• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
        • Crypto-hdwallet
        • Apt
        • Error-checking
        • Fty-extensions
        • Isar
        • Kestrel-utilities
        • Set
        • Soft
        • C
        • Bv
        • Imp-language
        • Event-macros
        • Java
        • Bitcoin
        • Ethereum
        • Yul
        • Zcash
        • ACL2-programming-language
        • Prime-fields
        • Json
        • Syntheto
        • File-io-light
        • Cryptography
          • R1cs
          • Interfaces
          • Sha-2
          • Keccak
          • Kdf
          • Mimc
          • Padding
          • Hmac
          • Elliptic-curves
            • Secp256k1-attachment
            • Twisted-edwards
            • Montgomery
            • Short-weierstrass-curves
            • Birational-montgomery-twisted-edwards
            • Has-square-root?-satisfies-pfield-squarep
            • Secp256k1
              • Secp256k1*
                • Secp256k1-negate
                • Secp256k1-sqrt
                • Secp256k1+
                • Secp256k1-has-square-root?
                • Secp256k1-point-type-conversions
                • Secp256k1-generator
              • Secp256k1-domain-parameters
              • Secp256k1-types
              • Pfield-squarep
              • Secp256k1-interface
              • Prime-field-extra-rules
              • Points
            • Attachments
            • Elliptic-curve-digital-signature-algorithm
          • Number-theory
          • Lists-light
          • Axe
          • Builtins
          • Solidity
          • Helpers
          • Htclient
          • Typed-lists-light
          • Arithmetic-light
        • X86isa
        • Axe
        • Execloader
      • Math
      • Testing-utilities
    • Secp256k1

    Secp256k1*

    Multiply an elliptic curve point by a scalar.

    (secp256k1* s point) applies the elliptic group operation to s copies of point.

    Since we use + to describe the group operation, this operation can be thought of as multiplying point by the scalar s.

    (Alternatively, for those who think of the group operation as multiplication, this operation can be thought of as exponentiation.)

    point must be on the secp256k1 elliptic curve. If it is not, a guard violation occurs.

    The result is a point on the elliptic curve.

    Definitions and Theorems

    Function: secp256k1*

    (defun secp256k1* (s point)
 (declare
   (xargs :guard (and (natp s)
                      (pointp point)
                      (point-in-pxp-p point (secp256k1-field-prime))
                      (point-on-weierstrass-elliptic-curve-p
                           point (secp256k1-field-prime)
                           (secp256k1-a)
                           (secp256k1-b)))))
 (curve-scalar-* s point (secp256k1-field-prime)
                 (secp256k1-a)
                 (secp256k1-b)))