{ "name": "Barreto-Lynn-Scott", "desc": "BLS curves. A family of pairing friendly curves, with embedding degree = 12 or 24.", "curves": [ { "name": "BLS12-377", "category": "bls", "desc": "Curve from Zexe paper: https://eprint.iacr.org/2018/962, params taken from: https://eips.ethereum.org/EIPS/eip-2539 where they are explicitly listed.", "sources": [ { "name": "Zexe: Enabling Decentralized Private Computation", "url": "https://eprint.iacr.org/2018/962" }, { "name": "EIP-2539", "url": "https://eips.ethereum.org/EIPS/eip-2539" } ], "field": { "type": "Prime", "p": "0x01ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001", "bits": 377 }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "raw": "0x01" } }, "generator": { "x": { "raw": "0x008848defe740a67c8fc6225bf87ff5485951e2caa9d41bb188282c8bd37cb5cd5481512ffcd394eeab9b16eb21be9ef" }, "y": { "raw": "0x01914a69c5102eff1f674f5d30afeec4bd7fb348ca3e52d96d182ad44fb82305c2fe3d3634a9591afd82de55559c8ea6" } }, "order": "0x12ab655e9a2ca55660b44d1e5c37b00159aa76fed00000010a11800000000001", "cofactor": "0x170b5d44300000000000000000000000", "characteristics": { "cm_disc": "-3", "conductor": "587269870971281361444171168277668240640243801025419411456", "discriminant": "258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321457745", "j_invariant": "0", "embedding_degree": "9586122913090633728", "trace_of_frobenius": "9586122913090633730" } }, { "name": "BLS12-381", "category": "bls", "desc": "Curve from https://electriccoin.co/blog/new-snark-curve/. As used in ZCash Sapling.", "sources": [ { "name": "New zk-SNARK Curve", "url": "https://electriccoin.co/blog/new-snark-curve/" }, { "name": "ZCash Protocol Specification", "url": "https://zips.z.cash/protocol/protocol.pdf" }, { "name": "EIP-2537", "url": "https://eips.ethereum.org/EIPS/eip-2537" } ], "field": { "type": "Prime", "p": "0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab", "bits": 381 }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "raw": "0x04" } }, "generator": { "x": { "raw": "0x17F1D3A73197D7942695638C4FA9AC0FC3688C4F9774B905A14E3A3F171BAC586C55E83FF97A1AEFFB3AF00ADB22C6BB" }, "y": { "raw": "0x08B3F481E3AAA0F1A09E30ED741D8AE4FCF5E095D5D00AF600DB18CB2C04B3EDD03CC744A2888AE40CAA232946C5E7E1" } }, "order": "0x73EDA753299D7D483339D80809A1D80553BDA402FFFE5BFEFFFFFFFF00000001", "cofactor": "0x396C8C005555E1568C00AAAB0000AAAB", "characteristics": { "cm_disc": "-3", "conductor": "2310096550715768212670172227226928237551693238409523516757", "discriminant": "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272552875", "j_invariant": "0", "embedding_degree": "60529504891766571012", "trace_of_frobenius": "-15132376222941642751" } }, { "name": "BLS12-446", "category": "bls", "desc": "Curve from https://github.com/relic-toolkit/relic.", "sources": [ { "name": "RELIC: Efficient LIbrary for Cryptography", "url": "https://github.com/relic-toolkit/relic" } ], "field": { "type": "Prime", "p": "0x3cdee0fb28c5e535200fc34965aad6400095a4b78a02fe320f75a64bbac71602824e6dc3e23acdee56ee4528c573b5cc311c0026aab0aaab", "bits": 446 }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "raw": "0x01" } }, "generator": { "x": { "raw": "0x297792B2D03DE39D64FACA6D49FCF7A8850144CA24FC5D815C082A3AA87D1A16929E56228C136123BA51421AE89CACD5B4789A38CE39035A" }, "y": { "raw": "0xDC40DDCBAB2823A7870B5C688AA04FEE40369D913E4F2F0947A152FE1C27A79B7F787E9C35B869C3846FAC4F12A70D0FE22D2E244268CC" } }, "order": "0x511b70539f27995b34995830fa4d04c98ccc4c050bc7bb9b0e8d8ca34610428001400040001", "cofactor": "0xC02082602B0055D560AB0AD5AAAAC0002AAAC" }, { "name": "BLS12-455", "category": "bls", "desc": "Curve