The problem Cryptographic Primitives Implementation on o1js solves

The implementation of Cryptographic primitives on o1js enriches the user's toolbox when it comes to build complex circuits in Mina.

Challenges we ran into

BLS

The first challenge was noticing that the BLS12-381 elliptic curve couldn't be defined using o1js elliptic curve API because the prime field of this curve is of size 381bits, and the maximum prime field size supported is of 256bits. So we had to choose a suitable alternative curve, which after much reasearch (and some awesome feedback/advice of ZKHack mentors) resulted in the AltBN128 elliptic curve, which could be easily defined via o1js.

Next we had to define the elliptic curve over field extensions, which were not yet supported by o1js, so we started defining our own custom implementation and ran out of time. In order to implement the BLS signature scheme with o1js, several basic building blocks are needed (extension fields, extension field towers, curve twists...), and implementing each one of them would be a hackathon project by itself. Overall, we are satisfied in the sense that this was a huge learning experience regarding both o1js and how to translate the abstract math into code.

Shamir Secret Sharing

The challenges for this primitive was mostly related to hard typing the correct values to adhere to the library contraints. Also, the decision making behind which values should be stored on-chain compared to off-chain as well as generating valid proofs for each share generation, which could be easily verified.