Implements a signature based witness encryption scheme based on the BLS signatures.
Uses the following implementations from Chia-Network/bls-signatures
- BLS12 curve and optimal ate pairing
- BLS signatures
- Other useful helper methods
Requires Python 3.8 or later
pip install witencfrom witenc import bls, utils, encrypt, decrypt# Example seed, used to generate private key. Always use
# a secure RNG with sufficient entropy to generate a seed (at least 32 bytes).
seed: bytes = bytes([random.randint(0, 255) for _ in range(32)])
# Generate secret key and public key
sk, pk = bls.key_gen(seed)# Export and import secret key
sk = utils.export_sk(sk) # only when storing, default type is 'hex'
sk = utils.import_sk(sk) # only when loading, default type is 'hex'# Export and import public key
pk = utils.export_pk(pk) # only when storing, default type is 'hex'
pk = utils.import_pk(pk) # only when loading, default type is 'hex'The export_* and import_* funtions accept a type parameter that specifies the output encoding (hex, bytes).
The default is hex and the only implemented now.
# Tag to be signed, it's signature is required for decrypting the message
tag: str = 'tag'
# Message to be encrypted
message: str = 'Hello, world!'
# Sign the tag
signature = bls.sign(sk, tag)# Export and import signature
signature = utils.export_sig(signature) # only when storing, default type is 'hex'
signature = utils.import_sig(signature) # only when loading, default type is 'hex'# Verify the signature
ok: bool = bls.verify(pk, tag, signature)
assert ok
print("Signature verified")# Encrypt the message
ciphertext: str = encrypt(pk, tag, message)
print("Ciphertext:\n" + ciphertext)
# Decrypt the message
decrypted_message: str = decrypt(signature, ciphertext)
assert message == decrypted_message
print("Decrypted message\n" + decrypted_message)Full example can be found in example.py.
Witenc uses code from Chia-Network/bls-signatures and licensed under the Apache 2.0 license