Add tight and loose bounds, no carry in add, sub

Following Andres' suggestions to allow making ladderstep from other
synthesis things.

It went though mostly without a hitch, though there were a number of
boilerplate changes needed.

2 files changed, 4 insertions, 3 deletions

diff --git a/src/Specific/X2448/Karatsuba/C64/CurveParameters.v b/src/Specific/X2448/Karatsuba/C64/CurveParameters.v
index d908ae846..e9da717e8 100644
--- a/src/Specific/X2448/Karatsuba/C64/CurveParameters.v
+++ b/src/Specific/X2448/Karatsuba/C64/CurveParameters.v
@@ -27,7 +27,8 @@ Definition curve : CurveParameters :=
 
     square_code := None;
 
-    upper_bound_of_exponent := None;
+    upper_bound_of_exponent_loose := None;
+    upper_bound_of_exponent_tight := None;
     allowable_bit_widths := None;
     freeze_extra_allowable_bit_widths := None;
     modinv_fuel := None
diff --git a/src/Specific/X2448/Karatsuba/C64/femul.v b/src/Specific/X2448/Karatsuba/C64/femul.v
index 07dd9b26d..756c23e30 100644
--- a/src/Specific/X2448/Karatsuba/C64/femul.v
+++ b/src/Specific/X2448/Karatsuba/C64/femul.v
@@ -3,8 +3,8 @@ Require Import Crypto.Specific.X2448.Karatsuba.C64.Synthesis.
 
 (* TODO : change this to field once field isomorphism happens *)
 Definition mul :
-  { mul : feBW -> feBW -> feBW
-  | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }.
+  { mul : feBW_loose -> feBW_loose -> feBW_tight
+  | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }.
 Proof.
   Set Ltac Profiling.
   Time synthesize_mul ().