# README
BLS 12-381 util
BLS 12-381 util (BLSU, "bless you") is a collection of utils to work with BLS 12-381 in Go.
Warning: these wrapper utils have not been audited.
This package wraps github.com/kilic/bls12-381
,
a pure Go implementation of BLS, no CGO involved, no special dependencies.
Instead, this BLS implementation uses Go-assembly to optimize the lower level computations.
audit info.
This package implements the BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_
ciphersuite.
TODO: not safe for 32 bit usage: kilic BLS Fr.FromBytes->Fr.fromBytes->Fr.fromBig assumes word size is 64 bits.
Utils
- Eth2 Typing
- Pubkeys:
PointG1
wrapper - Signatures:
PointG2
wrapper - Secret keys:
Fr
wrapper - Signatures sets: see below
- Pubkeys:
- Draft 4 for signatures
- Hash to curve, from
kilic/bls12-381
:BLS12381G2_XMD:SHA-256_SSWU_RO_
- Schemes:
- Core operations:
KeyGen
(TODO)SkToPk
, implemented as part of Pubkey deserialization, except identity-pubkey check (checked in verify functions instead).KeyValidate
CoreSign
CoreVerify
Aggregate
CoreAggregateVerify
Basic scheme, not supportedMessage Augmentation scheme, not supportedPOP
, Proof of Possession scheme (used in Eth2):PopProve, not supported, assumed through application-specific implementationPopVerify, not supported, assumed through application-specific implementationFastAggregateVerify
- Core operations:
- Hash to curve, from
- Eth2 additions
eth2_aggregate_pubkeys
:AggregatePubkeys
eth2_fast_aggregate_verify
:Eth2FastAggregateVerify
- Signature sets: verify non-singular set of signatures and its respective pubkeys and messages
Testing
- Unit tests
-
SecretKey
deserialization/serialization -
Pubkey
deserialization/serialization (with KeyValidate routine, except identity-pubkey check) -
Signature
deserialization/serialization -
SkToPk
(TODO: expand) -
SignatureSetVerify
-
- Eth2 BLS tests
-
Sign
-
Aggregate
-
Verify
-
AggregateVerify
-
FastAggregateVerify
-
AggregatePubkeys
-
Eth2FastAggregateVerify
-
- Eth2 spec tests
- Integrate into ZRNT, run full eth2 test-suite
- standard tests (if any)
- TODO, need standard signature-scheme test vectors (Work in progress)
- Run Hash-to-curve test-vectors on
kilic/bls12-381
internals
License
MIT, see LICENSE
file.
# Functions
The Aggregate algorithm aggregates multiple signatures into one.
AggregatePubkeys is specified as `eth2_aggregate_pubkeys` in Eth2, and is the G1 variant of Aggregate in G2.
The AggregateVerify algorithm checks an aggregated signature over several (PK, message) pairs.
Wrapper to FastAggregateVerify accepting the G2_POINT_AT_INFINITY signature when pubkeys is empty.
FastAggregateVerify is a verification algorithm for the aggregate of multiple signatures on the same message.
NewAggregateCheck returns a signature-set that implements DeferBLS.
The Sign algorithm computes a signature from SK, a secret key, and message, an octet string.
SignatureSetVerify verifies (pubkey,message,signature) tuples as a single batch, and is faster than len(inputs) times Verify if the batch is not too small.
The SkToPk algorithm takes a secret key SK and outputs the corresponding public key PK.
The Verify algorithm checks an aggregated signature over several (PK, message) pairs.
# Structs
ImmediateCheck implements DeferBLS without deferring anything, i.e.
No description provided by the author
# Interfaces
No description provided by the author