from https://github.com/relic-toolkit/relic.", "sources": [ { "name": "RELIC: Efficient LIbrary for Cryptography", "url": "https://github.com/relic-toolkit/relic" } ], "field": { "type": "Prime", "p": "0x55555955557955572aa00e0f95b49203003f665e3a5b1d56234bd93954fcb314b8b3db9994ace86d1ba6c589556b2aa956aaa00001800002ab", "bits": 455 }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "raw": "0x0a" } }, "generator": { "x": { "raw": "0x03018DF4C2336D178E6EA61540353ABA01923E3890B3295848906DFC90E0C43008E4751FFC913DC1FF3DF33D11DB57BADA7A9297195ACFB2FA" }, "y": { "raw": "0x19A8A9C4C3AC2FFB4C6B380D17B8282E029615052EAA6416C16C8F36F251D87C272657F0702CC58C4E072628D7BAD3C0E9B3A8AEBFC6B2357C" } }, "order": "0x10000080000380002E0000F10004F00025E000750001D1000A00000400001C00007FFFFC00001", "cofactor": "0x555556AAAAB15555B54AAB6A9557FFAABFFAAB", "characteristics": { "cm_disc": "-3", "conductor": "287572867293678436974519977531226436303080379672880577582937484382891", "discriminant": "62023615502630691959947542088993379461260029989578145286594463370037455903184790399094337933920614809072869582259708675651604292655077867", "j_invariant": "0", "embedding_degree": "100743830310820967527764", "trace_of_frobenius": "75557872733115725645825" } }, { "name": "BLS12-638", "category": "bls", "desc": "Curve from https://github.com/relic-toolkit/relic. Also in https://eprint.iacr.org/2012/232.pdf.", "sources": [ { "name": "RELIC: Efficient LIbrary for Cryptography", "url": "https://github.com/relic-toolkit/relic" }, { "name": "Implementing Pairings at the 192-bit Security Level", "url": "https://eprint.iacr.org/2012/232" } ], "field": { "type": "Prime", "p": "0x3cb868653d300b3fe80015554dd25db0fc01dcde95d4000000631bbd421715013955555555529c005c75d6c2ab00000000000ac79600d2abaaaaaaaaaaaaaa93eaf3ff000aaaaaaaaaaaaaaabeab000b", "bits": 638 }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "raw": "0x04" } }, "generator": { "x": { "raw": "0x160F63A3A3B297F113075ED79466138E85B025F7FE724B78E32D7AFC4D734BDD54F871092B8D1966D491C0F45A48A8BBA5586095DFFCC1410B7E26ED16BAF98C1117959134C24A17A7BE31E1AFBF844F" }, "y": { "raw": "0x2D340B33877480A9785E86ED2EDCAFC170B82568CB21B708B79FC6DA3748461FCD80697E486695F3CAE76FCB1781E784F6812F57BE05DFC850426650DED8B40A464B00A35718228EC8E02B52B59D876E" } }, "order": "0x50F94035FF4000FFFFFFFFFFF9406BFDC0040000000000000035FB801DFFBFFFFFFFFFFFFFFF401BFF80000000000000000000FFC01", "cofactor": "0xBFF8001555555555555555554D957EAAAAAAAAAAAAAAAAAAAABEB", "characteristics": { "cm_disc": "-3", "conductor": "1201199398395787546723127300641679086142518436131015165481254517460567318887250290819436851298997", "discriminant": "1082159996029801447407061915918058655017421337462511263853382495313523741057008334847967336392717312405560092419564537672318099867365585979660877534008398116971703340756992868556828633685746955", "j_invariant": "0", "embedding_degree": "486738216406382958005937258889092", "trace_of_frobenius": "-121684554101595739501484314722271" } }, { "name": "BLS24-477", "category": "bls", "desc": "Curve from https://github.com/relic-toolkit/relic. Also