This repository contains reference implementations of the BLS signatures draft standard.

Note: this code is WIP. It has not been audited for security, should not be assumed to be constant-time or otherwise secure, and the details may change at any time as the BLS standard evolves.

This code started as a fork of bls12-381_hash. (That repository also contains an implementation in C.)

Please see the READMEs in each subdirectory for information on particular implementations. In brief,

• The Python and Rust implementations include all functionality currently specified in the standard, plus serialization and deserialization based on the ZCash spec.

• The Sage implementation does not implement verification, only hashing, signing, and proof-of-possession generation.

• The Python implementation uses the Python finite field implementation from Chia's BLS library.

• The Rust implementation is based on the Rust pairing_fork library.

Riad S. Wahby, Zhenfei Zhang

This software is (C) 2019 Algorand, Inc.

Licensed under the MIT license (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://opensource.org/licenses/MIT

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.