Crypto

BLS Cryptography

BLS signature implementation for Saline SDK.

This module provides BLS signature functionality using the BLS12-381 curve, following the IETF BLS signature standard draft v4 (basic scheme).

This implementation matches the implementation in Saline exactly: - Uses raw message bytes for signing (no pre-hashing) - Uses BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_ as domain parameter - Follows the same serialization format

class saline_sdk.crypto.bls.BLS

Bases: object

BLS signature implementation using the basic scheme.

class PrivateKey

Bases: pybind11_object

aggregate(self: List[blspy.PrivateKey]) → blspy.PrivateKey

from_bytes(self: buffer) → blspy.PrivateKey

get_g1(self: blspy.PrivateKey) → bls::G1Element

PRIVATE_KEY_SIZE = 32

static aggregate_signatures(signatures)

Aggregate multiple BLS signatures.

Parameters:

signatures (list[bytes]) – List of signatures in compressed form

Return type:

bytes

Returns:

Aggregated signature in compressed form

Raises:

ValueError – If aggregation fails

static sign(sk, message, dst=None)

Sign a message using BLS signature scheme.

Parameters:

• sk (Union[bytes, PrivateKey]) – Private key (bytes or PrivateKey object)

• message (bytes) – Message to sign (raw bytes, NOT pre-hashed)

• dst (Optional[bytes]) – Domain separation tag (default: SALINE_DOMAIN)

Return type:

G2Element

Returns:

Signature in compressed form

Raises:

ValueError – If signing fails

Note

This matches the implementation exactly: - Signs raw message bytes directly (no pre-hashing) - Uses BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_ domain parameter

static sk_to_pk(sk)

Convert private key to public key bytes.

Parameters:

sk (Union[bytes, PrivateKey]) – Private key (bytes or PrivateKey object)

Returns:

Public key in compressed form

Return type:

bytes

Raises:

ValueError – If conversion fails

static verify(pk_bytes, message, signature_bytes)

Verify a message signature using a public key.

Parameters:

• pk_bytes (bytes) – Public key bytes to verify with

• message (bytes) – Message that was signed

• signature_bytes (bytes) – Signature to verify

Return type:

bool

Returns:

True if signature is valid, False otherwise

static verify_aggregate(signature, messages, public_keys)

Verify an aggregate signature.

Parameters:

• signature (bytes) – Aggregate signature in compressed form

• messages (list[bytes]) – List of original messages (raw bytes, NOT pre-hashed)

• public_keys (list[bytes]) – List of public keys in compressed form

Return type:

bool

Returns:

True if aggregate signature is valid

Note

BasicSchemeMPL.aggregate_verify() internally uses the domain parameter “BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_” which matches Saline’s.

Key Derivation

saline_sdk.crypto.key_derivation.debug_print(*args, **kwargs)

Helper function for debug printing

saline_sdk.crypto.key_derivation.derive_child_SK(parent_SK, index)

Derive a child secret key from a parent secret key and index. parent_SK is in big-endian format (I2OSP).

Return type:

bytes

Parameters:

• parent_SK (bytes)

• index (int)

saline_sdk.crypto.key_derivation.derive_key_from_path(seed, path='m/0')

Derive a key from a seed and path. Path format: “m/0” for first child of master key.

Return type:

bytes

Parameters:

• seed (bytes)

• path (str)

saline_sdk.crypto.key_derivation.derive_master_SK(seed)

Derive master secret key from seed.

Return type:

bytes

Parameters:

seed (bytes)

saline_sdk.crypto.key_derivation.hkdf_expand(prk, info, length=32)

HKDF-Expand (RFC5869) using SHA-256.

Return type:

bytes

Parameters:

• prk (bytes)

• info (bytes)

• length (int)

saline_sdk.crypto.key_derivation.hkdf_extract(salt, ikm)

HKDF-Extract (RFC5869) using SHA-256.

Return type:

bytes

Parameters:

• salt (bytes)

• ikm (bytes)

saline_sdk.crypto.key_derivation.main()

saline_sdk.crypto.key_derivation.parent_SK_to_lamport_PK(parent_SK, index)

Generate compressed Lamport public key from parent SK.

Return type:

bytes

Parameters:

• parent_SK (bytes)

• index (int)

Crypto Module Interface

Saline SDK Crypto Module

This module provides cryptographic functionality for the Saline SDK, including: - BLS key derivation (EIP-2333) - BLS signatures - Signature verification - Signature aggregation - Public key operations

class saline_sdk.crypto.BLS

Bases: object

BLS signature implementation using the basic scheme.

class PrivateKey

Bases: pybind11_object

aggregate(self: List[blspy.PrivateKey]) → blspy.PrivateKey

from_bytes(self: buffer) → blspy.PrivateKey

get_g1(self: blspy.PrivateKey) → bls::G1Element

PRIVATE_KEY_SIZE = 32

static aggregate_signatures(signatures)

Aggregate multiple BLS signatures.

Parameters:

signatures (list[bytes]) – List of signatures in compressed form

Return type:

bytes

Returns:

Aggregated signature in compressed form

Raises:

ValueError – If aggregation fails

static sign(sk, message, dst=None)

Sign a message using BLS signature scheme.

Parameters:

• sk (Union[bytes, PrivateKey]) – Private key (bytes or PrivateKey object)

• message (bytes) – Message to sign (raw bytes, NOT pre-hashed)

• dst (Optional[bytes]) – Domain separation tag (default: SALINE_DOMAIN)

Return type:

G2Element

Returns:

Signature in compressed form

Raises:

ValueError – If signing fails

Note

This matches the implementation exactly: - Signs raw message bytes directly (no pre-hashing) - Uses BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_ domain parameter

static sk_to_pk(sk)

Convert private key to public key bytes.

Parameters:

sk (Union[bytes, PrivateKey]) – Private key (bytes or PrivateKey object)

Returns:

Public key in compressed form

Return type:

bytes

Raises:

ValueError – If conversion fails

static verify(pk_bytes, message, signature_bytes)

Verify a message signature using a public key.

Parameters:

• pk_bytes (bytes) – Public key bytes to verify with

• message (bytes) – Message that was signed

• signature_bytes (bytes) – Signature to verify

Return type:

bool

Returns:

True if signature is valid, False otherwise

static verify_aggregate(signature, messages, public_keys)

Verify an aggregate signature.

Parameters:

• signature (bytes) – Aggregate signature in compressed form

• messages (list[bytes]) – List of original messages (raw bytes, NOT pre-hashed)

• public_keys (list[bytes]) – List of public keys in compressed form

Return type:

bool

Returns:

True if aggregate signature is valid

Note

BasicSchemeMPL.aggregate_verify() internally uses the domain parameter “BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_” which matches Saline’s.

saline_sdk.crypto.derive_child_SK(parent_SK, index)

Derive a child secret key from a parent secret key and index. parent_SK is in big-endian format (I2OSP).

Return type:

bytes

Parameters:

• parent_SK (bytes)

• index (int)

saline_sdk.crypto.derive_key_from_path(seed, path='m/0')

Derive a key from a seed and path. Path format: “m/0” for first child of master key.

Return type:

bytes

Parameters:

• seed (bytes)

• path (str)

saline_sdk.crypto.derive_master_SK(seed)

Derive master secret key from seed.

Return type:

bytes

Parameters:

seed (bytes)