Lib.rs

Cryptography
#elliptic-curve #pairing #extension

no-std ark-bls12-377-ext

Extensions for the BLS12-377 pairing-friendly elliptic curve

by Parity Technologies, Achim Schneider, Davide Galassi. Owned by paritytech-ci.

1 unstable release

0.4.1 Oct 27, 2023

#1537 in Cryptography

Download history 25966/week @ 2024-03-14 31688/week @ 2024-03-21 33133/week @ 2024-03-28 42185/week @ 2024-04-04 35838/week @ 2024-04-11 31277/week @ 2024-04-18 25628/week @ 2024-04-25 24703/week @ 2024-05-02 23984/week @ 2024-05-09 22811/week @ 2024-05-16 35336/week @ 2024-05-23 31123/week @ 2024-05-30 21770/week @ 2024-06-06 26109/week @ 2024-06-13 27622/week @ 2024-06-20 20066/week @ 2024-06-27

100,606 downloads per month
Used in 4 crates (3 directly)

MIT/Apache

30KB
590 lines

This library implements the BLS12_377 curve generated in [BCGMMW20, “Zexe”]. The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree 12, defined over a 377-bit (prime) field. The main feature of this curve is that both the scalar field and the base field are highly 2-adic. (This is in contrast to the BLS12_381 curve for which only the scalar field is highly 2-adic.)

Curve information:

  • Base field: q = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
  • Scalar field: r = 8444461749428370424248824938781546531375899335154063827935233455917409239041
  • valuation(q - 1, 2) = 46
  • valuation(r - 1, 2) = 47
  • G1 curve equation: y^2 = x^3 + 1
  • G2 curve equation: y^2 = x^3 + B, where
    • B = Fq2(0, 155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906)

Dependencies

~6MB
~119K SLoC