From f6a41d983623c489ed3d0230adf63ab0a9abea46 Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Sat, 28 May 2022 21:06:25 -0400
Subject: [PATCH] Clarify FROST's test-provided secp256k1 curve definition

---
 crypto/frost/src/tests/literal/secp256k1.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/crypto/frost/src/tests/literal/secp256k1.rs b/crypto/frost/src/tests/literal/secp256k1.rs
index c1f9223a..36ccb833 100644
--- a/crypto/frost/src/tests/literal/secp256k1.rs
+++ b/crypto/frost/src/tests/literal/secp256k1.rs
@@ -44,6 +44,10 @@ impl Curve for Secp256k1 {
 
   // The IETF draft doesn't specify a secp256k1 ciphersuite
   // This test just uses the simplest ciphersuite which would still be viable to deploy
+  // The comparable P-256 curve uses hash_to_field from the Hash To Curve IETF draft with a context
+  // string and further DST for H1 ("rho") and H3 ("digest"). It's not currently worth it to add
+  // that weight, yet if secp256k1 is ever officially acknowledged (not just a testing curve), it
+  // must be properly implemented.
   fn hash_msg(msg: &[u8]) -> Vec<u8> {
     (&Sha256::digest(msg)).to_vec()
   }