in https://eprint.iacr.org/2012/232.pdf.", "sources": [ { "name": "RELIC: Efficient LIbrary for Cryptography", "url": "https://github.com/relic-toolkit/relic" }, { "name": "Implementing Pairings at the 192-bit Security Level", "url": "https://eprint.iacr.org/2012/232" } ], "field": { "type": "Prime", "p": "0x167278fac63bd5b007ebb8f693a2ab3dbd9f92cf437c399d928e94bfe9a04a009fda9e8cf9226901de62aea9dcea48bf1a0ebbf8860a5e7ad000152b", "bits": 477 }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "raw": "0x04" } }, "generator": { "x": { "raw": "0x15DFD8E4893A408A34B600532B51CC86CAB3AF07103CFCF3EC7B9AF836904CFB60AB0FA8AC91EE6255E5EF6286FA0C24DF9D76EA50599C2E103E40AD" }, "y": { "raw": "0x0A683957A59B1B488FA657E11B44815056BDE33C09D6AAD392D299F89C7841B91A683BF01B7E70547E48E0FBE1CA9E991983131470F886BA9B6FCE2E" } }, "order": "0x57F52EE445CC41781FCD53D13E45F6ACDFE4F9F2A3CD414E71238AFC9FCFC7D38CAEF64F4FF79F90013FFFFFF0000001", "cofactor": "0x41550AAAC04B3FD5000015AB", "characteristics": { "cm_disc": "-3", "conductor": "604128092931004996153900356638872198640435149234420528912987303159267285", "discriminant": "273728064501339756603462468369185104987958288074891940133644204431064409085893803646700523799946827238917453720697332026264620142876572570876459", "j_invariant": "0", "embedding_degree": "1970307657106440", "trace_of_frobenius": "-246288457138303" } }, { "name": "Bandersnatch", "category": "bls", "desc": "Curve from https://ethresear.ch/t/introducing-bandersnatch-a-fast-elliptic-curve-built-over-the-bls12-381-scalar-field/9957", "sources": [ { "name": "Introducing Bandersnatch, a fast elliptic curve built over the BLS12-381 scalar field", "url": "https://ethresear.ch/t/introducing-bandersnatch-a-fast-elliptic-curve-built-over-the-bls12-381-scalar-field/9957" } ], "field": { "type": "Prime", "p": "0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001", "bits": 255 }, "form": "TwistedEdwards", "params": { "a": { "raw": "-0x05" }, "d": { "raw": "0x6389c12633c267cbc66e3bf86be3b6d8cb66677177e54f92b369f2f5188d58e7" } }, "order": "0x1cfb69d4ca675f520cce760202687600ff8f87007419047174fd06b52876e7e1", "cofactor": "0x04", "characteristics": { "discriminant": "-8", "j_invariant": "8000" } }, { "name": "BLS48-581-G1", "category": "bls", "desc": "Curve (G1) from https://datatracker.ietf.org/doc/draft-irtf-cfrg-pairing-friendly-curves/ in section 4.3 and https://doi.org/10.1007/978-3-319-61204-1_4", "sources": [ { "name": "Pairing-Friendly Curves", "url": "https://datatracker.ietf.org/doc/draft-irtf-cfrg-pairing-friendly-curves/" }, { "name": "Secure and Efficient Pairing at 256-Bit Security Level", "url": "https://doi.org/10.1007/978-3-319-61204-1_4" } ], "field": { "type": "Prime", "p": "0x1280f73ff3476f313824e31d47012a0056e84f8d122131bb3be6c0f1f3975444a48ae43af6e082acd9cd30394f4736daf68367a5513170ee0a578fdf721a4a48ac3edc154e6565912b", "bits": 581 }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "raw": "0x01" } }, "generator": { "x": { "raw": "0x02af59b7ac340f2baf2b73df1e93f860de3f257e0e86868cf61abdbaedffb9f7544550546a9df6f9645847665d859236ebdbc57db368b11786cb74da5d3a1e6d8c3bce8732315af640" }, "y": { "raw": "0x0cefda44f6531f91f86b3a2d1fb398a488a553c9efeb8a52e991279dd41b720ef7bb7beffb98aee53e80f678584c3ef22f487f77c2876d1b2e35f37aef7b926b576dbb5de3e2587a70" } }, "order": "0x2386f8a925e2885e233a9ccc1615c0d6c635387a3f0b3cbe003fad6bc972c2e6e741969d34c4c92016a85c7cd0562303c4ccbe599467c24da118a5fe6fcd671c01", "cofactor": "0x85555841aaaec4ac", "characteristics": { "cm_disc": "-3", "conductor": "2470234952045228861226479692223628411074049366373861109485273675792210673668036995939286", "discriminant": "4576545538729420598762745822889397370509838601207708465545582186285824315458656151272834027217178198654229063318759931344008864619718319130560845441720114764111976549023321979", "j_invariant": "0", "embedding_degree": "42949680144", "trace_of_frobenius": "-5368710016" } }, { "name": "BLS48-581-G2", "category": "bls", "desc": "Curve (G2) from https://datatracker.ietf.org/doc/draft-irtf-cfrg-pairing-friendly-curves/ in section 4.3 and https://doi.org/10.1007/978-3-319-61204-1_4", "sources": [ { "name": "Pairing-Friendly Curves", "url": "https://datatracker.ietf.org/doc/draft-irtf-cfrg-pairing-friendly-curves/" }, { "name": "Secure and Efficient Pairing at 256-Bit Security Level", "url": "https://doi.org/10.1007/978-3-319-61204-1_4" } ], "field": { "type": "Tower", "degree": 2, "poly": [ { "power": 2, "coeff": [ { "power": 0, "coeff": [ { "power": 0, "coeff": "0x01" } ] } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": [ { "power": 0, "coeff": "0x01" } ] } ] } ], "base": { "type": "Tower", "degree": 2, "poly": [ { "power": 2, "coeff": [ { "power": 0, "coeff": "0x01" } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": "0x01" }, { "power": 0, "coeff": "0x01" } ] } ], "base": { "type": "Tower", "degree": 2, "poly": [ { "power": 2, "coeff": "0x01" }, { "power": 0, "coeff": "0x01" } ], "base": { "type": "Prime", "p": "0x1280f73ff3476f313824e31d47012a0056e84f8d122131bb3be6c0f1f3975444a48ae43af6e082acd9cd30394f4736daf68367a5513170ee0a578fdf721a4a48ac3edc154e6565912b", "bits": 581 } } } }, "form": "Weierstrass", "params": { "a": { "raw": "0x00" }, "b": { "poly": [ { "power": 1, "coeff": [ { "power": 1, "coeff": [ { "power": 1, "coeff": "0x09407b9ff9a3b7989c12718ea38095002b7427c6891098dd9df36078f9cbaa225245721d7b7041566ce6981ca7a39b6d7b41b3d2a898b877052bc7efb90d2524561f6e0aa732b2c896" }, { "power": 0, "coeff": "0x09407b9ff9a3b7989c12718ea38095002b7427c6891098dd9df36078f9cbaa225245721d7b7041566ce6981ca7a39b6d7b41b3d2a898b877052bc7efb90d2524561f6e0aa732b2c895" } ] } ] } ] } }, "generator": { "x": { "poly": [ { "power": 1, "coeff": [ { "power": 1, "coeff": [ { "power": 1, "coeff": "0x0827d5c22fb2bdec5282624c4f4aaa2b1e5d7a9defaf47b5211cf741719728a7f9f8cfca93f29cff364a7190b7e2b0d4585479bd6aebf9fc44e56af2fc9e97c3f84e19da00fbc6ae34" }, { "power": 0, "coeff": "0x0b9b7951c6061ee3f0197a498908aee660dea41b39d13852b6db908ba2c0b7a449cef11f293b13ced0fd0caa5efcf3432aad1cbe4324c22d63334b5b0e205c3354e41607e60750e057" } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": "0x0c96c7797eb0738603f1311e4ecda088f7b8f35dcef0977a3d1a58677bb037418181df63835d28997eb57b40b9c0b15dd7595a9f177612f097fc7960910fce3370f2004d914a3c093a" }, { "power": 0, "coeff": "0x038b91c600b35913a3c598e4caa9dd63007c675d0b1642b5675ff0e7c5805386699981f9e48199d5ac10b2ef492ae589274fad55fc1889aa80c65b5f746c9d4cbb739c3a1c53f8cce5" } ] } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": [ { "power": 1, "coeff": "0x0be2218c25ceb6185c78d8012954d4bfe8f5985ac62f3e5821b7b92a393f8be0cc218a95f63e1c776e6ec143b1b279b9468c31c5257c200ca52310b8cb4e80bc3f09a7033cbb7feafe" }, { "power": 