May 15, 2021: contributor
    https://github.com/bitcoin-core/secp256k1/blob/1e78c18d5b80552d15aa2e2e58348fc1b89b1e3b/src/group_impl.h#L264 is the call to fe_normalize_weak I had in mind, but @real-or-random has another instance somewhere else.
  3. siv2r cross-referenced this on Jan 4, 2022 from issue Removes `_fe_equal_var`, and unwanted `_fe_normalize_weak` calls (in tests) by siv2r
  4. real-or-random closed this on Aug 17, 2023


real-or-random roconnor-blockstream

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-10-28 05:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me