Expand description
Β§Blastkids ππππ
A BLS12-381 child key derivation library written in Rust. Implements EIP-2333 and EIP-2334.
Fork of rust-bls-derivation using bls12_381_plus instead of curv-kzen, plus cleanup and documentation.
Β§Rationale
If you want to use Delegatable Anonymous Credentials the verification key (VK) becomes as long as the credential entries. Since a VK is simply several BLS12-381 public keys (PKs) we can use a derivation algorithm such as EIP-2333 in order to derive the long VK from a single root PK given any length.
Β§Installation
cargo install blastkids§API & Docs
See documentation on docs.rs.
See tests in lib.rs for example usage.
use blastkids::{Manager, Zeroizing, derive};
use blastkids::{G1, G2};
// make a new manager for a G2 public key
let seed = Zeroizing::new([42u8; 32]);
let manager: Manager<G2> = Manager::from_seed(seed);
// With a Manager you can create as many account sas you need
let account_number = 1u32;
let account = manager.account(account_number);
let length = 8u8; // Specify how many Child Public Keys you need (in this case, 8). Can be up to 255.
// Anyone can use an Account Public Key and a `length` to derive an expanded account
let expanded_pk: Vec<G2> = derive(&account.pk, length);
// When you want to use the child account secret keys,
// you call `expand_to` on the account
let expanded = account.expand_to(length);
// This expand public keys are the same as the ones derived above
assert_eq!(expanded.pk, expanded_pk);Β§Tests
cargo test§Dependencies
- BLS12-381: bls12_381_plus
- Elliptic Curve: RustCrypto/elliptic-curves
- Big Integers: RustCrypto/ctypro-bigint
Β§See also
- Generate seeds using
password+salt: seed-keeper-core - Generate Credentials using a
seed: delanocreds
Β§Prior Work
- EIP-2333
- EIP-2334
- rust-bls-derivation (circa 2023, uses
curv-kzenlibrary which breaks with rust-nightly and appears somewhat unmaintained)
Β§Contributing
Contributions are welcome! Please open an issue if you have any feature ideas or find any bugs. I also accept pull requests with open arms. Please:
- Fork this repo
- Create a new branch for your changes
- Open a draft pull request so we can follow and collaborate on your changes
- Add tests for your changes
- Keep the diff minimal for each pull request
- Write meaningful commit messages
- Change Draft to Open when youβre ready for final review
Modules§
- kdf
- Key derivation functions for BLS12-381 child keys
Structs§
- Account
- An Account is a hardened key derived from the master secret key.
- Expanded
- When an Account uses a length to derive a Child Account, this struct is returned. It contains both Public Key and Secret Key in vectors.
- G1
- This is an element of $\mathbb{G}_1$ represented in the projective coordinate space.
- G2
- This is an element of $\mathbb{G}_2$ represented in the projective coordinate space.
- Manager
- Seed and master key Manager.
- Scalar
- Represents an element of the scalar field $\mathbb{F}_q$ of the BLS12-381 elliptic curve construction.
- Secret
- Wrapper type for values that contains secrets, which attempts to limit accidental exposure and ensure secrets are wiped from memory when dropped. (e.g. passwords, cryptographic keys, access tokens or other credentials)
- Zeroizing
Zeroizingis a a wrapper for anyZ: Zeroizetype which implements aDrophandler which zeroizes dropped values.
Traits§
- Expose
Secret - Expose a reference to an inner secret
- Group
- This trait represents an element of a cryptographic group.
- Group
Encoding - MulBy
Generator - Multiplication by the generator.
- Zeroize
- Trait for securely erasing values from memory.
- Zeroize
OnDrop - Marker trait signifying that this type will
Zeroize::zeroizeitself onDrop.
Functions§
- derive
- Given an Account root Public Key and a length, derive the child account public keys