c-api: add scalar mul on G1 and G2 - followup #332

bindings/c_curve_decls.nim

@@ -359,54 +359,50 @@ template genBindings_EC_ShortW_NonAffine*(ECP, ECP_Aff, ScalarBig, ScalarField:
   func `ctt _ ECP _ batch_affine`(dst: ptr UncheckedArray[ECP_Aff], src: ptr UncheckedArray[ECP], n: csize_t) =
     dst.batchAffine(src, cast[int](n))
 
-  when ECP.G == G1:
-    # Workaround gensym issue in templates like mulCheckSparse
-    # for {.noInit.} temporaries and probably generic sandwich
+  func `ctt _ ECP _ scalar_mul_big_coef`(
+    P: var ECP, scalar: ScalarBig) =
 
-    func `ctt _ ECP _ scalar_mul_big_coef`(
-      P: var ECP, scalar: ScalarBig) =
+    P.scalarMul(scalar)
 
-      P.scalarMul(scalar)
+  func `ctt _ ECP _ scalar_mul_fr_coef`(
+        P: var ECP, scalar: ScalarField) =
 
-    func `ctt _ ECP _ scalar_mul_fr_coef`(
-          P: var ECP, scalar: ScalarField) =
+    var big: ScalarBig # TODO: {.noInit.}
+    big.fromField(scalar)
+    P.scalarMul(big)
 
-      var big: ScalarBig # TODO: {.noInit.}
-      big.fromField(scalar)
-      P.scalarMul(big)
+  func `ctt _ ECP _ scalar_mul_big_coef_vartime`(
+    P: var ECP, scalar: ScalarBig) =
 
-    func `ctt _ ECP _ scalar_mul_big_coef_vartime`(
-      P: var ECP, scalar: ScalarBig) =
+    P.scalarMul_vartime(scalar)
 
-      P.scalarMul_vartime(scalar)
+  func `ctt _ ECP _ scalar_mul_fr_coef_vartime`(
+        P: var ECP, scalar: ScalarField) =
 
-    func `ctt _ ECP _ scalar_mul_fr_coef_vartime`(
-          P: var ECP, scalar: ScalarField) =
+    var big: ScalarBig # TODO: {.noInit.}
+    big.fromField(scalar)
+    P.scalarMul_vartime(big)
 
-      var big: ScalarBig # TODO: {.noInit.}
-      big.fromField(scalar)
-      P.scalarMul_vartime(big)
+  func `ctt _ ECP _ multi_scalar_mul_big_coefs_vartime`(
+          r: var ECP,
+          coefs: ptr UncheckedArray[ScalarBig],
+          points: ptr UncheckedArray[ECP_Aff],
+          len: csize_t) =
+    r.multiScalarMul_vartime(coefs, points, cast[int](len))
 
-    func `ctt _ ECP _ multi_scalar_mul_big_coefs_vartime`(
-            r: var ECP,
-            coefs: ptr UncheckedArray[ScalarBig],
-            points: ptr UncheckedArray[ECP_Aff],
-            len: csize_t) =
-      r.multiScalarMul_vartime(coefs, points, cast[int](len))
+  func `ctt _ ECP _ multi_scalar_mul_fr_coefs_vartime`(
+          r: var ECP,
+          coefs: ptr UncheckedArray[ScalarField],
+          points: ptr UncheckedArray[ECP_Aff],
+          len: csize_t)=
 
-    func `ctt _ ECP _ multi_scalar_mul_fr_coefs_vartime`(
-            r: var ECP,
-            coefs: ptr UncheckedArray[ScalarField],
-            points: ptr UncheckedArray[ECP_Aff],
-            len: csize_t)=
+    let n = cast[int](len)
+    let coefs_fr = allocHeapArrayAligned(ScalarBig, n, alignment = 64)
 
-      let n = cast[int](len)
-      let coefs_fr = allocHeapArrayAligned(ScalarBig, n, alignment = 64)
+    for i in 0 ..< n:
+      coefs_fr[i].fromField(coefs[i])
+    r.multiScalarMul_vartime(coefs_fr, points, n)
 
-      for i in 0 ..< n:
-        coefs_fr[i].fromField(coefs[i])
-      r.multiScalarMul_vartime(coefs_fr, points, n)
-
-      freeHeapAligned(coefs_fr)
+    freeHeapAligned(coefs_fr)
 
   {.pop.}

constantine/math/extension_fields/towers.nim

@@ -1439,12 +1439,14 @@ func mul_sparse_by_x0*(a: var QuadraticExt, sparseB: QuadraticExt) =
   ## Sparse in-place multiplication
   a.mul_sparse_by_x0(a, sparseB)
 
-template mulCheckSparse*(a: var QuadraticExt, b: QuadraticExt) =
+func mulCheckSparse*(a: var QuadraticExt, b: static QuadraticExt) {.inline.} =
   when isOne(b).bool:
     discard
   elif isMinusOne(b).bool:
     a.neg()
   elif isZero(c0(b)).bool and isOne(c1(b)).bool:
+    # TODO: raise upstream, in Nim v2 templates {.noInit.} temporaries use incorrect t`gensymXXXX
+    # hence we use an inline function with static argument
     var t {.noInit.}: type(a.c0)
     when fromComplexExtension(b):
       t.neg(a.c1)
@@ -1455,6 +1457,8 @@ template mulCheckSparse*(a: var QuadraticExt, b: QuadraticExt) =
       a.c1 = a.c0
       a.c0 = t
   elif isZero(c0(b)).bool and isMinusOne(c1(b)).bool:
+    # TODO: raise upstream, in Nim v2 templates {.noInit.} temporaries use incorrect t`gensymXXXX
+    # hence we use an inline function with static argument
     var t {.noInit.}: type(a.c0)
     when fromComplexExtension(b):
       t = a.c1

