Add secq256k1 Curve (lambdaclass#915)

* create secq256k1 curve

* save work. tests working

* change READMEs

* fix typo

* fix README

---------

Co-authored-by: Nicole <nicole@Nicoles-MacBook-Air.local>

Author: nicole-graus

README.md

@@ -95,6 +95,7 @@ List of symbols:
 | Vesta               | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :x:                | :heavy_check_mark: |
 | Bandersnatch        | 🏗️                 | :heavy_check_mark: | :x:                | :heavy_check_mark:  | :heavy_check_mark: |
 | secp256k1           | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark:  | :heavy_check_mark: |
+| secq256k1           | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :x:                | :x:                |
 | **STARKs**       | **Lambdaworks**     | **Arkworks** | **Halo2** | **gnark** | **Constantine** |
 | STARK Prover     | :heavy_check_mark:  | :x:          | :x:       | :x:       | :x:             |
 | CAIRO Prover     | 🏗️                  | :x:          | :x:       | :x:       | :x:             |

math/src/elliptic_curve/README.md

@@ -20,6 +20,7 @@ The following curves are currently supported:
 - [Vesta](https://github.com/lambdaclass/lambdaworks/tree/main/math/src/elliptic_curve/short_weierstrass/curves/vesta), useful for recursive SNARKs when used with Pallas.
 - [Starknet's curve](https://github.com/lambdaclass/lambdaworks/blob/main/math/src/elliptic_curve/short_weierstrass/curves/stark_curve.rs)
 - [secp256k1](./short_weierstrass/curves/secp256k1/curve.rs): Bitcoin's curve. The implementation is not constant time, so it cannot be used to sign messages!
+- [secq256k1](./short_weierstrass/curves/secq256k1/curve.rs): It has the same curve equation as secp256k1, a different generator and their order r and the modulus p are swapped. It uses ```secp256k1_scalarfield``` as a base field, which has modulus r.
 
 ## Twisted Edwards
 

math/src/elliptic_curve/short_weierstrass/curves/mod.rs

@@ -4,6 +4,7 @@ pub mod bn_254;
 pub mod grumpkin;
 pub mod pallas;
 pub mod secp256k1;
+pub mod secq256k1;
 pub mod stark_curve;
 pub mod test_curve_1;
 pub mod test_curve_2;

math/src/elliptic_curve/short_weierstrass/curves/secp256k1/curve.rs

@@ -123,8 +123,8 @@ mod tests {
         let y = g2_affine.y();
 
         // calculate both sides of secp256k1 curve equation
-        let five = Secp256k1Curve::b();
-        let y_sq_0 = x.pow(3_u16) + five;
+        let seven = Secp256k1Curve::b();
+        let y_sq_0 = x.pow(3_u16) + seven;
         let y_sq_1 = y.pow(2_u16);
 
         assert_eq!(y_sq_0, y_sq_1);

