State of BLS signature verification on Solana

Hi, all - I hope this is the correct section to write this in, if not - please let me know where’s the best place to have this conversation. Thanks!

I know there have been discussions about BLS signature verification on Solana, see e.g.

• https:// github. com/solana-labs/solana/issues/20241
• https:// solana.stackexchange .com/questions/6993/can-we-verify-bls-signature-in-solana-program
• Block vote aggregation · Issue #4809 · solana-labs/solana · GitHub

However, these are relatively dated and I haven’t been able to find more recent updates on the topic.

With Ethereum adding precompiled contracts for curve arithmetic and pairings on BLS12-381 in the Prague update (see here), I’m wondering if Solana’s position has evolved on adding native program support for BLS12-381 operations.

Having SVM-optimized BLS primitives would be valuable for bridging across EVM and SVM ecosystems.

If native support isn’t currently planned, are there recommended optimized implementations or approaches for handling BLS signature verification in Solana programs that the community has found effective?

Thanks for any insights!

PS: I had to break some links because I’m not allowed to put more than 2 in a post as a new user…

I shall clarify that I’m particularly interested in BLS over BLS12-381 here

Good question. as far as I know, there’s still no native BLS12-381 support planned in Solana. Most teams use custom Rust implementations or off-chain aggregation for now, but they’re quite resource-heavy. If Ethereum’s Prague upgrade drives demand for better interoperability, Solana might revisit this. Would definitely be great to have optimized BLS primitives natively for cross-chain work.

Alpenglow needs BLS. Some people are working on it.

Is your primary requirement to use BLS signatures in an on-chain program, or do you specifically need BLS12-381 curve operations?

If you just need BLS signature verification, it’s worth noting that the scheme can be instantiated with the bn254 curve, which Solana currently supports via syscalls.

If you have a hard requirement for BLS12-381 curve syscalls, there is discussion to add syscall support for them. Stay tuned for updates!

Great question — and you’re definitely in the right place to raise it! This topic’s starting to resurface lately as more cross-chain projects look for consistent cryptographic primitives between EVM and SVM environments.