Expand description
§Blastkids 🚀🔑🔑🔑
A BLS12-381 child key derivation library written in Rust. Implements EIP-2333 and EIP-2334.
Fork of rust-bls-derivation using bls12_381_plus
instead of curv-kzen
, plus cleanup and documentation.
§Rationale
If you want to use Delegatable Anonymous Credentials the verification key (VK
) becomes as long as the credential entries. Since a VK
is simply several BLS12-381 public keys (PK
s) we can use a derivation algorithm such as EIP-2333 in order to derive the long VK
from a single root PK
given any length.
§Installation
cargo install blastkids
§API & Docs
See documentation on docs.rs.
See tests in lib.rs
for example usage.
use blastkids::{Manager, Zeroizing, derive};
use blastkids::{G1, G2};
// make a new manager for a G2 public key
let seed = Zeroizing::new([42u8; 32]);
let manager: Manager<G2> = Manager::from_seed(seed);
// With a Manager you can create as many account sas you need
let account_number = 1u32;
let account = manager.account(account_number);
let length = 8u8; // Specify how many Child Public Keys you need (in this case, 8). Can be up to 255.
// Anyone can use an Account Public Key and a `length` to derive an expanded account
let expanded_pk: Vec<G2> = derive(&account.pk, length);
// When you want to use the child account secret keys,
// you call `expand_to` on the account
let expanded = account.expand_to(length);
// This expand public keys are the same as the ones derived above
assert_eq!(expanded.pk, expanded_pk);
§Tests
cargo test
§Dependencies
- BLS12-381: bls12_381_plus
- Elliptic Curve: RustCrypto/elliptic-curves
- Big Integers: RustCrypto/ctypro-bigint
§See also
- Generate seeds using
password
+salt
: seed-keeper-core - Generate Credentials using a
seed
: delanocreds
§Prior Work
- EIP-2333
- EIP-2334
- rust-bls-derivation (circa 2023, uses
curv-kzen
library which breaks with rust-nightly and appears somewhat unmaintained)
§Contributing
Contributions are welcome! Please open an issue if you have any feature ideas or find any bugs. I also accept pull requests with open arms. Please:
- Fork this repo
- Create a new branch for your changes
- Open a draft pull request so we can follow and collaborate on your changes
- Add tests for your changes
- Keep the diff minimal for each pull request
- Write meaningful commit messages
- Change Draft to Open when you’re ready for final review
Modules§
- Key derivation functions for BLS12-381 child keys
Structs§
- An Account is a hardened key derived from the master secret key.
- When an Account uses a length to derive a Child Account, this struct is returned. It contains both Public Key and Secret Key in vectors.
- This is an element of $\mathbb{G}_1$ represented in the projective coordinate space.
- This is an element of $\mathbb{G}_2$ represented in the projective coordinate space.
- Seed and master key Manager.
- Represents an element of the scalar field $\mathbb{F}_q$ of the BLS12-381 elliptic curve construction.
- Wrapper type for values that contains secrets, which attempts to limit accidental exposure and ensure secrets are wiped from memory when dropped. (e.g. passwords, cryptographic keys, access tokens or other credentials)
Zeroizing
is a a wrapper for anyZ: Zeroize
type which implements aDrop
handler which zeroizes dropped values.
Traits§
- Expose a reference to an inner secret
- This trait represents an element of a cryptographic group.
- Multiplication by the generator.
- Trait for securely erasing values from memory.
- Marker trait signifying that this type will
Zeroize::zeroize
itself onDrop
.
Functions§
- Given an Account root Public Key and a length, derive the child account public keys