diff --git a/internal/edwards25519.lua b/internal/edwards25519.lua
index d042ca9..9782ab8 100644
--- a/internal/edwards25519.lua
+++ b/internal/edwards25519.lua
@@ -146,7 +146,7 @@ local function decode(str)
     if not P3x then return nil end
     local xBit = fp.canonicalize(P3x)[1] % 2
     if xBit ~= bit32.extract(str:byte(-1), 7) then
-        P3x = fp.carry(fp.sub(fp.P, P3x))
+        P3x = fp.carry(fp.neg(P3x))
     end
     local P3z = fp.num(1)
     local P3t = fp.mul(P3x, P3y)
diff --git a/internal/fp.lua b/internal/fp.lua
index f2d4c26..24683ea 100644
--- a/internal/fp.lua
+++ b/internal/fp.lua
@@ -28,22 +28,6 @@ local I = {
     0712905 * 2 ^ 234,
 }
 
---- p itself, 2²⁵⁵ - 19.
-local P = {
-    2 ^ 22 - 19,
-    (2 ^ 21 - 1) * 2 ^ 22,
-    (2 ^ 21 - 1) * 2 ^ 43,
-    (2 ^ 21 - 1) * 2 ^ 64,
-    (2 ^ 22 - 1) * 2 ^ 85,
-    (2 ^ 21 - 1) * 2 ^ 107,
-    (2 ^ 21 - 1) * 2 ^ 128,
-    (2 ^ 21 - 1) * 2 ^ 149,
-    (2 ^ 22 - 1) * 2 ^ 170,
-    (2 ^ 21 - 1) * 2 ^ 192,
-    (2 ^ 21 - 1) * 2 ^ 213,
-    (2 ^ 21 - 1) * 2 ^ 234,
-}
-
 --- Converts a Lua number to an element.
 --
 -- @tparam number n A number n in [0..2²²).
@@ -53,6 +37,29 @@ local function num(n)
     return {n, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
 end
 
+--- Negates an element.
+--
+-- @tparam fp1 a
+-- @treturn fp1 -a.
+--
+local function neg(a)
+    local a00, a01, a02, a03, a04, a05, a06, a07, a08, a09, a10, a11 = unpack(a)
+    return {
+        -a00,
+        -a01,
+        -a02,
+        -a03,
+        -a04,
+        -a05,
+        -a06,
+        -a07,
+        -a08,
+        -a09,
+        -a10,
+        -a11,
+    }
+end
+
 --- Adds two elements.
 --
 -- @tparam fp1 a
@@ -765,8 +772,8 @@ local function decode(b)
 end
 
 return {
-    P = P,
     num = num,
+    neg = neg,
     add = add,
     sub = sub,
     kmul = kmul,