Review options around underlying dependencies for BLS12-381

[tplooker]

Issue to discuss the options and choices we have around different libraries we can use to serve this function

[dev0x1]

As we discussed, the following are the criteria we have identified(priority high to low),

1. Security: availability of formal verification and audit
2. Production maturity: major release, used in production by other projects
3. Performance(MSM, pairing, etc.)

Nice to have

4. Support of other pairing curves

And of course, availability in Rust, through binding or natively.

[dev0x1]

We can start from this performance benchmark report from @Consensys team, last updated on 29/01/21, https://hackmd.io/@gnark/eccbench

We can narrow down below libs for our Rust projects,

1. blst
2. zkcrypto/bls12_381
3. arkworks

In these blst outperforms all by a factor of 2-3,

This one I have used in past, but need to benchmark it,

4. miracl

[dev0x1]

Security: By looking at the information on the GitHub readme project page, only blst (BLS12-381) seems to have a third-party audit.

[tplooker]

Thanks @dev0x1 FYI @BasileiosKal and I are meeting with the authors of the blst library this week so we should come to know more about their plans with this library going forward. I think the biggest downside which has already been discussed is that blst is curve specific meaning supporting other curves in future would be more difficult.

[tplooker]

After speaking to the BLST authors they let us know of the rust based bindings that more comprehensively exposes the underlying API's required to implement BBS https://github.com/filecoin-project/blstrs

[dev0x1]

We have decided to use blstrs crate, so closing this issue.