diff options
author | John Newbery <john@johnnewbery.com> | 2019-05-18 13:38:00 -0400 |
---|---|---|
committer | Pieter Wuille <pieter.wuille@gmail.com> | 2020-01-19 14:47:33 -0800 |
commit | 680af7db4c423754d59905e76e60a4069b9d67fe (patch) | |
tree | 7383bfff9d3387097421b1fcf700b2163cdd3060 | |
parent | bba0bad5e8001a7302557883d655ec5b583ac8a6 (diff) | |
download | bips-680af7db4c423754d59905e76e60a4069b9d67fe.tar.xz |
Return a point from lift_x()
-rw-r--r-- | bip-schnorr.mediawiki | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bip-schnorr.mediawiki b/bip-schnorr.mediawiki index c267640..561ff6f 100644 --- a/bip-schnorr.mediawiki +++ b/bip-schnorr.mediawiki @@ -107,7 +107,7 @@ The following convention is used, with constants as defined for secp256k1: *** Let ''c = x<sup>3</sup> + 7 mod p''. *** Let ''y = c<sup>(p+1)/4</sup> mod p''. *** Fail if ''c ≠ y<sup>2</sup> mod p''. -*** Return ''(r, y)''. +*** Return the unique point ''P'' such that ''x(P) = x'' and ''y(P) = y''. ** The function ''point(x)'', where ''x'' is a 32-byte array, returns the point ''P = lift_x(int(x))''. ** The function ''hash(x)'', where ''x'' is a byte array, returns the 32-byte SHA256 hash of ''x''. ** The function ''jacobi(x)'', where ''x'' is an integer, returns the [https://en.wikipedia.org/wiki/Jacobi_symbol Jacobi symbol] of ''x / p''. It is equal to ''x<sup>(p-1)/2</sup> mod p'' ([https://en.wikipedia.org/wiki/Euler%27s_criterion Euler's criterion])<ref>For points ''P'' on the secp256k1 curve it holds that ''jacobi(y(P)) ≠ 0''.</ref>. |