Lib.rs

This crate is fork from bbs. Do not use this crateca as it is for experimental purposes.

lib.rs:

Implements the BBS+ signature as defined in https://eprint.iacr.org/2016/663.pdf in Section 4.3. Also included is ability to do zero-knowledge proofs as described in Section 4.4 and 4.5.

The BBS+ signature is a pairing-based ECC signature that signs multiple messages instead of just one. The signature and messages can be used to create signature proofs of knowledge in zero-knowledge proofs in which the signature is not revealed and messages can be selectively disclosed––some are revealed and some remain hidden.

The signature also supports separating the signer and signature holder where the holder creates commitments to messages which are hidden from the signer and a signature blinding factor which is retained. The holder sends the commitment to the signer who completes the signing process and sends the blinded signature back. The holder can then un-blind the signature finishing a 2-PC computation

BBS+ signatures can be used for TPM DAA attestations or Verifiable Credentials.