Some more comments

README.md

@@ -2,8 +2,7 @@
 
 This package contains a toy implementation of an (s-t)Detectable Hash Function as described in [The Apple PSI System](https://www.apple.com/child-safety/pdf/Apple_PSI_System_Security_Protocol_and_Analysis.pdf) by Abhishek Bhowmick, Dan Boneh, Steve Myers, Kunal Talwa, and Karl Tarbe.
 
-**WARNING: This should go without saying but do not use package for anything. It is based on
-an unreviewed construct, and it hasn't been reviewed for security issues.**
+**WARNING: This is a toy implementation. Do not use this as anything other than a toy.**
 
 
 ### How it Works

src/domain.rs

@@ -28,14 +28,10 @@ impl<const ORDER: u64> PrimeOrderDomain<{ ORDER }> {
     }
 
     pub fn inverse(&self) -> Self {
-        for b in 0..=ORDER - 1 {
-            if ((self.val as u128 * b as u128) % ORDER as u128) == 1 {
-                return PrimeOrderDomain::new(b);
-            }
-        }
-        panic!("no inverse found {}!", self.val)
+        self.pow(ORDER - 2) // at least it is faster an iterating...
     }
 
+    // seriously I never said this was gonna be fast...
     pub fn pow(&self, exp: u64) -> Self {
         let mut ret = self.clone();
 

src/lib.rs

@@ -4,7 +4,8 @@ use rand::Rng;
 use rand_core::{CryptoRng, RngCore};
 
 // One of the many reasons you should not be using the package for anything serious...
-pub const PRIME_ORDER: u64 = 887;
+pub const PRIME_ORDER: u64 = 63823; // technically a 64bit prime number..
+
 pub mod domain;
 pub mod matrix;