From a99a91b1f8c3bb5217aa7a941068f6fa37335a24 Mon Sep 17 00:00:00 2001
From: moana <moana@dusk.network>
Date: Tue, 5 Dec 2023 13:51:20 +0100
Subject: [PATCH] Address review comments

- Add that we treat BLAKE2b as a random oracle to the comment
- Avoid unnecessary array allocation
- Rename to `hash_to_scalar`
---
 CHANGELOG.md       |  2 +-
 src/scalar/dusk.rs | 21 +++++++++++++++------
 2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e1a47078..0cc9b2bc 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,7 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 
-- Add `from_var_bytes` to scalar [#133] and refactor and rename to `from_blake2b` [#137]
+- Add `from_var_bytes` to scalar [#133] and refactor and rename to `hash_to_scalar` [#137]
 
 ## [0.12.3] - 2023-11-01
 
diff --git a/src/scalar/dusk.rs b/src/scalar/dusk.rs
index 16f02669..49a08748 100644
--- a/src/scalar/dusk.rs
+++ b/src/scalar/dusk.rs
@@ -265,7 +265,8 @@ impl Scalar {
     /// BLAKE2b into a 512-bits number, and then converting the number into its
     /// `Scalar` representation by reducing it by the modulo.
     ///
-    /// This implementation follows the first conversion of
+    /// By treating the output of the BLAKE2b hash as a random oracle, this
+    /// implementation follows the first conversion of
     /// https://hackmd.io/zV6qe1_oSU-kYU6Tt7pO7Q with concrete numbers:
     /// ```text
     /// p = 0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001
@@ -278,17 +279,25 @@ impl Scalar {
     ///
     /// m = 3294906474794265442129797520630710739278575682199800681788903916070560242797
     /// ```
-    pub fn from_blake2b(input: &[u8]) -> Scalar {
+    pub fn hash_to_scalar(input: &[u8]) -> Scalar {
         let state = blake2b_simd::Params::new()
             .hash_length(64)
             .to_state()
             .update(input)
             .finalize();
 
-        let mut bytes = [0u8; 64];
-        bytes.copy_from_slice(&state.as_bytes()[..64]);
-
-        Self::from_bytes_wide(&bytes)
+        let bytes = state.as_bytes();
+
+        Scalar::from_u512([
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[0..8]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[8..16]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[16..24]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[24..32]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[32..40]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[40..48]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[48..56]).unwrap()),
+            u64::from_le_bytes(<[u8; 8]>::try_from(&bytes[56..64]).unwrap()),
+        ])
     }
 
     /// SHR impl