aiken/crypto/bls12_381/g2
This module is designed for cryptographic operations involving the BLS12-381 elliptic curve, particularly focusing on the G2 group of the curve.
The key functionalities provided by this module include:
- Defining the generator of the G2 group, which is a fixed base point on the elliptic curve used for various cryptographic computations.
- Implementing the additive identity (zero) in the G2 group, which plays a crucial role in elliptic curve arithmetic.
- Providing functions to compress and decompress points in the G2 group. Compression reduces the size of the point representation, which is useful for efficient storage and transmission. Decompression restores the original point from its compressed form.
- Implementing basic arithmetic operations on the points in the G2 group, such as addition and subtraction.
- Enabling the exponentiation of a point in the G2 group with a scalar, which is a fundamental operation in elliptic curve cryptography.
- Offering a function to hash arbitrary data to a point in the G2 group, a process important in several cryptographic protocols.
This module ensures that all operations respect the properties of the BLS12-381 curve and the mathematical structure of the G2 group.
Constants
generator: G2Element = #<Bls12_381, G2>"93e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8"
The compressed generator of the G2 group of the BLS12-381 curve. This constant represents a fixed base point on the elliptic curve. Note that flat encoded plutus does not allow for the direct usage of BLS12-381 points. More explicit, any points in plutus data or scripts must be decompressed before usage onchain.
zero: G2Element = #<Bls12_381, G2>"c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
Represents the additive identity (zero) in the G2 group. Note that flat encoded plutus does not allow for the direct usage of BLS12-381 points. More explicit, any points in plutus data or scripts must be decompressed before usage onchain.
Functions
Compresses a point in the G2 group into a more compact representation.
The compressed representation is the concatenation of two 48-byte strings, corresponding to a modified and complexified x coordinate.
The leading most significant 3 bits of this string indicate how to reconstruct the y coordinate.
More explicitly via Zcash’s spec:
The most-significant three bits of a G1 or G2 encoding should be masked away before the coordinate(s) are interpreted. These bits are used to unambiguously represent the underlying element:
- The most significant bit, when set, indicates that the point is in compressed form. Otherwise, the point is in uncompressed form.
- The second-most significant bit indicates that the point is at infinity. If this bit is set, the remaining bits of the group element’s encoding should be set to zero.
- The third-most significant bit is set if (and only if) this point is in compressed form and it is not the point at infinity and its y-coordinate is the lexicographically largest of the two associated with the encoded x-coordinate.
Decompresses a point in the G2 group from its compressed form.
Subtracts one point in the G2 group from another.
Exponentiates a point in the G2 group with a scalar.
This operation is equivalent to the repeated addition of the point with itself e times.