A curious, if admittedly useless fact about Bitcoin' elliptic curve equation:
The 19th century French mathematician V. A. Lebesgue (*not* he of the famous "measure"; different guy), proved that there are *no* solutions in the integers (Z) for y^2 = x^3 + 7.
(That's the equation for secp256k1, except we don't calculate over Z, the infinite set of integers).
How?
First he points out that x is odd, since 8k+7 is never a square (if this bothers you, look up "quadratic residues").
Then he rewrites: y^2 + 1 = x^3 + 8 then factors the RHS as (x+2)(x^2 - 2x + 4) and completes the square of the second factor, and claims (x-1)^2 + 3 = 3 mod 4. (Do you see why x has to be odd?). This, he says, proves there is at least one prime p that is 3 mod 4 which divides x^2 -2x + 4. But y^2 +1 = 0 mod p is not possible if the prime p is 3 mod 4 (why? see: Legendre symbol; something that gets referred to quite regularly in libsecp and related calculations, btw, e.g. in BIP340).
Source : Silverman's "Arithmetic of Elliptic Curves" IX.7
#mathematics #bitcoin #cryptography
waxwing /
npub1va…knuu7
2025-03-03 02:43:21
Author Public Key
npub1vadcfln4ugt2h9ruwsuwu5vu5am4xaka7pw6m7axy79aqyhp6u5q9knuu7Published at
2025-03-03 02:43:21Event JSON
{
"id": "a60e8ea4f4b29868ee34696dfff72b8345f032b891b933f35a23f442a7df9335",
"pubkey": "675b84fe75e216ab947c7438ee519ca7775376ddf05dadfba6278bd012e1d728",
"created_at": 1740969801,
"kind": 1,
"tags": [
[
"t",
"mathematics"
],
[
"t",
"bitcoin"
],
[
"t",
"cryptography"
]
],
"content": "A curious, if admittedly useless fact about Bitcoin' elliptic curve equation:\n\nThe 19th century French mathematician V. A. Lebesgue (*not* he of the famous \"measure\"; different guy), proved that there are *no* solutions in the integers (Z) for y^2 = x^3 + 7.\n\n(That's the equation for secp256k1, except we don't calculate over Z, the infinite set of integers).\n\nHow?\nFirst he points out that x is odd, since 8k+7 is never a square (if this bothers you, look up \"quadratic residues\").\n\nThen he rewrites: y^2 + 1 = x^3 + 8 then factors the RHS as (x+2)(x^2 - 2x + 4) and completes the square of the second factor, and claims (x-1)^2 + 3 = 3 mod 4. (Do you see why x has to be odd?). This, he says, proves there is at least one prime p that is 3 mod 4 which divides x^2 -2x + 4. But y^2 +1 = 0 mod p is not possible if the prime p is 3 mod 4 (why? see: Legendre symbol; something that gets referred to quite regularly in libsecp and related calculations, btw, e.g. in BIP340).\n\nSource : Silverman's \"Arithmetic of Elliptic Curves\" IX.7\n\n#mathematics #bitcoin #cryptography ",
"sig": "2ba175e57558f6dca1c5b65195c5dc2858ee7a7347fd718a0fc9a93ceb17da421a35143789befbff451b6c14ec54af21b060d55bac79916afa118b022bfe5726"
}