The function
(jubjub-point->u point) → u
[ZPS] defines this function on any finite point (in fact, on any pair), but it is only used on Jubjub points.
This is always below the Jubjub field prime.
Function:
(defun jubjub-point->u (point) (declare (xargs :guard (jubjub-pointp point))) (let ((__function__ 'jubjub-point->u)) (declare (ignorable __function__)) (ecurve::point-finite->x point)))
Theorem:
(defthm natp-of-jubjub-point->u (b* ((u (jubjub-point->u point))) (natp u)) :rule-classes :type-prescription)
Theorem:
(defthm jubjub-point->u-upper-bound (implies (jubjub-pointp point) (b* ((acl2::?u (jubjub-point->u point))) (< u (jubjub-q)))) :rule-classes :linear)
Theorem:
(defthm fep-of-jubjub-point->u (implies (jubjub-pointp point) (b* ((acl2::?u (jubjub-point->u point))) (fep u (jubjub-q)))))