diff --git a/lib/aiken/crypto/bls12_381/pairing.ak b/lib/aiken/crypto/bls12_381/pairing.ak
new file mode 100644
index 0000000..56428ea
--- /dev/null
+++ b/lib/aiken/crypto/bls12_381/pairing.ak
@@ -0,0 +1,30 @@
+use aiken/builtin.{bls12_381_final_verify, bls12_381_miller_loop}
+use aiken/crypto/bitwise.{State}
+use aiken/crypto/bls12_381/g1
+use aiken/crypto/bls12_381/g2
+use aiken/crypto/bls12_381/scalar.{Scalar}
+
+pub fn miller_loop(q: G1Element, p: G2Element) -> MillerLoopResult {
+  bls12_381_miller_loop(q, p)
+}
+
+pub fn final_exponentiation(
+  left: MillerLoopResult,
+  right: MillerLoopResult,
+) -> Bool {
+  bls12_381_final_verify(left, right)
+}
+
+test simple_miller_loop_with_final_exponentiation() {
+  // prove: e(q^x, p^m) == e(q, p^m*x)
+  let secret: State<Scalar> = scalar.from_int(44203)
+  let public_value: G1Element = g1.generator |> g1.scale(secret)
+  let message: ByteArray = #"acab"
+  let domain_tag: ByteArray = "BLS-TEST"
+  let challenge: G2Element = g2.hash_to_group(message, domain_tag)
+  let witness: G2Element =
+    g2.hash_to_group(message, domain_tag) |> g2.scale(secret)
+  let left: MillerLoopResult = miller_loop(public_value, challenge)
+  let right: MillerLoopResult = miller_loop(g1.generator, witness)
+  final_exponentiation(left, right)
+}