Expand description
Group operations over the BLS12-381 scalar field.
This crate implements basic group operations over BLS12-381 elements, including point addition, scalar multiplication, and pairing operations.
§Warning
Ensure that points are checked to belong to the correct subgroup
(G1 or G2) to prevent small subgroup attacks. This is particularly important
when handling deserialized points or points received from untrusted sources. This
is already taken care of for you if you use the provided deserialize function.
Structs§
- G1
- A point on the BLS12-381 G1 curve.
- G2
- A point on the BLS12-381 G2 curve.
- GT
- The target group of the BLS12-381 pairing.
- Scalar
- Wrapper around
blst_frthat represents an element of the BLS12‑381 scalar fieldF_r. - Share
- A share of a threshold signing key.
Constants§
- G1_
ELEMENT_ BYTE_ LENGTH - The size in bytes of an encoded G1 element.
- G1_
MESSAGE - Domain separation tag for hashing a message to G1.
- G1_
PROOF_ OF_ POSSESSION - Domain separation tag for hashing a proof of possession (compressed G2) to G1.
- G2_
ELEMENT_ BYTE_ LENGTH - The size in bytes of an encoded G2 element.
- G2_
MESSAGE - Domain separation tag for hashing a message to G2.
- G2_
PROOF_ OF_ POSSESSION - Domain separation tag for hashing a proof of possession (compressed G1) to G2.
- MESSAGE
- The DST for hashing a message to the default signature type (G2).
- PRIVATE_
KEY_ LENGTH - The private key length.
- PROOF_
OF_ POSSESSION - The DST for hashing a proof of possession to the default signature type (G2).
- PUBLIC_
KEY_ LENGTH - The default public key length (G1).
- SIGNATURE_
LENGTH - The default signature length (G2).