docs: Fix sign in definition of CURVE.n

[dsernst]

Fixes docs to correctly describe sign in Group Order definition (CURVE.n) to be +, not -.

Code was correct:

noble-ed25519/index.ts

Line 31 in ee83b99

n: _2n ** BigInt(252) + BigInt('27742317777372353535851937790883648493'),

Also matches standard as described elsewhere like RFC 8032.

[dsernst]

Not a big deal but do also want to note my confusion on why you call this value n.

DJB's original Ed25519 paper (https://ed25519.cr.yp.to/ed25519-20110926.pdf) and Wikipedia (https://en.wikipedia.org/wiki/EdDSA#Ed25519) both call it cursive l.

RFC 8032 (https://datatracker.ietf.org/doc/html/rfc8032#section-6) calls it L in section 5.1, and q in section 6.

[paulmillr]

@dsernst i've first developed secp256k1, and order was called n there. So i've copied for consistency. Do you know why everyone uses different symbols?

[dsernst]

Do you know why everyone uses different symbols?

In my experience, cryptographers are not great at naming things 😄. So many random letters, so many techniques named after people rather than what's happening. It's all way more obtuse than ideal.

That's one thing that made your library stand out... you've done a great job keeping it reasonable, simple as possible, clean, etc. Breath of fresh air.