dusk_bls12_381/
lib.rs

1//! # `bls12_381`
2//!
3//! This crate provides an implementation of the BLS12-381 pairing-friendly elliptic
4//! curve construction.
5//!
6//! * **This implementation has not been reviewed or audited. Use at your own risk.**
7//! * This implementation targets Rust `1.36` or later.
8//! * This implementation does not require the Rust standard library.
9//! * All operations are constant time unless explicitly noted.
10
11#![no_std]
12#![cfg_attr(docsrs, feature(doc_cfg))]
13// Catch documentation errors caused by code changes.
14#![deny(rustdoc::broken_intra_doc_links)]
15#![deny(missing_debug_implementations)]
16#![deny(missing_docs)]
17#![allow(clippy::too_many_arguments)]
18#![allow(clippy::many_single_char_names)]
19// This lint is described at
20// https://rust-lang.github.io/rust-clippy/master/index.html#suspicious_arithmetic_impl
21// In our library, some of the arithmetic involving extension fields will necessarily
22// involve various binary operators, and so this lint is triggered unnecessarily.
23#![allow(clippy::suspicious_arithmetic_impl)]
24
25#[cfg(feature = "alloc")]
26extern crate alloc;
27
28#[cfg(test)]
29#[macro_use]
30extern crate std;
31
32#[cfg(test)]
33#[cfg(feature = "groups")]
34mod tests;
35
36#[macro_use]
37mod util;
38
39/// Notes about how the BLS12-381 elliptic curve is designed, specified
40/// and implemented by this library.
41pub mod notes {
42    pub mod design;
43    pub mod serialization;
44}
45
46mod dusk;
47#[cfg(feature = "groups")]
48use dusk::choice;
49#[cfg(all(feature = "groups", feature = "alloc"))]
50pub use dusk::multiscalar_mul;
51
52mod scalar;
53
54pub use scalar::Scalar as BlsScalar;
55#[cfg(feature = "rkyv-impl")]
56pub use scalar::{ArchivedScalar as ArchivedBlsScalar, ScalarResolver as BlsScalarResolver};
57pub use scalar::{GENERATOR, ROOT_OF_UNITY, TWO_ADACITY};
58
59#[cfg(feature = "groups")]
60mod fp;
61#[cfg(feature = "groups")]
62mod fp2;
63#[cfg(feature = "groups")]
64mod g1;
65#[cfg(feature = "groups")]
66mod g2;
67
68#[cfg(all(feature = "groups", feature = "rkyv-impl"))]
69pub use g1::{ArchivedG1Affine, G1AffineResolver};
70#[cfg(feature = "groups")]
71pub use g1::{G1Affine, G1Projective};
72#[cfg(all(feature = "groups", feature = "rkyv-impl"))]
73pub use g2::{ArchivedG2Affine, G2AffineResolver};
74#[cfg(feature = "groups")]
75pub use g2::{G2Affine, G2Projective};
76
77#[cfg(feature = "groups")]
78mod fp12;
79#[cfg(feature = "groups")]
80mod fp6;
81
82// The BLS parameter x for BLS12-381 is -0xd201000000010000
83#[cfg(feature = "groups")]
84const BLS_X: u64 = 0xd201_0000_0001_0000;
85#[cfg(feature = "groups")]
86const BLS_X_IS_NEGATIVE: bool = true;
87
88#[cfg(feature = "pairings")]
89mod pairings;
90
91#[cfg(feature = "pairings")]
92pub use pairings::{pairing, Bls12, Gt, MillerLoopResult};
93
94#[cfg(all(feature = "pairings", feature = "alloc"))]
95pub use pairings::{multi_miller_loop, G2Prepared};
96
97#[cfg(all(feature = "pairings", feature = "rkyv-impl"))]
98pub use pairings::{
99    ArchivedG2Prepared, ArchivedGt, ArchivedMillerLoopResult, G2PreparedResolver, GtResolver,
100    MillerLoopResultResolver,
101};
102
103/// Use the generic_array re-exported by digest to avoid a version mismatch
104#[cfg(feature = "experimental")]
105pub(crate) use digest::generic_array;
106
107#[cfg(feature = "experimental")]
108pub mod hash_to_curve;