🍴 Make verifyFields consume the Point publicKey

crypto/minaSchnorr.js

@@ -88,7 +88,7 @@ const signFields = (fields, privKey, pubKey) => {
  * @param {!Array<bigint>} fields
  * @param {bigint} r
  * @param {bigint} s
- * @param {!Point} pubKey
+ * @param {!Point} pubKey which is modified during the verification
  */
 const verifyFields = (fields, r, s, pubKey) => {
   /**
@@ -100,7 +100,7 @@ const verifyFields = (fields, r, s, pubKey) => {
    * s.G = K + pubKey.e
    * @const {!Point}
    */
-  const K = G.copy().multiply(s).increment(pubKey.copy().multiply(ne)).project();
+  const K = G.copy().multiply(s).increment(pubKey.multiply(ne)).project();
   return (K.y & 1n) == 0n && K.x == r;
 }
 
@@ -154,10 +154,12 @@ const signMessage = (message, privKey, pubKey) => {
 }
 
 /**
+ * Modifies the `pubKey` parameter.
+ *
  * @param {string} message
  * @param {bigint} r
  * @param {bigint} s
- * @param {!Point} pubKey
+ * @param {!Point} pubKey which is modified during verification
  */
 const verifyMessage = (message, r, s, pubKey) => {
   /**
@@ -169,7 +171,7 @@ const verifyMessage = (message, r, s, pubKey) => {
    * s.G = K + pubKey.e
    * @const {!Point}
    */
-  const K = G.copy().multiply(s).increment(pubKey.copy().multiply(ne)).project();
+  const K = G.copy().multiply(s).increment(pubKey.multiply(ne)).project();
   return (K.y & 1n) == 0n && K.x == r;
 }
 

crypto/modular.js

@@ -141,18 +141,15 @@ const tonelliShanks = (n, P, Q, c, M) => {
   let t = exp(n, (Q - 1n) >> 1n, P);
   /** @type {bigint} */
   let R = t * n % P;
-  t = t * R % P;
-  for (; t != 1n;) {
+  for (t = t * R % P; t != 1n; t = t * c % P) {
     let i = 0n;
     for (let tt = t; tt != 1n; ++i)
       tt = tt * tt % P;
-
     if (i == M) return null; // n is not a quadratic residue
     /** @type {bigint} */
     let b = exp(c, 1n << (M - i - 1n), P);
     M = i;
     c = b * b % P;
-    t *= c; t %= P;
     R *= b; R %= P;
   }
   return R;