Categorygithub.com/protolambda/bls12-381-util
modulepackage
0.1.0
Repository: https://github.com/protolambda/bls12-381-util.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
5
Dependents
59
Files
627 SLOC

# README

BLS 12-381 util

BLS 12-381 util (BLSU, "bless you") is a collection of utils to work with BLS 12-381 in Go.

Warning: these wrapper utils have not been audited.

This package wraps github.com/kilic/bls12-381, a pure Go implementation of BLS, no CGO involved, no special dependencies. Instead, this BLS implementation uses Go-assembly to optimize the lower level computations. audit info.

This package implements the BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_ ciphersuite.

TODO: not safe for 32 bit usage: kilic BLS Fr.FromBytes->Fr.fromBytes->Fr.fromBig assumes word size is 64 bits.

Utils

  • Eth2 Typing
    • Pubkeys: PointG1 wrapper
    • Signatures: PointG2 wrapper
    • Secret keys: Fr wrapper
    • Signatures sets: see below
  • Draft 4 for signatures
    • Hash to curve, from kilic/bls12-381: BLS12381G2_XMD:SHA-256_SSWU_RO_
    • Schemes:
      • Core operations:
        • KeyGen (TODO)
        • SkToPk
        • KeyValidate, implemented as part of Pubkey deserialization, except identity-pubkey check (checked in verify functions instead).
        • CoreSign
        • CoreVerify
        • Aggregate
        • CoreAggregateVerify
      • Basic scheme, not supported
      • Message Augmentation scheme, not supported
      • POP, Proof of Possession scheme (used in Eth2):
        • PopProve, not supported, assumed through application-specific implementation
        • PopVerify, not supported, assumed through application-specific implementation
        • FastAggregateVerify
  • Eth2 additions
  • Signature sets: verify non-singular set of signatures and its respective pubkeys and messages

Testing

  • Unit tests
    • SecretKey deserialization/serialization
    • Pubkey deserialization/serialization (with KeyValidate routine, except identity-pubkey check)
    • Signature deserialization/serialization
    • SkToPk (TODO: expand)
    • SignatureSetVerify
  • Eth2 BLS tests
    • Sign
    • Aggregate
    • Verify
    • AggregateVerify
    • FastAggregateVerify
    • AggregatePubkeys
    • Eth2FastAggregateVerify
  • Eth2 spec tests
    • Integrate into ZRNT, run full eth2 test-suite
  • standard tests (if any)
    • TODO, need standard signature-scheme test vectors (Work in progress)
    • Run Hash-to-curve test-vectors on kilic/bls12-381 internals

License

MIT, see LICENSE file.

# Functions

The Aggregate algorithm aggregates multiple signatures into one.
AggregatePubkeys is specified as `eth2_aggregate_pubkeys` in Eth2, and is the G1 variant of Aggregate in G2.
The AggregateVerify algorithm checks an aggregated signature over several (PK, message) pairs.
Wrapper to FastAggregateVerify accepting the G2_POINT_AT_INFINITY signature when pubkeys is empty.
FastAggregateVerify is a verification algorithm for the aggregate of multiple signatures on the same message.
NewAggregateCheck returns a signature-set that implements DeferBLS.
The Sign algorithm computes a signature from SK, a secret key, and message, an octet string.
SignatureSetVerify verifies (pubkey,message,signature) tuples as a single batch, and is faster than len(inputs) times Verify if the batch is not too small.
The SkToPk algorithm takes a secret key SK and outputs the corresponding public key PK.
The Verify algorithm checks an aggregated signature over several (PK, message) pairs.

# Structs

ImmediateCheck implements DeferBLS without deferring anything, i.e.
No description provided by the author

# Interfaces

No description provided by the author

# Type aliases

No description provided by the author
No description provided by the author
No description provided by the author