diff --git a/README.md b/README.md
index 5e12b0b..4c314aa 100644
--- a/README.md
+++ b/README.md
@@ -44,6 +44,7 @@ type Group interface {
     EncodeToGroup(input, dst []byte) Element
     ScalarLength() uint
     ElementLength() uint
+    Order() string
 }
 ```
 
@@ -67,8 +68,6 @@ type Scalar interface {
     Decode(in []byte) error
     encoding.BinaryMarshaler
     encoding.BinaryUnmarshaler
-    encoding.TextMarshaler
-    encoding.TextUnmarshaler
 }
 ```
 
@@ -91,8 +90,6 @@ type Element interface {
     Decode(data []byte) error
     encoding.BinaryMarshaler
     encoding.BinaryUnmarshaler
-    encoding.TextMarshaler
-    encoding.TextUnmarshaler
 }
 ```
 
diff --git a/groups.go b/groups.go
index d18c64c..697cfe1 100644
--- a/groups.go
+++ b/groups.go
@@ -136,6 +136,11 @@ func (g Group) ElementLength() uint {
 	return g.get().ElementLength()
 }
 
+// Order returns the order of the canonical group of scalars.
+func (g Group) Order() string {
+	return g.get().Order()
+}
+
 func (g Group) initGroup(get func() internal.Group) {
 	groups[g-1] = get()
 }
diff --git a/internal/group.go b/internal/group.go
index 2c33af2..97afa9a 100644
--- a/internal/group.go
+++ b/internal/group.go
@@ -40,4 +40,7 @@ type Group interface {
 
 	// ElementLength returns the byte size of an encoded element.
 	ElementLength() uint
+
+	// Order returns the order of the canonical group of scalars.
+	Order() string
 }
diff --git a/internal/nist/group.go b/internal/nist/group.go
index b5fc712..989ca4e 100644
--- a/internal/nist/group.go
+++ b/internal/nist/group.go
@@ -144,6 +144,11 @@ func (g Group[P]) ElementLength() uint {
 	return uint(1 + byteLen)
 }
 
+// Order returns the order of the canonical group of scalars.
+func (g Group[P]) Order() string {
+	return g.scalarField.prime.String()
+}
+
 var (
 	initOnceP256 sync.Once
 	initOnceP384 sync.Once
diff --git a/internal/ristretto/ristretto.go b/internal/ristretto/ristretto.go
index 8c5d4c4..b9abeaa 100644
--- a/internal/ristretto/ristretto.go
+++ b/internal/ristretto/ristretto.go
@@ -23,6 +23,12 @@ const (
 
 	// H2C represents the hash-to-curve string identifier.
 	H2C = "ristretto255_XMD:SHA-512_R255MAP_RO_"
+
+	// orderPrime represents curve25519's subgroup prime-order
+	// = 2^252 + 27742317777372353535851937790883648493
+	// = 0x1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed
+	// cofactor h = 8.
+	orderPrime = "7237005577332262213973186563042994240857116359379907606001950938285454250989"
 )
 
 // Group represents the Ristretto255 group. It exposes a prime-order group API with hash-to-curve operations.
@@ -83,3 +89,8 @@ func (g Group) ScalarLength() uint {
 func (g Group) ElementLength() uint {
 	return canonicalEncodingLength
 }
+
+// Order returns the order of the canonical group of scalars.
+func (g Group) Order() string {
+	return orderPrime
+}