pub fn multi_scalar_multiply<F: PrimeField, FC, C>(
chip: &FC,
ctx: &mut Context<F>,
P: &[EcPoint<F, FC::FieldPoint>],
scalars: Vec<Vec<AssignedValue<F>>>,
max_bits: usize,
window_bits: usize
) -> EcPoint<F, FC::FieldPoint>where
FC: FieldChip<F> + Selectable<F, FC::FieldPoint>,
C: CurveAffineExt<Base = FC::FieldType>,
Expand description
points.len() == scalars.len()scalars[i].len() == scalars[j].len() for all i, jscalars[i] is less than the order of Pscalars[i][j] < 2^{max_bits} for all jmax_bits <= modulus::<F>.bits(), and equality only allowed when the order of P equals the modulus of Fpoints are all on the curve or the point at infinitypoints[i] is allowed to be (0, 0) to represent the point at infinity (identity point)- Currently implementation assumes that the only point on curve with y-coordinate equal to
0 is identity point