@bcts/crypto 1.0.0-alpha.20 → 1.0.0-alpha.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (24) hide show
  1. package/LICENSE +2 -1
  2. package/dist/index.cjs +55 -0
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.d.cts +35 -0
  5. package/dist/index.d.cts.map +1 -1
  6. package/dist/index.d.mts +35 -0
  7. package/dist/index.d.mts.map +1 -1
  8. package/dist/index.iife.js +55 -0
  9. package/dist/index.iife.js.map +1 -1
  10. package/dist/index.mjs +55 -0
  11. package/dist/index.mjs.map +1 -1
  12. package/package.json +9 -20
  13. package/src/argon.ts +6 -0
  14. package/src/ecdsa-keys.ts +6 -0
  15. package/src/ecdsa-signing.ts +6 -0
  16. package/src/ed25519-signing.ts +6 -0
  17. package/src/error.ts +6 -0
  18. package/src/hash.ts +6 -0
  19. package/src/index.ts +6 -0
  20. package/src/memzero.ts +6 -0
  21. package/src/public-key-encryption.ts +6 -0
  22. package/src/schnorr-signing.ts +6 -0
  23. package/src/scrypt.ts +6 -0
  24. package/src/symmetric-encryption.ts +6 -0
package/LICENSE CHANGED
@@ -1,5 +1,6 @@
1
1
  Copyright © 2023-2026 Blockchain Commons, LLC
2
- Copyright © 2025-2026 Leonardo Amoroso Custodio
2
+ Copyright © 2025-2026 Parity Technologies
3
+
3
4
 
4
5
  Redistribution and use in source and binary forms, with or without modification,
5
6
  are permitted provided that the following conditions are met:
package/dist/index.cjs CHANGED
@@ -12,6 +12,11 @@ let _noble_hashes_argon2_js = require("@noble/hashes/argon2.js");
12
12
 
13
13
  //#region src/error.ts
14
14
  /**
15
+ * Copyright © 2023-2026 Blockchain Commons, LLC
16
+ * Copyright © 2025-2026 Parity Technologies
17
+ *
18
+ */
19
+ /**
15
20
  * AEAD-specific error for authentication failures
16
21
  */
17
22
  var AeadError = class extends Error {
@@ -53,6 +58,11 @@ var CryptoError = class CryptoError extends Error {
53
58
  //#endregion
54
59
  //#region src/memzero.ts
55
60
  /**
61
+ * Copyright © 2023-2026 Blockchain Commons, LLC
62
+ * Copyright © 2025-2026 Parity Technologies
63
+ *
64
+ */
65
+ /**
56
66
  * Securely zero out a typed array.
57
67
  *
58
68
  * **IMPORTANT: This is a best-effort implementation.** Unlike the Rust reference
@@ -82,6 +92,11 @@ function memzeroVecVecU8(arrays) {
82
92
 
83
93
  //#endregion
84
94
  //#region src/hash.ts
95
+ /**
96
+ * Copyright © 2023-2026 Blockchain Commons, LLC
97
+ * Copyright © 2025-2026 Parity Technologies
98
+ *
99
+ */
85
100
  const CRC32_SIZE = 4;
86
101
  const SHA256_SIZE = 32;
87
102
  const SHA512_SIZE = 64;
@@ -180,6 +195,11 @@ function hkdfHmacSha512(keyMaterial, salt, keyLen) {
180
195
 
181
196
  //#endregion
182
197
  //#region src/symmetric-encryption.ts
198
+ /**
199
+ * Copyright © 2023-2026 Blockchain Commons, LLC
200
+ * Copyright © 2025-2026 Parity Technologies
201
+ *
202
+ */
183
203
  const SYMMETRIC_KEY_SIZE = 32;
184
204
  const SYMMETRIC_NONCE_SIZE = 12;
185
205
  const SYMMETRIC_AUTH_SIZE = 16;
@@ -262,6 +282,11 @@ function aeadChaCha20Poly1305DecryptWithAad(ciphertext, key, nonce, aad, authTag
262
282
 
