A JavaScript BBS Signatures Implementation
See also (related specs):
As with most security- and cryptography-related tools, the overall security of your system will largely depend on your design decisions.
To install locally (for development):
git clone https://github.com/digitalbazaar/bbs-signatures.git
cd bbs-signatures
npm install
To generate a new public/secret BLS12-381 key pair for use with BBS signatures:
import * as bbs from '@digitalbazaar/bbs-signatures';
const {secretKey, publicKey} = await bbs.generateKeyPair({
ciphersuite: 'BLS12-381-SHA-256'
// same as using the constant: bbs.CIPHERSUITES.BLS12381_SHA256
});
// includes `secretKey` and `publicKey` keys, each is a `Uint8Array`
// `secretKey` is big-endian-encoded scalar
// `publicKey` is compressed (x, y) coordinates of a BLS12-381 G2 point
// other ciphersuite choice is: 'BLS12-381-SHAKE-256'
Sign an optional header
and an array of messages
using BBS.
import * as bbs from '@digitalbazaar/bbs-signatures';
const {secretKey, publicKey} = await bbs.generateKeyPair({
ciphersuite: 'BLS12-381-SHA-256'
});
// `header`
const header = new Uint8Array();
// N-many `messages`, each is a `Uint8Array`, use `TextEncoder` to
// express strings as UTF-8 bytes
const messages = [new TextEncoder().encode('some message')];
// `signature` is a `Uint8Array`
const signature = await bbs.sign({secretKey, publicKey, header, messages});
Verify a full BBS signature. This verification method is less likely to be
used than verifyProof()
as holders of signatures are expected to derive
proofs for verification by verifiers.
import * as bbs from '@digitalbazaar/bbs-signatures';
// pass original signer's `publicKey`, `signature`, `header`, and `messages`
const verified = await bbs.verifySignature({
publicKey, signature, header, messages,
ciphersuite: 'BLS12-381-SHA-256'
});
// `verified` is a boolean
Derive a proof from a BBS signature as a holder / prover.
import * as bbs from '@digitalbazaar/bbs-signatures';
// pass original signer's `publicKey`, `signature`, `header`, and `messages`
// as well as a custom `presentationHeader` and any `disclosedMessageIndexes`
const proof = await bbs.deriveProof({
publicKey, signature, header, messages,
presentationHeader, disclosedMessageIndexes,
ciphersuite: 'BLS12-381-SHA-256'
});
// `proof` is a `Uint8Array` containing a BBS proof
Verify a proof from a holder / prover.
import * as bbs from '@digitalbazaar/bbs-signatures';
// pass `proof`, original signer's `publicKey` and`header`
// as well as holder's custom `presentationHeader`, `disclosedMessages`, and
// `disclosedMessageIndexes`
const verified = await bbs.verifyProof({
publicKey, proof, header,
presentationHeader, disclosedMessages, disclosedMessageIndexes,
ciphersuite: 'BLS12-381-SHA-256'
});
// `verified` is a boolean
See the contribute file!
PRs accepted.
If editing the Readme, please conform to the standard-readme specification.
Commercial support for this library is available upon request from Digital Bazaar: support@digitalbazaar.com
New BSD License (3-clause) © 2024 Digital Bazaar