a16z · abiswas3 · Aug 14, 2025 · Aug 14, 2025 · Aug 14, 2025 · Aug 15, 2025
diff --git a/bench-templates/src/macros/field.rs b/bench-templates/src/macros/field.rs
@@ -405,16 +405,14 @@ macro_rules! prime_field {
                     f[i].into_bigint()
                 })
             });
-            let u64s = (0..SAMPLES)
-                .map(|_| rng.next_u64())
-                .collect::<Vec<_>>();
+            let u64s = (0..SAMPLES).map(|_| rng.next_u64()).collect::<Vec<_>>();
             conversions.bench_function("From u64", |b| {
                 let mut i = 0;
                 b.iter(|| {
                     i = (i + 1) % SAMPLES;
                     <$F>::from_u64(u64s[i])
                 })
-            }); 
+            });
             conversions.finish()
         }
     };

diff --git a/ec/src/lib.rs b/ec/src/lib.rs
@@ -28,11 +28,7 @@ use ark_std::{
     ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign},
     vec::*,
 };
-pub use scalar_mul::{
-    fixed_base::FixedBase,
-    variable_base::VariableBaseMSM,
-    ScalarMul,
-};
+pub use scalar_mul::{fixed_base::FixedBase, variable_base::VariableBaseMSM, ScalarMul};
 use zeroize::Zeroize;
 
 pub use ark_ff::AdditiveGroup;

diff --git a/ec/src/models/short_weierstrass/affine.rs b/ec/src/models/short_weierstrass/affine.rs
@@ -271,7 +271,6 @@ impl<P: SWCurveConfig> AffineRepr for Affine<P> {
 
     /// Multiplies this element by the cofactor and output the
     /// resulting projective element.
-    #[must_use]
     fn mul_by_cofactor_to_group(&self) -> Self::Group {
         P::mul_affine(self, Self::Config::COFACTOR)
     }

diff --git a/ec/src/models/twisted_edwards/affine.rs b/ec/src/models/twisted_edwards/affine.rs
@@ -184,7 +184,6 @@ impl<P: TECurveConfig> AffineRepr for Affine<P> {
 
     /// Multiplies this element by the cofactor and output the
     /// resulting projective element.
-    #[must_use]
     fn mul_by_cofactor_to_group(&self) -> Self::Group {
         P::mul_affine(self, Self::Config::COFACTOR)
     }

diff --git a/ec/src/pairing.rs b/ec/src/pairing.rs
@@ -102,8 +102,14 @@ pub trait Pairing: Sized + 'static + Copy + Debug + Sync + Send + Eq {
         a: impl IntoIterator<Item = impl AsRef<Self::G1Prepared>>,
         b: impl IntoIterator<Item = impl AsRef<Self::G2Prepared>>,
     ) -> MillerLoopOutput<Self> {
-        let a_cloned = a.into_iter().map(|x| x.as_ref().clone()).collect::<Vec<_>>();
-        let b_cloned = b.into_iter().map(|x| x.as_ref().clone()).collect::<Vec<_>>();
+        let a_cloned = a
+            .into_iter()
+            .map(|x| x.as_ref().clone())
+            .collect::<Vec<_>>();
+        let b_cloned = b
+            .into_iter()
+            .map(|x| x.as_ref().clone())
+            .collect::<Vec<_>>();
         Self::multi_miller_loop(a_cloned, b_cloned)
     }
 

diff --git a/ec/src/scalar_mul/fixed_base.rs b/ec/src/scalar_mul/fixed_base.rs
@@ -95,4 +95,4 @@ impl FixedBase {
             .map(|e| Self::windowed_mul::<T>(outerc, window, table, e))
             .collect::<Vec<_>>()
     }
-}
+}
diff --git a/ec/src/scalar_mul/mod.rs b/ec/src/scalar_mul/mod.rs
@@ -1,8 +1,8 @@
 pub mod glv;
 pub mod wnaf;
 
-pub mod variable_base;
 pub mod fixed_base;
+pub mod variable_base;
 
 use crate::{
     short_weierstrass::{Affine, Projective, SWCurveConfig},

diff --git a/ec/src/scalar_mul/variable_base/mod.rs b/ec/src/scalar_mul/variable_base/mod.rs
@@ -1,4 +1,5 @@
 use ark_ff::prelude::*;
+use ark_ff::biginteger::{S128, S64};
 use ark_std::{
     borrow::Borrow,
     cfg_chunks, cfg_into_iter, cfg_iter,
@@ -626,6 +627,102 @@ pub fn msm_i128<V: VariableBaseMSM>(
     }
 }
 
