package octez-bls12-381-signature

  1. Overview
  2. Docs

Proof of possession scheme described in section 3.3

A proof of possession scheme uses a separate public key validation step, called a proof of possession, to defend against rogue key attacks. This enables an optimization to aggregate signature verification for the case that all signatures are on the same message.

type proof = Stdlib.Bytes.t
val sign : sk -> Stdlib.Bytes.t -> signature

Equivalent to core_sign with the DST given in the specification in section 4.2.3.

val verify : pk -> Stdlib.Bytes.t -> signature -> bool

Equivalent to core_verify with the DST given in the specification in section 4.2.3.

val pop_prove : sk -> proof

pop_proof sk implements section 3.3.2.

val pop_verify : pk -> proof -> bool

pop_verify pk signature implements section 3.3.3.

val aggregate_verify : (pk * proof) list -> Stdlib.Bytes.t -> signature -> bool

aggregate_verify pks msg aggregated_signature performs a aggregate signature verification. It supposes the same message msg has been signed. It implements the FastAggregateVerify algorithm specified in section 3.3.4.

OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct