update `*PublicKey.Verify` to use `ristretto255.VarTimeDoubleScalarBaseMult`

ChainSafe / go-schnorrkel

🍵 Schnorr Signatures over Ristretto255 in pure Go

Apache License 2.0

93 stars 30 forks source link

Closed noot closed 2 years ago

noot commented 3 years ago

the following lines in *PublicKey.Verify can be simplified:

Rp := r255.NewElement()
Rp = Rp.ScalarBaseMult(s.s)
ky := r255.NewElement().ScalarMult(k, p.key)
Rp = Rp.Subtract(Rp, ky)

to:

Rp := r255.NewElement().VarTimeDoubleScalarBaseMult(k, r255.NewElement().Negate(p.key), s.s)

see #40