diff --git a/main/ecrecover/FNSECP256K1/invFnSecp256k1.zkasm b/main/ecrecover/FNSECP256K1/invFnSecp256k1.zkasm deleted file mode 100644 index 98d4172a..00000000 --- a/main/ecrecover/FNSECP256K1/invFnSecp256k1.zkasm +++ /dev/null @@ -1,33 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: A is not alias-free -;; POST: The result B is not alias-free (on MAP) -;; -;; invFnSecp256k1: -;; in: A -;; out: B = A⁻¹ (mod n) -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; RESOURCES: -; 2 ariths + 9 steps - -VAR GLOBAL invFnSecp256k1_tmp - -invFnSecp256k1: - - ; 1] Compute and check the inverse over Z - ; A·A⁻¹ + 0 = [D]·2²⁵⁶ + [E] - 0 => C - ${var _invFnSecp256k1_A = inverseFnEc(A)} => B :MSTORE(invFnSecp256k1_tmp) - $${var _invFnSecp256k1_AB = A * _invFnSecp256k1_A} - ${_invFnSecp256k1_AB >> 256} => D - ${_invFnSecp256k1_AB} => E :ARITH - - ; 2] Check it over Fn, that is, it must be satisfied that: - ; n·[(A·A⁻¹) / n] + 1 = D·2²⁵⁶ + E - %SECP256K1_N => A - ${_invFnSecp256k1_AB / const.SECP256K1_N} => B - 1 => C - E :ARITH - - $ => B :MLOAD(invFnSecp256k1_tmp), RETURN \ No newline at end of file diff --git a/main/ecrecover/FNSECP256K1/mulFnSecp256k1.zkasm b/main/ecrecover/FNSECP256K1/mulFnSecp256k1.zkasm deleted file mode 100644 index 0397c966..00000000 --- a/main/ecrecover/FNSECP256K1/mulFnSecp256k1.zkasm +++ /dev/null @@ -1,28 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: A,B are not alias-free -;; POST: The result C is not alias-free (on MAP) -;; -;; mulFnSecp256k1: -;; in: A,B -;; out: C = A·B (mod n) -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; RESOURCES: -; 2 arith + 7 steps - -mulFnSecp256k1: - - ; 1] Compute and check the multiplication over Z - ; A·B + 0 = [D]·2²⁵⁶ + [E] - 0 => C - $${var _mulFnSecp256k1_AB = A * B} - ${_mulFnSecp256k1_AB >> 256} => D - ${_mulFnSecp256k1_AB} => E :ARITH - - ; 2] Check it over Fn, that is, it must be satisfied that: - ; n·[(A·B) / n] + [(A·B) % n] = D·2²⁵⁶ + E - %SECP256K1_N => A - ${_mulFnSecp256k1_AB / const.SECP256K1_N} => B ; quotient (256 bits) - ${_mulFnSecp256k1_AB % const.SECP256K1_N} => C ; residue (256 bits) - E :ARITH, RETURN \ No newline at end of file diff --git a/main/ecrecover/FPSECP256K1/addFpSecp256k1.zkasm b/main/ecrecover/FPSECP256K1/addFpSecp256k1.zkasm deleted file mode 100644 index 0d94da0e..00000000 --- a/main/ecrecover/FPSECP256K1/addFpSecp256k1.zkasm +++ /dev/null @@ -1,29 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: A,C are not alias-free -;; POST: The result C is not alias-free (on MAP) -;; -;; addFpSecp256k1: -;; in: A,C -;; out: C = A + C (mod p) -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; RESOURCES: -; 2 ariths + 7 steps - -addFpSecp256k1: - - ; 1] Compute and check the sum over Z - ; A·[1] + C = [D]·2²⁵⁶ + [E] - 1 => B - $${var _addFpSecp256k1_AC = A + C} - ${_addFpSecp256k1_AC >> 256} => D - ${_addFpSecp256k1_AC} => E :ARITH - - ; 2] Check it over Fp, that is, it must be satisfied that: - ; p·[(A+C) / p] + [(A+C) % p] = D·2²⁵⁶ + E - %SECP256K1_P => A - ${_addFpSecp256k1_AC / const.SECP256K1_P} => B ; quotient (256 bits) - ${_addFpSecp256k1_AC % const.SECP256K1_P} => C ; residue (256 bits) - - E :ARITH, RETURN \ No newline at end of file diff --git a/main/ecrecover/FPSECP256K1/assertNQRFpSecp256k1.zkasm b/main/ecrecover/FPSECP256K1/assertNQRFpSecp256k1.zkasm new file mode 100644 index 00000000..980ad4d7 --- /dev/null +++ b/main/ecrecover/FPSECP256K1/assertNQRFpSecp256k1.zkasm @@ -0,0 +1,3807 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; PRE: C is not alias free +;; +;; assertNQRFpSecp256k1: +;; in: C +;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This function is using Euler's criterion pow(C, (p-1)/2) == -1 to determine that a given number is not a quadratic residue modulo p + +; Efficiency of the exponentiation: +; (p-1)/2 = 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffff7ffffe17 +; (*) 222 x 1, 1 x 1, 22 x 1, 4 x 1, 1 x 1, 1 x 1, 3 x 1 +; (*) 222 x SM, 1 x S, 22 x SM, 4 x S, 1 x SM, 1 x S, 3 x SM (S=square M=multiplication) +; BLOCK: 1 2 3 4 5 6 7 +; (*) 222 + initial initialization + +VAR GLOBAL assertNQRFpSecp256k1_base + +assertNQRFpSecp256k1: + ; RESOURCES: + ; SM: 248 x (3 steps + 1 arith + 4 steps + 1 arith) = 1736 steps + 496 ariths + ; S: 6 x (3 step + 1 arith) = 18 steps + 6 ariths + ; Rem: 7 steps + 1 binary + ; TOTAL = 1761 steps + 1 binary + 502 ariths + + C :MSTORE(assertNQRFpSecp256k1_base) + + ; Set the modulus + %SECP256K1_P => D + + ; === BLOCK1: 1/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 2/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 3/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 4/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 5/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 6/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 7/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 8/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 9/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 10/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 11/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 12/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 13/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 14/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 15/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 16/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 17/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 18/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 19/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 20/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 21/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 22/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 23/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 24/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 25/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 26/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 27/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 28/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 29/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 30/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 31/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 32/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 33/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 34/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 35/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 36/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 37/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 38/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 39/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 40/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 41/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 42/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 43/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 44/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 45/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 46/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 47/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 48/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 49/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 50/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 51/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 52/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 53/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 54/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 55/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 56/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 57/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 58/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 59/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 60/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 61/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 62/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 63/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 64/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 65/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 66/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 67/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 68/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 69/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 70/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 71/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 72/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 73/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 74/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 75/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 76/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 77/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 78/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 79/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 80/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 81/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 82/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 83/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 84/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 85/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 86/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 87/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 88/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 89/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 90/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 91/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 92/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 93/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 94/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 95/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 96/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 97/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 98/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 99/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 100/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 101/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 102/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 103/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 104/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 105/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 106/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 107/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 108/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 109/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 110/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 111/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 112/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 113/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 114/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 115/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 116/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 117/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 118/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 119/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 120/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 121/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 122/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 123/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 124/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 125/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 126/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 127/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 128/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 129/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 130/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 131/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 132/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 133/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 134/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 135/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 136/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 137/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 138/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 139/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 140/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 141/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 142/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 143/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 144/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 145/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 146/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 147/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 148/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 149/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 150/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 151/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 152/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 153/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 154/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 155/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 156/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 157/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 158/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 159/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 160/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 161/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 162/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 163/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 164/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 165/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 166/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 167/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 168/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 169/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 170/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 171/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 172/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 173/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 174/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 175/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 176/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 177/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 178/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 179/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 180/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 181/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 182/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 183/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 184/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 185/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 186/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 187/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 188/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 189/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 190/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 191/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 192/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 193/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 194/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 195/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 196/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 197/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 198/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 199/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 200/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 201/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 202/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 203/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 204/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 205/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 206/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 207/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 208/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 209/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 210/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 211/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 212/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 213/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 214/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 215/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 216/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 217/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 218/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 219/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 220/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 221/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK1: 222/222 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + + + ; === BLOCK2: 1/1 S === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + + + ; === BLOCK3: 1/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 2/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 3/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 4/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 5/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 6/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 7/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 8/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 9/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 10/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 11/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 12/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 13/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 14/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 15/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 16/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 17/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 18/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 19/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 20/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 21/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK3: 22/22 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + + ; === BLOCK4: 1/4 S === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK4: 2/4 S === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK4: 3/4 S === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK4: 4/4 S === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + + ; === BLOCK5: 1/1 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + + ; === BLOCK6: 1 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK7: 1/3 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK7: 2/3 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; === BLOCK7: 3/3 SM === + + ; Square: + ; C·C + 0 = op (mod SECP256K1_P) + C => A,B + 0 => C + ${(A*B) % D} => C :ARITH_MOD + + ; Multiply: + ; A·B + 0 = op (mod SECP256K1_P) + $ => A :MLOAD(assertNQRFpSecp256k1_base) + C => B + 0 => C + ${(A*B) % D} => A :ARITH_MOD + + %SECP256K1_P_MINUS_ONE :ASSERT, RETURN \ No newline at end of file diff --git a/main/ecrecover/FPSECP256K1/checkSqrtFpSecp256k1.zkasm b/main/ecrecover/FPSECP256K1/checkSqrtFpSecp256k1.zkasm deleted file mode 100644 index 4c0b80cc..00000000 --- a/main/ecrecover/FPSECP256K1/checkSqrtFpSecp256k1.zkasm +++ /dev/null @@ -1,1564 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: C is not alias free -;; POST: A ∈ {0,1} -;; -;; checkSqrtFpSecp256k1: -;; in: C -;; out: -;; · C = pow(C, (p-1)/2) ∈ {-1,0,1} -;; · A ∈ {0,1}: -;; * C == -1 ==> C hasn't root ==> A = 1 -;; * C ∈ {0,1} ==> C has root or C = 0 (mod p) ==> A = 0 -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This function is using Euler's criterion to determine if a given number is a quadratic residue modulo p - -; Efficiency of the exponentiation: -; (p-1)/2 = 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffff7ffffe17 -; (*) 222 x 1, 1 x 0, 22 x 1, 4 x 0, 1 x 1, 1 x 0, 3 x 1 -; (*) 222 x SM, S, 22 x SM, 4 x S, 1 x SM, 1 x S, 3 x SM (S=square M=multiplication) -; BLOCK: 1 2 3 4 5 6 7 -; (*) 222 + initial initialization - -VAR GLOBAL checkSqrtFpSecp256k1_base -VAR GLOBAL checkSqrtFpSecp256k1_RR - -checkSqrtFpSecp256k1: - ; RESOURCES: - ; 248 x (3 steps + 2 arith + 8 steps + 2 arith + 7 steps) = 992 ariths + 4464 steps - ; 6 x (1 step + 2 arith + 8 steps) = 12 ariths + 54 steps - ; 6 steps + 1 binary - ; TOTAL = 1004 ariths + 1 binary + 4524 steps - - RR :MSTORE(checkSqrtFpSecp256k1_RR) - C :MSTORE(checkSqrtFpSecp256k1_base) - - ; === BLOCK1: 1/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 2/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 3/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 4/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 5/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 6/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 7/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 8/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 9/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 10/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 11/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 12/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 13/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 14/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 15/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 16/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 17/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 18/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 19/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 20/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 21/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 22/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 23/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 24/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 25/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 26/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 27/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 28/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 29/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 30/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 31/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 32/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 33/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 34/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 35/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 36/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 37/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 38/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 39/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 40/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 41/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 42/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 43/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 44/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 45/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 46/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 47/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 48/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 49/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 50/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 51/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 52/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 53/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 54/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 55/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 56/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 57/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 58/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 59/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 60/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 61/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 62/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 63/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 64/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 65/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 66/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 67/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 68/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 69/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 70/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 71/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 72/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 73/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 74/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 75/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 76/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 77/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 78/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 79/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 80/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 81/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 82/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 83/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 84/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 85/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 86/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 87/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 88/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 89/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 90/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 91/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 92/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 93/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 94/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 95/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 96/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 97/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 98/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 99/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 100/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 101/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 102/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 103/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 104/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 105/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 106/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 107/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 108/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 109/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 110/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 111/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 112/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 113/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 114/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 115/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 116/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 117/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 118/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 119/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 120/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 121/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 122/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 123/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 124/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 125/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 126/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 127/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 128/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 129/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 130/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 131/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 132/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 133/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 134/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 135/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 136/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 137/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 138/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 139/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 140/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 141/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 142/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 143/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 144/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 145/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 146/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 147/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 148/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 149/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 150/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 151/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 152/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 153/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 154/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 155/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 156/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 157/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 158/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 159/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 160/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 161/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 162/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 163/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 164/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 165/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 166/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 167/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 168/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 169/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 170/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 171/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 172/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 173/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 174/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 175/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 176/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 177/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 178/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 179/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 180/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 181/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 182/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 183/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 184/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 185/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 186/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 187/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 188/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 189/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 190/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 191/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 192/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 193/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 194/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 195/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 196/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 197/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 198/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 199/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 200/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 201/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 202/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 203/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 204/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 205/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 206/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 207/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 208/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 209/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 210/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 211/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 212/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 213/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 214/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 215/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 216/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 217/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 218/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 219/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 220/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 221/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK1: 222/222 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - - - ; === BLOCK2: 1/1 SM === - - :CALL(squareFpSecp256k1) - - - - ; === BLOCK3: 1/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 2/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 3/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 4/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 5/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 6/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 7/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 8/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 9/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 10/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 11/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 12/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 13/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 14/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 15/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 16/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 17/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 18/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 19/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 20/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 21/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK3: 22/22 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - - ; === BLOCK4: 1/4 S === - - :CALL(squareFpSecp256k1) - - ; === BLOCK4: 2/4 S === - - :CALL(squareFpSecp256k1) - - ; === BLOCK4: 3/4 S === - - :CALL(squareFpSecp256k1) - - ; === BLOCK4: 4/4 S === - - :CALL(squareFpSecp256k1) - - - ; === BLOCK5: 1/1 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - - ; === BLOCK6: 1 SM === - - :CALL(squareFpSecp256k1) - - ; === BLOCK7: 1/3 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK7: 2/3 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; === BLOCK7: 3/3 SM === - - :CALL(squareFpSecp256k1) - $ => A :MLOAD(checkSqrtFpSecp256k1_base) - C => B :CALL(mulFpSecp256k1) - - ; Check if the result C = -1 (mod p) = p - 1 - %SECP256K1_P_MINUS_ONE => A - C => B - $ => RR :MLOAD(checkSqrtFpSecp256k1_RR) - - ; C == -1 ==> C hasn't root ==> A = 1 - ; C ∈ {0,1} ==> C has root or C = 0 (mod p) ==> A = 0 - - $ => A :EQ, RETURN \ No newline at end of file diff --git a/main/ecrecover/FPSECP256K1/invFpSecp256k1.zkasm b/main/ecrecover/FPSECP256K1/invFpSecp256k1.zkasm deleted file mode 100644 index 6a7250eb..00000000 --- a/main/ecrecover/FPSECP256K1/invFpSecp256k1.zkasm +++ /dev/null @@ -1,33 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: A is not alias-free -;; POST: The result B is not alias-free (on MAP) -;; -;; invFpSecp256k1: -;; in: A -;; out: B = A⁻¹ (mod p) -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; RESOURCES: -; 2 ariths + 9 steps - -VAR GLOBAL invFpSecp256k1_tmp - -invFpSecp256k1: - - ; 1] Compute and check the inverse over Z - ; A·A⁻¹ + 0 = [D]·2²⁵⁶ + [E] - 0 => C - ${var _invFpSecp256k1_A = inverseFpEc(A)} => B :MSTORE(invFpSecp256k1_tmp); - $${var _invFpSecp256k1_AB = A * _invFpSecp256k1_A} - ${_invFpSecp256k1_AB >> 256} => D - ${_invFpSecp256k1_AB} => E :ARITH - - ; 2] Check it over Fp, that is, it must be satisfied that: - ; p·[(A·A⁻¹) / p] + 1 = D·2²⁵⁶ + E - %SECP256K1_P => A - ${_invFpSecp256k1_AB / const.SECP256K1_P} => B ; quotient (256 bits) - 1 => C ; residue (1 bit) - E :ARITH - - $ => B :MLOAD(invFpSecp256k1_tmp), RETURN \ No newline at end of file diff --git a/main/ecrecover/FPSECP256K1/mulFpSecp256k1.zkasm b/main/ecrecover/FPSECP256K1/mulFpSecp256k1.zkasm deleted file mode 100644 index fa60f5ee..00000000 --- a/main/ecrecover/FPSECP256K1/mulFpSecp256k1.zkasm +++ /dev/null @@ -1,28 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: A,B are not alias-free -;; POST: The result C is not alias-free (on MAP) -;; -;; mulFpSecp256k1: -;; in: A,B -;; out: C = A·B (mod p) -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; RESOURCES: -; 2 arith + 7 steps - -mulFpSecp256k1: - - ; 1] Compute and check the multiplication over Z - ; A·B + 0 = [D]·2²⁵⁶ + [E] - 0 => C - $${var _mulFpSecp256k1_AB = A * B} - ${_mulFpSecp256k1_AB >> 256} => D - ${_mulFpSecp256k1_AB} => E :ARITH - - ; 2] Check it over Fp, that is, it must be satisfied that: - ; p·[(A·B) / p] + [(A·B) % p] = D·2²⁵⁶ + E - %SECP256K1_P => A - ${_mulFpSecp256k1_AB / const.SECP256K1_P} => B ; quotient (256 bits) - ${_mulFpSecp256k1_AB % const.SECP256K1_P} => C ; residue (256 bits) - E :ARITH, RETURN \ No newline at end of file diff --git a/main/ecrecover/FPSECP256K1/sqrtFpSecp256k1.zkasm b/main/ecrecover/FPSECP256K1/sqrtFpSecp256k1.zkasm index 5420564d..c5b271c5 100644 --- a/main/ecrecover/FPSECP256K1/sqrtFpSecp256k1.zkasm +++ b/main/ecrecover/FPSECP256K1/sqrtFpSecp256k1.zkasm @@ -2,57 +2,37 @@ ;; PRE: A = [0,1] and C is not alias-free ;; POST: The result C is alias-free ;; -;; mulFpSecp256k1: +;; sqrtFpSecp256k1: ;; in: A,C, where A indicates the parity of the result ;; out: -;; · B = 1 or 0, depending on whether C has square root or not -;; · C = √C or -√C (mod p), if B = 1 +;; · C = 0 or 1, depending on whether C has square root or not +;; · B = √C or -√C (mod p), if C = 0 ;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; RESOURCES: -; with sqrt: 2 arith + 1 binary + 15 steps -; without sqrt: 1 binary + 5 steps -; TOTAL (worst case): 2 arith + 1 binary + 15 steps - -VAR GLOBAL sqrtFpSecp256k1_tmp -VAR GLOBAL sqrtFpSecp256k1_res +; with sqrt: 1 arith + 1 binary + 7 steps +; without sqrt: 1 binary + 4 steps +; TOTAL (worst case): 1 arith + 1 binary + 7 steps sqrtFpSecp256k1: - C :MSTORE(sqrtFpSecp256k1_tmp) - ; start by free-inputing the square root of the input C ; taking the positive one if A = 1, and the negative one if A = 0 - ${var _sqrtFpSecp256k1_sqrt = sqrtFpEcParity(C,A)} => A,C :MSTORE(sqrtFpSecp256k1_res) + ${var _sqrtFpSecp256k1_sqrt = sqrtFpEcParity(C,A)} => A ; In this point we check whether A is LT than SECP256K1_P since, otherwise, either: - ; a) A doesn't have square root. 0 is returned in B. - ; b) A contains an alias, it's a MAP. 0 is returned in B. In this case, the proof cannot - ; be generated because we check in checkSqrtFpSecp256k1 if the root actually exists. + ; a) A doesn't have square root. 1 is returned in C. + ; b) A contains an alias, it's a MAP. 1 is returned in C. In this case, the proof cannot + ; be generated because we check in