Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@chainsafe/bls

Package Overview
Dependencies
Maintainers
5
Versions
25
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@chainsafe/bls

Implementation of bls signature verification for ethereum 2.0

  • 6.0.3
  • npm
  • Socket score

Version published
Weekly downloads
871
decreased by-45.77%
Maintainers
5
Weekly downloads
 
Created
Source

bls

codecov ETH2.0_Spec_Version 1.0.0 ES Version Node Version

Javascript library for BLS (Boneh-Lynn-Shacham) signatures and signature aggregation, tailored for use in Eth2.

Usage

yarn add @chainsafe/bls

To use native bindings you must install peer dependency @chainsafe/blst

yarn add @chainsafe/bls @chainsafe/blst

You must initialize the library once in your application before using it. The result is cached and use across all your imports

import {init, SecretKey, secretKeyToPublicKey, sign, verify} from "@chainsafe/bls";

(async () => {
  await init("herumi");

  // class-based interface
  const secretKey = SecretKey.fromKeygen();
  const publicKey = secretKey.toPublicKey();
  const message = new Uint8Array(32);

  const signature = secretKey.sign(message);
  console.log("Is valid: ", signature.verify(publicKey, message));

  // functional interface
  const sk = secretKey.toBytes();
  const pk = secretKeyToPublicKey(sk);
  const sig = sign(sk, message);
  console.log("Is valid: ", verify(pk, message, sig));
})();

Browser

If you are in the browser, import from /browser to import directly the WASM version

import bls from "@chainsafe/bls/browser";

Native bindings only

If you are in NodeJS, import from /node to skip browser specific code. Also install peer dependency @chainsafe/blst which has the native bindings

yarn add @chainsafe/bls @chainsafe/blst
import bls from "@chainsafe/bls/node";

Native bindings + WASM fallback

If you want to offer a fallback in NodeJS, first try to load native bindings and then fallback to WASM. Also install peer dependency @chainsafe/blst which has the native bindings

yarn add @chainsafe/bls @chainsafe/blst
import {init} from "@chainsafe/bls";

try {
  await init("blst-native");
} catch (e) {
  await init("herumi");
  console.warn("Using WASM");
}

The API is identical for all implementations.

Benchmarks

  • blst: src/blst (node.js-only, bindings to C via node-gyp)
  • herumi: src/herumi (node.js & browser, wasm)
  • noble: noble-bls12-381 (node.js & browser, pure JS)

Results are in ops/sec (x times slower), where x times slower = times slower than fastest implementation (blst).

Function - ops/secblstheruminoble
verify326.3847.674 (x7)17.906 (x18)
verifyAggregate (30)453.2951.151 (x9)18.372 (x25)
verifyMultiple (30)34.4973.5233 (x10)2.0286 (x17)
verifyMultipleSignatures (30)26.3813.1633 (x8)-
aggregate (pubkeys, 30)156862898.9 (x5)1875.0 (x8)
aggregate (sigs, 30)6373.41033.0 (x6)526.25 (x12)
sign925.49108.81 (x9)10.246 (x90)

* blst and herumi performed 100 runs each, noble 10 runs.

Results from CI run https://github.com/ChainSafe/bls/runs/1513710175?check_suite_focus=true#step:12:13

Spec versioning

VersionBls spec hash-to-curve version
5.x.xdraft #9
2.x.xdraft #7
1.x.xdraft #6
0.3.xinitial version

spec

test vectors

License

Apache-2.0

Keywords

FAQs

Package last updated on 26 Sep 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc