Crate ark_vrf

Crate ark_vrf 

Source
Expand description

§Elliptic Curve VRF-AD

Implementations of Verifiable Random Functions with Additional Data (VRF-AD) based on elliptic curve cryptography. Built on the Arkworks framework with configurable cryptographic parameters.

VRF-AD extends standard VRF constructions by binding auxiliary data to the proof, providing stronger contextual security guarantees.

§Schemes

  • IETF VRF: ECVRF implementation compliant with RFC9381

  • Pedersen VRF: Key-hiding VRF using Pedersen commitments as described in BCHSV23

  • Ring VRF: Zero-knowledge VRF with signer anonymity within a key set, based on BCHSV23

§Specifications

§Built-In suites

The library conditionally includes the following pre-configured suites (see features section):

  • Ed25519-SHA-512-TAI: Supports IETF and Pedersen VRF.
  • Secp256r1-SHA-256-TAI: Supports IETF and Pedersen VRF.
  • Bandersnatch (Edwards curve on BLS12-381): Supports IETF, Pedersen, and Ring VRF.
  • JubJub (Edwards curve on BLS12-381): Supports IETF, Pedersen, and Ring VRF.
  • Baby-JubJub (Edwards curve on BN254): Supports IETF, Pedersen, and Ring VRF.

§Usage

use ark_vrf::suites::bandersnatch::*;

let secret = Secret::from_seed(b"example seed");
let public = secret.public();
let input = Input::new(b"example input").unwrap();
let output = secret.output(input);
let hash_bytes = output.hash();

§Proof Generation Schemes

§Features

  • default: std
  • full: Enables all features listed below except secret-split, parallel, asm, rfc-6979, test-vectors.
  • secret-split: Point scalar multiplication with secret split. Secret scalar is split into the sum of two scalars, which randomly mutate but retain the same sum. Incurs 2x penalty in some internal sensible scalar multiplications, but provides side channel defenses.
  • ring: Ring-VRF for the curves supporting it.
  • rfc-6979: Support for nonce generation according to RFC-9381 section 5.4.2.1.
  • test-vectors: Deterministic ring-vrf proof. Useful for reproducible test vectors generation.

§Curves

  • ed25519
  • jubjub
  • bandersnatch
  • baby-jubjub
  • secp256r1

§Arkworks optimizations

  • parallel: Parallel execution where worth using rayon.
  • asm: Assembly implementation of some low level operations.

§License

Distributed under the MIT License.

Modules§

codec
Points and scalars encoding.
ietf
IETF-VRF
pedersen
Pedersen-VRF
reexports
Re-export stuff that may be useful downstream.
ring
Ring VRF
suites
Cipher Suites
utils
Common utilities

Macros§

ring_suite_types
Type aliases for the given ring suite.
suite_types
Type aliases for the given suite.

Structs§

Input
VRF input point generic over the cipher suite.
Output
VRF output point generic over the cipher suite.
Public
Public key generic over the cipher suite.
Secret
Secret key for VRF operations.

Enums§

Error
Overarching errors.

Traits§

Suite
Defines a cipher suite.

Type Aliases§

AffinePoint
BaseField
CurveConfig
HashOutput
ScalarField