Neptune-Crypto · jan-ferdinand · Dec 4, 2025 · Dec 4, 2025
diff --git a/twenty-first/src/math/b_field_element.rs b/twenty-first/src/math/b_field_element.rs
@@ -261,7 +261,7 @@ impl BFieldElement {
         let x = *self;
         assert_ne!(
             x,
-            Self::zero(),
+            Self::ZERO,
             "Attempted to find the multiplicative inverse of zero."
         );
 
@@ -278,8 +278,8 @@ impl BFieldElement {
         exp(bin_31_ones_1_zero, 32) * bin_32_ones
     }
 
-    #[inline]
     /// Square the base M times and multiply the result by the tail value
+    #[inline]
     pub const fn power_accumulator<const N: usize, const M: usize>(
         base: [Self; N],
         tail: [Self; N],
@@ -303,11 +303,13 @@ impl BFieldElement {
         result
     }
 
-    /// Get a generator for the entire field
+    /// A generator for the entire base field.
     pub const fn generator() -> Self {
         BFieldElement::new(7)
     }
 
+    /// Turn this base field element into the corresponding extension field
+    /// element.
     #[inline]
     pub const fn lift(&self) -> XFieldElement {
         XFieldElement::new_const(*self)

diff --git a/twenty-first/src/math/x_field_element.rs b/twenty-first/src/math/x_field_element.rs
@@ -364,11 +364,12 @@ impl XFieldElement {
     }
 
     pub fn unlift(&self) -> Option<BFieldElement> {
-        if self.coefficients[1].is_zero() && self.coefficients[2].is_zero() {
-            Some(self.coefficients[0])
-        } else {
-            None
-        }
+        let Self { coefficients } = self;
+        let [bfe, BFieldElement::ZERO, BFieldElement::ZERO] = coefficients else {
+            return None;
+        };
+
+        Some(*bfe)
     }
 
     // `increment` and `decrement` are mainly used for testing purposes
@@ -685,6 +686,12 @@ mod tests {
         type Strategy = BoxedStrategy<Self>;
     }
 
+    #[test]
+    fn display_is_as_expected() {
+        assert_eq!("42_xfe", xfe!(42).to_string());
+        assert_eq!("(3·x² + 2·x + 1)", xfe!([1, 2, 3]).to_string());
+    }
+
     #[test]
     fn one_zero_test() {
         let one = XFieldElement::one();
@@ -731,6 +738,39 @@ mod tests {
         assert!(rand_xs.into_iter().all_unique());
     }
 
+    #[proptest]
+    fn unlifting_random_xfe_doesnt_work(xfe: XFieldElement) {
+        prop_assert!(xfe.unlift().is_none());
+    }
+
+    #[test]
+    fn summing_gives_expected_result() {
+        let empty_sum = [].into_iter().sum();
+        assert_eq!(XFieldElement::ZERO, empty_sum);
+
+        let a = xfe!([1, 0, 0]);
+        let b = xfe!([0, 2, 0]);
+        let c = xfe!([0, 0, 3]);
+        let d = xfe!([40, 50, 60]);
+        let sum = [a, b, c, d].into_iter().sum();
+
+        assert_eq!(xfe!([41, 52, 63]), sum);
+    }
+
+    #[proptest]
+    fn bfe_vector_of_correct_length_can_become_xfe(
+        #[strategy(vec(arb(), EXTENSION_DEGREE))] bfes: Vec<BFieldElement>,
+    ) {
+        prop_assert!(XFieldElement::try_from(bfes).is_ok());
+    }
+
+    #[proptest]
+    fn bfe_vector_of_incorrect_length_cannot_become_xfe(
+        #[filter(#bfes.len() != EXTENSION_DEGREE)] bfes: Vec<BFieldElement>,
+    ) {
+        prop_assert!(XFieldElement::try_from(bfes).is_err());
+    }
+
     #[test]
     fn incr_decr_test() {
         let one_const = XFieldElement::new([1, 0, 0].map(BFieldElement::new));

diff --git a/twenty-first/src/tip5/digest.rs b/twenty-first/src/tip5/digest.rs
@@ -222,7 +222,6 @@ impl Digest {
     /// This method invokes [`Tip5::hash_pair`] with the right operand being the
     /// zero digest, agreeing with the standard way to hash a digest in the virtual
     /// machine.
-    // todo: introduce a dedicated newtype for an entropy source
     pub fn hash(self) -> Digest {
         Tip5::hash_pair(self, Self::ALL_ZERO)
     }
@@ -268,9 +267,7 @@ impl<'de> Deserialize<'de> for Digest {
             let hex_string = String::deserialize(deserializer)?;
             Self::try_from_hex(hex_string).map_err(serde::de::Error::custom)
         } else {
-            Ok(Self::new(<[BFieldElement; Self::LEN]>::deserialize(
-                deserializer,
-            )?))
+            <[_; _]>::deserialize(deserializer).map(Self::new)
         }
     }
 }
@@ -335,6 +332,16 @@ pub(crate) mod tests {
         assert!(matches!(err, TestCaseError::Reject(_)));
     }
 
+    #[test]
+    fn display_is_as_expected() {
+        let digest = Digest::new(bfe_array![1, 2, 3, 4, 5]);
+        assert_eq!("1,2,3,4,5", format!("{digest}"));
+
+        let hex_digest =
+            "01000000000000000200000000000000030000000000000004000000000000000500000000000000";
+        assert_eq!(hex_digest, format!("{digest:x}"));
+    }
+
     #[test]
     fn get_size() {
         let stack = Digest::get_stack_size();
@@ -479,6 +486,24 @@ pub(crate) mod tests {
         assert_eq!(TryFromDigestError::Overflow, err);
     }
 
+    #[proptest]
+    fn digest_to_bfe_vector_involution(digest: Digest) {
+        let bfes = <Vec<BFieldElement>>::from(digest);
+        let digest_again = Digest::try_from(bfes)?;
+        prop_assert_eq!(digest, digest_again);
+    }
+
+    #[proptest]
+    fn bfe_vector_of_incorrect_length_cannot_become_a_digest(
+        #[filter(#bfes.len() != Digest::LEN)] bfes: Vec<BFieldElement>,
+    ) {
+        let bfes_len = bfes.len();
+        let Err(TryFromDigestError::InvalidLength(len)) = Digest::try_from(bfes) else {
+            return Err(TestCaseError::Fail("expected an error".into()));
+        };
+        prop_assert_eq!(bfes_len, len);
+    }
+
     #[proptest]
     fn forty_bytes_can_be_converted_to_digest(bytes: [u8; Digest::BYTES]) {
         let digest = Digest::try_from(bytes).unwrap();
@@ -526,6 +551,11 @@ pub(crate) mod tests {
         Ok(())
     }
 
+    #[proptest]
+    fn any_digest_can_be_hashed(digest: Digest) {
+        digest.hash();
+    }
+
     mod hex_test {
         use super::*;