pub fn make_hint(z: i32, r: i32, gamma2: i32) -> i32Expand description
Compute a single hint bit.
Implements Algorithm 39 of FIPS 204 (MakeHint). Returns 1 if adding z
to r changes the high bits (i.e., HighBits(r + z) != HighBits(r)),
and 0 otherwise. The hint allows the verifier to recover w1 without
knowing the secret low-order information.
z: perturbation value (typically-ct0[i][j]).r: base value (typically(w - cs2 + ct0)[i][j]).gamma2: decomposition parameter.