Elliptic Curve - Is it possible to know whether a particular value is the result of ECadd or ECdouble?

As we know the public key is generated from the private key and the process is point addition and point double and so on. If we see a list, it would look like a list of values coming from ECadd and ECdouble.

My question is,

• Is it possible to know whether this value is a result of ECadd or ECdouble? (by just looking at the value or in connection with any other parameter in secp256k1 like gx or gy etc) without knowing the private key? Thanks.

Is it possible to know whether a particular value is the result of ECadd or ECdouble?

No. I assume "value" is as expressed in a public key; and parameters with a generator of prime order, as is the case for secp256k1 of the question.

For a start, every valid public key $R$ can be obtained by adding two valid public keys $U=2R$ and $V=-R$, or doubling a valid public key $W=((n+1)/2)\,R$ where $n$ is the (odd prime) order of the generator.

And even if we change the question to: when computing public key $R$ from secret private key $r$ with $0<r<n$ as $R=r\,G$ by scanning the binary representation of secret key $r$ from most to least significant bit and using the double and (conditionally) add method, we can't tell from $R$ if it was obtained by doubling or adding, that is if $r$ is even or odd. Argument: if hypothetically we could do this, we could find $r_i=r\bmod2^i$ for incremental values of $i$ by constructing public keys $R_i$ derived from $R$ and earlier results that would ultimately reveal $r$. If the hypothetical method always work, $R_i=(2^{-i}\bmod n)(R-r_i\,G)$ does the trick, and this can be adapted for hypothetical method giving only a small advantage for random $R$.