263
283
  //#endregion
264
284
  //#region src/public-key-encryption.ts
285
+ /**
286
+ * Copyright © 2023-2026 Blockchain Commons, LLC
287
+ * Copyright © 2025-2026 Parity Technologies
288
+ *
289
+ */
265
290
  const GENERIC_PRIVATE_KEY_SIZE = 32;
266
291
  const GENERIC_PUBLIC_KEY_SIZE = 32;
267
292
  const X25519_PRIVATE_KEY_SIZE = 32;
@@ -314,6 +339,11 @@ function x25519SharedKey(x25519Private, x25519Public) {
314
339
 
315
340
  //#endregion
316
341
  //#region src/ecdsa-keys.ts
342
+ /**
343
+ * Copyright © 2023-2026 Blockchain Commons, LLC
344
+ * Copyright © 2025-2026 Parity Technologies
345
+ *
346
+ */
317
347
  const ECDSA_PRIVATE_KEY_SIZE = 32;
318
348
  const ECDSA_PUBLIC_KEY_SIZE = 33;
319
349
  const ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE = 65;
@@ -372,6 +402,11 @@ function schnorrPublicKeyFromPrivateKey(privateKey) {
372
402
  //#endregion
373
403
  //#region src/ecdsa-signing.ts
374
404
  /**
405
+ * Copyright © 2023-2026 Blockchain Commons, LLC
406
+ * Copyright © 2025-2026 Parity Technologies
407
+ *
408
+ */
409
+ /**
375
410
  * Sign a message using ECDSA with secp256k1.
376
411
  *
377
412
  * The message is hashed with double SHA-256 before signing (Bitcoin standard).
@@ -414,6 +449,11 @@ function ecdsaVerify(publicKey, signature, message) {
414
449
 
415
450
  //#endregion
416
451
  //#region src/schnorr-signing.ts
452
+ /**
453
+ * Copyright © 2023-2026 Blockchain Commons, LLC
454
+ * Copyright © 2025-2026 Parity Technologies
455
+ *
456
+ */
417
457
  const SCHNORR_SIGNATURE_SIZE = 64;
418
458
  /**
419
459
  * Sign a message using Schnorr signature (BIP-340).
@@ -471,6 +511,11 @@ function schnorrVerify(schnorrPublicKey, signature, message) {
471
511
 
