github.com/cloudflare/circl@v1.5.0/ecc/bls12381/doc.go (about) 1 // Package bls12381 provides bilinear pairings using the BLS12-381 curve. 2 // 3 // A pairing system consists of three groups G1 and G2 (additive notation) and 4 // Gt (multiplicative notation) of the same order. 5 // Scalars can be used interchangeably between groups. 6 // 7 // These groups have the same order equal to: 8 // 9 // Order = 0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001 10 // 11 // # Serialization Format 12 // 13 // Elements of G1 and G2 can be encoded in uncompressed form (the x-coordinate 14 // followed by the y-coordinate) or in compressed form (just the x-coordinate). 15 // G1 elements occupy 96 bytes in uncompressed form, and 48 bytes in compressed 16 // form. G2 elements occupy 192 bytes in uncompressed form, and 96 bytes in 17 // compressed form. 18 // 19 // The most-significant three bits of a G1 or G2 encoding should be masked away 20 // before the coordinates are interpreted. These bits are used to unambiguously 21 // represent the underlying element: 22 // 23 // * The most significant bit, when set, indicates that the point is in 24 // compressed form. Otherwise, the point is in uncompressed form. 25 // 26 // * The second-most significant bit indicates that the point is at infinity. 27 // If this bit is set, the remaining bits of the group element's encoding 28 // should be set to zero. 29 // 30 // * The third-most significant bit is set if (and only if) this point is in 31 // compressed form AND it is not the point at infinity AND its y-coordinate 32 // is the lexicographically largest of the two associated with the encoded 33 // x-coordinate. 34 // 35 // |------------------------------------------------------| 36 // | Serialization Format | 37 // |-----|-------|-------|-----------------|--------------| 38 // | MSB | MSB-1 | MSB-2 | Description | Encoding | 39 // |-----|-------|-------|-----------------|--------------| 40 // | | | | Non-compressed, | | 41 // | 0 | 0 | 0 | Non-Infinity, | e || x || y | 42 // | | | | Zero. | | 43 // |-----|-------|-------|-----------------|--------------| 44 // | | | | Non-compressed, | | 45 // | 0 | 0 | 1 | Non-Infinity, | Invalid | 46 // | | | | One. | | 47 // |-----|-------|-------|-----------------|--------------| 48 // | | | | Non-compressed, | | 49 // | 0 | 1 | 0 | Infinity, | e || 0 || 0 | 50 // | | | | Zero. | | 51 // |-----|-------|-------|-----------------|--------------| 52 // | | | | Non-compressed, | | 53 // | 0 | 1 | 1 | Infinity, | Invalid | 54 // | | | | One. | | 55 // |-----|-------|-------|-----------------|--------------| 56 // | | | | Compressed, | | 57 // | 1 | 0 | 0 | Non-Infinity, | e || x | 58 // | | | | Small y-coord | | 59 // |-----|-------|-------|-----------------|--------------| 60 // | | | | Compressed, | | 61 // | 1 | 0 | 1 | Non-Infinity, | e || x | 62 // | | | | Big y-coord | | 63 // |-----|-------|-------|-----------------|--------------| 64 // | | | | Compressed, | | 65 // | 1 | 1 | 0 | Infinity, | e || 0 | 66 // | | | | Zero. | | 67 // |-----|-------|-------|-----------------|--------------| 68 // | | | | Compressed, | | 69 // | 1 | 1 | 1 | Infinity, | Invalid | 70 // | | | | One. | | 71 // |------------------------------------------------------| 72 package bls12381