include/constantine/curves/bls12_381.h

@@ -152,6 +152,12 @@ void        ctt_bls12_381_g1_jac_double_in_place(bls12_381_g1_jac* P);
 void        ctt_bls12_381_g1_jac_affine(bls12_381_g1_aff* dst, const bls12_381_g1_jac* src);
 void        ctt_bls12_381_g1_jac_from_affine(bls12_381_g1_jac* dst, const bls12_381_g1_aff* src);
 void        ctt_bls12_381_g1_jac_batch_affine(const bls12_381_g1_aff dst[], const bls12_381_g1_jac src[], size_t n);
+void        ctt_bls12_381_g1_jac_scalar_mul_big_coef(bls12_381_g1_jac* P, const big255* scalar);
+void        ctt_bls12_381_g1_jac_scalar_mul_fr_coef(bls12_381_g1_jac* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g1_jac_scalar_mul_big_coef_vartime(bls12_381_g1_jac* P, const big255* scalar);
+void        ctt_bls12_381_g1_jac_scalar_mul_fr_coef_vartime(bls12_381_g1_jac* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g1_jac_multi_scalar_mul_big_coefs_vartime(bls12_381_g1_jac* r, const big255 coefs[], const bls12_381_g1_aff points[], size_t len);
+void        ctt_bls12_381_g1_jac_multi_scalar_mul_fr_coefs_vartime(bls12_381_g1_jac* r, const bls12_381_fr coefs[], const bls12_381_g1_aff points[], size_t len);
 secret_bool ctt_bls12_381_g1_prj_is_eq(const bls12_381_g1_prj* P, const bls12_381_g1_prj* Q);
 secret_bool ctt_bls12_381_g1_prj_is_inf(const bls12_381_g1_prj* P);
 void        ctt_bls12_381_g1_prj_set_inf(bls12_381_g1_prj* P);
@@ -167,6 +173,12 @@ void        ctt_bls12_381_g1_prj_double_in_place(bls12_381_g1_prj* P);
 void        ctt_bls12_381_g1_prj_affine(bls12_381_g1_aff* dst, const bls12_381_g1_prj* src);
 void        ctt_bls12_381_g1_prj_from_affine(bls12_381_g1_prj* dst, const bls12_381_g1_aff* src);
 void        ctt_bls12_381_g1_prj_batch_affine(const bls12_381_g1_aff dst[], const bls12_381_g1_prj src[], size_t n);
+void        ctt_bls12_381_g1_prj_scalar_mul_big_coef(bls12_381_g1_prj* P, const big255* scalar);
+void        ctt_bls12_381_g1_prj_scalar_mul_fr_coef(bls12_381_g1_prj* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g1_prj_scalar_mul_big_coef_vartime(bls12_381_g1_prj* P, const big255* scalar);
+void        ctt_bls12_381_g1_prj_scalar_mul_fr_coef_vartime(bls12_381_g1_prj* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g1_prj_multi_scalar_mul_big_coefs_vartime(bls12_381_g1_prj* r, const big255 coefs[], const bls12_381_g1_aff points[], size_t len);
+void        ctt_bls12_381_g1_prj_multi_scalar_mul_fr_coefs_vartime(bls12_381_g1_prj* r, const bls12_381_fr coefs[], const bls12_381_g1_aff points[], size_t len);
 secret_bool ctt_bls12_381_g2_aff_is_eq(const bls12_381_g2_aff* P, const bls12_381_g2_aff* Q);
 secret_bool ctt_bls12_381_g2_aff_is_inf(const bls12_381_g2_aff* P);
 void        ctt_bls12_381_g2_aff_set_inf(bls12_381_g2_aff* P);
@@ -189,6 +201,12 @@ void        ctt_bls12_381_g2_jac_double_in_place(bls12_381_g2_jac* P);
 void        ctt_bls12_381_g2_jac_affine(bls12_381_g2_aff* dst, const bls12_381_g2_jac* src);
 void        ctt_bls12_381_g2_jac_from_affine(bls12_381_g2_jac* dst, const bls12_381_g2_aff* src);
 void        ctt_bls12_381_g2_jac_batch_affine(const bls12_381_g2_aff dst[], const bls12_381_g2_jac src[], size_t n);
+void        ctt_bls12_381_g2_jac_scalar_mul_big_coef(bls12_381_g2_jac* P, const big255* scalar);
+void        ctt_bls12_381_g2_jac_scalar_mul_fr_coef(bls12_381_g2_jac* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g2_jac_scalar_mul_big_coef_vartime(bls12_381_g2_jac* P, const big255* scalar);
+void        ctt_bls12_381_g2_jac_scalar_mul_fr_coef_vartime(bls12_381_g2_jac* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g2_jac_multi_scalar_mul_big_coefs_vartime(bls12_381_g2_jac* r, const big255 coefs[], const bls12_381_g2_aff points[], size_t len);
+void        ctt_bls12_381_g2_jac_multi_scalar_mul_fr_coefs_vartime(bls12_381_g2_jac* r, const bls12_381_fr coefs[], const bls12_381_g2_aff points[], size_t len);
 secret_bool ctt_bls12_381_g2_prj_is_eq(const bls12_381_g2_prj* P, const bls12_381_g2_prj* Q);
 secret_bool ctt_bls12_381_g2_prj_is_inf(const bls12_381_g2_prj* P);
 void        ctt_bls12_381_g2_prj_set_inf(bls12_381_g2_prj* P);
@@ -204,6 +222,12 @@ void        ctt_bls12_381_g2_prj_double_in_place(bls12_381_g2_prj* P);
 void        ctt_bls12_381_g2_prj_affine(bls12_381_g2_aff* dst, const bls12_381_g2_prj* src);
 void        ctt_bls12_381_g2_prj_from_affine(bls12_381_g2_prj* dst, const bls12_381_g2_aff* src);
 void        ctt_bls12_381_g2_prj_batch_affine(const bls12_381_g2_aff dst[], const bls12_381_g2_prj src[], size_t n);
+void        ctt_bls12_381_g2_prj_scalar_mul_big_coef(bls12_381_g2_prj* P, const big255* scalar);
+void        ctt_bls12_381_g2_prj_scalar_mul_fr_coef(bls12_381_g2_prj* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g2_prj_scalar_mul_big_coef_vartime(bls12_381_g2_prj* P, const big255* scalar);
+void        ctt_bls12_381_g2_prj_scalar_mul_fr_coef_vartime(bls12_381_g2_prj* P, const bls12_381_fr* scalar);
+void        ctt_bls12_381_g2_prj_multi_scalar_mul_big_coefs_vartime(bls12_381_g2_prj* r, const big255 coefs[], const bls12_381_g2_aff points[], size_t len);
+void        ctt_bls12_381_g2_prj_multi_scalar_mul_fr_coefs_vartime(bls12_381_g2_prj* r, const bls12_381_fr coefs[], const bls12_381_g2_aff points[], size_t len);
 
 #ifdef __cplusplus
 }

include/constantine/curves/bn254_snarks.h

@@ -152,6 +152,12 @@ void        ctt_bn254_snarks_g1_jac_double_in_place(bn254_snarks_g1_jac* P);
 void        ctt_bn254_snarks_g1_jac_affine(bn254_snarks_g1_aff* dst, const bn254_snarks_g1_jac* src);
 void        ctt_bn254_snarks_g1_jac_from_affine(bn254_snarks_g1_jac* dst, const bn254_snarks_g1_aff* src);
 void        ctt_bn254_snarks_g1_jac_batch_affine(const bn254_snarks_g1_aff dst[], const bn254_snarks_g1_jac src[], size_t n);
+void        ctt_bn254_snarks_g1_jac_scalar_mul_big_coef(bn254_snarks_g1_jac* P, const big254* scalar);
+void        ctt_bn254_snarks_g1_jac_scalar_mul_fr_coef(bn254_snarks_g1_jac* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g1_jac_scalar_mul_big_coef_vartime(bn254_snarks_g1_jac* P, const big254* scalar);
+void        ctt_bn254_snarks_g1_jac_scalar_mul_fr_coef_vartime(bn254_snarks_g1_jac* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g1_jac_multi_scalar_mul_big_coefs_vartime(bn254_snarks_g1_jac* r, const big254 coefs[], const bn254_snarks_g1_aff points[], size_t len);
+void        ctt_bn254_snarks_g1_jac_multi_scalar_mul_fr_coefs_vartime(bn254_snarks_g1_jac* r, const bn254_snarks_fr coefs[], const bn254_snarks_g1_aff points[], size_t len);
 secret_bool ctt_bn254_snarks_g1_prj_is_eq(const bn254_snarks_g1_prj* P, const bn254_snarks_g1_prj* Q);
 secret_bool ctt_bn254_snarks_g1_prj_is_inf(const bn254_snarks_g1_prj* P);
 void        ctt_bn254_snarks_g1_prj_set_inf(bn254_snarks_g1_prj* P);
@@ -167,6 +173,12 @@ void        ctt_bn254_snarks_g1_prj_double_in_place(bn254_snarks_g1_prj* P);
 void        ctt_bn254_snarks_g1_prj_affine(bn254_snarks_g1_aff* dst, const bn254_snarks_g1_prj* src);
 void        ctt_bn254_snarks_g1_prj_from_affine(bn254_snarks_g1_prj* dst, const bn254_snarks_g1_aff* src);
 void        ctt_bn254_snarks_g1_prj_batch_affine(const bn254_snarks_g1_aff dst[], const bn254_snarks_g1_prj src[], size_t n);
+void        ctt_bn254_snarks_g1_prj_scalar_mul_big_coef(bn254_snarks_g1_prj* P, const big254* scalar);
+void        ctt_bn254_snarks_g1_prj_scalar_mul_fr_coef(bn254_snarks_g1_prj* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g1_prj_scalar_mul_big_coef_vartime(bn254_snarks_g1_prj* P, const big254* scalar);
+void        ctt_bn254_snarks_g1_prj_scalar_mul_fr_coef_vartime(bn254_snarks_g1_prj* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g1_prj_multi_scalar_mul_big_coefs_vartime(bn254_snarks_g1_prj* r, const big254 coefs[], const bn254_snarks_g1_aff points[], size_t len);
+void        ctt_bn254_snarks_g1_prj_multi_scalar_mul_fr_coefs_vartime(bn254_snarks_g1_prj* r, const bn254_snarks_fr coefs[], const bn254_snarks_g1_aff points[], size_t len);
 secret_bool ctt_bn254_snarks_g2_aff_is_eq(const bn254_snarks_g2_aff* P, const bn254_snarks_g2_aff* Q);
 secret_bool ctt_bn254_snarks_g2_aff_is_inf(const bn254_snarks_g2_aff* P);
 void        ctt_bn254_snarks_g2_aff_set_inf(bn254_snarks_g2_aff* P);
@@ -189,6 +201,12 @@ void        ctt_bn254_snarks_g2_jac_double_in_place(bn254_snarks_g2_jac* P);
 void        ctt_bn254_snarks_g2_jac_affine(bn254_snarks_g2_aff* dst, const bn254_snarks_g2_jac* src);
 void        ctt_bn254_snarks_g2_jac_from_affine(bn254_snarks_g2_jac* dst, const bn254_snarks_g2_aff* src);
 void        ctt_bn254_snarks_g2_jac_batch_affine(const bn254_snarks_g2_aff dst[], const bn254_snarks_g2_jac src[], size_t n);
+void        ctt_bn254_snarks_g2_jac_scalar_mul_big_coef(bn254_snarks_g2_jac* P, const big254* scalar);
+void        ctt_bn254_snarks_g2_jac_scalar_mul_fr_coef(bn254_snarks_g2_jac* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g2_jac_scalar_mul_big_coef_vartime(bn254_snarks_g2_jac* P, const big254* scalar);
+void        ctt_bn254_snarks_g2_jac_scalar_mul_fr_coef_vartime(bn254_snarks_g2_jac* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g2_jac_multi_scalar_mul_big_coefs_vartime(bn254_snarks_g2_jac* r, const big254 coefs[], const bn254_snarks_g2_aff points[], size_t len);
+void        ctt_bn254_snarks_g2_jac_multi_scalar_mul_fr_coefs_vartime(bn254_snarks_g2_jac* r, const bn254_snarks_fr coefs[], const bn254_snarks_g2_aff points[], size_t len);
 secret_bool ctt_bn254_snarks_g2_prj_is_eq(const bn254_snarks_g2_prj* P, const bn254_snarks_g2_prj* Q);
 secret_bool ctt_bn254_snarks_g2_prj_is_inf(const bn254_snarks_g2_prj* P);
 void        ctt_bn254_snarks_g2_prj_set_inf(bn254_snarks_g2_prj* P);
@@ -204,6 +222,12 @@ void        ctt_bn254_snarks_g2_prj_double_in_place(bn254_snarks_g2_prj* P);
 void        ctt_bn254_snarks_g2_prj_affine(bn254_snarks_g2_aff* dst, const bn254_snarks_g2_prj* src);
 void        ctt_bn254_snarks_g2_prj_from_affine(bn254_snarks_g2_prj* dst, const bn254_snarks_g2_aff* src);
 void        ctt_bn254_snarks_g2_prj_batch_affine(const bn254_snarks_g2_aff dst[], const bn254_snarks_g2_prj src[], size_t n);
+void        ctt_bn254_snarks_g2_prj_scalar_mul_big_coef(bn254_snarks_g2_prj* P, const big254* scalar);
+void        ctt_bn254_snarks_g2_prj_scalar_mul_fr_coef(bn254_snarks_g2_prj* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g2_prj_scalar_mul_big_coef_vartime(bn254_snarks_g2_prj* P, const big254* scalar);
+void        ctt_bn254_snarks_g2_prj_scalar_mul_fr_coef_vartime(bn254_snarks_g2_prj* P, const bn254_snarks_fr* scalar);
+void        ctt_bn254_snarks_g2_prj_multi_scalar_mul_big_coefs_vartime(bn254_snarks_g2_prj* r, const big254 coefs[], const bn254_snarks_g2_aff points[], size_t len);
+void        ctt_bn254_snarks_g2_prj_multi_scalar_mul_fr_coefs_vartime(bn254_snarks_g2_prj* r, const bn254_snarks_fr coefs[], const bn254_snarks_g2_aff points[], size_t len);
 
 #ifdef __cplusplus
 }

include/constantine/curves/pallas.h

@@ -114,6 +114,12 @@ void        ctt_pallas_ec_jac_double_in_place(pallas_ec_jac* P);
 void        ctt_pallas_ec_jac_affine(pallas_ec_aff* dst, const pallas_ec_jac* src);
 void        ctt_pallas_ec_jac_from_affine(pallas_ec_jac* dst, const pallas_ec_aff* src);
 void        ctt_pallas_ec_jac_batch_affine(const pallas_ec_aff dst[], const pallas_ec_jac src[], size_t n);
+void        ctt_pallas_ec_jac_scalar_mul_big_coef(pallas_ec_jac* P, const big255* scalar);
+void        ctt_pallas_ec_jac_scalar_mul_fr_coef(pallas_ec_jac* P, const pallas_fr* scalar);
+void        ctt_pallas_ec_jac_scalar_mul_big_coef_vartime(pallas_ec_jac* P, const big255* scalar);
+void        ctt_pallas_ec_jac_scalar_mul_fr_coef_vartime(pallas_ec_jac* P, const pallas_fr* scalar);
+void        ctt_pallas_ec_jac_multi_scalar_mul_big_coefs_vartime(pallas_ec_jac* r, const big255 coefs[], const pallas_ec_aff points[], size_t len);
+void        ctt_pallas_ec_jac_multi_scalar_mul_fr_coefs_vartime(pallas_ec_jac* r, const pallas_fr coefs[], const pallas_ec_aff points[], size_t len);
 secret_bool ctt_pallas_ec_prj_is_eq(const pallas_ec_prj* P, const pallas_ec_prj* Q);
 secret_bool ctt_pallas_ec_prj_is_inf(const pallas_ec_prj* P);
 void        ctt_pallas_ec_prj_set_inf(pallas_ec_prj* P);
@@ -129,6 +135,12 @@ void        ctt_pallas_ec_prj_double_in_place(pallas_ec_prj* P);
 void        ctt_pallas_ec_prj_affine(pallas_ec_aff* dst, const pallas_ec_prj* src);
 void        ctt_pallas_ec_prj_from_affine(pallas_ec_prj* dst, const pallas_ec_aff* src);
 void        ctt_pallas_ec_prj_batch_affine(const pallas_ec_aff dst[], const pallas_ec_prj src[], size_t n);
+void        ctt_pallas_ec_prj_scalar_mul_big_coef(pallas_ec_prj* P, const big255* scalar);
+void        ctt_pallas_ec_prj_scalar_mul_fr_coef(pallas_ec_prj* P, const pallas_fr* scalar);
+void        ctt_pallas_ec_prj_scalar_mul_big_coef_vartime(pallas_ec_prj* P, const big255* scalar);
+void        ctt_pallas_ec_prj_scalar_mul_fr_coef_vartime(pallas_ec_prj* P, const pallas_fr* scalar);
+void        ctt_pallas_ec_prj_multi_scalar_mul_big_coefs_vartime(pallas_ec_prj* r, const big255 coefs[], const pallas_ec_aff points[], size_t len);
+void        ctt_pallas_ec_prj_multi_scalar_mul_fr_coefs_vartime(pallas_ec_prj* r, const pallas_fr coefs[], const pallas_ec_aff points[], size_t len);
 