+pub fn msm_s64<V: VariableBaseMSM>(
+    mut bases: &[V::MulBase],
+    mut scalars: &[S64],
+    serial: bool,
+) -> V {
+    let (negative_bases, non_negative_bases): (Vec<V::MulBase>, Vec<V::MulBase>) =
+        bases.iter().enumerate().partition_map(|(i, b)| {
+            if !scalars[i].sign() {
+                Either::Left(b)
+            } else {
+                Either::Right(b)
+            }
+        });
+    let (negative_scalars, non_negative_scalars): (Vec<u64>, Vec<u64>) = scalars
+        .iter()
+        .partition_map(|s| {
+            let mag = s.magnitude_as_u64();
+            if !s.sign() {
+                Either::Left(mag)
+            } else {
+                Either::Right(mag)
+            }
+        });
+    if serial {
+        return msm_serial::<V, _>(&non_negative_bases, &non_negative_scalars)
+            - msm_serial::<V, _>(&negative_bases, &negative_scalars);
+    } else {
+        let chunk_size = match preamble(&mut bases, &mut scalars, serial) {
+            Some(chunk_size) => chunk_size,
+            None => return V::zero(),
+        };
+
+        let non_negative_msm: V = cfg_chunks!(non_negative_bases, chunk_size)
+            .zip(cfg_chunks!(non_negative_scalars, chunk_size))
+            .map(|(non_negative_bases, non_negative_scalars)| {
+                msm_serial::<V, _>(non_negative_bases, non_negative_scalars)
+            })
+            .sum();
+        let negative_msm: V = cfg_chunks!(negative_bases, chunk_size)
+            .zip(cfg_chunks!(negative_scalars, chunk_size))
+            .map(|(negative_bases, negative_scalars)| {
+                msm_serial::<V, _>(negative_bases, negative_scalars)
+            })
+            .sum();
+        non_negative_msm - negative_msm
+    }
+}
+
+pub fn msm_s128<V: VariableBaseMSM>(
+    mut bases: &[V::MulBase],
+    mut scalars: &[S128],
+    serial: bool,
+) -> V {
+    let (negative_bases, non_negative_bases): (Vec<V::MulBase>, Vec<V::MulBase>) =
+        bases.iter().enumerate().partition_map(|(i, b)| {
+            if !scalars[i].sign() {
+                Either::Left(b)
+            } else {
+                Either::Right(b)
+            }
+        });
+    let (negative_scalars, non_negative_scalars): (Vec<u128>, Vec<u128>) = scalars
+        .iter()
+        .partition_map(|s| {
+            let mag = s.magnitude_as_u128();
+            if !s.sign() {
+                Either::Left(mag)
+            } else {
+                Either::Right(mag)
+            }
+        });
+    if serial {
+        return msm_serial::<V, _>(&non_negative_bases, &non_negative_scalars)
+            - msm_serial::<V, _>(&negative_bases, &negative_scalars);
+    } else {
+        let chunk_size = match preamble(&mut bases, &mut scalars, serial) {
+            Some(chunk_size) => chunk_size,
+            None => return V::zero(),
+        };
+
+        let non_negative_msm: V = cfg_chunks!(non_negative_bases, chunk_size)
+            .zip(cfg_chunks!(non_negative_scalars, chunk_size))
+            .map(|(non_negative_bases, non_negative_scalars)| {
+                msm_serial::<V, _>(non_negative_bases, non_negative_scalars)
+            })
+            .sum();
+        let negative_msm: V = cfg_chunks!(negative_bases, chunk_size)
+            .zip(cfg_chunks!(negative_scalars, chunk_size))
+            .map(|(negative_bases, negative_scalars)| {
+                msm_serial::<V, _>(negative_bases, negative_scalars)
+            })
+            .sum();
+        non_negative_msm - negative_msm
+    }
+}
+
 pub fn msm_u128<V: VariableBaseMSM>(
     mut bases: &[V::MulBase],
     mut scalars: &[u128],

diff --git a/ff/Cargo.toml b/ff/Cargo.toml
@@ -29,7 +29,7 @@ zeroize = { workspace = true, features = ["zeroize_derive"] }
 num-bigint.workspace = true
 digest = { workspace = true, features = ["alloc"] }
 itertools.workspace = true
-allocative = { version = "0.3.4", optional = true }
+allocative = "0.3.4"
 
 [dev-dependencies]
 ark-test-curves = { workspace = true, features = [
@@ -53,4 +53,3 @@ default = []
 std = ["ark-std/std", "ark-serialize/std", "itertools/use_std"]
 parallel = ["std", "rayon", "ark-std/parallel", "ark-serialize/parallel"]
 asm = []
-allocative = ["dep:allocative"]
diff --git a/ff/src/biginteger/arithmetic.rs b/ff/src/biginteger/arithmetic.rs
@@ -123,6 +123,37 @@ pub fn mac_discard(a: u64, b: u64, c: u64, carry: &mut u64) {
     *carry = (tmp >> 64) as u64;
 }
 
+/// Accumulate `limbs` into an N-limb accumulator starting at `lane_offset` (64-bit lanes),
+/// returning the final carry. This is a helper for building wide accumulators.
+#[inline(always)]
+pub fn add_limbs_shifted_inplace<const N: usize>(
+    acc: &mut [u64; N],
+    limbs: &[u64],
+    lane_offset: usize,
+) -> u64 {
+    let mut carry = 0u64;
+    let mut i = 0usize;
+    while i < limbs.len() {
+        let idx = lane_offset + i;
+        if idx >= N {
+            break;
+        }
+        let tmp = (acc[idx] as u128) + (limbs[i] as u128) + (carry as u128);
+        acc[idx] = tmp as u64;
+        carry = (tmp >> 64) as u64;
+        i += 1;
+    }
+    // propagate carry across remaining lanes if any
+    let mut idx = lane_offset + i;
+    while carry != 0 && idx < N {
+        let tmp = (acc[idx] as u128) + (carry as u128);
+        acc[idx] = tmp as u64;
+        carry = (tmp >> 64) as u64;
+        idx += 1;
+    }
+    carry
+}
+
 macro_rules! mac_with_carry {
     ($a:expr, $b:expr, $c:expr, &mut $carry:expr$(,)?) => {{
         let tmp =
-Original file line number
+Diff line change
@@ Expand Up / @@ -95,4 +95,4 @@ impl FixedBase { @@
                 .map(|e| Self::windowed_mul::<T>(outerc, window, table, e))
                 .collect::<Vec<_>>()
         }
-    }
+    }