Rename GroupElement.negate

[aslesarenko]

See discussion for the context (https://github.com/ScorexFoundation/sigmastate-interpreter/pull/863#discussion_r1108709163)

Actually, for a group there is a notion of identity element, not a "point at infinity" (the latter is from elliptic curves terminology). Thus it would be better not to continue to mix terms, rename isInfinity to isIdentity and negate to inverse.

[kushti]

@aslesarenko I think both should be renamed. "Negate" makes sense for additive groups only, and you're working with and exposing a multiplicative one. For ErgoScript, possible to support both options for some time?

[kushti]

More from discussions

Well, an elliptic curve has a notion of infinity point, as well as addition, negation etc. A group does not have a notion of infinity point. A group has an identity element (which is instantiated with an infinity point when you instantiate a group on top of EC, but that is not the only option, you can have e.g. a Zp* based group). Check group theory materials, e.g. https://crypto.stanford.edu/pbc/notes/group/group.html .

...

Papers and textbooks in cryptography are using multiplicative notation for groups, and the main hard problems is called discrete log problem then (not multiplicative inverse problem). Thus multiplicative notation exposed allows for ErgoTree / ErgoScript code to be close to paper description of protocols. See the ZeroJoin paper https://eprint.iacr.org/2020/560.pdf as an example. Also, Sigma protocols code was inspired by SCAPI framework architecture, which is doing similar wrapping , see their documentation on DLOG group interface https://scapi.readthedocs.io/en/latest/primitives/dlog.html