Hey everyone,

I’m writing my own library for elliptic curve operations and want to understand if it’s possible to distinguish, based on timing measurements, whether the second point in an operation is negative or positive (e.g., comparing
3P−4P vs.
3P−(−4P)).

Specifically:

Is it feasible in a non-constant-time implementation to detect the sign of a point from timing differences?

What are the main factors that could cause timing variations in these operations (coordinate inversion, branching, etc.)?

What best practices exist for measuring and exploiting such timing differences?

Are there known vulnerabilities or examples from popular libraries related to this?

Would appreciate any advice or pointers to resources!