{"id":22293147,"url":"https://github.com/isislovecruft/aeonflux","last_synced_at":"2025-07-28T23:33:52.501Z","repository":{"id":66134830,"uuid":"256040893","full_name":"isislovecruft/aeonflux","owner":"isislovecruft","description":"Infinitely presentable (aeon) rerandomisable (flux) anonymous credentials.","archived":false,"fork":false,"pushed_at":"2020-11-24T01:15:22.000Z","size":204,"stargazers_count":28,"open_issues_count":2,"forks_count":5,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-04-05T05:24:40.761Z","etag":null,"topics":["anonymous-credentials","authentication","cryptography","dalek-cryptography","zero-knowledge"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/isislovecruft.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-15T21:28:50.000Z","updated_at":"2024-04-14T00:57:08.000Z","dependencies_parsed_at":"2023-04-29T20:03:59.283Z","dependency_job_id":null,"html_url":"https://github.com/isislovecruft/aeonflux","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/isislovecruft/aeonflux","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/isislovecruft%2Faeonflux","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/isislovecruft%2Faeonflux/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/isislovecruft%2Faeonflux/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/isislovecruft%2Faeonflux/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/isislovecruft","download_url":"https://codeload.github.com/isislovecruft/aeonflux/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/isislovecruft%2Faeonflux/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267604331,"owners_count":24114522,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-28T02:00:09.689Z","response_time":68,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anonymous-credentials","authentication","cryptography","dalek-cryptography","zero-knowledge"],"created_at":"2024-12-03T17:27:49.268Z","updated_at":"2025-07-28T23:33:52.493Z","avatar_url":"https://github.com/isislovecruft.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# aeonflux\n\nComposable, lightweight, fast attribute-based anonymous credentials with\ninfinite (aeon) rerandomised (flux) presentations using algebraic message\nauthentication codes (aMACs), symmetric verifiable encryption, and\nnon-interactive zero-knowledge proofs.\n\nThese are largely based on the credentials in\n[2019/1416](https://eprint.iacr.org/2019/1416).\n\n## Features\n\nCurrently, we only support revealed credential issuance; that is, a user reveals\nall the attributes on their credentials to the issuer when requesting a new\ncredential.  When presenting said credential afterwards, attributes may be\neither hidden or revealed.\n\nCredential attributes may be either scalars (integers modulo the group order, a large\nprime) or group elements.  This library provides a way to encode arbitrary byte\narrays to group elements---which may then be encrypted and decrypted---in an\ninvertible manner, such that arbitrary strings can be stored as attributes.\n\nGroup element attributes which are hidden upon credential presentation are\nsymmetrically encrypted, such that the user can prove to the issuer their\ncorrectness in zero-knowledge, while sharing the symmetric decryption key with\nother third parties.  This allows for uses such as the issuer performing some\nexternal verification of personally identifiable information, such as an email\naddress or a phone number, when the user requests a new credential, without\nthe issuer being able to track this data afterwards; however the user can still\nshare the data with other users.  Another example use case is storing a shared\nkey, in a way that all users who have access to the key can prove knowledge of\nit in zero-knowledge later, thus allowing for arbitrary namespacing and/or\naccess control lists.\n\n## Warning\n\nWhile this library was created by a cryptographer, it hasn't yet been reviewed\nby any other cryptographers.  Additionally, while I may be _a_ cryptographer,\nI'm likely not _your_ cryptographer.  Use at your own risk.\n\n## Usage\n\n```rust\nextern crate aeonflux;\nextern crate curve25519_dalek;\nextern crate rand;\n\nuse aeonflux::issuer::Issuer;\nuse aeonflux::parameters::IssuerParameters;\nuse aeonflux::parameters::SystemParameters;\nuse aeonflux::symmetric::Plaintext;\nuse aeonflux::symmetric::Keypair as SymmetricKeypair;\nuse aeonflux::user::CredentialRequestConstructor;\n\nuse curve25519_dalek::ristretto::RistrettoPoint;\nuse curve25519_dalek::scalar::Scalar;\n\nuse rand::thread_rng;\n\n// First we set up an anonymous credential issuer.  We have to specify\n// the number of attributes the credentials will have (here, 4),\n// but not their type.\nlet mut rng = thread_rng();\nlet system_parameters = SystemParameters::generate(\u0026mut rng, 4).unwrap();\nlet issuer = Issuer::new(\u0026system_parameters, \u0026mut rng);\n\n// The issuer then publishes the `system_parameters` and the\n// `issuer.issuer_parameters` somewhere publicly where users may obtain them.\nlet issuer_parameters = issuer.issuer_parameters.clone();\n\n// A user creates a request for a new credential with some revealed\n// attributes and sends it to the issuer.\nlet mut request = CredentialRequestConstructor::new(\u0026system_parameters);\n\n// Revealed scalars and revealed points count for one attribute each.\nrequest.append_revealed_scalar(Scalar::random(\u0026mut rng));\nrequest.append_revealed_scalar(Scalar::random(\u0026mut rng));\nrequest.append_revealed_point(RistrettoPoint::random(\u0026mut rng));\n\n// Every 30 bytes of message uses one plaintext attribute. This plaintext\n// message is exactly 30 bytes, so it accounts for one attribute total on the\n// credential.  If it were one byte longer, it would account for two attributes.\nlet plaintexts = request.append_plaintext(\u0026String::from(\"This is a tsunami alert test..\").into_bytes());\n\n// Hence we have 4 total attributes, as specified in the generation of the\n// `system_parameters` above.\nlet credential_request = request.finish();\n\n// The user now sends `credential_request` to the issuer, who may issue the\n// credential, if seen fit to do so.\nlet issuance = issuer.issue(credential_request, \u0026mut rng).unwrap();\n\n// The issuer sends the `credential_issuance` to the user, who verifies the\n// contained proof of correct issuance.\nlet mut credential = issuance.verify(\u0026system_parameters, \u0026issuer_parameters).unwrap();\n\n// Optionally, upon showing the credential, the user can create a\n// keypair and encrypt some or all of the attributes.  The master secret\n// can be stored to regenerate the full keypair later on.  Encryption\n// keys can be rotated to rerandomise the encrypted attributes.\nlet (keypair, master_secret) = SymmetricKeypair::generate(\u0026system_parameters, \u0026mut rng);\n\n// For this presentation, we're going to encrypt the plaintext (the fourth attribute)\n// and also mark the first attribute, a scalar, as being hidden. Remember that\n// indexing starts at 0.\ncredential.hide_attribute(0);\ncredential.hide_attribute(3);\n\n// The user now creates a presentation of the credential to give to the issuer.\nlet presentation = credential.show(\u0026system_parameters, \u0026issuer_parameters, Some(\u0026keypair), \u0026mut rng).unwrap();\n\n// The user then sends this presentation to the issuer, who verifies it.\nlet verification = issuer.verify(\u0026presentation);\n\nassert!(verification.is_ok());\n```\n\n# TODO\n\n* [] Add DLEQ proofs between the C_y commitments to hidden group attributes and\n  the corresponding proofs of encryption.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fisislovecruft%2Faeonflux","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fisislovecruft%2Faeonflux","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fisislovecruft%2Faeonflux/lists"}