assertNQRFpSecp256k1 if the root actually exists. %SECP256K1_P => B - $ => B :LT, JMPNC(sqrtFpSecp256k1_NoRoot) - ; From here, A,C < SECP256K1_P + $ :LT, JMPNC(sqrtFpSecp256k1_NoRoot) + ; From here, A,C < SECP256K1_P, which means that the root exists and it's alias-free - ; 1] Compute and check the square over Z - ; √C·√C + 0 = [D]·2²⁵⁶ + [E] + ; √C·√C + 0 = C (mod SECP256K1_P) A => B 0 => C - $${var _sqrtFpSecp256k1_sq = _sqrtFpSecp256k1_sqrt * _sqrtFpSecp256k1_sqrt } - ${_sqrtFpSecp256k1_sq >> 256} => D - ${_sqrtFpSecp256k1_sq} => E :ARITH - - - ; 2] Check it over Fp, that is, it must be satisfied that: - ; p·[(√C·√C) / p] + C = D·2²⁵⁶ + E - %SECP256K1_P => A - ${_sqrtFpSecp256k1_sq / const.SECP256K1_P} => B ; quotient (256 bits) - $ => C :MLOAD(sqrtFpSecp256k1_tmp) ; residue (256 bits) - E :ARITH - - ; the result is guaranteed to be < SECP256K1_P, so we can skip the check - - 1 => B - $ => C :MLOAD(sqrtFpSecp256k1_res), RETURN + %SECP256K1_P => D + ${(A*B) % D} => E :ARITH_MOD, RETURN sqrtFpSecp256k1_NoRoot: - :RETURN \ No newline at end of file + 1 => C :RETURN \ No newline at end of file diff --git a/main/ecrecover/FPSECP256K1/squareFpSecp256k1.zkasm b/main/ecrecover/FPSECP256K1/squareFpSecp256k1.zkasm deleted file mode 100644 index 507a7f0a..00000000 --- a/main/ecrecover/FPSECP256K1/squareFpSecp256k1.zkasm +++ /dev/null @@ -1,30 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: C is not alias-free -;; POST: The result C is not alias-free (on MAP) -;; -;; squareFpSecp256k1: -;; in: C -;; out: C = C·C (mod p) -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; RESOURCES: -; 2 arith + 8 steps - -squareFpSecp256k1: - - ; 1] Compute and check the square over Z - ; A·A + 0 = [D]·2²⁵⁶ + [E] - C => A,B - 0n => C - $${var _squareFpSecp256k1_AA = A * A} - ${_squareFpSecp256k1_AA >> 256} => D - ${_squareFpSecp256k1_AA} => E :ARITH - - ; 2] Check it over Fp, that is, it must be satisfied that: - ; p·[A² / p] + [A² % p] = D·2²⁵⁶ + E - ${_squareFpSecp256k1_AA / const.SECP256K1_P} => B ; quotient (256 bits) - ${_squareFpSecp256k1_AA % const.SECP256K1_P} => C ; residue (256 bits) - %SECP256K1_P => A - - E :ARITH, RETURN \ No newline at end of file diff --git a/main/ecrecover/dblScalarMulSecp256k1.zkasm b/main/ecrecover/dblScalarMulSecp256k1.zkasm index fddd7a01..60590b7e 100644 --- a/main/ecrecover/dblScalarMulSecp256k1.zkasm +++ b/main/ecrecover/dblScalarMulSecp256k1.zkasm @@ -1,5 +1,6 @@ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; PRE: p1 = (p1_x, p1_y), p2 = (p2_x, p2_y) are in E(Fp)\{𝒪} and p1_x,p1_y,p2_x,p2_y,k1,k2 are alias-free +;; Moreover, k1 and k2 cannot be zero at the same time ;; POST: The resulting coordinates p3_x,p3_y are alias-free and variable p3_is_zero ∈ {0,1} ;; ;; dblScalarMulSecp256k1: @@ -27,11 +28,10 @@ VAR GLOBAL dblScalarMulSecp256k1_p3_y VAR GLOBAL dblScalarMulSecp256k1_p12_x VAR GLOBAL dblScalarMulSecp256k1_p12_y -; flag to indicate whether the resulting point p3 is the point at infinity -VAR GLOBAL dblScalarMulSecp256k1_p3_is_zero +; flag to indicate whether the accumulated point p3 is the point at infinity +VAR GLOBAL dblScalarMulSecp256k1_p3_zero -; dblScalarMulSecp256k1_p12_zero = 1 ==> p12 is the point at infinity -; dblScalarMulSecp256k1_p12_zero = 0 ==> p12 isn't the point at infinity +; flag to indicate whether p1+p2 is the point at infinity VAR GLOBAL dblScalarMulSecp256k1_p12_zero ; acummulators @@ -43,29 +43,31 @@ VAR GLOBAL dblScalarMulSecp256k1_RR VAR GLOBAL dblScalarMulSecp256k1_RCX ; RESOURCES (k1,k2): -; 1 arith + 19 steps // setup, calculation p12 -; + number_of_bits_1(k1|k2) * arith // additions -; + max_bin_len(k1,k2) * arith // doubles -; + max_bin_len(k1,k2)/32 * 29 steps // additions + doubles (steps, worst case) -; + (256 - max_bin_len(k1,k2)/32) * 24 steps // additions + doubles (steps, worst case) -; + 8 steps + 2 bin // last part +; 1 arith + 19 steps // setup, calculation p12 +; + number_of_bits_1(k1|k2) * arith // additions +; + max_bin_len(k1,k2) * arith // doubles +; + max_bin_len(k1,k2)/32 * 27 steps // additions + doubles (steps, worst case) +; + (256 - max_bin_len(k1,k2)/32) * 22 steps // additions + doubles (steps, worst case) +; + 6 steps // last part ; ; -; RESOURCES (worst case): 513 arith + 2 binaries + 6239 steps // 20 + 256/32 * 29 + (256 - 256/32) * 24 + 8 = 6212 +; RESOURCES (worst case): 513 arith + 5697 steps // 19 + 256/32 * 27 + (256 - 256/32) * 22 + 6 = 5697 dblScalarMulSecp256k1: RR :MSTORE(dblScalarMulSecp256k1_RR) - RCX :MSTORE(dblScalarMulSecp256k1_RCX) + RCX :MSTORE(dblScalarMulSecp256k1_RCX) + + ; receive the maximum length between the binary representations of k1 and k2 + ; Note that: 0 <= max(len(k1),len(k2)) <= 255 + $BYTE{receiveLen(mem.dblScalarMulSecp256k1_k1, mem.dblScalarMulSecp256k1_k2)} => RR - $0{receiveLen(mem.dblScalarMulSecp256k1_k1, mem.dblScalarMulSecp256k1_k2)} => RR ; receive the maximum length between the binary - ; representations of k1 and k2 ; start the acummulator of k1 and k2 - 0 => RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) + 0 => RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) 0 => HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) ; Initialize p3 = 𝒪 (it is symbolic, so we use a variable) - 1n :MSTORE(dblScalarMulSecp256k1_p3_is_zero) + 1n :MSTORE(dblScalarMulSecp256k1_p3_zero) ; Start by precomputing P1 + P2 $ => A :MLOAD(dblScalarMulSecp256k1_p1_x) @@ -91,15 +93,16 @@ dblScalarMulSecp256k1: ; x must be distinct from 0, because the square root of 7 doesn't exist (y² = x³ + 7) ; y must be distinct from 0, because the cubic root of -7 doesn't exist (y² = x³ + 7) + ; check p1_y + p2_y = SECP256K1_P B => A ; A = p1_y 1 => B D => C ; C = p2_y - 0 => D ; check p1_y * 1 + p2_y = 0 * 2^256 * 0 + SECP256K1_P + 0 => D %SECP256K1_P :ARITH ; We have p2 == -p1 ; p12 = p1 - p1 = 𝒪, therefore is the point at infinity - 1n :MSTORE(dblScalarMulSecp256k1_p12_zero), JMP(dblScalarMulSecp256k1_loop) + 1n :MSTORE(dblScalarMulSecp256k1_p12_zero), JMP(dblScalarMulSecp256k1_loop_fi) ; [steps: 19, arith: 1] dblScalarMulSecp256k1SameInitialPoints: @@ -116,7 +119,7 @@ dblScalarMulSecp256k1SameInitialPoints: ; B == p1_y ; (A,B) * 2 = (E, op) ${xDblPointEc(A,B)} => E :MSTORE(dblScalarMulSecp256k1_p12_x) - ${yDblPointEc(A,B)} :ARITH_ECADD_SAME, MSTORE(dblScalarMulSecp256k1_p12_y), JMP(dblScalarMulSecp256k1_loop) + ${yDblPointEc(A,B)} :ARITH_ECADD_SAME, MSTORE(dblScalarMulSecp256k1_p12_y), JMP(dblScalarMulSecp256k1_loop_fi) ; [steps: 17, arith: 1] dblScalarMulSecp256k1DiffInitialPoints: @@ -140,13 +143,26 @@ dblScalarMulSecp256k1DiffInitialPoints: ; Goes forward in different branches of code depending on the values of the ; most significant bits of k1 and k2. -; [steps.byloop (worst case & nosave): 8 + 16 = 24] -; [steps.byloop (worst case & save): 13 + 16 = 29] +; [steps.byloop (worst case & nosave): 7 + 15 = 22] +; [steps.byloop (worst case & save): 12 + 15 = 27] + +; [steps.byloop ((bit.k1 || bit.k2) == 1) & nosave: 5 + 15 = 20] +; [steps.byloop ((bit.k1 && bit.k2) == 1) & nosave: 7 + 15 = 22] +; [steps.byloop ((bit.k1 || bit.k2) == 1) & save: 10 + 15 = 25] +; [steps.byloop ((bit.k1 && bit.k2) == 1) & save: 12 + 15 = 27] + +; First iteration +; ------------------------------ +dblScalarMulSecp256k1_loop_fi: + ; Receive the next MSB bit of k1 + $0{(mem.dblScalarMulSecp256k1_k1 >> RR) & 0x1} :JMPNZ(dblScalarMulSecp256k1_k11) + +; high_bit(k1) == 0 high_bit(k2) == ?? +dblScalarMulSecp256k1_k10_fi: + ; Receive the next MSB bit of k2 + $0{(mem.dblScalarMulSecp256k1_k2) >> RR & 0x1} :JMPZ(failAssert, @dblScalarMulSecp256k1_scalar_table_k10_k21 + RR) +; ------------------------------ -; [steps.byloop ((bit.k1 || bit.k2) == 1) & nosave: 6 + 16 = 22] -; [steps.byloop ((bit.k1 && bit.k2) == 1) & nosave: 8 + 16 = 24] -; [steps.byloop ((bit.k1 || bit.k2) == 1) & save: 11 + 16 = 27] -; [steps.byloop ((bit.k1 && bit.k2) == 1) & save: 13 + 16 = 29] dblScalarMulSecp256k1_loop: ; Receive the next MSB bit of k1 @@ -160,30 +176,20 @@ dblScalarMulSecp256k1_k10: ; high_bit(k1) == 1 high_bit(k2) == ?? dblScalarMulSecp256k1_k11: ; Receive the next MSB b of k2. - $0{(mem.dblScalarMulSecp256k1_k2) >> RR & 0x1} :JMPZ(@dblScalarMulSecp256k1_scalar_table_k11_k20 + RR, @dblScalarMulSecp256k1_scalar_table_k11_k21_part1 + RR) + $0{(mem.dblScalarMulSecp256k1_k2) >> RR & 0x1} :JMPZ(@dblScalarMulSecp256k1_scalar_table_k11_k20 + 2*RR, @dblScalarMulSecp256k1_scalar_table_k11_k21 + 2*RR) ; high_bit(k1) == 0 high_bit(k2) == 1 dblScalarMulSecp256k1_k10_k21_add_prepare: - ; [steps.before.nosave: 4] - ; [steps.before.save: 9] - ; [steps.before (w.c.): 9] $ => C :MLOAD(dblScalarMulSecp256k1_p2_x) $ => D :MLOAD(dblScalarMulSecp256k1_p2_y), JMP(dblScalarMulSecp256k1_add) ; high_bit(k1) == 1 high_bit(k2) == 0 dblScalarMulSecp256k1_k11_k20_add_prepare: - ; [steps.before.nosave: 3] - ; [steps.before.save: 9] - ; [steps.before (w.c.): 9] $ => C :MLOAD(dblScalarMulSecp256k1_p1_x) $ => D :MLOAD(dblScalarMulSecp256k1_p1_y), JMP(dblScalarMulSecp256k1_add) ; high_bit(k1) == 1 high_bit(k2) == 1 dblScalarMulSecp256k1_k11_k21_add_prepare: - ; [steps.before.nosave: 5] - ; [steps.before.save: 10] - ; [steps.before (w.c.): 10] - ; if (dblScalarMulSecp256k1_p12_zero) k11_k21 is the same as k10_k20 ; because adding the point at infinity to a point is the point itself $ :MLOAD(dblScalarMulSecp256k1_p12_zero), JMPNZ(dblScalarMulSecp256k1_double) @@ -191,18 +197,18 @@ dblScalarMulSecp256k1_k11_k21_add_prepare: $ => C :MLOAD(dblScalarMulSecp256k1_p12_x) $ => D :MLOAD(dblScalarMulSecp256k1_p12_y), JMP(dblScalarMulSecp256k1_add) -; in this point C,D have point to be add +; at this point, C,D contain the point to be added dblScalarMulSecp256k1_add: - ; [steps.p3empty.nolast: 4 + steps.double = 10] - ; [steps.p3empty.last: 4 + steps.double = 5] - ; [steps.xeq.yeq: 9 + steps.double = 15] - ; [steps.xeq.yneq: 10 + steps.double = 16] - ; [steps.xneq.nolast: 7 + steps.double = 13] - ; [steps.xneq.last: 7 + steps.double = 8] - ; [steps.block: 16] + ; [steps.p3empty.nolast: 5 + steps.double = 7] + ; [steps.p3empty.last: 5 + steps.double = 6] + ; [steps.xeq.yeq: 8 + steps.double = 14, arith: 1 + steps.double = 2] + ; [steps.xeq.yneq: 9 + steps.double = 15, arith: 1 + steps.double = 1] + ; [steps.xneq.nolast: 6 + steps.double = 12, arith: 1 + steps.double = 2] + ; [steps.xneq.last: 6 + steps.double = 7, arith: 1 + steps.double = 1] + ; [steps.block: 15, arith.block: 2] ; if p3 is the point at infinity do not add, just assign, since 𝒪 + P = P - $ :MLOAD(dblScalarMulSecp256k1_p3_is_zero), JMPNZ(dblScalarMulSecp256k1_p3_assignment) + $ :MLOAD(dblScalarMulSecp256k1_p3_zero), JMPNZ(dblScalarMulSecp256k1_p3_assignment) ; check whether p.x == p3.x ${ C == mem.dblScalarMulSecp256k1_p3_x } :JMPNZ(dblScalarMulSecp256k1_x_equals_before_add) @@ -217,42 +223,38 @@ dblScalarMulSecp256k1_add: ; p3 = p3 + (C,D) ; (C, D) is point to add (p1 or p2 or p12) ; (A, B) + (C, D) = (E, op) - ${xAddPointEc(A,B,C,D)} => E :MSTORE(dblScalarMulSecp256k1_p3_x) - ${yAddPointEc(A,B,C,D)} => B :ARITH_ECADD_DIFFERENT, MSTORE(dblScalarMulSecp256k1_p3_y) - -dblScalarMulSecp256k1_after_add: - E => A :JMP(dblScalarMulSecp256k1_double) + ${xAddPointEc(A,B,C,D)} => E :MSTORE(dblScalarMulSecp256k1_p3_x) + ${yAddPointEc(A,B,C,D)} :ARITH_ECADD_DIFFERENT, MSTORE(dblScalarMulSecp256k1_p3_y), JMP(dblScalarMulSecp256k1_double) dblScalarMulSecp256k1_p3_assignment: ; p3 = (C,D) - 0 :MSTORE(dblScalarMulSecp256k1_p3_is_zero) ; flag, dblScalarMulSecp256k1_p3 has a value, no-empty - C => A :MSTORE(dblScalarMulSecp256k1_p3_x) - D => B :MSTORE(dblScalarMulSecp256k1_p3_y) + 0 :MSTORE(dblScalarMulSecp256k1_p3_zero) ; flag, dblScalarMulSecp256k1_p3 has a value, no-empty + C => A :MSTORE(dblScalarMulSecp256k1_p3_x) + D => B :MSTORE(dblScalarMulSecp256k1_p3_y) + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_compute) dblScalarMulSecp256k1_double: ; [steps.last: 1] ; [steps.nolast.p3empty: 2] - ; [steps.nolast.p3: 6] - ; [steps.block: 6] + ; [steps.nolast: 6, arith: 1] + ; [steps.block: 6, arith: 1] ; E,A = p3_x B = p3_y RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop) +dblScalarMulSecp256k1_double_noRR: ; if p3 is the point at infinity do not double, since 𝒪 + 𝒪 = 𝒪 - $ :MLOAD(dblScalarMulSecp256k1_p3_is_zero), JMPNZ(dblScalarMulSecp256k1_loop) + $ :MLOAD(dblScalarMulSecp256k1_p3_zero), JMPNZ(dblScalarMulSecp256k1_loop) - $ => A :MLOAD(dblScalarMulSecp256k1_p3_x) - $ => B :MLOAD(dblScalarMulSecp256k1_p3_y) + $ => A :MLOAD(dblScalarMulSecp256k1_p3_x) + $ => B :MLOAD(dblScalarMulSecp256k1_p3_y) +dblScalarMulSecp256k1_double_compute: ; (A, B) * 2 = (E, op) ${xDblPointEc(A,B)} => E :MSTORE(dblScalarMulSecp256k1_p3_x) ${yDblPointEc(A,B)} :ARITH_ECADD_SAME, MSTORE(dblScalarMulSecp256k1_p3_y), JMP(dblScalarMulSecp256k1_loop) dblScalarMulSecp256k1_x_equals_before_add: - ; [steps.same.point: 7] - ; [steps.opposite.point: 8] - ; [steps.block: 8] - ; [MAP] if C != mem.dblScalarMulSecp256k1_p3_x ==> fails, MLOAD fails because read something different ; for memory. It verifies C and dblScalarMulSecp256k1_p3_x are same value, as an ASSERT. C :MLOAD(dblScalarMulSecp256k1_p3_x) @@ -273,6 +275,7 @@ dblScalarMulSecp256k1_x_equals_before_add: ; instead of binary to use similar resources on different paths. ; if p2_y == -p3_y, and them are alias free ==> p2_y + p3_y === SECP256K1_P + ; Note: The Secp256k1 curve does not have points with y = 0 1 => B D => A @@ -284,11 +287,10 @@ dblScalarMulSecp256k1_x_equals_before_add: ; NOTE: all points are free of alias because arithmetic guarantees it - ; dblScalarMulSecp256k1_p3_is_zero flag = 0, dblScalarMulSecp256k1_p3 was empty, need addition must be an assignation - 1n :MSTORE(dblScalarMulSecp256k1_p3_is_zero), JMP(dblScalarMulSecp256k1_double) + ; dblScalarMulSecp256k1_p3_zero flag = 0, dblScalarMulSecp256k1_p3 was empty, need addition must be an assignation + 1n :MSTORE(dblScalarMulSecp256k1_p3_zero), JMP(dblScalarMulSecp256k1_double) dblScalarMulSecp256k1_same_point_to_add: - ; [steps.block: 5] ; must check really are equals, use MLOAD as ASSERT ; ASSERT(D == dblScalarMulSecp256k1_p3_y) @@ -297,58 +299,57 @@ dblScalarMulSecp256k1_same_point_to_add: D => B ; (A,B) * 2 = (E, op) - ${xDblPointEc(A,B)} => E :MSTORE(dblScalarMulSecp256k1_p3_x) - ${yDblPointEc(A,B)} => B :ARITH_ECADD_SAME, MSTORE(dblScalarMulSecp256k1_p3_y), JMP(dblScalarMulSecp256k1_after_add) + ${xDblPointEc(A,B)} => E :MSTORE(dblScalarMulSecp256k1_p3_x) + ${yDblPointEc(A,B)} :ARITH_ECADD_SAME, MSTORE(dblScalarMulSecp256k1_p3_y), JMP(dblScalarMulSecp256k1_double) dblScalarMulSecp256k1_end_loop: - ; [steps.block: 8] - ; Check that the accumulated scalars coincide with the original ones $ => A :MLOAD(dblScalarMulSecp256k1_k1) - $ => B :MLOAD(dblScalarMulSecp256k1_acum_k1) - 1 :EQ + A :MLOAD(dblScalarMulSecp256k1_acum_k1) + $ => A :MLOAD(dblScalarMulSecp256k1_k2) - $ => B :MLOAD(dblScalarMulSecp256k1_acum_k2) - 1 :EQ + A :MLOAD(dblScalarMulSecp256k1_acum_k2) - $ => RR :MLOAD(dblScalarMulSecp256k1_RR) - $ => RCX :MLOAD(dblScalarMulSecp256k1_RCX), RETURN + $ => RR :MLOAD(dblScalarMulSecp256k1_RR) + $ => RCX :MLOAD(dblScalarMulSecp256k1_RCX), RETURN ; Begin of table dblScalarMulSecp256k1_save_k10_k20: - ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) + ; There is no need to load C since it has been done in the table + ; $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1) + ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) - ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) + ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) - 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_double) + 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_double) dblScalarMulSecp256k1_save_k11_k20: - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1) - ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1) + ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) - ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) + ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) - 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) + 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) dblScalarMulSecp256k1_save_k11_k21: - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1) - ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1) + ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) - ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) + ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) - 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) dblScalarMulSecp256k1_save_k10_k21: - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1) - ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1) + ROTL_C + RCX :MSTORE(dblScalarMulSecp256k1_acum_k1) - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) - ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k2) + ROTL_C + HASHPOS :MSTORE(dblScalarMulSecp256k1_acum_k2) - 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_k10_k21_add_prepare) + 0n => RCX,HASHPOS :JMP(dblScalarMulSecp256k1_k10_k21_add_prepare) ; Sage code ; ---------------------------------------- @@ -359,267 +360,267 @@ dblScalarMulSecp256k1_save_k10_k21: ; power = 2**latch ; a = f"{power:#0{10}x}" ; if (latch == 0): -; print("\t:JMP(dblScalarMulSecp256k1_save_k10_k20)\t; RR = {}".format(i)) +; print("\t$ => C\t\t\t:MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = {}".format(i)) ; else: -; print("\t:JMP(dblScalarMulSecp256k1_double)\t\t\t; RR = {}".format(i)) +; print("\tRR - 1 => RR\t:JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR)\t\t\t; RR = {}".format(i)) ; ---------------------------------------- dblScalarMulSecp256k1_scalar_table_k10_k20: - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 0 - :JMP(dblScalarMulSecp256k1_double) ; RR = 1 - :JMP(dblScalarMulSecp256k1_double) ; RR = 2 - :JMP(dblScalarMulSecp256k1_double) ; RR = 3 - :JMP(dblScalarMulSecp256k1_double) ; RR = 4 - :JMP(dblScalarMulSecp256k1_double) ; RR = 5 - :JMP(dblScalarMulSecp256k1_double) ; RR = 6 - :JMP(dblScalarMulSecp256k1_double) ; RR = 7 - :JMP(dblScalarMulSecp256k1_double) ; RR = 8 - :JMP(dblScalarMulSecp256k1_double) ; RR = 9 - :JMP(dblScalarMulSecp256k1_double) ; RR = 10 - :JMP(dblScalarMulSecp256k1_double) ; RR = 11 - :JMP(dblScalarMulSecp256k1_double) ; RR = 12 - :JMP(dblScalarMulSecp256k1_double) ; RR = 13 - :JMP(dblScalarMulSecp256k1_double) ; RR = 14 - :JMP(dblScalarMulSecp256k1_double) ; RR = 15 - :JMP(dblScalarMulSecp256k1_double) ; RR = 16 - :JMP(dblScalarMulSecp256k1_double) ; RR = 17 - :JMP(dblScalarMulSecp256k1_double) ; RR = 18 - :JMP(dblScalarMulSecp256k1_double) ; RR = 19 - :JMP(dblScalarMulSecp256k1_double) ; RR = 20 - :JMP(dblScalarMulSecp256k1_double) ; RR = 21 - :JMP(dblScalarMulSecp256k1_double) ; RR = 22 - :JMP(dblScalarMulSecp256k1_double) ; RR = 23 - :JMP(dblScalarMulSecp256k1_double) ; RR = 24 - :JMP(dblScalarMulSecp256k1_double) ; RR = 25 - :JMP(dblScalarMulSecp256k1_double) ; RR = 26 - :JMP(dblScalarMulSecp256k1_double) ; RR = 27 - :JMP(dblScalarMulSecp256k1_double) ; RR = 28 - :JMP(dblScalarMulSecp256k1_double) ; RR = 29 - :JMP(dblScalarMulSecp256k1_double) ; RR = 30 - :JMP(dblScalarMulSecp256k1_double) ; RR = 31 - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 32 - :JMP(dblScalarMulSecp256k1_double) ; RR = 33 - :JMP(dblScalarMulSecp256k1_double) ; RR = 34 - :JMP(dblScalarMulSecp256k1_double) ; RR = 35 - :JMP(dblScalarMulSecp256k1_double) ; RR = 36 - :JMP(dblScalarMulSecp256k1_double) ; RR = 37 - :JMP(dblScalarMulSecp256k1_double) ; RR = 38 - :JMP(dblScalarMulSecp256k1_double) ; RR = 39 - :JMP(dblScalarMulSecp256k1_double) ; RR = 40 - :JMP(dblScalarMulSecp256k1_double) ; RR = 41 - :JMP(dblScalarMulSecp256k1_double) ; RR = 42 - :JMP(dblScalarMulSecp256k1_double) ; RR = 43 - :JMP(dblScalarMulSecp256k1_double) ; RR = 44 - :JMP(dblScalarMulSecp256k1_double) ; RR = 45 - :JMP(dblScalarMulSecp256k1_double) ; RR = 46 - :JMP(dblScalarMulSecp256k1_double) ; RR = 47 - :JMP(dblScalarMulSecp256k1_double) ; RR = 48 - :JMP(dblScalarMulSecp256k1_double) ; RR = 49 - :JMP(dblScalarMulSecp256k1_double) ; RR = 50 - :JMP(dblScalarMulSecp256k1_double) ; RR = 51 - :JMP(dblScalarMulSecp256k1_double) ; RR = 52 - :JMP(dblScalarMulSecp256k1_double) ; RR = 53 - :JMP(dblScalarMulSecp256k1_double) ; RR = 54 - :JMP(dblScalarMulSecp256k1_double) ; RR = 55 - :JMP(dblScalarMulSecp256k1_double) ; RR = 56 - :JMP(dblScalarMulSecp256k1_double) ; RR = 57 - :JMP(dblScalarMulSecp256k1_double) ; RR = 58 - :JMP(dblScalarMulSecp256k1_double) ; RR = 59 - :JMP(dblScalarMulSecp256k1_double) ; RR = 60 - :JMP(dblScalarMulSecp256k1_double) ; RR = 61 - :JMP(dblScalarMulSecp256k1_double) ; RR = 62 - :JMP(dblScalarMulSecp256k1_double) ; RR = 63 - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 64 - :JMP(dblScalarMulSecp256k1_double) ; RR = 65 - :JMP(dblScalarMulSecp256k1_double) ; RR = 66 - :JMP(dblScalarMulSecp256k1_double) ; RR = 67 - :JMP(dblScalarMulSecp256k1_double) ; RR = 68 - :JMP(dblScalarMulSecp256k1_double) ; RR = 69 - :JMP(dblScalarMulSecp256k1_double) ; RR = 70 - :JMP(dblScalarMulSecp256k1_double) ; RR = 71 - :JMP(dblScalarMulSecp256k1_double) ; RR = 72 - :JMP(dblScalarMulSecp256k1_double) ; RR = 73 - :JMP(dblScalarMulSecp256k1_double) ; RR = 74 - :JMP(dblScalarMulSecp256k1_double) ; RR = 75 - :JMP(dblScalarMulSecp256k1_double) ; RR = 76 - :JMP(dblScalarMulSecp256k1_double) ; RR = 77 - :JMP(dblScalarMulSecp256k1_double) ; RR = 78 - :JMP(dblScalarMulSecp256k1_double) ; RR = 79 - :JMP(dblScalarMulSecp256k1_double) ; RR = 80 - :JMP(dblScalarMulSecp256k1_double) ; RR = 81 - :JMP(dblScalarMulSecp256k1_double) ; RR = 82 - :JMP(dblScalarMulSecp256k1_double) ; RR = 83 - :JMP(dblScalarMulSecp256k1_double) ; RR = 84 - :JMP(dblScalarMulSecp256k1_double) ; RR = 85 - :JMP(dblScalarMulSecp256k1_double) ; RR = 86 - :JMP(dblScalarMulSecp256k1_double) ; RR = 87 - :JMP(dblScalarMulSecp256k1_double) ; RR = 88 - :JMP(dblScalarMulSecp256k1_double) ; RR = 89 - :JMP(dblScalarMulSecp256k1_double) ; RR = 90 - :JMP(dblScalarMulSecp256k1_double) ; RR = 91 - :JMP(dblScalarMulSecp256k1_double) ; RR = 92 - :JMP(dblScalarMulSecp256k1_double) ; RR = 93 - :JMP(dblScalarMulSecp256k1_double) ; RR = 94 - :JMP(dblScalarMulSecp256k1_double) ; RR = 95 - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 96 - :JMP(dblScalarMulSecp256k1_double) ; RR = 97 - :JMP(dblScalarMulSecp256k1_double) ; RR = 98 - :JMP(dblScalarMulSecp256k1_double) ; RR = 99 - :JMP(dblScalarMulSecp256k1_double) ; RR = 100 - :JMP(dblScalarMulSecp256k1_double) ; RR = 101 - :JMP(dblScalarMulSecp256k1_double) ; RR = 102 - :JMP(dblScalarMulSecp256k1_double) ; RR = 103 - :JMP(dblScalarMulSecp256k1_double) ; RR = 104 - :JMP(dblScalarMulSecp256k1_double) ; RR = 105 - :JMP(dblScalarMulSecp256k1_double) ; RR = 106 - :JMP(dblScalarMulSecp256k1_double) ; RR = 107 - :JMP(dblScalarMulSecp256k1_double) ; RR = 108 - :JMP(dblScalarMulSecp256k1_double) ; RR = 109 - :JMP(dblScalarMulSecp256k1_double) ; RR = 110 - :JMP(dblScalarMulSecp256k1_double) ; RR = 111 - :JMP(dblScalarMulSecp256k1_double) ; RR = 112 - :JMP(dblScalarMulSecp256k1_double) ; RR = 113 - :JMP(dblScalarMulSecp256k1_double) ; RR = 114 - :JMP(dblScalarMulSecp256k1_double) ; RR = 115 - :JMP(dblScalarMulSecp256k1_double) ; RR = 116 - :JMP(dblScalarMulSecp256k1_double) ; RR = 117 - :JMP(dblScalarMulSecp256k1_double) ; RR = 118 - :JMP(dblScalarMulSecp256k1_double) ; RR = 119 - :JMP(dblScalarMulSecp256k1_double) ; RR = 120 - :JMP(dblScalarMulSecp256k1_double) ; RR = 121 - :JMP(dblScalarMulSecp256k1_double) ; RR = 122 - :JMP(dblScalarMulSecp256k1_double) ; RR = 123 - :JMP(dblScalarMulSecp256k1_double) ; RR = 124 - :JMP(dblScalarMulSecp256k1_double) ; RR = 125 - :JMP(dblScalarMulSecp256k1_double) ; RR = 126 - :JMP(dblScalarMulSecp256k1_double) ; RR = 127 - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 128 - :JMP(dblScalarMulSecp256k1_double) ; RR = 129 - :JMP(dblScalarMulSecp256k1_double) ; RR = 130 - :JMP(dblScalarMulSecp256k1_double) ; RR = 131 - :JMP(dblScalarMulSecp256k1_double) ; RR = 132 - :JMP(dblScalarMulSecp256k1_double) ; RR = 133 - :JMP(dblScalarMulSecp256k1_double) ; RR = 134 - :JMP(dblScalarMulSecp256k1_double) ; RR = 135 - :JMP(dblScalarMulSecp256k1_double) ; RR = 136 - :JMP(dblScalarMulSecp256k1_double) ; RR = 137 - :JMP(dblScalarMulSecp256k1_double) ; RR = 138 - :JMP(dblScalarMulSecp256k1_double) ; RR = 139 - :JMP(dblScalarMulSecp256k1_double) ; RR = 140 - :JMP(dblScalarMulSecp256k1_double) ; RR = 141 - :JMP(dblScalarMulSecp256k1_double) ; RR = 142 - :JMP(dblScalarMulSecp256k1_double) ; RR = 143 - :JMP(dblScalarMulSecp256k1_double) ; RR = 144 - :JMP(dblScalarMulSecp256k1_double) ; RR = 145 - :JMP(dblScalarMulSecp256k1_double) ; RR = 146 - :JMP(dblScalarMulSecp256k1_double) ; RR = 147 - :JMP(dblScalarMulSecp256k1_double) ; RR = 148 - :JMP(dblScalarMulSecp256k1_double) ; RR = 149 - :JMP(dblScalarMulSecp256k1_double) ; RR = 150 - :JMP(dblScalarMulSecp256k1_double) ; RR = 151 - :JMP(dblScalarMulSecp256k1_double) ; RR = 152 - :JMP(dblScalarMulSecp256k1_double) ; RR = 153 - :JMP(dblScalarMulSecp256k1_double) ; RR = 154 - :JMP(dblScalarMulSecp256k1_double) ; RR = 155 - :JMP(dblScalarMulSecp256k1_double) ; RR = 156 - :JMP(dblScalarMulSecp256k1_double) ; RR = 157 - :JMP(dblScalarMulSecp256k1_double) ; RR = 158 - :JMP(dblScalarMulSecp256k1_double) ; RR = 159 - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 160 - :JMP(dblScalarMulSecp256k1_double) ; RR = 161 - :JMP(dblScalarMulSecp256k1_double) ; RR = 162 - :JMP(dblScalarMulSecp256k1_double) ; RR = 163 - :JMP(dblScalarMulSecp256k1_double) ; RR = 164 - :JMP(dblScalarMulSecp256k1_double) ; RR = 165 - :JMP(dblScalarMulSecp256k1_double) ; RR = 166 - :JMP(dblScalarMulSecp256k1_double) ; RR = 167 - :JMP(dblScalarMulSecp256k1_double) ; RR = 168 - :JMP(dblScalarMulSecp256k1_double) ; RR = 169 - :JMP(dblScalarMulSecp256k1_double) ; RR = 170 - :JMP(dblScalarMulSecp256k1_double) ; RR = 171 - :JMP(dblScalarMulSecp256k1_double) ; RR = 172 - :JMP(dblScalarMulSecp256k1_double) ; RR = 173 - :JMP(dblScalarMulSecp256k1_double) ; RR = 174 - :JMP(dblScalarMulSecp256k1_double) ; RR = 175 - :JMP(dblScalarMulSecp256k1_double) ; RR = 176 - :JMP(dblScalarMulSecp256k1_double) ; RR = 177 - :JMP(dblScalarMulSecp256k1_double) ; RR = 178 - :JMP(dblScalarMulSecp256k1_double) ; RR = 179 - :JMP(dblScalarMulSecp256k1_double) ; RR = 180 - :JMP(dblScalarMulSecp256k1_double) ; RR = 181 - :JMP(dblScalarMulSecp256k1_double) ; RR = 182 - :JMP(dblScalarMulSecp256k1_double) ; RR = 183 - :JMP(dblScalarMulSecp256k1_double) ; RR = 184 - :JMP(dblScalarMulSecp256k1_double) ; RR = 185 - :JMP(dblScalarMulSecp256k1_double) ; RR = 186 - :JMP(dblScalarMulSecp256k1_double) ; RR = 187 - :JMP(dblScalarMulSecp256k1_double) ; RR = 188 - :JMP(dblScalarMulSecp256k1_double) ; RR = 189 - :JMP(dblScalarMulSecp256k1_double) ; RR = 190 - :JMP(dblScalarMulSecp256k1_double) ; RR = 191 - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 192 - :JMP(dblScalarMulSecp256k1_double) ; RR = 193 - :JMP(dblScalarMulSecp256k1_double) ; RR = 194 - :JMP(dblScalarMulSecp256k1_double) ; RR = 195 - :JMP(dblScalarMulSecp256k1_double) ; RR = 196 - :JMP(dblScalarMulSecp256k1_double) ; RR = 197 - :JMP(dblScalarMulSecp256k1_double) ; RR = 198 - :JMP(dblScalarMulSecp256k1_double) ; RR = 199 - :JMP(dblScalarMulSecp256k1_double) ; RR = 200 - :JMP(dblScalarMulSecp256k1_double) ; RR = 201 - :JMP(dblScalarMulSecp256k1_double) ; RR = 202 - :JMP(dblScalarMulSecp256k1_double) ; RR = 203 - :JMP(dblScalarMulSecp256k1_double) ; RR = 204 - :JMP(dblScalarMulSecp256k1_double) ; RR = 205 - :JMP(dblScalarMulSecp256k1_double) ; RR = 206 - :JMP(dblScalarMulSecp256k1_double) ; RR = 207 - :JMP(dblScalarMulSecp256k1_double) ; RR = 208 - :JMP(dblScalarMulSecp256k1_double) ; RR = 209 - :JMP(dblScalarMulSecp256k1_double) ; RR = 210 - :JMP(dblScalarMulSecp256k1_double) ; RR = 211 - :JMP(dblScalarMulSecp256k1_double) ; RR = 212 - :JMP(dblScalarMulSecp256k1_double) ; RR = 213 - :JMP(dblScalarMulSecp256k1_double) ; RR = 214 - :JMP(dblScalarMulSecp256k1_double) ; RR = 215 - :JMP(dblScalarMulSecp256k1_double) ; RR = 216 - :JMP(dblScalarMulSecp256k1_double) ; RR = 217 - :JMP(dblScalarMulSecp256k1_double) ; RR = 218 - :JMP(dblScalarMulSecp256k1_double) ; RR = 219 - :JMP(dblScalarMulSecp256k1_double) ; RR = 220 - :JMP(dblScalarMulSecp256k1_double) ; RR = 221 - :JMP(dblScalarMulSecp256k1_double) ; RR = 222 - :JMP(dblScalarMulSecp256k1_double) ; RR = 223 - $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 224 - :JMP(dblScalarMulSecp256k1_double) ; RR = 225 - :JMP(dblScalarMulSecp256k1_double) ; RR = 226 - :JMP(dblScalarMulSecp256k1_double) ; RR = 227 - :JMP(dblScalarMulSecp256k1_double) ; RR = 228 - :JMP(dblScalarMulSecp256k1_double) ; RR = 229 - :JMP(dblScalarMulSecp256k1_double) ; RR = 230 - :JMP(dblScalarMulSecp256k1_double) ; RR = 231 - :JMP(dblScalarMulSecp256k1_double) ; RR = 232 - :JMP(dblScalarMulSecp256k1_double) ; RR = 233 - :JMP(dblScalarMulSecp256k1_double) ; RR = 234 - :JMP(dblScalarMulSecp256k1_double) ; RR = 235 - :JMP(dblScalarMulSecp256k1_double) ; RR = 236 - :JMP(dblScalarMulSecp256k1_double) ; RR = 237 - :JMP(dblScalarMulSecp256k1_double) ; RR = 238 - :JMP(dblScalarMulSecp256k1_double) ; RR = 239 - :JMP(dblScalarMulSecp256k1_double) ; RR = 240 - :JMP(dblScalarMulSecp256k1_double) ; RR = 241 - :JMP(dblScalarMulSecp256k1_double) ; RR = 242 - :JMP(dblScalarMulSecp256k1_double) ; RR = 243 - :JMP(dblScalarMulSecp256k1_double) ; RR = 244 - :JMP(dblScalarMulSecp256k1_double) ; RR = 245 - :JMP(dblScalarMulSecp256k1_double) ; RR = 246 - :JMP(dblScalarMulSecp256k1_double) ; RR = 247 - :JMP(dblScalarMulSecp256k1_double) ; RR = 248 - :JMP(dblScalarMulSecp256k1_double) ; RR = 249 - :JMP(dblScalarMulSecp256k1_double) ; RR = 250 - :JMP(dblScalarMulSecp256k1_double) ; RR = 251 - :JMP(dblScalarMulSecp256k1_double) ; RR = 252 - :JMP(dblScalarMulSecp256k1_double) ; RR = 253 - :JMP(dblScalarMulSecp256k1_double) ; RR = 254 - :JMP(dblScalarMulSecp256k1_double) ; RR = 255 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 0 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 1 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 2 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 3 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 4 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 5 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 6 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 7 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 8 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 9 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 10 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 11 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 12 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 13 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 14 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 15 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 16 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 17 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 18 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 19 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 20 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 21 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 22 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 23 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 24 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 25 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 26 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 27 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 28 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 29 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 30 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 31 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 32 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 33 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 34 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 35 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 36 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 37 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 38 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 39 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 40 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 41 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 42 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 43 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 44 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 45 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 46 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 47 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 48 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 49 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 50 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 51 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 52 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 53 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 54 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 55 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 56 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 57 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 58 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 59 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 60 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 61 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 62 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 63 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 64 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 65 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 66 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 67 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 68 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 69 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 70 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 71 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 72 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 73 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 74 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 75 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 76 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 77 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 78 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 79 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 80 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 81 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 82 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 83 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 84 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 85 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 86 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 87 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 88 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 89 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 90 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 91 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 92 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 93 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 94 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 95 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 96 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 97 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 98 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 99 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 100 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 101 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 102 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 103 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 104 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 105 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 106 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 107 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 108 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 109 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 110 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 111 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 112 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 113 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 114 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 115 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 116 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 117 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 118 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 119 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 120 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 121 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 122 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 123 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 124 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 125 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 126 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 127 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 128 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 129 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 130 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 131 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 132 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 133 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 134 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 135 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 136 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 137 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 138 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 139 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 140 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 141 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 142 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 143 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 144 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 145 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 146 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 147 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 148 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 149 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 150 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 151 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 152 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 153 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 154 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 155 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 156 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 157 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 158 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 159 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 160 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 161 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 162 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 163 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 164 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 165 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 166 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 167 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 168 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 169 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 170 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 171 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 172 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 173 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 174 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 175 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 176 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 177 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 178 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 179 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 180 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 181 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 182 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 183 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 184 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 185 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 186 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 187 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 188 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 189 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 190 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 191 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 192 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 193 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 194 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 195 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 196 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 197 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 198 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 199 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 200 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 201 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 202 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 203 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 204 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 205 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 206 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 207 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 208 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 209 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 210 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 211 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 212 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 213 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 214 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 215 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 216 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 217 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 218 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 219 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 220 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 221 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 222 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 223 + $ => C :MLOAD(dblScalarMulSecp256k1_acum_k1), JMP(dblScalarMulSecp256k1_save_k10_k20) ; RR = 224 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 225 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 226 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 227 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 228 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 229 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 230 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 231 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 232 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 233 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 234 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 235 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 236 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 237 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 238 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 239 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 240 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 241 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 242 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 243 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 244 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 245 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 246 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 247 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 248 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 249 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 250 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 251 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 252 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 253 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 254 + RR - 1 => RR :JMPN(dblScalarMulSecp256k1_end_loop,dblScalarMulSecp256k1_double_noRR) ; RR = 255 ; Sage code ; ---------------------------------------- @@ -630,535 +631,525 @@ dblScalarMulSecp256k1_scalar_table_k10_k20: ; power = 2**latch ; a = f"{power:#0{10}x}" ; if (latch == 0): -; print("\tRCX + {0}n => RCX\t\t:JMP(dblScalarMulSecp256k1_save_k11_k20)\t; RR = {1}".format(a,i)) +; print("\tRCX + {0}n => RCX\t\t:JMP(dblScalarMulSecp256k1_save_k11_k20)\t\t\t; RR = {1}".format(a,i)) +; print("\tA => A ; Dummy operation") ; else: -; print("\tRCX + {0}n => RCX\t\t:JMP(dblScalarMulSecp256k1_k11_k20_add_prepare_add)\t\t; RR = {1}".format(a,i)) +; print("\tRCX + {0}n => RCX\t\t:JMP(dblScalarMulSecp256k1_k11_k20_add_prepare)\t\t; RR = {1}".format(a,i)) +; print("\tA => A ; Dummy operation") ; ---------------------------------------- dblScalarMulSecp256k1_scalar_table_k11_k20: - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 0 + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 0 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 1 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 2 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 3 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 4 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 5 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 6 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 7 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 8 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 9 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 10 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 11 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 12 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 13 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 14 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 15 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 16 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 17 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 18 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 19 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 20 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 21 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 22 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 23 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 24 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 25 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 26 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 27 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 28 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 29 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 30 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 31 - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 32 + A => A ; Dummy operation + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 32 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 33 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 34 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 35 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 36 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 37 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 38 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 39 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 40 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 41 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 42 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 43 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 44 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 45 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 46 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 47 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 48 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 49 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 50 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 51 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 52 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 53 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 54 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 55 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 56 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 57 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 58 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 59 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 60 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 61 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 62 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 63 - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 64 + A => A ; Dummy operation + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 64 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 65 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 66 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 67 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 68 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 69 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 70 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 71 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 72 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 73 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 74 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 75 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 76 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 77 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 78 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 79 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 80 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 81 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 82 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 83 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 84 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 85 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 86 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 87 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 88 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 89 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 90 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 91 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 92 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 93 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 94 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 95 - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 96 + A => A ; Dummy operation + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 96 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 97 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 98 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 99 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 100 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 101 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 102 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 103 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 104 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 105 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 106 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 107 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 108 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 109 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 110 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 111 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 112 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 113 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 114 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 115 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 116 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 117 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 118 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 119 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 120 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 121 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 122 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 123 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 124 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 125 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 126 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 127 - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 128 + A => A ; Dummy operation + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 128 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 129 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 130 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 131 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 132 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 133 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 134 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 135 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 136 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 137 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 138 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 139 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 140 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 141 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 142 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 143 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 144 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 145 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 146 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 147 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 148 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 149 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 150 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 151 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 152 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 153 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 154 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 155 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 156 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 157 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 158 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 159 - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 160 + A => A ; Dummy operation + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 160 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 161 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 162 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 163 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 164 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 165 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 166 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 167 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 168 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 169 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 170 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 171 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 172 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 173 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 174 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 175 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 176 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 177 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 178 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 179 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 180 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 181 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 182 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 183 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 184 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 185 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 186 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 187 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 188 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 189 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 190 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 191 - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 192 + A => A ; Dummy operation + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 192 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 193 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 194 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 195 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 196 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 197 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 198 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 199 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 200 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 201 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 202 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 203 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 204 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 205 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 206 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 207 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 208 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 209 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 210 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 211 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 212 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 213 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 214 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 215 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 216 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 217 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 218 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 219 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 220 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 221 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 222 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 223 - RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 224 + A => A ; Dummy operation + RCX + 0x00000001n => RCX :JMP(dblScalarMulSecp256k1_save_k11_k20) ; RR = 224 + A => A ; Dummy operation RCX + 0x00000002n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 225 + A => A ; Dummy operation RCX + 0x00000004n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 226 + A => A ; Dummy operation RCX + 0x00000008n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 227 + A => A ; Dummy operation RCX + 0x00000010n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 228 + A => A ; Dummy operation RCX + 0x00000020n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 229 + A => A ; Dummy operation RCX + 0x00000040n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 230 + A => A ; Dummy operation RCX + 0x00000080n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 231 + A => A ; Dummy operation RCX + 0x00000100n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 232 + A => A ; Dummy operation RCX + 0x00000200n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 233 + A => A ; Dummy operation RCX + 0x00000400n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 234 + A => A ; Dummy operation RCX + 0x00000800n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 235 + A => A ; Dummy operation RCX + 0x00001000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 236 + A => A ; Dummy operation RCX + 0x00002000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 237 + A => A ; Dummy operation RCX + 0x00004000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 238 + A => A ; Dummy operation RCX + 0x00008000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 239 + A => A ; Dummy operation RCX + 0x00010000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 240 + A => A ; Dummy operation RCX + 0x00020000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 241 + A => A ; Dummy operation RCX + 0x00040000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 242 + A => A ; Dummy operation RCX + 0x00080000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 243 + A => A ; Dummy operation RCX + 0x00100000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 244 + A => A ; Dummy operation RCX + 0x00200000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 245 + A => A ; Dummy operation RCX + 0x00400000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 246 + A => A ; Dummy operation RCX + 0x00800000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 247 + A => A ; Dummy operation RCX + 0x01000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 248 + A => A ; Dummy operation RCX + 0x02000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 249 + A => A ; Dummy operation RCX + 0x04000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 250 + A => A ; Dummy operation RCX + 0x08000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 251 + A => A ; Dummy operation RCX + 0x10000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 252 + A => A ; Dummy operation RCX + 0x20000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 253 + A => A ; Dummy operation RCX + 0x40000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 254 + A => A ; Dummy operation RCX + 0x80000000n => RCX :JMP(dblScalarMulSecp256k1_k11_k20_add_prepare) ; RR = 255 - -; Sage code -; ---------------------------------------- -; binLen = 256 -; clock = 32 -; for i in range(binLen): -; latch = i % clock -; power = 2**latch -; a = f"{power:#0{10}x}" -; print("\tRCX + {0}n => RCX\t\t:JMP(dblScalarMulSecp256k1_scalar_table_k11_k21_part2)\t; RR = {1}".format(a,i)) -; ---------------------------------------- -dblScalarMulSecp256k1_scalar_table_k11_k21_part1: - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 0 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 1 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 2 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 3 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 4 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 5 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 6 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 7 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 8 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 9 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 10 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 11 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 12 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 13 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 14 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 15 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 16 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 17 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 18 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 19 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 20 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 21 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 22 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 23 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 24 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 25 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 26 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 27 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 28 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 29 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 30 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 31 - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 32 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 33 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 34 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 35 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 36 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 37 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 38 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 39 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 40 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 41 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 42 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 43 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 44 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 45 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 46 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 47 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 48 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 49 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 50 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 51 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 52 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 53 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 54 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 55 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 56 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 57 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 58 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 59 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 60 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 61 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 62 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 63 - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 64 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 65 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 66 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 67 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 68 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 69 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 70 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 71 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 72 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 73 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 74 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 75 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 76 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 77 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 78 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 79 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 80 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 81 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 82 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 83 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 84 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 85 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 86 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 87 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 88 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 89 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 90 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 91 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 92 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 93 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 94 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 95 - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 96 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 97 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 98 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 99 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 100 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 101 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 102 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 103 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 104 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 105 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 106 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 107 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 108 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 109 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 110 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 111 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 112 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 113 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 114 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 115 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 116 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 117 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 118 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 119 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 120 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 121 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 122 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 123 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 124 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 125 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 126 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 127 - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 128 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 129 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 130 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 131 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 132 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 133 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 134 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 135 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 136 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 137 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 138 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 139 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 140 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 141 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 142 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 143 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 144 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 145 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 146 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 147 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 148 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 149 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 150 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 151 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 152 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 153 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 154 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 155 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 156 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 157 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 158 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 159 - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 160 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 161 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 162 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 163 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 164 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 165 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 166 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 167 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 168 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 169 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 170 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 171 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 172 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 173 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 174 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 175 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 176 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 177 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 178 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 179 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 180 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 181 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 182 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 183 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 184 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 185 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 186 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 187 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 188 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 189 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 190 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 191 - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 192 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 193 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 194 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 195 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 196 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 197 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 198 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 199 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 200 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 201 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 202 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 203 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 204 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 205 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 206 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 207 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 208 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 209 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 210 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 211 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 212 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 213 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 214 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 215 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 216 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 217 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 218 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 219 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 220 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 221 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 222 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 223 - RCX + 0x00000001n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 224 - RCX + 0x00000002n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 225 - RCX + 0x00000004n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 226 - RCX + 0x00000008n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 227 - RCX + 0x00000010n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 228 - RCX + 0x00000020n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 229 - RCX + 0x00000040n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 230 - RCX + 0x00000080n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 231 - RCX + 0x00000100n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 232 - RCX + 0x00000200n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 233 - RCX + 0x00000400n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 234 - RCX + 0x00000800n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 235 - RCX + 0x00001000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 236 - RCX + 0x00002000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 237 - RCX + 0x00004000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 238 - RCX + 0x00008000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 239 - RCX + 0x00010000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 240 - RCX + 0x00020000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 241 - RCX + 0x00040000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 242 - RCX + 0x00080000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 243 - RCX + 0x00100000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 244 - RCX + 0x00200000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 245 - RCX + 0x00400000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 246 - RCX + 0x00800000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 247 - RCX + 0x01000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 248 - RCX + 0x02000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 249 - RCX + 0x04000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 250 - RCX + 0x08000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 251 - RCX + 0x10000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 252 - RCX + 0x20000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 253 - RCX + 0x40000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 254 - RCX + 0x80000000n => RCX :JMP(@dblScalarMulSecp256k1_scalar_table_k11_k21_part2 + RR) ; RR = 255 + A => A ; Dummy operation ; Sage code ; ---------------------------------------- @@ -1169,267 +1160,525 @@ dblScalarMulSecp256k1_scalar_table_k11_k21_part1: ; power = 2**latch ; a = f"{power:#0{10}x}" ; if (latch == 0): -; print("\tHASHPOS + {0}n => HASHPOS\t\t:JMP(dblScalarMulSecp256k1_save_k11_k21)\t; RR = {1}".format(a,i)) +; print("\tRCX + {0}n => RCX\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t; RR = {1}".format(a,i)) +; print("\tHASHPOS + {0}n => HASHPOS\t\t:JMP(dblScalarMulSecp256k1_save_k11_k21)".format(a)) ; else: -; print("\tHASHPOS + {0}n => HASHPOS\t\t:JMP(dblScalarMulSecp256k1_k11_k21_add_prepare)\t\t; RR = {1}".format(a,i)) +; print("\tRCX + {0}n => RCX\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t; RR = {1}".format(a,i)) +; print("\tHASHPOS + {0}n => HASHPOS\t\t:JMP(dblScalarMulSecp256k1_k11_k21_add_prepare)".format(a)) ; ---------------------------------------- -dblScalarMulSecp256k1_scalar_table_k11_k21_part2: - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 0 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 1 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 2 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 3 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 4 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 5 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 6 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 7 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 8 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 9 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 10 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 11 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 12 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 13 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 14 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 15 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 16 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 17 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 18 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 19 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 20 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 21 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 22 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 23 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 24 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 25 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 26 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 27 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 28 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 29 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 30 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 31 - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 32 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 33 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 34 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 35 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 36 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 37 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 38 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 39 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 40 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 41 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 42 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 43 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 44 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 45 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 46 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 47 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 48 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 49 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 50 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 51 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 52 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 53 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 54 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 55 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 56 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 57 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 58 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 59 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 60 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 61 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 62 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 63 - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 64 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 65 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 66 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 67 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 68 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 69 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 70 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 71 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 72 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 73 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 74 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 75 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 76 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 77 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 78 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 79 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 80 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 81 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 82 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 83 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 84 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 85 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 86 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 87 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 88 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 89 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 90 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 91 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 92 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 93 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 94 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 95 - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 96 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 97 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 98 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 99 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 100 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 101 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 102 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 103 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 104 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 105 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 106 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 107 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 108 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 109 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 110 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 111 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 112 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 113 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 114 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 115 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 116 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 117 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 118 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 119 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 120 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 121 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 122 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 123 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 124 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 125 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 126 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 127 - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 128 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 129 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 130 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 131 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 132 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 133 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 134 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 135 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 136 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 137 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 138 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 139 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 140 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 141 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 142 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 143 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 144 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 145 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 146 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 147 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 148 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 149 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 150 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 151 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 152 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 153 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 154 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 155 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 156 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 157 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 158 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 159 - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 160 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 161 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 162 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 163 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 164 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 165 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 166 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 167 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 168 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 169 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 170 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 171 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 172 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 173 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 174 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 175 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 176 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 177 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 178 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 179 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 180 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 181 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 182 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 183 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 184 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 185 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 186 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 187 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 188 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 189 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 190 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 191 - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 192 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 193 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 194 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 195 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 196 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 197 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 198 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 199 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 200 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 201 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 202 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 203 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 204 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 205 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 206 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 207 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 208 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 209 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 210 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 211 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 212 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 213 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 214 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 215 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 216 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 217 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 218 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 219 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 220 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 221 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 222 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 223 - HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) ; RR = 224 - HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 225 - HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 226 - HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 227 - HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 228 - HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 229 - HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 230 - HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 231 - HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 232 - HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 233 - HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 234 - HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 235 - HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 236 - HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 237 - HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 238 - HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 239 - HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 240 - HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 241 - HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 242 - HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 243 - HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 244 - HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 245 - HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 246 - HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 247 - HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 248 - HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 249 - HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 250 - HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 251 - HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 252 - HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 253 - HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 254 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; RR = 255 +dblScalarMulSecp256k1_scalar_table_k11_k21: + RCX + 0x00000001n => RCX ; RR = 0 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 1 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 2 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 3 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 4 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 5 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 6 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 7 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 8 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 9 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 10 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 11 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 12 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 13 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 14 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 15 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 16 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 17 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 18 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 19 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 20 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 21 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 22 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 23 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 24 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 25 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 26 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 27 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 28 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 29 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 30 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 31 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000001n => RCX ; RR = 32 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 33 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 34 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 35 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 36 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 37 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 38 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 39 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 40 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 41 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 42 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 43 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 44 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 45 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 46 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 47 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 48 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 49 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 50 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 51 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 52 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 53 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 54 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 55 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 56 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 57 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 58 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 59 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 60 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 61 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 62 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 63 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000001n => RCX ; RR = 64 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 65 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 66 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 67 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 68 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 69 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 70 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 71 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 72 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 73 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 74 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 75 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 76 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 77 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 78 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 79 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 80 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 81 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 82 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 83 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 84 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 85 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 86 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 87 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 88 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 89 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 90 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 91 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 92 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 93 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 94 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 95 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000001n => RCX ; RR = 96 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 97 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 98 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 99 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 100 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 101 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 102 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 103 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 104 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 105 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 106 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 107 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 108 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 109 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 110 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 111 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 112 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 113 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 114 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 115 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 116 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 117 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 118 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 119 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 120 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 121 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 122 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 123 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 124 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 125 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 126 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 127 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000001n => RCX ; RR = 128 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 129 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 130 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 131 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 132 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 133 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 134 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 135 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 136 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 137 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 138 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 139 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 140 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 141 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 142 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 143 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 144 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 145 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 146 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 147 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 148 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 149 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 150 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 151 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 152 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 153 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 154 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 155 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 156 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 157 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 158 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 159 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000001n => RCX ; RR = 160 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 161 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 162 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 163 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 164 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 165 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 166 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 167 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 168 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 169 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 170 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 171 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 172 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 173 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 174 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 175 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 176 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 177 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 178 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 179 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 180 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 181 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 182 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 183 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 184 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 185 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 186 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 187 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 188 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 189 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 190 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 191 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000001n => RCX ; RR = 192 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 193 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 194 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 195 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 196 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 197 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 198 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 199 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 200 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 201 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 202 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 203 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 204 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 205 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 206 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 207 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 208 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 209 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 210 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 211 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 212 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 213 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 214 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 215 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 216 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 217 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 218 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 219 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 220 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 221 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 222 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 223 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000001n => RCX ; RR = 224 + HASHPOS + 0x00000001n => HASHPOS :JMP(dblScalarMulSecp256k1_save_k11_k21) + RCX + 0x00000002n => RCX ; RR = 225 + HASHPOS + 0x00000002n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000004n => RCX ; RR = 226 + HASHPOS + 0x00000004n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000008n => RCX ; RR = 227 + HASHPOS + 0x00000008n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000010n => RCX ; RR = 228 + HASHPOS + 0x00000010n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000020n => RCX ; RR = 229 + HASHPOS + 0x00000020n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000040n => RCX ; RR = 230 + HASHPOS + 0x00000040n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000080n => RCX ; RR = 231 + HASHPOS + 0x00000080n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000100n => RCX ; RR = 232 + HASHPOS + 0x00000100n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000200n => RCX ; RR = 233 + HASHPOS + 0x00000200n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000400n => RCX ; RR = 234 + HASHPOS + 0x00000400n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00000800n => RCX ; RR = 235 + HASHPOS + 0x00000800n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00001000n => RCX ; RR = 236 + HASHPOS + 0x00001000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00002000n => RCX ; RR = 237 + HASHPOS + 0x00002000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00004000n => RCX ; RR = 238 + HASHPOS + 0x00004000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00008000n => RCX ; RR = 239 + HASHPOS + 0x00008000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00010000n => RCX ; RR = 240 + HASHPOS + 0x00010000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00020000n => RCX ; RR = 241 + HASHPOS + 0x00020000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00040000n => RCX ; RR = 242 + HASHPOS + 0x00040000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00080000n => RCX ; RR = 243 + HASHPOS + 0x00080000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00100000n => RCX ; RR = 244 + HASHPOS + 0x00100000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00200000n => RCX ; RR = 245 + HASHPOS + 0x00200000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00400000n => RCX ; RR = 246 + HASHPOS + 0x00400000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x00800000n => RCX ; RR = 247 + HASHPOS + 0x00800000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x01000000n => RCX ; RR = 248 + HASHPOS + 0x01000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x02000000n => RCX ; RR = 249 + HASHPOS + 0x02000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x04000000n => RCX ; RR = 250 + HASHPOS + 0x04000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x08000000n => RCX ; RR = 251 + HASHPOS + 0x08000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x10000000n => RCX ; RR = 252 + HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x20000000n => RCX ; RR = 253 + HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x40000000n => RCX ; RR = 254 + HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) + RCX + 0x80000000n => RCX ; RR = 255 + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k11_k21_add_prepare) ; Sage code ; ---------------------------------------- @@ -1700,4 +1949,5 @@ dblScalarMulSecp256k1_scalar_table_k10_k21: HASHPOS + 0x10000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k10_k21_add_prepare) ; RR = 252 HASHPOS + 0x20000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k10_k21_add_prepare) ; RR = 253 HASHPOS + 0x40000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k10_k21_add_prepare) ; RR = 254 - HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k10_k21_add_prepare) ; RR = 255 \ No newline at end of file + HASHPOS + 0x80000000n => HASHPOS :JMP(dblScalarMulSecp256k1_k10_k21_add_prepare) ; RR = 255 +; End of table diff --git a/main/ecrecover/ecrecover.zkasm b/main/ecrecover/ecrecover.zkasm index ab848c4e..4e137fe1 100644 --- a/main/ecrecover/ecrecover.zkasm +++ b/main/ecrecover/ecrecover.zkasm @@ -34,11 +34,11 @@ INCLUDE "constSecp256k1.zkasm" ; MAP: MAlicious Prover ; RESOURCES: -; PATH without root: [steps: 4601, bin: 8, arith: 1010] -; PATH with root: [steps: 6383, bin: 17, arith: 527, keccak: 1] -; PATH with result of dbl is infinity: [steps: 6368, bin: 16, arith: 527] +; PATH without root: [steps: 1800, bin: 8, arith: 505] +; PATH with root: [steps: 5775, bin: 11, arith: 520, keccak: 1] +; PATH with result of dbl is infinity: [steps: 5763, bin: 10, arith: 520] ; -------------------------------------------------------------------------------------- -; worst case: [steps: 6383, bin: 17, arith: 1010] +; worst case: [steps: 5775, bin: 11, arith: 520, keccak: 1] ecrecover_precompiled: %SECP256K1_N_MINUS_ONE :MSTORE(ecrecover_s_upperlimit), JMP(ecrecover_store_args) @@ -54,9 +54,9 @@ ecrecover_store_args: C :MSTORE(ecrecover_s) D :MSTORE(ecrecover_v) - %MAX_CNT_BINARY - CNT_BINARY - 20 :JMPN(outOfCountersBinary) - %MAX_CNT_ARITH - CNT_ARITH - 1100 :JMPN(outOfCountersArith) - %MAX_CNT_STEPS - STEP - 6400 :JMPN(outOfCountersStep) + %MAX_CNT_BINARY - CNT_BINARY - 15 :JMPN(outOfCountersBinary) + %MAX_CNT_ARITH - CNT_ARITH - 520 :JMPN(outOfCountersArith) + %MAX_CNT_STEPS - STEP - 6350 :JMPN(outOfCountersStep) %MAX_CNT_KECCAK_F - CNT_KECCAK_F - 1 :JMPN(outOfCountersKeccak) @@ -76,7 +76,7 @@ ecrecover_store_args: $ :EQ, JMPC(ecrecover_s_is_zero) $ => A :MLOAD(ecrecover_s_upperlimit) $ :LT, JMPC(ecrecover_s_is_too_big) - ; [steps: 23, bin: 4] + ; [steps: 21, bin: 4] 0x1Bn => B ; 27 $ => A :MLOAD(ecrecover_v) @@ -84,83 +84,89 @@ ecrecover_store_args: ; ecrecover_v_eq_1b: 0n :MSTORE(ecrecover_v_parity), JMP(ecrecover_v_ok) - ; 1] [steps: 27, bin: 5] + ; 1] [steps: 25, bin: 5] ecrecover_v_not_eq_1b: - 0x1Cn => B - $ => E :EQ, JMPNC(ecrecover_v_not_eq_1b1c) - + 0x1Cn => B ; 28 ; ecrecover_v_eq_1c: - 1n :MSTORE(ecrecover_v_parity) - ; 2] [steps: 29, bin: 6] + $ => E :EQ, MSTORE(ecrecover_v_parity), JMPNC(ecrecover_v_not_eq_1b1c) + ; 2] [steps: 27, bin: 6] ecrecover_v_ok: - ; before (w.c.) -> [steps: 29, bin: 6] + ; before (w.c.) -> [steps: 27, bin: 6] ; ; y² = x³ + 7 ; ; A·B·A + 7 = calculate y from x ; - $ => A,B :MLOAD(ecrecover_r), CALL(mulFpSecp256k1) ; 2 arith + 8 steps - C => A - $ => B :MLOAD(ecrecover_r), CALL(mulFpSecp256k1) ; 2 arith + 8 steps + %SECP256K1_P => D + + ; Square r + $ => A,B :MLOAD(ecrecover_r) + 0 => C + ${(A*B) % D} => A :ARITH_MOD + ; A = r², B = r, C = 0 + + ; Mul r² by r + ${(A*B) % D} => C :ARITH_MOD + ; A = r², B = r, C = r³ - 7 => A :CALL(addFpSecp256k1) ; 2 ariths + 8 steps + ; Add 7 to r³ + 7 => A + 1 => B + ${(A + C) % D} => C :ARITH_MOD, MSTORE(ecrecover_y2) + ; A = 7, B = 1, C = r³ + 7 ; load on A parity expected - ; [steps: 53, bin: 6, arith: 6] - $ => A :MLOAD(ecrecover_v_parity) - C :MSTORE(ecrecover_y2), CALL(sqrtFpSecp256k1) ; with sqrt: [steps: 15, bin: 1, arith: 2] - ;without sqrt: [steps: 15, bin: 1, arith: 0] + ; [steps: 35, bin: 6, arith: 3] + $ => A :MLOAD(ecrecover_v_parity), CALL(sqrtFpSecp256k1) ; with sqrt: [steps: 7, bin: 1, arith: 1] + ;without sqrt: [steps: 4, bin: 1, arith: 0] - ; If it has root B = 1, else B = 0 - ; If B = 1 => C is alias-free (see sqrtFpSecp256k1) + ; If it has root C = 0, else B = 1 + ; If C = 0 => B is alias-free (see sqrtFpSecp256k1) - B :JMPNZ(ecrecover_has_sqrt) - ; [steps: 71, bin: 7, arith: 6] + C :JMPZ(ecrecover_has_sqrt) + ; [steps: 39, bin: 7, arith: 3] ; hasn't sqrt, now verify - $ => C :MLOAD(ecrecover_y2), CALL(checkSqrtFpSecp256k1) ; [steps: 4524, bin: 1, arith: 1004] - ; check must return on A register 1, because the root has no solution + $ => C :MLOAD(ecrecover_y2), CALL(assertNQRFpSecp256k1) ; [steps: 1761, bin: 1, arith: 502] - 1 :ASSERT, JMP(ecrecover_not_exists_sqrt_of_y) - ; till the end -> [steps: 4601, bin: 8, arith: 1010] + :JMP(ecrecover_not_exists_sqrt_of_y) + ; till the end -> [steps: 1800, bin: 8, arith: 505] ecrecover_has_sqrt: - ; before -> [steps: 71, bin: 7, arith: 8] + ; before -> [steps: 42, bin: 7, arith: 4] ; (v == 1b) ecrecover_y_parity = 0x00 ; (v == 1c) ecrecover_y_parity = 0x01 - ; C: y = sqrt(y^2) [it's alias free, verified in previous lines] + ; B: y = sqrt(y^2) [it's alias free, verified in previous lines] + B :MSTORE(ecrecover_y) 1 => A - C => B - $ => A :AND + ; ASSERT ((y & 1) == ecrecover_v_parity), if it fails => MAP + ${B & 1} :AND, MLOAD(ecrecover_v_parity) ; how solution y = 0 not exists because -7 not has a cubic root, - ; always parity of A must be equal to v_parity - - ; ASSERT (A == ecrecover_v_parity), if it fails => MAP - A :MLOAD(ecrecover_v_parity) - - C :MSTORE(ecrecover_y) ; compute r inverse - $ => A :MLOAD(ecrecover_r), CALL(invFnSecp256k1) ; 2 ariths + 2 binaries + 13 steps - B :MSTORE(ecrecover_r_inv) + $ => A :MLOAD(ecrecover_r) + ${var _invFnSecp256k1_A = inverseFnEc(A)} => B :MSTORE(ecrecover_r_inv) + 0 => C + %SECP256K1_N => D + 1n :ARITH_MOD - ; calculate C as (hash * inv_r) % SECP256K1_N - $ => A :MLOAD(ecrecover_hash), CALL(mulFnSecp256k1) ; 2 arith + 8 steps + ; calculate A as (hash * inv_r) % SECP256K1_N + $ => A :MLOAD(ecrecover_hash) + ${(A*B) % D} => B :ARITH_MOD ; calculate k1 as (SECP256K1_N - hash * inv_r) % SECP256K1_N - ; C = (hash * inv_r) % SECP256K1_N no alias free (MAP) - C => A - 0 => B - ; C is zero, special case + ; B = (hash * inv_r) % SECP256K1_N is alias free + 0 => A + ; B is zero, special case $ :EQ, JMPNC(k1_c_is_not_zero) - ; [steps: 103, bin: 11, arith: 12] + ; [steps: 54, bin: 9, arith: 6] k1_c_is_zero: ; k1 = 0 is alias-free @@ -168,34 +174,27 @@ k1_c_is_zero: k1_c_is_not_zero: - ; before (w.c.) -> [steps: 103, bin: 11, arith: 12] + ; before (w.c.) -> [steps: 54, bin: 9, arith: 6] - ; A,C = (hash * inv_r) % SECP256K1_N - ; check A is alias-free, if not MAP ==> proof fails - %SECP256K1_N => B - 1 :LT ; ASSERT A < SECP256K1_N + ; B = (hash * inv_r) % SECP256K1_N - ; SECP256K1_N - A = SECP256K1_N - (hash * inv_r) % SECP256K1_N - A => B + ; SECP256K1_N - B = SECP256K1_N - (hash * inv_r) % SECP256K1_N %SECP256K1_N => A ; B != 0 ==> dblScalarMulSecp256k1_k1 = SECP256K1_N - B ; k1 is alias-free $ :SUB, MSTORE(dblScalarMulSecp256k1_k1) - ; [steps: 109, bin: 13, arith: 12] + ; [steps: 56, bin: 10, arith: 6] k1_calculated: - $ => A :MLOAD(ecrecover_s) - - ; [steps: 106, bin: 13, arith: 13] - $ => B :MLOAD(ecrecover_r_inv), CALL(mulFnSecp256k1) ; 2 arith + 8 steps + ; Compute s * inv_r + $ => A :MLOAD(ecrecover_s) + $ => B :MLOAD(ecrecover_r_inv) + ; C = 0 + ; D = SECP256K1_N + ${(A*B) % D} :ARITH_MOD, MSTORE(dblScalarMulSecp256k1_k2) ; C = (s * inv_r) % SECP256K1_N => k2 - ; [steps: 114, bin: 13, arith: 15] - C => A :MSTORE(dblScalarMulSecp256k1_k2) - %SECP256K1_N => B - - ; ASSERT(k2 is alias free) - 1 :LT + ; [steps: 59, bin: 10, arith: 7] %SECP256K1_GX :MSTORE(dblScalarMulSecp256k1_p1_x) %SECP256K1_GY :MSTORE(dblScalarMulSecp256k1_p1_y) @@ -207,24 +206,20 @@ k1_calculated: ; y isn't an alias because was checked before ; (r,y) is a point of curve because it satisfies the curve equation $ => A :MLOAD(ecrecover_y) - ; [steps: 127, bin: 14, arith: 14] - A :MSTORE(dblScalarMulSecp256k1_p2_y), CALL(dblScalarMulSecp256k1) ; 513 arith + 2 binaries + 6239 steps + A :MSTORE(dblScalarMulSecp256k1_p2_y), CALL(dblScalarMulSecp256k1) ; 513 arith + 5697 steps ; check if result of dblScalarMulSecp256k1 is point at infinity - $ :MLOAD(dblScalarMulSecp256k1_p3_is_zero), JMPNZ(ecrecover_p3_point_at_infinity) - ; [steps: 6368, bin: 16, arith: 527] + $ :MLOAD(dblScalarMulSecp256k1_p3_zero), JMPNZ(ecrecover_p3_point_at_infinity) + ; [steps: 5763, bin: 10, arith: 520] ; generate keccak of public key to obtain ethereum address $ => E :MLOAD(nextHashKId) E + 1 :MSTORE(nextHashKId) 0 => HASHPOS - 32 => D ; p3_x, p3_y are alias free because arithmetic guarantees it - $ => A :MLOAD(dblScalarMulSecp256k1_p3_x) - A :HASHK(E) - $ => A :MLOAD(dblScalarMulSecp256k1_p3_y) - A :HASHK(E) + ${mem.dblScalarMulSecp256k1_p3_x} :MLOAD(dblScalarMulSecp256k1_p3_x), HASHK32(E) + ${mem.dblScalarMulSecp256k1_p3_y} :MLOAD(dblScalarMulSecp256k1_p3_y), HASHK32(E) 64 :HASHKLEN(E) $ => A :HASHKDIGEST(E) @@ -232,7 +227,7 @@ k1_calculated: ; for address take only last 20 bytes 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFn => B $ => A :AND - ; till the end -> [steps: 6383, bin: 17, arith: 527] + ; till the end -> [steps: 5775, bin: 11, arith: 520] 0 => B :JMP(ecrecover_end) ; ERRORS @@ -264,14 +259,7 @@ ecrecover_end: $ => RR :MLOAD(ecrecover_RR) :RETURN -INCLUDE "./FPSECP256K1/addFpSecp256k1.zkasm" -INCLUDE "./FPSECP256K1/mulFpSecp256k1.zkasm" -INCLUDE "./FPSECP256K1/squareFpSecp256k1.zkasm" -INCLUDE "./FPSECP256K1/invFpSecp256k1.zkasm" INCLUDE "./FPSECP256K1/sqrtFpSecp256k1.zkasm" -INCLUDE "./FPSECP256K1/checkSqrtFpSecp256k1.zkasm" - -INCLUDE "./FNSECP256K1/mulFnSecp256k1.zkasm" -INCLUDE "./FNSECP256K1/invFnSecp256k1.zkasm" +INCLUDE "./FPSECP256K1/assertNQRFpSecp256k1.zkasm" INCLUDE "dblScalarMulSecp256k1.zkasm" \ No newline at end of file diff --git a/test/ecrecover.zkasm b/test/ecrecover.zkasm index d076e808..3c06b66f 100644 --- a/test/ecrecover.zkasm +++ b/test/ecrecover.zkasm @@ -549,6 +549,11 @@ point_arith_tests: :JMP(end) +;@info function to force a failed assert +failAssert: + 1 => A + 2 :ASSERT + outOfCountersBinary: outOfCountersArith: outOfCountersKeccak: