Lib.rs

Cryptography
#elliptic-curve #scalar-field #pairing #extension

no-std ark-ed-on-bls12-381-bandersnatch-ext

Extensions for Bandersnatch curve defined over the scalar field of the BLS12-381 curve

by Parity Technologies, Achim Schneider, Davide Galassi. Owned by paritytech-ci.

1 unstable release

0.4.1 Oct 27, 2023

#1550 in Cryptography

Download history 18098/week @ 2024-01-07 25323/week @ 2024-01-14 24511/week @ 2024-01-21 22765/week @ 2024-01-28 21475/week @ 2024-02-04 24253/week @ 2024-02-11 32152/week @ 2024-02-18 30069/week @ 2024-02-25 23799/week @ 2024-03-03 25945/week @ 2024-03-10 28942/week @ 2024-03-17 26685/week @ 2024-03-24 43105/week @ 2024-03-31 41688/week @ 2024-04-07 31981/week @ 2024-04-14 30304/week @ 2024-04-21

148,330 downloads per month
Used in 3 crates

MIT/Apache

26KB
483 lines

This library implements the Bendersnatch curve, a twisted Edwards curve whose base field is the scalar field of the curve BLS12-381. This allows defining cryptographic primitives that use elliptic curves over the scalar field of the latter curve. This curve was generated by Simon Masson from Anoma, and Antonio Sanso from Ethereum Foundation, and is also known as bandersnatch.

See here for the specification of the curve. There was also a Python implementation here.

Curve information:

  • Base field: q = 52435875175126190479447740508185965837690552500527637822603658699938581184513
  • Scalar field: r = 13108968793781547619861935127046491459309155893440570251786403306729687672801
  • Valuation(q - 1, 2) = 32
  • Valuation(r - 1, 2) = 5
  • Curve equation: ax^2 + y^2 =1 + dx^2y^2, where
    • a = -5
    • d = 45022363124591815672509500913686876175488063829319466900776701791074614335719

Dependencies

~6.5MB
~118K SLoC