Open rozbb opened 2 months ago
Wouldn't this lose the information what actually the byte string input represents and constructor here is not fallible:
let compressed = CompressedEdwardsY(*bytes);
Only the decompress is fallible but isn't it too late and makes figuring out what the correct bytes input hard/er ?
I think the old warning was kind of bad (point decompression ensures a valid curve point), but it might be good to replace that note with one that it's using the ZIP-215 rules, since the point validation rules being applied have been a source of confusion in the past (see #380, #623)
There was a big warning in
VerifyingKey::from_bytes
that said the user is responsible for ensuring that the provided bytes represent a verifying key. I think this was confusing, since the function returns aResult
that clearly reflects this possible error mode. I've fixed up the wording in the docs.