math/src/elliptic_curve/short_weierstrass/curves/secq256k1/curve.rs

@@ -0,0 +1,168 @@
+use crate::elliptic_curve::short_weierstrass::point::ShortWeierstrassProjectivePoint;
+use crate::elliptic_curve::traits::IsEllipticCurve;
+use crate::field::fields::secp256k1_scalarfield::Secp256k1ScalarField;
+use crate::{
+    elliptic_curve::short_weierstrass::traits::IsShortWeierstrass, field::element::FieldElement,
+};
+
+#[derive(Clone, Debug)]
+pub struct Secq256k1Curve;
+
+impl IsEllipticCurve for Secq256k1Curve {
+    type BaseField = Secp256k1ScalarField;
+    type PointRepresentation = ShortWeierstrassProjectivePoint<Self>;
+
+    fn generator() -> Self::PointRepresentation {
+        Self::PointRepresentation::new([
+            FieldElement::<Self::BaseField>::from_hex_unchecked(
+                "76C39F5585CB160EB6B06C87A2CE32E23134E45A097781A6A24288E37702EDA6",
+            ),
+            FieldElement::<Self::BaseField>::from_hex_unchecked(
+                "3FFC646C7B2918B5DC2D265A8E82A7F7D18983D26E8DC055A4120DDAD952677F",
+            ),
+            FieldElement::one(),
+        ])
+    }
+}
+
+impl IsShortWeierstrass for Secq256k1Curve {
+    fn a() -> FieldElement<Self::BaseField> {
+        FieldElement::from(0)
+    }
+
+    fn b() -> FieldElement<Self::BaseField> {
+        FieldElement::from(7)
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::{
+        cyclic_group::IsGroup, elliptic_curve::traits::EllipticCurveError,
+        field::element::FieldElement, unsigned_integer::element::U256,
+    };
+
+    use super::Secq256k1Curve;
+
+    #[allow(clippy::upper_case_acronyms)]
+    type FE = FieldElement<Secp256k1ScalarField>;
+
+    fn point_1() -> ShortWeierstrassProjectivePoint<Secq256k1Curve> {
+        let x = FE::from_hex_unchecked(
+            "76C39F5585CB160EB6B06C87A2CE32E23134E45A097781A6A24288E37702EDA6",
+        );
+        let y = FE::from_hex_unchecked(
+            "3FFC646C7B2918B5DC2D265A8E82A7F7D18983D26E8DC055A4120DDAD952677F",
+        );
+        Secq256k1Curve::create_point_from_affine(x, y).unwrap()
+    }
+
+    fn point_1_times_5() -> ShortWeierstrassProjectivePoint<Secq256k1Curve> {
+        let x = FE::from_hex_unchecked(
+            "8656a2c13dd0a3bfa362d2ff8c00281341ff3a79cbbe8857f2d20b398041a21a",
+        );
+        let y = FE::from_hex_unchecked(
+            "468ed8bcfcd4ed2b3bf154414b9e48d8c5ce54f6616846a7cf6a725f70d34a63",
+        );
+        let z = FE::from_hex_unchecked(
+            "bb26eae3d2b9603d98dff86d87175f442e539c07bbe4ef5712e47c4d72c89734",
+        );
+        ShortWeierstrassProjectivePoint::<Secq256k1Curve>::new([x, y, z])
+    }
+
+    #[test]
+    fn adding_five_times_point_1_works() {
+        let point_1 = point_1();
+        let point_1_times_5 = point_1_times_5();
+        assert_eq!(point_1.operate_with_self(5_u16), point_1_times_5);
+    }
+
+    #[test]
+    fn create_valid_point_works() {
+        let p = point_1();
+        assert_eq!(
+            *p.x(),
+            FE::from_hex_unchecked(
+                "76C39F5585CB160EB6B06C87A2CE32E23134E45A097781A6A24288E37702EDA6"
+            )
+        );
+        assert_eq!(
+            *p.y(),
+            FE::from_hex_unchecked(
+                "3FFC646C7B2918B5DC2D265A8E82A7F7D18983D26E8DC055A4120DDAD952677F"
+            )
+        );
+        assert_eq!(*p.z(), FE::from_hex_unchecked("1"));
+    }
+
+    #[test]
+    fn create_invalid_points_returns_an_error() {
+        assert_eq!(
+            Secq256k1Curve::create_point_from_affine(FE::from(0), FE::from(1)),
+            Err(EllipticCurveError::InvalidPoint)
+        );
+    }
+
+    #[test]
+    fn equality_works() {
+        let g = Secq256k1Curve::generator();
+        let g2 = g.operate_with_self(2_u16);
+        let g2_other = g.operate_with(&g);
+        assert_ne!(&g2, &g);
+        assert_eq!(&g, &g);
+        assert_eq!(&g2, &g2_other);
+    }
+
+    #[test]
+    fn g_operated_with_g_satifies_ec_equation() {
+        let g = Secq256k1Curve::generator();
+        let g2 = g.operate_with_self(2_u16);
+
+        // get x and y from affine coordinates
+        let g2_affine = g2.to_affine();
+        let x = g2_affine.x();
+        let y = g2_affine.y();
+
+        // calculate both sides of secq256k1 curve equation
+        let seven = Secq256k1Curve::b();
+        let y_sq_0 = x.pow(3_u16) + seven;
+        let y_sq_1 = y.pow(2_u16);
+
+        assert_eq!(y_sq_0, y_sq_1);
+    }
+
+    #[test]
+    fn operate_with_self_works() {
+        let g = Secq256k1Curve::generator();
+        assert_eq!(
+            g.operate_with(&g).operate_with(&g),
+            g.operate_with_self(3_u16)
+        );
+    }
+
+    #[test]
+    fn generator_has_right_order() {
+        let g = Secq256k1Curve::generator();
+        assert_eq!(
+            g.operate_with_self(U256::from_hex_unchecked(
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F"
+            ))
+            .to_affine(),
+            ShortWeierstrassProjectivePoint::neutral_element()
+        );
+    }
+
+    #[test]
+    /// (r - 5)g = rg - 5g = 0 - 5g = -5g
+    fn inverse_works() {
+        let g = Secq256k1Curve::generator();
+        assert_eq!(
+            g.operate_with_self(U256::from_hex_unchecked(
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2A"
+            ))
+            .to_affine(),
+            g.operate_with_self(5u64).neg().to_affine()
+        );
+    }
+}

math/src/elliptic_curve/short_weierstrass/curves/secq256k1/mod.rs

@@ -0,0 +1 @@
+pub mod curve;