From 9ba67dc544bf4c016bb076fb3a35db2656a4d9f3 Mon Sep 17 00:00:00 2001 From: Forostovec Date: Fri, 10 Oct 2025 14:33:46 +0300 Subject: [PATCH 1/2] fix(pairing): clarify Miller loop comment to reference P::ATE_LOOP_COUNT --- src/pairing/mnt4/mod.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/pairing/mnt4/mod.rs b/src/pairing/mnt4/mod.rs index 7eceefe..e1e853e 100644 --- a/src/pairing/mnt4/mod.rs +++ b/src/pairing/mnt4/mod.rs @@ -102,8 +102,9 @@ impl PairingVar

{ let mut add_idx: usize = 0; - // code below gets executed for all bits (EXCEPT the MSB itself) of - // mnt6_param_p (skipping leading zeros) in MSB to LSB order + // Iterate over P::ATE_LOOP_COUNT (signed in {-1, 0, 1}), skipping the MSB, + // in MSB-to-LSB order. Branches handle 1 and -1; a final correction is + // applied after the loop if P::ATE_IS_LOOP_COUNT_NEG. let y_over_twist_neg = &q.y_over_twist.negate()?; for (dbl_idx, bit) in P::ATE_LOOP_COUNT.iter().skip(1).enumerate() { let dc = &q.double_coefficients[dbl_idx]; From f3986cfc9d7f9eb500feb3c491ba7c5b196023e0 Mon Sep 17 00:00:00 2001 From: Forostovec Date: Fri, 10 Oct 2025 14:34:12 +0300 Subject: [PATCH 2/2] fix(pairing): clarify Miller loop comment to reference P::ATE_LOOP_COUNT --- src/pairing/mnt6/mod.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/pairing/mnt6/mod.rs b/src/pairing/mnt6/mod.rs index 3af1240..371b03d 100644 --- a/src/pairing/mnt6/mod.rs +++ b/src/pairing/mnt6/mod.rs @@ -97,8 +97,9 @@ impl PairingVar

{ let mut add_idx: usize = 0; - // code below gets executed for all bits (EXCEPT the MSB itself) of - // mnt6_param_p (skipping leading zeros) in MSB to LSB order + // Iterate over P::ATE_LOOP_COUNT (signed in {-1, 0, 1}), skipping the MSB, + // in MSB-to-LSB order. Branches handle 1 and -1; a final correction is + // applied after the loop if P::ATE_IS_LOOP_COUNT_NEG. let y_over_twist_neg = &q.y_over_twist.negate()?; for (dbl_idx, bit) in P::ATE_LOOP_COUNT.iter().skip(1).enumerate() { let dc = &q.double_coefficients[dbl_idx];