ed25519: fix avx512 precompute

0x0ece · 0x0ece · commit d2d03d7b890f · 2025-11-20T14:07:46.000-08:00
diff --git a/src/ballet/ed25519/avx512/fd_curve25519.h b/src/ballet/ed25519/avx512/fd_curve25519.h
@@ -135,7 +135,7 @@ fd_curve25519_into_precomputed( fd_ed25519_point_t * r ) {
   FD_R43X6_QUAD_PERMUTE      ( _ta, 1,0,2,3, r->P );            /* _ta = (Y1,   X1,   Z1,   T1   ), s61|s61|s61|s61 */
   FD_R43X6_QUAD_LANE_SUB_FAST( _ta, _ta, 1,0,0,0, _ta, r->P );  /* _ta = (Y1-X1,X1,   Z1,   T1   ), s62|s61|s61|s61 */
   FD_R43X6_QUAD_LANE_ADD_FAST( _ta, _ta, 0,1,0,0, _ta, r->P );  /* _ta = (Y1-X1,Y1+X1,Z1,   T1   ), s62|s62|s61|s61 */
-  FD_R43X6_QUAD_FOLD_UNSIGNED( r->P, _ta );                     /*   r = (Y1-X1,Y1+X1,Z1,   T1   ), u44|u44|u44|u44 */
+  FD_R43X6_QUAD_FOLD_SIGNED  ( r->P, _ta );                     /*   r = (Y1-X1,Y1+X1,Z1,   T1   ), u44|u44|u44|u44 */
 
   FD_R43X6_QUAD_DECL         ( _1112d );
   FD_R43X6_QUAD_1112d        ( _1112d );
diff --git a/src/ballet/ed25519/test_ed25519.c b/src/ballet/ed25519/test_ed25519.c
@@ -841,6 +841,41 @@ test_point_sub( fd_rng_t * rng FD_PARAM_UNUSED ) {
   }
 }
 
+static void
+test_point_mul( fd_rng_t * rng FD_PARAM_UNUSED ) {
+  uchar _bufa[32]; uchar * bufa = _bufa;
+  uchar _bufn[32]; uchar * bufn = _bufn;
+  uchar _bufr[32]; uchar * bufr = _bufr;
+  uchar _bufe[32]; uchar * bufe = _bufe;
+
+  fd_ed25519_point_t a[1];
+  fd_ed25519_point_t r[1];
+  fd_ed25519_point_t e[1];
+
+  {
+    fd_hex_decode( bufa, "0000000000000000003b0000e8e8e8000000000000000000000000000000ffff", 32 );
+    fd_hex_decode( bufn, "005d0000000000000000000000000000000000000000000015b6b6b6b6000000", 32 );
+    fd_hex_decode( bufe, "7b1e1037cbe6e84f922a9b0651ed50570530d6157853debba755d5904021740e", 32 );
+
+    FD_TEST( fd_ed25519_scalar_validate( bufn ) );
+    FD_TEST( fd_ed25519_point_frombytes( a, bufa ) );
+
+    FD_TEST( fd_ed25519_point_frombytes( e, bufe ) );
+    {
+      fd_ed25519_point_tobytes( bufr, a );
+      FD_TEST( fd_memeq( bufr, bufa, 32UL ) );
+    }
+
+    fd_ed25519_scalar_mul( r, bufn, a );
+    fd_ed25519_point_tobytes( bufr, r );
+
+    // FD_LOG_HEXDUMP_WARNING(( "bufr", bufr, 32 ));
+    // FD_LOG_HEXDUMP_WARNING(( "bufe", bufe, 32 ));
+
+    FD_TEST( fd_memeq( bufr, bufe, 32UL ) );
+  }
+}
+
 /**********************************************************************/
 
 void
@@ -1300,6 +1335,7 @@ main( int     argc,
   test_point_validate( rng );
   test_point_frombytes( rng );
   test_point_sub( rng );
+  test_point_mul( rng );
 
   test_sc_validate  ( rng );
   test_sc_reduce    ( rng );