 #ifdef __cplusplus
 }

include/constantine/curves/vesta.h

@@ -114,6 +114,12 @@ void        ctt_vesta_ec_jac_double_in_place(vesta_ec_jac* P);
 void        ctt_vesta_ec_jac_affine(vesta_ec_aff* dst, const vesta_ec_jac* src);
 void        ctt_vesta_ec_jac_from_affine(vesta_ec_jac* dst, const vesta_ec_aff* src);
 void        ctt_vesta_ec_jac_batch_affine(const vesta_ec_aff dst[], const vesta_ec_jac src[], size_t n);
+void        ctt_vesta_ec_jac_scalar_mul_big_coef(vesta_ec_jac* P, const big255* scalar);
+void        ctt_vesta_ec_jac_scalar_mul_fr_coef(vesta_ec_jac* P, const vesta_fr* scalar);
+void        ctt_vesta_ec_jac_scalar_mul_big_coef_vartime(vesta_ec_jac* P, const big255* scalar);
+void        ctt_vesta_ec_jac_scalar_mul_fr_coef_vartime(vesta_ec_jac* P, const vesta_fr* scalar);
+void        ctt_vesta_ec_jac_multi_scalar_mul_big_coefs_vartime(vesta_ec_jac* r, const big255 coefs[], const vesta_ec_aff points[], size_t len);
+void        ctt_vesta_ec_jac_multi_scalar_mul_fr_coefs_vartime(vesta_ec_jac* r, const vesta_fr coefs[], const vesta_ec_aff points[], size_t len);
 secret_bool ctt_vesta_ec_prj_is_eq(const vesta_ec_prj* P, const vesta_ec_prj* Q);
 secret_bool ctt_vesta_ec_prj_is_inf(const vesta_ec_prj* P);
 void        ctt_vesta_ec_prj_set_inf(vesta_ec_prj* P);
@@ -129,6 +135,12 @@ void        ctt_vesta_ec_prj_double_in_place(vesta_ec_prj* P);
 void        ctt_vesta_ec_prj_affine(vesta_ec_aff* dst, const vesta_ec_prj* src);
 void        ctt_vesta_ec_prj_from_affine(vesta_ec_prj* dst, const vesta_ec_aff* src);
 void        ctt_vesta_ec_prj_batch_affine(const vesta_ec_aff dst[], const vesta_ec_prj src[], size_t n);
+void        ctt_vesta_ec_prj_scalar_mul_big_coef(vesta_ec_prj* P, const big255* scalar);
+void        ctt_vesta_ec_prj_scalar_mul_fr_coef(vesta_ec_prj* P, const vesta_fr* scalar);
+void        ctt_vesta_ec_prj_scalar_mul_big_coef_vartime(vesta_ec_prj* P, const big255* scalar);
+void        ctt_vesta_ec_prj_scalar_mul_fr_coef_vartime(vesta_ec_prj* P, const vesta_fr* scalar);
+void        ctt_vesta_ec_prj_multi_scalar_mul_big_coefs_vartime(vesta_ec_prj* r, const big255 coefs[], const vesta_ec_aff points[], size_t len);
+void        ctt_vesta_ec_prj_multi_scalar_mul_fr_coefs_vartime(vesta_ec_prj* r, const vesta_fr coefs[], const vesta_ec_aff points[], size_t len);
 
 #ifdef __cplusplus
 }