sug0 · January 31, 2026 17:13
diff --git a/bbs_sig.rs b/bbs_sig.rs
 use bls12_381::{G1Affine, G2Affine, G2Prepared, Scalar, multi_miller_loop, pairing};
 use group::Group;

 fn main() {
    // secret key
    let x: Scalar = 1234u64.into();

    // public key
    let x_g: G2Affine = (G2Affine::generator() * x).into();

    // message
    let m: Scalar = 420u64.into();

    // signature
    let s: G1Affine = (G1Affine::generator() * (x + m).invert().unwrap()).into();

    let x_g_plus_m_g: G2Affine = (x_g + G2Affine::generator() * m).into();

    assert_eq!(
        pairing(&s, &x_g_plus_m_g),
        pairing(&G1Affine::generator(), &G2Affine::generator()),
    );

    println!("verified pairing equation 1");

    let g2_neg: G2Affine = (-G2Affine::generator()).into();
    let g2_neg: G2Prepared = g2_neg.into();

    assert!(
        multi_miller_loop(&[
            (&s, &x_g_plus_m_g.into()),
            (&G1Affine::generator(), &g2_neg),
        ])
        .final_exponentiation()
        .is_identity()
        .unwrap_u8()
            == 1
    );

    println!("verified pairing equation 2");
 }
	use bls12_381::{G1Affine, G2Affine, G2Prepared, Scalar, multi_miller_loop, pairing};
	use group::Group;

	fn main() {
	// secret key
	let x: Scalar = 1234u64.into();

	// public key
	let x_g: G2Affine = (G2Affine::generator() * x).into();

	// message
	let m: Scalar = 420u64.into();

	// signature
	let s: G1Affine = (G1Affine::generator() * (x + m).invert().unwrap()).into();

	let x_g_plus_m_g: G2Affine = (x_g + G2Affine::generator() * m).into();

	assert_eq!(
	pairing(&s, &x_g_plus_m_g),
	pairing(&G1Affine::generator(), &G2Affine::generator()),
	);

	println!("verified pairing equation 1");

	let g2_neg: G2Affine = (-G2Affine::generator()).into();
	let g2_neg: G2Prepared = g2_neg.into();

	assert!(
	multi_miller_loop(&[
	(&s, &x_g_plus_m_g.into()),
	(&G1Affine::generator(), &g2_neg),
	])
	.final_exponentiation()
	.is_identity()
	.unwrap_u8()
	== 1
	);

	println!("verified pairing equation 2");
	}
No results found