From ed569ea9c80d267feb326287535986ca92f0135b Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Sat, 2 Jul 2022 02:48:27 -0400
Subject: [PATCH] Make multiexp an optional, yet default, feature for DLEq

---
 crypto/dleq/Cargo.toml             |  6 ++++--
 crypto/dleq/src/cross_group/mod.rs | 16 +++++++++++++---
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/crypto/dleq/Cargo.toml b/crypto/dleq/Cargo.toml
index 6d9e80a7..a0b8ac57 100644
--- a/crypto/dleq/Cargo.toml
+++ b/crypto/dleq/Cargo.toml
@@ -19,7 +19,7 @@ transcript = { package = "flexible-transcript", path = "../transcript", version
 ff = "0.12"
 group = "0.12"
 
-multiexp = { path = "../multiexp" }
+multiexp = { path = "../multiexp", optional = true }
 
 [dev-dependencies]
 hex-literal = "0.3"
@@ -35,4 +35,6 @@ transcript = { package = "flexible-transcript", path = "../transcript", features
 serialize = []
 cross_group = []
 secure_capacity_difference = []
-default = ["secure_capacity_difference"]
+
+# These only apply to cross_group, yet are default to ensure its integrity and performance
+default = ["secure_capacity_difference", "multiexp"]
diff --git a/crypto/dleq/src/cross_group/mod.rs b/crypto/dleq/src/cross_group/mod.rs
index 687f5b41..82e12ac2 100644
--- a/crypto/dleq/src/cross_group/mod.rs
+++ b/crypto/dleq/src/cross_group/mod.rs
@@ -12,7 +12,7 @@ use group::{ff::{Field, PrimeField, PrimeFieldBits}, prime::PrimeGroup};
 use crate::Generators;
 
 pub mod scalar;
-use scalar::{scalar_normalize, scalar_convert};
+use scalar::scalar_convert;
 
 pub(crate) mod schnorr;
 use schnorr::SchnorrPoK;
@@ -159,13 +159,23 @@ impl<G0: PrimeGroup, G1: PrimeGroup> DLEqProof<G0, G1>
     commitments: impl Iterator<Item = G>
   ) -> G where G::Scalar: PrimeFieldBits {
     let mut pow_2 = G::Scalar::one();
-    multiexp::multiexp_vartime(
+    #[cfg(feature = "multiexp")]
+    let res = multiexp::multiexp_vartime(
       &commitments.map(|commitment| {
         let res = (pow_2, commitment);
         pow_2 = pow_2.double();
         res
       }).collect::<Vec<_>>()
-    )
+    );
+
+    #[cfg(not(feature = "multiexp"))]
+    let res = commitments.fold(G::identity(), |key, commitment| {
+      let res = key + (commitment * pow_2);
+      pow_2 = pow_2.double();
+      res
+    });
+
+    res
   }
 
   fn reconstruct_keys(&self) -> (G0, G1) {