Skip to content
libBLS is a modern C++ library for BLS threshold signatures and encryption, as well as distributed key generation. Used by SKALE sidechains for consensus, distributed random number generation, inter-chain communication and protection of transactions. BLS Signatures can be verified on Ethereum main net.
C++ CMake Shell
Branch: develop
Clone or download
olehnikolaiev Merge pull request #46 from skalenetwork/enhancement/SKALE-1393-Creat…

Enhancement/skale 1393 create wrappers for te
Latest commit f8fe1cc Aug 15, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
deps Initial OSS commit Feb 28, 2019
dkg SKALE-1393-fix-skaled-warnings Aug 15, 2019
libff @ f206716 SKALE-873-add-gitmodules Mar 21, 2019
mpir @ 57f23e2 Revert "SKALE-865 Add mergify" May 13, 2019
pbc @ dbcd142 SKALE-1393-update-pbc-library Aug 14, 2019
test SKALE-1393-edit-comments Aug 15, 2019
third_party SKALE-1185-add-unit-tests-for-te Jun 11, 2019
threshold_encryption SKALE-1393-fix-skaled-warnings Aug 15, 2019
tools SKALE-1393 Aug 14, 2019
.gitignore SKALE-1362 Add gitignore change Jul 23, 2019
.gitmodules update-submodules Aug 14, 2019
.travis.yml SKALE-1393-add-new-tests-to-travis Aug 15, 2019
LICENSE Update LICENSE Jul 8, 2019
get_code_cov transient commit, working on travis-ci configuration Mar 16, 2019

libBLS: a C++ library for BLS Threshold Signatures

Build Status Discord

A mathematical library written in C++ that supports BLS threshold signatures, Distributed Key Generation (DKG) and Threshold Encryption (TE).

This libBLS library is developed by SKALE Labs and uses SCIPR-LAB's libff and PBC library by Ben Lynn (see Libraries below).

An important note about production readiness

This libBLS library is still in active development and therefore should be regarded as alpha software. The development is still subject to security hardening, further testing, and breaking changes. This library has not yet been reviewed or audited for security.


libBLS is a C++ library for BLS signatures and DKG that supports both threshold signatures and multi-signatures. Also it supports Threshold Encryption.

The signature process proceeds in 4 steps:

  1. Key generation
  2. Hashing
  3. Signing
  4. Verification

libBLS uses the alt_bn128 (Barreto-Naehrig curve) elliptic curve to be compatible with Ethereum's cryptography and provides 128 bits of security. Also, it provides opportunity to generate secret keys with DKG algorithm that supports the same curve.

libBLS for the most part corresponds to BLS signature standard. This work is still in progress and is going to be improved in the next couple of months.

Encryption process is running running as follows:

  1. Key generation
  2. Encryption
  3. Decryption
  4. Verifying and combining shares

You can learn more about the algebraic structures used in this algorithm in Ben Lynn’s PhD Dissertation. libBLS uses the TYPE A curve for symmetric billinear pairing.

Perfomance Specifications

libBLS allows to sign about 3000 messages per second on a single thread (Intel® Core™ i3-4160 CPU @ 3.60GHz). However, for our solution we have implemented constant time signing (0.01 sec for sign) to avoid timing attacks.

Installation Requirements

libBLS has been built and tested on Ubuntu and Mac.

GitHub is used to maintain this source code. Clone this repository by:

git clone --recurse-submodules
cd libBLS

⚠️ Note: Because this repository depends on an additional submodule, it is important to pass--recurse-submodules to the git clone command to automatically initialize and update the submodule.

If you have already cloned the repository and forgot to pass --recurse-submodules, then simply execute git submodule update --init.

Building from source on Mac

Ensure that the following required packages are installed:

  • Boost version >= 1.65.1
  • OpenSSL version >= 1.1.1

Configure the project build with the following commands.

# Configure the project and create a build directory.
cmake -H. -Bbuild

# Build all default targets using all cores.
cmake --build build -- -j$(sysctl -n hw.ncpu)

Building from source on Ubuntu

Ensure that the required packages are installed by executing:

sudo apt-get update
sudo apt-get install -y cmake\

Configure the project build with the following commands.

# Configure the project and create a build directory.
cmake -H. -Bbuild

# Build all default targets using all cores.
cmake --build build -- -j$(nproc)

Include the library

For BLS signatures:

#include <bls/bls.h>
#include <dkg/dkg.h>

For pbc library:

#include "pbc/pbc.h"

For TE algorithm:

#include <dkg/dkg_te.h>
#include <threshold_encryption/threshold_encryption.h>

Run tests

./build/dkg_unit_test                           # run all dkg unit tests
./build/bls_unit_test                           # run all bls unit tests
./build/bls_unit_test --list_content            # show all test cases
./build/bls_unit_test -t libBLS/<TestCaseName>  # run single test case
./build/threshold_encryption/dkg_te_unit_test   # run all dkg tests corresponds to the algebraic structures used in TE algroithm
./build/threshold_encryption/te_unit_test       # run all te tests

How to use the BLS algorithm

  1. Create an instance of class Bls with input parameters t, and n; where n is a number of participants in your group and t is a threshold number for your case.
signatures::bls bls_instance = signatures::bls(t, n);
  1. Generate keys with DKG algorithm (if you want to use Threshold algorithm) or running the function KeyGeneration (if you want to use MultiSignature algorithm or singleBLS)
libff::alt_bn128_Fr secret_key = key_generated_by_dkg;
libff::alt_bn128_G2 public_key = secret_key * libff::alt_bn128_G2::one();


std::pair<libff::alt_bn128_Fr, libff::alt_bn128_G2> keys = bls_instance.KeyGeneration();
  1. Create a hash of the message you want to sign by running the function Hashing (by default we use the SHA256 hash function, but you can replace this with any other hash function. Be sure to be careful with respect to security.)
libff::alt_bn128_G1 hash = bls_instance.Hashing(message);
  1. Sign the hashed message by running Signing (if you are doing Threshold algorithm, you have to generate common signature by running SignatureRecover after it)
libff::alt_bn128_G1 signature = bls_instance.Signing(hash, secret_key
  1. Verify a signature by running the function Verification.
assert(bls_instance.Verification(message, signature, public_key) == true);

How to use the TE algorithm

  1. Create an istance of class TE with input parameters t, and n; where n is a number of participants in your group and t is a threshold number for your case.
encryption::TE te_instance = encryption::TE(t, n);
  1. Encrypt a plaintext message by running
auto ciphertext = te_instance.Encrypt(message, public_key);
  1. Decrypt recieved ciphertext by running
te_instance.Decrypt(decrypted, ciphertext, secret_key); // decrypted value is stored in `decrypted`.
  1. Verify decrypted ciphertext by running
assert(te_instance.Verify(ciphertext, decrypted, public_key));
  1. If decrypted value is verified then you can get encrypted plaintext by running
std::vector<std::pair<encryption::element_wrapper, size_t>> shares;
std::string res = te_instance.CombineShares(ciphertext, shares); // `res` is equal to `message`



If you have any questions please ask our development community on Discord.


Otherwise see our for more information.



Copyright (C) 2018-present SKALE Labs

You can’t perform that action at this time.