ZenGo-X · omershlo · Jul 27, 2021 · Jun 28, 2021 · Jun 29, 2021 · Jun 29, 2021
diff --git a/src/elliptic/curves/secp256_k1.rs b/src/elliptic/curves/secp256_k1.rs
@@ -32,7 +32,7 @@ use crate::arithmetic::*;
 use super::traits::*;
 
 lazy_static::lazy_static! {
-    static ref CONTEXT: secp256k1::Secp256k1<secp256k1::VerifyOnly> = secp256k1::Secp256k1::verification_only();
+    static ref CONTEXT: secp256k1::Secp256k1<secp256k1::All> = secp256k1::Secp256k1::new();
 
     static ref CURVE_ORDER: BigInt = BigInt::from_bytes(&constants::CURVE_ORDER);
 
@@ -448,6 +448,19 @@ impl ECPoint for Secp256k1Point {
         }
     }
 
+    fn generator_mul(scalar: &Self::Scalar) -> Self {
+        match &*scalar.fe {
+            Some(sk) => Secp256k1Point {
+                purpose: "generator_mul",
+                ge: Some(PK(PublicKey::from_secret_key(&CONTEXT, sk))),
+            },
+            None => Secp256k1Point {
+                purpose: "generator_mul",
+                ge: None,
+            },
+        }
+    }
+
     fn add_point(&self, other: &Self) -> Secp256k1Point {
         let ge1 = match &self.ge {
             Some(ge) => ge,

diff --git a/src/elliptic/curves/traits.rs b/src/elliptic/curves/traits.rs
@@ -158,6 +158,18 @@ pub trait ECPoint: Zeroize + Clone + PartialEq + fmt::Debug + 'static {
 
     /// Multiplies the point at scalar value
     fn scalar_mul(&self, scalar: &Self::Scalar) -> Self;
+    /// Multiplies curve generator at given scalar
+    ///
+    /// Basically, it's the same as `ECPoint::generator().scalar_mul(&s)`, but can be more efficient
+    /// because most curve libs have constant time high performance generator multiplication.
+    ///
+    /// ## Correctness
+    ///
+    /// Note that scalar is modulo [curve order](ECScalar::curve_order), so multiplying generator
+    /// at non-zero scalar **must** always produce non-zero point.
+    fn generator_mul(scalar: &Self::Scalar) -> Self {
+        Self::generator().scalar_mul(scalar)
+    }
     /// Adds two points
     fn add_point(&self, other: &Self) -> Self;
     /// Substrates `other` from `self`

diff --git a/src/elliptic/curves/wrappers.rs b/src/elliptic/curves/wrappers.rs
@@ -1111,19 +1111,19 @@ matrix! {
     pairs = {
         (_o<> Scalar<E>, Point<E>), (_o<> Scalar<E>, PointZ<E>),
         (_r<> Scalar<E>, &Point<E>), (_r<> Scalar<E>, &PointZ<E>),
-        (_r<'p> Scalar<E>, PointRef<'p, E>), /*(_r<> Scalar<E>, Generator<E>),*/
+        (_r<'p> Scalar<E>, PointRef<'p, E>),
 
         (_o<> ScalarZ<E>, Point<E>), (_o<> ScalarZ<E>, PointZ<E>),
         (_r<> ScalarZ<E>, &Point<E>), (_r<> ScalarZ<E>, &PointZ<E>),
-        (_r<'p> ScalarZ<E>, PointRef<'p, E>), (_r<> ScalarZ<E>, Generator<E>),
+        (_r<'p> ScalarZ<E>, PointRef<'p, E>),
 
         (_o<> &Scalar<E>, Point<E>), (_o<> &Scalar<E>, PointZ<E>),
         (_r<> &Scalar<E>, &Point<E>), (_r<> &Scalar<E>, &PointZ<E>),
-        (_r<'p> &Scalar<E>, PointRef<'p, E>), /*(_r<> &Scalar<E>, Generator<E>),*/
+        (_r<'p> &Scalar<E>, PointRef<'p, E>),
 
         (_o<> &ScalarZ<E>, Point<E>), (_o<> &ScalarZ<E>, PointZ<E>),
         (_r<> &ScalarZ<E>, &Point<E>), (_r<> &ScalarZ<E>, &PointZ<E>),
-        (_r<'p> &ScalarZ<E>, PointRef<'p, E>), (_r<> &ScalarZ<E>, Generator<E>),
+        (_r<'p> &ScalarZ<E>, PointRef<'p, E>),
 
         // --- and vice-versa ---
 
@@ -1141,9 +1141,6 @@ matrix! {
 
         (r_<'p> PointRef<'p, E>, Scalar<E>), (r_<'p> PointRef<'p, E>, ScalarZ<E>),
         (r_<'p> PointRef<'p, E>, &Scalar<E>), (r_<'p> PointRef<'p, E>, &ScalarZ<E>),
-
-        /*(r_<> Generator<E>, Scalar<E>),*/ (r_<> Generator<E>, ScalarZ<E>),
-        /*(r_<> Generator<E>, &Scalar<E>),*/ (r_<> Generator<E>, &ScalarZ<E>),
     }
 }
 
@@ -1207,7 +1204,7 @@ matrix! {
 impl<E: Curve> ops::Mul<&Scalar<E>> for Generator<E> {
     type Output = Point<E>;
     fn mul(self, rhs: &Scalar<E>) -> Self::Output {
-        Point::from_raw(self.as_raw().scalar_mul(&rhs.as_raw()))
+        Point::from_raw(E::Point::generator_mul(rhs.as_raw()))
             .expect("generator multiplied by non-zero scalar is always non-zero point")
     }
 }
@@ -1233,6 +1230,34 @@ impl<E: Curve> ops::Mul<Generator<E>> for Scalar<E> {
     }
 }
 
+impl<E: Curve> ops::Mul<&ScalarZ<E>> for Generator<E> {
+    type Output = PointZ<E>;
+    fn mul(self, rhs: &ScalarZ<E>) -> Self::Output {
+        PointZ::from_raw(E::Point::generator_mul(rhs.as_raw()))
+    }
+}
+
+impl<E: Curve> ops::Mul<ScalarZ<E>> for Generator<E> {
+    type Output = PointZ<E>;
+    fn mul(self, rhs: ScalarZ<E>) -> Self::Output {
+        self.mul(&rhs)
+    }
+}
+
+impl<E: Curve> ops::Mul<Generator<E>> for &ScalarZ<E> {
+    type Output = PointZ<E>;
+    fn mul(self, rhs: Generator<E>) -> Self::Output {
+        rhs.mul(self)
+    }
+}
+
+impl<E: Curve> ops::Mul<Generator<E>> for ScalarZ<E> {
+    type Output = PointZ<E>;
+    fn mul(self, rhs: Generator<E>) -> Self::Output {
+        rhs.mul(self)
+    }
+}
+
 impl<E: Curve> ops::Neg for Scalar<E> {
     type Output = Scalar<E>;
 
@@ -1289,6 +1314,14 @@ impl<'p, E: Curve> ops::Neg for PointRef<'p, E> {
     }
 }
 
+impl<E: Curve> ops::Neg for Generator<E> {
+    type Output = Point<E>;
+
+    fn neg(self) -> Self::Output {
+        Point::from_raw(self.as_raw().neg_point()).expect("neg must not produce zero point")
+    }
+}
+
 impl<E: Curve> ops::Neg for PointZ<E> {
     type Output = PointZ<E>;