0, "coeff": "0x01fccc70198f1334e1b2ea1853ad83bc73a8a6ca9ae237ca7a6d6957ccbab5ab6860161c1dbd19242ffae766f0d2a6d55f028cbdfbb879d5fea8ef4cded6b3f0b46488156ca55a3e6a" } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": "0x07c4973ece2258512069b0e86abc07e8b22bb6d980e1623e9526f6da12307f4e1c3943a00abfedf16214a76affa62504f0c3c7630d979630ffd75556a01afa143f1669b36676b47c57" }, { "power": 0, "coeff": "0x05d615d9a7871e4a38237fa45a2775debabbefc70344dbccb7de64db3a2ef156c46ff79baad1a8c42281a63ca0612f400503004d80491f510317b79766322154dec34fd0b4ace8bfab" } ] } ] } ] }, "y": { "poly": [ { "power": 1, "coeff": [ { "power": 1, "coeff": [ { "power": 1, "coeff": "0x035e2524ff89029d393a5c07e84f981b5e068f1406be8e50c87549b6ef8eca9a9533a3f8e69c31e97e1ad0333ec719205417300d8c4ab33f748e5ac66e84069c55d667ffcb732718b6" }, { "power": 0, "coeff": "0x0896767811be65ea25c2d05dfdd17af8a006f364fc0841b064155f14e4c819a6df98f425ae3a2864f22c1fab8c74b2618b5bb40fa639f53dccc9e884017d9aa62b3d41faeafeb23986" } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": "0x07d0d03745736b7a513d339d5ad537b90421ad66eb16722b589d82e2055ab7504fa83420e8c270841f6824f47c180d139e3aafc198caa72b679da59ed8226cf3a594eedc58cf90bee4" }, { "power": 0, "coeff": "0x0d209d5a223a9c46916503fa5a88325a2554dc541b43dd93b5a959805f1129857ed85c77fa238cdce8a1e2ca4e512b64f59f430135945d137b08857fdddfcf7a43f47831f982e50137" } ] } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": [ { "power": 1, "coeff": "0x0aec25a4621edc0688223fbbd478762b1c2cded3360dcee23dd8b0e710e122d2742c89b224333fa40dced2817742770ba10d67bda503ee5e578fb3d8b8a1e5337316213da92841589d" }, { "power": 0, "coeff": "0x0b36a201dd008523e421efb70367669ef2c2fc5030216d5b119d3a480d370514475f7d5c99d0e90411515536ca3295e5e2f0c1d35d51a652269cbc7c46fc3b8fde68332a526a2a8474" } ] }, { "power": 0, "coeff": [ { "power": 1, "coeff": "0x0284dc75979e0ff144da6531815fcadc2b75a422ba325e6fba01d72964732fcbf3afb096b243b1f192c5c3d1892ab24e1dd212fa097d760e2e588b423525ffc7b111471db936cd5665" }, { "power": 0, "coeff": "0x00eb53356c375b5dfa497216452f3024b918b4238059a577e6f3b39ebfc435faab0906235afa27748d90f7336d8ae5163c1599abf77eea6d659045012ab12c0ff323edd3fe4d2d7971" } ] } ] } ] } }, "order": "0x2386f8a925e2885e233a9ccc1615c0d6c635387a3f0b3cbe003fad6bc972c2e6e741969d34c4c92016a85c7cd0562303c4ccbe599467c24da118a5fe6fcd671c01", "cofactor": "0x170e915cb0a6b7406b8d94042317f811d6bc3fc6e211ada42e58ccfcb3ac076a7e4499d700a0c23dc4b0c078f92def8c87b7fe63e1eea270db353a4ef4d38b5998ad8f0d042ea24c8f02be1c0c83992fe5d7725227bb27123a949e0876c0a8ce0a67326db0e955dcb791b867f31d6bfa62fbdd5f44a00504df04e186fae033f1eb43c1b1a08b6e086eff03c8fee9ebdd1e191a8a4b0466c90b389987de5637d5dd13dab33196bd2e5afa6cd19cf0fc3fc7db7ece1f3fac742626b1b02fcee04043b2ea96492f6afa51739597c54bb78aa6b0b99319fef9d09f768831018ee6564c68d054c62f2e0b4549426fec24ab26957a669dba2a2b6945ce40c9aec6afdeda16c79e15546cd7771fa544d5364236690ea06832679562a68731420ae52d0d35a90b8d10b688e31b6aee45f45b7a5083c71732105852decc888f64839a4de33b99521f0984a418d20fc7b0609530e454f0696fa2a8075ac01cc8ae3869e8d0fe1f3788ffac4c01aa2720e431da333c83d9663bfb1fb7a1a7b90528482c6be7892299030bb51a51dc7e91e9156874416bf4c26f1ea7ec578058563960ef92bbbb8632d3a1b695f954af10e9a78e40acffc13b06540aae9da5287fc4429485d44e6289d8c0d6a3eb2ece35012452751839fb48bc14b515478e2ff412d930ac20307561f3a5c998e6bcbfebd97effc6433033a2361bfcdc4fc74ad379a16c6dea49c209b1" } ] }