From 79a986723840c84ebc408a49aa08f06acb7b6df2 Mon Sep 17 00:00:00 2001
From: logicalmechanism <logicalmechanism@protonmail.com>
Date: Tue, 7 Oct 2025 20:46:11 -0700
Subject: [PATCH 1/5] bump 1.1.17 to 1.1.19 and adding in pairing to bls12381
 folder

---
 aiken.toml                            |  2 +-
 lib/aiken/crypto/bls12_381/pairing.ak | 28 +++++++++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 lib/aiken/crypto/bls12_381/pairing.ak

diff --git a/aiken.toml b/aiken.toml
index c82a099..db7c848 100644
--- a/aiken.toml
+++ b/aiken.toml
@@ -1,6 +1,6 @@
 name = "aiken-lang/stdlib"
 version = "main"
-compiler = "v1.1.17"
+compiler = "v1.1.19"
 plutus = "v3"
 description = "The Aiken Standard Library"
 
diff --git a/lib/aiken/crypto/bls12_381/pairing.ak b/lib/aiken/crypto/bls12_381/pairing.ak
new file mode 100644
index 0000000..160c837
--- /dev/null
+++ b/lib/aiken/crypto/bls12_381/pairing.ak
@@ -0,0 +1,28 @@
+use aiken/builtin.{bls12_381_final_verify, bls12_381_miller_loop}
+use aiken/crypto/bitwise.{State}
+use aiken/crypto/bls12_381/g1
+use aiken/crypto/bls12_381/g2
+use aiken/crypto/bls12_381/scalar.{Scalar}
+
+pub fn miller_loop(q: G1Element, p: G2Element) -> MillerLoopResult {
+  bls12_381_miller_loop(q, p)
+}
+
+pub fn final_exponentiation(
+  left: MillerLoopResult,
+  right: MillerLoopResult,
+) -> Bool {
+  bls12_381_final_verify(left, right)
+}
+
+test simple_miller_loop_with_final_exponentiation() {
+  let x: State<Scalar> = scalar.from_int(44203)
+  let u: G1Element = g1.generator |> g1.scale(x)
+  let mb: ByteArray = #"acab"
+  let m: State<Scalar> = scalar.from_bytes(mb)
+  let qmx: G2Element = g2.generator |> g2.scale(x) |> g2.scale(m)
+  let qm: G2Element = g2.scale(g2.generator, m)
+  let left: MillerLoopResult = miller_loop(u, qm)
+  let right: MillerLoopResult = miller_loop(g1.generator, qmx)
+  final_exponentiation(left, right)
+}

From ae0d4d9f9d970ac8480cac22e95aaa67ace7b260 Mon Sep 17 00:00:00 2001
From: logicalmechanism <logicalmechanism@protonmail.com>
Date: Tue, 7 Oct 2025 20:49:25 -0700
Subject: [PATCH 2/5] not going to change toml file

---
 aiken.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aiken.toml b/aiken.toml
index db7c848..c82a099 100644
--- a/aiken.toml
+++ b/aiken.toml
@@ -1,6 +1,6 @@
 name = "aiken-lang/stdlib"
 version = "main"
-compiler = "v1.1.19"
+compiler = "v1.1.17"
 plutus = "v3"
 description = "The Aiken Standard Library"
 

From af88ab1b1508d75b26c3cc6902f049dd215722cd Mon Sep 17 00:00:00 2001
From: logicalmechanism <logicalmechanism@protonmail.com>
Date: Tue, 7 Oct 2025 20:52:37 -0700
Subject: [PATCH 3/5] adding some comments to the test

---
 lib/aiken/crypto/bls12_381/pairing.ak | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/aiken/crypto/bls12_381/pairing.ak b/lib/aiken/crypto/bls12_381/pairing.ak
index 160c837..b8b37de 100644
--- a/lib/aiken/crypto/bls12_381/pairing.ak
+++ b/lib/aiken/crypto/bls12_381/pairing.ak
@@ -16,6 +16,7 @@ pub fn final_exponentiation(
 }
 
 test simple_miller_loop_with_final_exponentiation() {
+  // prove e(q^x, p^m) == e(q^m*x, p)
   let x: State<Scalar> = scalar.from_int(44203)
   let u: G1Element = g1.generator |> g1.scale(x)
   let mb: ByteArray = #"acab"

From c6de18b27822695057183446300218fc7c722d8a Mon Sep 17 00:00:00 2001
From: logicalmechanism <logicalmechanism@protonmail.com>
Date: Tue, 7 Oct 2025 20:53:39 -0700
Subject: [PATCH 4/5] simple test clean up

---
 lib/aiken/crypto/bls12_381/pairing.ak | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/aiken/crypto/bls12_381/pairing.ak b/lib/aiken/crypto/bls12_381/pairing.ak
index b8b37de..2a9a356 100644
--- a/lib/aiken/crypto/bls12_381/pairing.ak
+++ b/lib/aiken/crypto/bls12_381/pairing.ak
@@ -19,8 +19,7 @@ test simple_miller_loop_with_final_exponentiation() {
   // prove e(q^x, p^m) == e(q^m*x, p)
   let x: State<Scalar> = scalar.from_int(44203)
   let u: G1Element = g1.generator |> g1.scale(x)
-  let mb: ByteArray = #"acab"
-  let m: State<Scalar> = scalar.from_bytes(mb)
+  let m: State<Scalar> = scalar.from_bytes(#"acab")
   let qmx: G2Element = g2.generator |> g2.scale(x) |> g2.scale(m)
   let qm: G2Element = g2.scale(g2.generator, m)
   let left: MillerLoopResult = miller_loop(u, qm)

From b1a99d51473c2f781a57915c10ef279591430e15 Mon Sep 17 00:00:00 2001
From: logicalmechanism <logicalmechanism@protonmail.com>
Date: Wed, 8 Oct 2025 20:19:53 -0700
Subject: [PATCH 5/5] fixing test

---
 lib/aiken/crypto/bls12_381/pairing.ak | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/lib/aiken/crypto/bls12_381/pairing.ak b/lib/aiken/crypto/bls12_381/pairing.ak
index 2a9a356..56428ea 100644
--- a/lib/aiken/crypto/bls12_381/pairing.ak
+++ b/lib/aiken/crypto/bls12_381/pairing.ak
@@ -16,13 +16,15 @@ pub fn final_exponentiation(
 }
 
 test simple_miller_loop_with_final_exponentiation() {
-  // prove e(q^x, p^m) == e(q^m*x, p)
-  let x: State<Scalar> = scalar.from_int(44203)
-  let u: G1Element = g1.generator |> g1.scale(x)
-  let m: State<Scalar> = scalar.from_bytes(#"acab")
-  let qmx: G2Element = g2.generator |> g2.scale(x) |> g2.scale(m)
-  let qm: G2Element = g2.scale(g2.generator, m)
-  let left: MillerLoopResult = miller_loop(u, qm)
-  let right: MillerLoopResult = miller_loop(g1.generator, qmx)
+  // prove: e(q^x, p^m) == e(q, p^m*x)
+  let secret: State<Scalar> = scalar.from_int(44203)
+  let public_value: G1Element = g1.generator |> g1.scale(secret)
+  let message: ByteArray = #"acab"
+  let domain_tag: ByteArray = "BLS-TEST"
+  let challenge: G2Element = g2.hash_to_group(message, domain_tag)
+  let witness: G2Element =
+    g2.hash_to_group(message, domain_tag) |> g2.scale(secret)
+  let left: MillerLoopResult = miller_loop(public_value, challenge)
+  let right: MillerLoopResult = miller_loop(g1.generator, witness)
   final_exponentiation(left, right)
 }