@CluEleSsUK @JayWhite2357 I agree these changes could improve the UX for the precompile and allow more applications. To summarise the suggestions:
Implementing hash_to_curve as specified in the RFC standard
- Currently only
map_to_curveis supported, for most applications this would be used to implementhash_to_curve - Encourages use of the correct hashing technique, rather than the more obvious but less secure method to hash and multiply by the generator (not suitable in the random oracle model)
- Standardises the hashing technique (and therefore BLS signatures) used in contracts
- Should implement the standard suites
Introduce a new operation BLS12_PAIRING and change the existing operation with that name to BLS12_PAIRING_VERIFY, and add operations on the group GT: BLS12_GTADD, BLS12_GTMUL, BLS12_GTMULTIEXP
- Currently the pairing operation can only be used to verify if results in GT are equal, this is useul for BLS signatures
- The new version of
BLS12_PAIRINGwould return the element of GT - Supporting operations on GT would increase the applications of the precompile beyond signatures
- This functionality is useful for identity based encryption (Boneh-Franklin scheme), attribute-based encryption, functional encryption