ark_bn254/lib.rs
1#![cfg_attr(not(feature = "std"), no_std)]
2#![deny(
3 warnings,
4 unused,
5 future_incompatible,
6 nonstandard_style,
7 rust_2018_idioms
8)]
9#![forbid(unsafe_code)]
10
11//! This library implements the BN254 curve that was sampled as part of the [\[BCTV14\]](https://eprint.iacr.org/2013/879.pdf) paper .
12//! The name denotes that it is a Barreto--Naehrig curve of embedding degree 12,
13//! defined over a 254-bit (prime) field. The scalar field is highly 2-adic.
14//!
15//! This curve is also implemented in [libff](https://github.com/scipr-lab/libff/tree/master/libff/algebra/curves/alt_bn128) under the name `bn128`.
16//! It is the same as the `bn256` curve used in Ethereum (eg: [go-ethereum](https://github.com/ethereum/go-ethereum/tree/master/crypto/bn254/cloudflare)).
17//!
18//! #CAUTION
19//! **This curve does not satisfy the 128-bit security level anymore.**
20//!
21//!
22//! Curve information:
23//! * Base field: q =
24//! 21888242871839275222246405745257275088696311157297823662689037894645226208583
25//! * Scalar field: r =
26//! 21888242871839275222246405745257275088548364400416034343698204186575808495617
27//! * valuation(q - 1, 2) = 1
28//! * valuation(r - 1, 2) = 28
29//! * G1 curve equation: y^2 = x^3 + 3
30//! * G2 curve equation: y^2 = x^3 + B, where
31//! * B = 3/(u+9) where Fq2 is represented as Fq\[u\]/(u^2+1) =
32//! Fq2(19485874751759354771024239261021720505790618469301721065564631296452457478373,
33//! 266929791119991161246907387137283842545076965332900288569378510910307636690)
34
35#[cfg(feature = "curve")]
36mod curves;
37
38mod fields;
39
40#[cfg(feature = "curve")]
41pub use curves::*;
42
43pub use fields::*;
44
45#[cfg(feature = "r1cs")]
46pub mod constraints;