Merge #312: scalar: Add SECP256K1_SCALAR_VERIFY to zkp-specific function

real-or-random · real-or-random · commit ca68d08872fb · 2026-02-05T21:44:16.000+01:00
96a415b scalar: Port bitcoin-core/secp256k1#1393 to zkp-specific code (mllwchrry) Pull request description: Add the `SECP256K1_SCALAR_VERIFY` macro to the zkp-specific `secp256k1_scalar_set_u64` function. This was missed when upstream PRs bitcoin-core/secp256k1#1373 and bitcoin-core/secp256k1#1393 were merged. ACKs for top commit: real-or-random: ACK 96a415b Tree-SHA512: 4c3c6209e4c27bec7afc07398c9fc50aef7d44850fbbf5969ff4b57991279960c9645c8daeee5d78bee54dac7fe85bc3d9a01ba4b9deb761d574ae6221ef41c1
diff --git a/src/scalar_4x64_impl.h b/src/scalar_4x64_impl.h
@@ -51,6 +51,8 @@ SECP256K1_INLINE static void secp256k1_scalar_set_u64(secp256k1_scalar *r, uint6
     r->d[1] = 0;
     r->d[2] = 0;
     r->d[3] = 0;
+
+    SECP256K1_SCALAR_VERIFY(r);
 }
 
 SECP256K1_INLINE static uint32_t secp256k1_scalar_get_bits_limb32(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {
diff --git a/src/scalar_8x32_impl.h b/src/scalar_8x32_impl.h
@@ -73,6 +73,8 @@ SECP256K1_INLINE static void secp256k1_scalar_set_u64(secp256k1_scalar *r, uint6
     r->d[5] = 0;
     r->d[6] = 0;
     r->d[7] = 0;
+
+    SECP256K1_SCALAR_VERIFY(r);
 }
 
 SECP256K1_INLINE static uint32_t secp256k1_scalar_get_bits_limb32(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {
diff --git a/src/scalar_low_impl.h b/src/scalar_low_impl.h
@@ -30,7 +30,7 @@ SECP256K1_INLINE static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsig
 SECP256K1_INLINE static void secp256k1_scalar_set_u64(secp256k1_scalar *r, uint64_t v) {
     *r = v % EXHAUSTIVE_TEST_ORDER;
 
-    secp256k1_scalar_verify(r);
+    SECP256K1_SCALAR_VERIFY(r);
 }
 
 SECP256K1_INLINE static uint32_t secp256k1_scalar_get_bits_limb32(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {

Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,8 @@ SECP256K1_INLINE static void secp256k1_scalar_set_u64(secp256k1_scalar *r, uint6`
`51`	`51`	`r->d[1] = 0;`
`52`	`52`	`r->d[2] = 0;`
`53`	`53`	`r->d[3] = 0;`
	`54`	`+`
	`55`	`+ SECP256K1_SCALAR_VERIFY(r);`
`54`	`56`	`}`
`55`	`57`
`56`	`58`	`SECP256K1_INLINE static uint32_t secp256k1_scalar_get_bits_limb32(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {`
Original file line number	Diff line number	Diff line change
`@@ -73,6 +73,8 @@ SECP256K1_INLINE static void secp256k1_scalar_set_u64(secp256k1_scalar *r, uint6`
`73`	`73`	`r->d[5] = 0;`
`74`	`74`	`r->d[6] = 0;`
`75`	`75`	`r->d[7] = 0;`
	`76`	`+`
	`77`	`+ SECP256K1_SCALAR_VERIFY(r);`
`76`	`78`	`}`
`77`	`79`
`78`	`80`	`SECP256K1_INLINE static uint32_t secp256k1_scalar_get_bits_limb32(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ SECP256K1_INLINE static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsig`
`30`	`30`	`SECP256K1_INLINE static void secp256k1_scalar_set_u64(secp256k1_scalar *r, uint64_t v) {`
`31`	`31`	`*r = v % EXHAUSTIVE_TEST_ORDER;`
`32`	`32`
`33`		`- secp256k1_scalar_verify(r);`
	`33`	`+ SECP256K1_SCALAR_VERIFY(r);`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`SECP256K1_INLINE static uint32_t secp256k1_scalar_get_bits_limb32(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {`