JubJubNativePoint.random constructor

Implementation

factory JubJubNativePoint.random({bool subgroupPoint = false}) {
  while (true) {
    JubJubNativeFq v = JubJubNativeFq.random();
    final flipSign = (QuickCrypto.nextU32() % 2) != 0;
    JubJubNativeFq v2 = v.square();
    final n =
        ((v2 - JubJubNativeFq.one()) *
                ((JubJubNativeFq.one() + JubJubNativeFq.edwardsD() * v2)
                        .invert() ??
                    JubJubNativeFq.zero()))
            .sqrt()
            .sqrtOrNull();
    if (n != null) {
      JubJubNativePoint extended =
          JubJubAffineNativePoint(u: flipSign ? -n : n, v: v).toExtended();
      if (!extended.isIdentity()) {
        if (subgroupPoint) {
          extended = extended.mulByCofactor();
          if (!extended.isIdentity()) return extended;
          continue;
        }
        return extended;
      }
    }
  }
}