From f32e0609f133da442906be4079588417d5b8d58f Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Tue, 19 Aug 2025 15:25:40 -0400 Subject: [PATCH] Add warning to dalek-ff-group --- crypto/dalek-ff-group/src/lib.rs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/crypto/dalek-ff-group/src/lib.rs b/crypto/dalek-ff-group/src/lib.rs index 0e96bfa6..b24b1e56 100644 --- a/crypto/dalek-ff-group/src/lib.rs +++ b/crypto/dalek-ff-group/src/lib.rs @@ -359,7 +359,12 @@ macro_rules! dalek_group { $BASEPOINT_POINT: ident, $BASEPOINT_TABLE: ident ) => { - /// Wrapper around the dalek Point type. For Ed25519, this is restricted to the prime subgroup. + /// Wrapper around the dalek Point type. + /// + /// All operations will be restricted to a prime-order subgroup (equivalent to the group itself + /// in the case of Ristretto). The exposure of the internal element does allow bypassing this + /// however, which may lead to undefined/computationally-unsafe behavior, and is entirely at + /// the user's risk. #[derive(Clone, Copy, PartialEq, Eq, Debug, Zeroize)] pub struct $Point(pub $DPoint); deref_borrow!($Point, $DPoint);