Implement Reduce trait

[sushisilence]

Inconsistent scalar reduction across different curve implementations

Context

I'm developing a threshold signing library that needs to be generic over different elliptic curves, specifically targeting k256 and curve25519-dalek. The library currently uses the Group trait for most operations, but I've encountered an issue with scalar reduction from U256.

Problem

When implementing generic operations like Discrete Log proofs, I need to reduce a U256 value to a curve scalar. However, there's inconsistency in how different curve implementations handle this:

• k256::Scalar implements the Reduce trait.
• curve25519_dalek::Scalar doesn't implement Reduce. Instead, it provides:
  • A static method from_bytes_mod_order
  • An implementation of the FromUniformBytes trait

There's no common trait that both curves implement for modular reduction, which complicates writing generic code.

Questions

1. Are there plans to implement the Reduce trait for curve25519-dalek::Scalar?
2. If not, is there a recommended workaround or best practice for handling this discrepancy in generic code?

Additional Information

• Dependency versions:
  • k256: 0.13.2
  • curve25519-dalek: 4.1.3 using group feature.

Any guidance or suggestions would be greatly appreciated. Thank you!

[tarcieri]

See also: #492

[sushisilence]

For this specific case, I believe a quick Reduce<U256> and Reduce<U512> implementation should resolve it. Which seems straightforward using the existing from_bytes_mod_order and from_bytes_mod_order_wide. It will also make progress towards #492. WDYT @tarcieri?

[tarcieri]

It could potentially be implemented, although elliptic-curve isn't currently a dependency and it might contain some assumptions about curves being of prime order