Lib.rs

Cryptography
#elliptic-curve #scalar-field #pairing #extension

no-std ark-ed-on-bls12-381-bandersnatch-ext

Extensions for Bandersnatch curve defined over the scalar field of the BLS12-381 curve

by Parity Technologies, Achim Schneider, Davide Galassi. Owned by paritytech-ci.

1 unstable release

0.4.1 Oct 27, 2023

#1820 in Cryptography

Download history 25966/week @ 2024-03-14 31653/week @ 2024-03-21 33145/week @ 2024-03-28 42201/week @ 2024-04-04 35863/week @ 2024-04-11 31273/week @ 2024-04-18 25636/week @ 2024-04-25 24714/week @ 2024-05-02 24003/week @ 2024-05-09 22814/week @ 2024-05-16 35345/week @ 2024-05-23 31127/week @ 2024-05-30 21753/week @ 2024-06-06 26132/week @ 2024-06-13 27628/week @ 2024-06-20 20060/week @ 2024-06-27

100,611 downloads per month
Used in 4 crates (3 directly)

MIT/Apache

26KB
483 lines

This library implements the Bendersnatch curve, a twisted Edwards curve whose base field is the scalar field of the curve BLS12-381. This allows defining cryptographic primitives that use elliptic curves over the scalar field of the latter curve. This curve was generated by Simon Masson from Anoma, and Antonio Sanso from Ethereum Foundation, and is also known as bandersnatch.

See here for the specification of the curve. There was also a Python implementation here.

Curve information:

  • Base field: q = 52435875175126190479447740508185965837690552500527637822603658699938581184513
  • Scalar field: r = 13108968793781547619861935127046491459309155893440570251786403306729687672801
  • Valuation(q - 1, 2) = 32
  • Valuation(r - 1, 2) = 5
  • Curve equation: ax^2 + y^2 =1 + dx^2y^2, where
    • a = -5
    • d = 45022363124591815672509500913686876175488063829319466900776701791074614335719

Dependencies

~6.5MB
~122K SLoC