From 47cfccf430615793ffa5b70fbee92904335c562c Mon Sep 17 00:00:00 2001
From: Davide Galassi <davxy@datawok.net>
Date: Thu, 6 Jun 2024 15:49:07 +0200
Subject: [PATCH] Check ELL2 params

---
 src/arkworks/elligator2.rs | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/src/arkworks/elligator2.rs b/src/arkworks/elligator2.rs
index 50147ab..77b25e9 100644
--- a/src/arkworks/elligator2.rs
+++ b/src/arkworks/elligator2.rs
@@ -43,7 +43,29 @@ pub struct Elligator2Map<P: TECurveConfig>(PhantomData<fn() -> P>);
 impl<P: Elligator2Config> Elligator2Map<P> {
     /// Checks if `P` represents a valid Elligator2 map. Panics otherwise.
     fn check_parameters() -> Result<(), HashToCurveError> {
-        // TODO
+        // We assume that the Montgomery curve is correct and  as such we do
+        // not verify the prerequisite for applicability of Elligator2 map to the TECurveConfing.
+
+        // Verifying that Z is a non-square
+        debug_assert!(
+            !P::Z.legendre().is_qr(),
+            "Z should be a quadratic non-residue for the Elligator2 map"
+        );
+
+        debug_assert_eq!(
+            P::ONE_OVER_COEFF_B_SQUARE,
+            <P as MontCurveConfig>::COEFF_B
+                .square()
+                .inverse()
+                .expect("B coefficient cannot be zero in Montgomery form"),
+            "ONE_OVER_COEFF_B_SQUARE is not equal to 1/COEFF_B^2 in Montgomery form"
+        );
+
+        debug_assert_eq!(
+            P::COEFF_A_OVER_COEFF_B,
+            <P as MontCurveConfig>::COEFF_A / <P as MontCurveConfig>::COEFF_B,
+            "COEFF_A_OVER_COEFF_B is not equal to COEFF_A/COEFF_B in Montgomery form"
+        );
         Ok(())
     }
 }