From 833137e00396500c1aa5f4f07f771219ca52c67f Mon Sep 17 00:00:00 2001
From: lauener <kilian.lauener@epfl.ch>
Date: Tue, 6 Aug 2024 09:39:57 +0200
Subject: [PATCH] Add BLS12-381 recommendation

---
 pairing/bn256/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/pairing/bn256/README.md b/pairing/bn256/README.md
index 01ad08b4a..5098d50ff 100644
--- a/pairing/bn256/README.md
+++ b/pairing/bn256/README.md
@@ -13,9 +13,11 @@ Barreto-Naehrig curve as described in
 http://cryptojedi.org/papers/dclxvi-20100714.pdf. Its output is compatible with
 the implementation described in that paper.
 
+### Warning
 This package previously claimed to operate at a 128-bit security level. However,
 recent improvements in attacks mean that is no longer true. See
-https://moderncrypto.org/mail-archive/curves/2016/000740.html.
+https://moderncrypto.org/mail-archive/curves/2016/000740.html. 
+We strongly recommend using the `BLS12-381` curve that still provide ~128-bit security and is not vulnerable to these improved attacks.
 
 ### Benchmarks