# Precompile for Elliptic Curve Linear Combinations

PR here: https://github.com/ethereum/EIPs/pull/1829

I have removed redundant content posted here.

## Questions

**Q4.** Accepting points in compressed form adds extra overhead to every call, but allows caller to work with compressed coordinates. Is it worth it?

**Q5.** Cleverness allows you to use this precompile for modular square root. Is it possible to extract a modular inversion?

**Q6.** While a transaction has no assumption of privacy, this could be an issue when used in `eth_call`

. A constant time implementation also allows more code-reuse with applications that require more side-channel protection such as wallets. Should we implement constant time algorithms?

**Q8.** Is it worth exploring some hash to a curve point function or a generic pairing function?

## References

- List of elliptic curve parameters.

https://safecurves.cr.yp.to/index.html - Database of optimal addition formulas.

http://www.hyperelliptic.org/EFD/index.html - Mater Inc. Rust Finite Field implementation.

https://github.com/matterinc/ff/blob/master/src/lib.rs - And Elliptic Curve.

https://github.com/matterinc/pairing/blob/master/src/bn256/ec.rs - Parity Finite Field Implementation.

https://github.com/paritytech/bigint/blob/master/src/uint.rs - Standards for Efficient Cryptography 1 (SEC 1).

http://www.secg.org/sec1-v2.pdf - Weierstrudel implementation of BN254.

https://medium.com/aztec-protocol/huffing-for-crypto-with-weierstrudel-9c9568c06901