/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ import { AffinePoint } from './curve.js'; import { IField } from './modular.js'; import { Hex, PrivKey, CHash } from './utils.js'; import { MapToCurve, Opts as HTFOpts, htfBasicOpts, createHasher } from './hash-to-curve.js'; import { CurvePointsType, ProjPointType as ProjPointType, CurvePointsRes } from './weierstrass.js'; /** * BLS (Barreto-Lynn-Scott) family of pairing-friendly curves. * Implements BLS (Boneh-Lynn-Shacham) signatures. * Consists of two curves: G1 and G2: * - G1 is a subgroup of (x, y) E(Fq) over y² = x³ + 4. * - G2 is a subgroup of ((x₁, x₂+i), (y₁, y₂+i)) E(Fq²) over y² = x³ + 4(1 + i) where i is √-1 * - Gt, created by bilinear (ate) pairing e(G1, G2), consists of p-th roots of unity in * Fq^k where k is embedding degree. Only degree 12 is currently supported, 24 is not. * Pairing is used to aggregate and verify signatures. * We are using Fp for private keys (shorter) and Fp₂ for signatures (longer). * Some projects may prefer to swap this relation, it is not supported for now. **/ type Fp = bigint; export type ShortSignatureCoder = { fromHex(hex: Hex): ProjPointType; toRawBytes(point: ProjPointType): Uint8Array; toHex(point: ProjPointType): string; }; export type SignatureCoder = { fromHex(hex: Hex): ProjPointType; toRawBytes(point: ProjPointType): Uint8Array; toHex(point: ProjPointType): string; }; type Fp2Bls = IField & { reim: (num: Fp2) => { re: Fp; im: Fp; }; multiplyByB: (num: Fp2) => Fp2; frobeniusMap(num: Fp2, power: number): Fp2; }; type Fp12Bls = IField & { frobeniusMap(num: Fp12, power: number): Fp12; multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12; conjugate(num: Fp12): Fp12; finalExponentiate(num: Fp12): Fp12; }; export type CurveType = { G1: Omit, 'n'> & { ShortSignature: SignatureCoder; mapToCurve: MapToCurve; htfDefaults: HTFOpts; }; G2: Omit, 'n'> & { Signature: SignatureCoder; mapToCurve: MapToCurve; htfDefaults: HTFOpts; }; fields: { Fp: IField; Fr: IField; Fp2: Fp2Bls; Fp6: IField; Fp12: Fp12Bls; }; params: { x: bigint; r: bigint; }; htfDefaults: HTFOpts; hash: CHash; randomBytes: (bytesLength?: number) => Uint8Array; }; export type CurveFn = { getPublicKey: (privateKey: PrivKey) => Uint8Array; getPublicKeyForShortSignatures: (privateKey: PrivKey) => Uint8Array; sign: { (message: Hex, privateKey: PrivKey, htfOpts?: htfBasicOpts): Uint8Array; (message: ProjPointType, privateKey: PrivKey, htfOpts?: htfBasicOpts): ProjPointType; }; signShortSignature: { (message: Hex, privateKey: PrivKey, htfOpts?: htfBasicOpts): Uint8Array; (message: ProjPointType, privateKey: PrivKey, htfOpts?: htfBasicOpts): ProjPointType; }; verify: (signature: Hex | ProjPointType, message: Hex | ProjPointType, publicKey: Hex | ProjPointType, htfOpts?: htfBasicOpts) => boolean; verifyShortSignature: (signature: Hex | ProjPointType, message: Hex | ProjPointType, publicKey: Hex | ProjPointType, htfOpts?: htfBasicOpts) => boolean; verifyBatch: (signature: Hex | ProjPointType, messages: (Hex | ProjPointType)[], publicKeys: (Hex | ProjPointType)[], htfOpts?: htfBasicOpts) => boolean; aggregatePublicKeys: { (publicKeys: Hex[]): Uint8Array; (publicKeys: ProjPointType[]): ProjPointType; }; aggregateSignatures: { (signatures: Hex[]): Uint8Array; (signatures: ProjPointType[]): ProjPointType; }; aggregateShortSignatures: { (signatures: Hex[]): Uint8Array; (signatures: ProjPointType[]): ProjPointType; }; millerLoop: (ell: [Fp2, Fp2, Fp2][], g1: [Fp, Fp]) => Fp12; pairing: (P: ProjPointType, Q: ProjPointType, withFinalExponent?: boolean) => Fp12; G1: CurvePointsRes & ReturnType>; G2: CurvePointsRes & ReturnType>; Signature: SignatureCoder; ShortSignature: ShortSignatureCoder; params: { x: bigint; r: bigint; G1b: bigint; G2b: Fp2; }; fields: { Fp: IField; Fp2: Fp2Bls; Fp6: IField; Fp12: Fp12Bls; Fr: IField; }; utils: { randomPrivateKey: () => Uint8Array; calcPairingPrecomputes: (p: AffinePoint) => [Fp2, Fp2, Fp2][]; }; }; export declare function bls(CURVE: CurveType): CurveFn; export {}; //# sourceMappingURL=bls.d.ts.map