You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We need BLS12-381 curve and field arithmetics support in order to build zk-apps with BLS signature.
As a result of this task, all types of BLS signatures (including aggregated ones) have to be efficiently implemented. This might require adding new builtins for BLS pairings.
The list of target signature algorithms is in the comment below.
BLS12-381 uses 2 groups:
G1: with points on an elliptic curve over the field F_p;
G2: with points on an elliptic curve over the field field F_p² (implying the sextic twist is used).
Thus, curve points are represented as 2 field elements in the first case and 4 field elements in the second.
BLS12-381 signature verification requires the following top-level components:
hash_to_point
input: message = bls_field_array[n]. Apparently we should take n = ceil((message length in bytes)/47).
output: group element (bls_field_array[2] or bls_field_array[4], depending on the group).
pairing
input: element of G1 (bls_field_element[2]) and element of G2 (bls_field_element[4])
output: bls_field_element[12]
NB: it is posible to design an optimized component "pairing_check" with
input: first element of G1 (bls_field_element[2]), first element of G2 (bls_field_element[4])
second element of G1 (bls_field_element[2]), second element of G2 (bls_field_element[4])
output: boolean
is_in_group
input: candidate elliptic curve point (bls_field_array[2] or bls_field_array[4], depending on the group)
output: boolean
We need BLS12-381 curve and field arithmetics support in order to build zk-apps with BLS signature.
As a result of this task, all types of BLS signatures (including aggregated ones) have to be efficiently implemented. This might require adding new builtins for BLS pairings.
The list of target signature algorithms is in the comment below.
Depends on: #288
The text was updated successfully, but these errors were encountered: