Crate blastkids

Blastkids 🚀🔑🔑🔑

A BLS12-381 child key derivation library written in Rust. Implements EIP-2333 and EIP-2334.

Fork of rust-bls-derivation using bls12_381_plus instead of curv-kzen, plus cleanup and documentation.

Rationale

If you want to use Delegatable Anonymous Credentials the verification key (VK) becomes as long as the credential entries. Since a VK is simply several BLS12-381 public keys (PKs) we can use a derivation algorithm such as EIP-2333 in order to derive the long VK from a single root PK given any length.

Installation

cargo install blastkids

API & Docs

See documentation on docs.rs.

See tests in lib.rs for example usage.

use blastkids::{Manager, Zeroizing, derive};
use blastkids::{G1, G2};

// make a new manager for a G2 public key
let seed = Zeroizing::new([42u8; 32]);
let manager: Manager<G2> = Manager::from_seed(seed);

// With a Manager you can create as many account sas you need
let account_number = 1u32;
let account = manager.account(account_number);

let length = 8u8; // Specify how many Child Public Keys you need (in this case, 8). Can be up to 255.

// Anyone can use an Account Public Key and a `length` to derive an expanded account
let expanded_pk: Vec<G2> = derive(&account.pk, length);

// When you want to use the child account secret keys,
// you call `expand_to` on the account
let expanded = account.expand_to(length);

// This expand public keys are the same as the ones derived above
assert_eq!(expanded.pk, expanded_pk);

Tests

cargo test

Dependencies

• BLS12-381: bls12_381_plus
• Elliptic Curve: RustCrypto/elliptic-curves
• Big Integers: RustCrypto/ctypro-bigint

See also

• Generate seeds using password + salt: seed-keeper-core
• Generate Credentials using a seed: delanocreds

Prior Work

• EIP-2333
• EIP-2334
• rust-bls-derivation (circa 2023, uses curv-kzen library which breaks with rust-nightly and appears somewhat unmaintained)

Contributing

Contributions are welcome! Please open an issue if you have any feature ideas or find any bugs. I also accept pull requests with open arms. Please:

1. Fork this repo
2. Create a new branch for your changes
3. Open a draft pull request so we can follow and collaborate on your changes
4. Add tests for your changes
5. Keep the diff minimal for each pull request
6. Write meaningful commit messages
7. Change Draft to Open when you’re ready for final review

Modules

• kdf
  Key derivation functions for BLS12-381 child keys

Structs

• Account
  An Account is a hardened key derived from the master secret key.
• Expanded
  When an Account uses a length to derive a Child Account, this struct is returned. It contains both Public Key and Secret Key in vectors.
• G1
  This is an element of $\mathbb{G}_1$ represented in the projective coordinate space.
• G2
  This is an element of $\mathbb{G}_2$ represented in the projective coordinate space.
• Manager
  Seed and master key Manager.
• Scalar
  Represents an element of the scalar field $\mathbb{F}_q$ of the BLS12-381 elliptic curve construction.
• Secret
  Wrapper type for values that contains secrets, which attempts to limit accidental exposure and ensure secrets are wiped from memory when dropped. (e.g. passwords, cryptographic keys, access tokens or other credentials)
• Zeroizing
  Zeroizing is a a wrapper for any Z: Zeroize type which implements a Drop handler which zeroizes dropped values.

Traits

• ExposeSecret
  Expose a reference to an inner secret
• Group
  This trait represents an element of a cryptographic group.
• GroupEncoding
• MulByGenerator
  Multiplication by the generator.
• Zeroize
  Trait for securely erasing values from memory.
• ZeroizeOnDrop
  Marker trait signifying that this type will Zeroize::zeroize itself on Drop.

Functions

• derive
  Given an Account root Public Key and a length, derive the child account public keys