faster is_in_correct_subgroup_assuming_on_curve when cofactor is one

CHANGELOG.md

@@ -31,7 +31,11 @@
 ### Improvements
 
 - [\#736](https://github.com/arkworks-rs/algebra/pull/736) (`ark-ff`) Deprecate `divn()`, and use `core::ops::{Shr, ShrAssign}` instead.
-- [\#739](https://github.com/arkworks-rs/algebra/pull/739) (`ark-ff`) Deprecate `muln()`, and use `core::ops::{Shl, ShlAssign}` instead.
+- [\#739](https://github.com/arkworks-rs/algebra/pull/739) (`ark-ff`) Deprecate
+  `muln()`, and use `core::ops::{Shl, ShlAssign}` instead.
+- [\#771](https://github.com/arkworks-rs/algebra/pull/771) (`ark-ec`) Omit expensive
+  scalar multiplication in `is_in_correct_subgroup_assuming_on_curve()` for
+  short Weierstrass curves of cofactor one.  
 
 ### Bugfixes
 

ec/src/models/short_weierstrass/mod.rs

@@ -65,13 +65,18 @@ pub trait SWCurveConfig: super::CurveConfig {
     /// Check if the provided curve point is in the prime-order subgroup.
     ///
     /// The default implementation multiplies `item` by the order `r` of the
-    /// prime-order subgroup, and checks if the result is zero.
+    /// prime-order subgroup, and checks if the result is zero. If the
+    /// curve's cofactor is one, this check automatically returns true.
     /// Implementors can choose to override this default impl
     /// if the given curve has faster methods
     /// for performing this check (for example, via leveraging curve
     /// isomorphisms).
     fn is_in_correct_subgroup_assuming_on_curve(item: &Affine<Self>) -> bool {
-        Self::mul_affine(item, Self::ScalarField::characteristic()).is_zero()
+        if Self::cofactor_is_one() {
+            true
+        } else {
+            Self::mul_affine(item, Self::ScalarField::characteristic()).is_zero()
+        }
     }
 
     /// Performs cofactor clearing.