Scalar multiplication forms the basis of elliptic curve cryptography. We can easily express multiplication of a point by a scalar in the form of repeated additions.

class Point:... # add these methods to the previously defined Point classdef __rmul__(self, scalar: int) -> "Point":# Naive approach:## result = I# for _ in range(scalar): # or range(scalar % N)# result = result + self# return result# Optimized approach using binary expansioncurrent = selfresult = Iwhile scalar:if scalar & 1: # same as scalar % 2result = result + currentcurrent = current + current # point doublingscalar >>= 1 # same as scalar / 2return result

The **binary expansion **technique can significantly speed the scalar multiplication process, and ensure that any scalar multiplication would require no more than 510 point addition operations.

Let's say we want to compute the value of $10P$. Then instead of doing point additions naively, like: $P + P + P + P + P + P + P + P + P + P$ , we can use binary expansion to achieve the same with just 4 point additions: $P + P = 2P$ $2P + 2P = 4P$ $4P + 4P = 8 P$ $8P + 2P = 10P$

We can now verify the correctness of the generator point used in Bitcoin, as follows:

# Reinitialize I and G, with the updated Point class.I = Point(x=None, y=None, curve=secp256k1)G = Point(x=0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,y=0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8,curve=secp256k1)โ# Test case 1assert N * G == Iโ# Test case 2pub = Point(x=0x9577FF57C8234558F293DF502CA4F09CBC65A6572C842B39B366F21717945116,y=0x10B49C67FA9365AD7B90DAB070BE339A1DAF9052373EC30FFAE4F72D5E66D053,curve=secp256k1)e: int = 2 ** 240 + 2 ** 31assert e * G == pub

The security of elliptic curve cryptography relies on the difficulty of reversing the scalar multiplication. This is is known as the discrete logarithm problem.

If one did** G + G + G + G + ... + G = P**, it is computationally impossible to find out how many times she added

`G`

to itself, in order to obtain `P`

.Goundar, Raveen R., et al. "Scalar multiplication on Weierstraร elliptic curves from Co-Z arithmetic." Journal of cryptographic engineering 1.2 (2011): 161. https://www.matthieurivain.com/files/jcen11b.pdfโ