472
512
  //#endregion
473
513
  //#region src/ed25519-signing.ts
514
+ /**
515
+ * Copyright © 2023-2026 Blockchain Commons, LLC
516
+ * Copyright © 2025-2026 Parity Technologies
517
+ *
518
+ */
474
519
  const ED25519_PUBLIC_KEY_SIZE = 32;
475
520
  const ED25519_PRIVATE_KEY_SIZE = 32;
476
521
  const ED25519_SIGNATURE_SIZE = 64;
@@ -524,6 +569,11 @@ function ed25519Verify(publicKey, message, signature) {
524
569
  //#endregion
525
570
  //#region src/scrypt.ts
526
571
  /**
572
+ * Copyright © 2023-2026 Blockchain Commons, LLC
573
+ * Copyright © 2025-2026 Parity Technologies
574
+ *
575
+ */
576
+ /**
527
577
  * Derive a key using Scrypt with recommended parameters.
528
578
  * Uses N=2^15 (32768), r=8, p=1 as recommended defaults.
529
579
  *
@@ -561,6 +611,11 @@ function scryptOpt(password, salt, outputLen, logN, r, p) {
561
611
  //#endregion
562
612
  //#region src/argon.ts
563
613
  /**
614
+ * Copyright © 2023-2026 Blockchain Commons, LLC
615
+ * Copyright © 2025-2026 Parity Technologies
616
+ *
617
+ */
618
+ /**
564
619
  * Derive a key using Argon2id with default parameters.
565
620
  * This matches the Rust `argon2id` function signature.
566
621
  *
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.cjs","names":["nobleSha256","nobleSha512","x25519","SYMMETRIC_KEY_SIZE","secp256k1","secp256k1","SecureRandomNumberGenerator","schnorr","ed25519"],"sources":["../src/error.ts","../src/memzero.ts","../src/hash.ts","../src/symmetric-encryption.ts","../src/public-key-encryption.ts","../src/ecdsa-keys.ts","../src/ecdsa-signing.ts","../src/schnorr-signing.ts","../src/ed25519-signing.ts","../src/scrypt.ts","../src/argon.ts"],"sourcesContent":["// Ported from bc-crypto-rust/src/error.rs\n\n/**\n * AEAD-specific error for authentication failures\n */\nexport class AeadError extends Error {\n constructor(message = \"AEAD authentication failed\") {\n super(message);\n this.name = \"AeadError\";\n }\n}\n\n/**\n * Generic crypto error type\n */\nexport class CryptoError extends Error {\n override readonly cause?: Error | undefined;\n\n constructor(message: string, cause?: Error) {\n super(message);\n this.name = \"CryptoError\";\n this.cause = cause;\n }\n\n /**\n * Create a CryptoError for AEAD authentication failures.\n *\n * @param error - Optional underlying AeadError\n * @returns A CryptoError wrapping the AEAD error\n */\n static aead(error?: AeadError): CryptoError {\n return new CryptoError(\"AEAD error\", error ?? new AeadError());\n }\n\n /**\n * Create a CryptoError for invalid parameter values.\n *\n * @param message - Description of the invalid parameter\n * @returns A CryptoError describing the invalid parameter\n */\n static invalidParameter(message: string): CryptoError {\n return new CryptoError(`Invalid parameter: ${message}`);\n }\n}\n\n/**\n * Result type for crypto operations (using standard Error)\n */\nexport type CryptoResult<T> = T;\n","// Ported from bc-crypto-rust/src/memzero.rs\n\n/**\n * Securely zero out a typed array.\n *\n * **IMPORTANT: This is a best-effort implementation.** Unlike the Rust reference\n * implementation which uses `std::ptr::write_volatile()` for guaranteed volatile\n * writes, JavaScript engines and JIT compilers can still potentially optimize\n * away these zeroing operations. The check at the end helps prevent optimization,\n * but it is not foolproof.\n *\n * For truly sensitive cryptographic operations, consider using the Web Crypto API's\n * `crypto.subtle` with non-extractable keys when possible, as it provides stronger\n * guarantees than what can be achieved with pure JavaScript.\n *\n * This function attempts to prevent the compiler from optimizing away\n * the zeroing operation by using a verification check after the zeroing loop.\n */\nexport function memzero(data: Uint8Array | Uint32Array): void {\n const len = data.length;\n for (let i = 0; i < len; i++) {\n data[i] = 0;\n }\n // Force a side effect to prevent optimization\n if (data.length > 0 && data[0] !== 0) {\n throw new Error(\"memzero failed\");\n }\n}\n\n/**\n * Securely zero out an array of Uint8Arrays.\n */\nexport function memzeroVecVecU8(arrays: Uint8Array[]): void {\n for (const arr of arrays) {\n memzero(arr);\n }\n}\n","// Ported from bc-crypto-rust/src/hash.rs\n\nimport { sha256 as nobleSha256, sha512 as nobleSha512 } from \"@noble/hashes/sha2.js\";\nimport { hmac } from \"@noble/hashes/hmac.js\";\nimport { pbkdf2 } from \"@noble/hashes/pbkdf2.js\";\nimport { hkdf } from \"@noble/hashes/hkdf.js\";\n\n// Constants\nexport const CRC32_SIZE = 4;\nexport const SHA256_SIZE = 32;\nexport const SHA512_SIZE = 64;\n\n// CRC-32 lookup table (IEEE polynomial 0xedb88320)\nconst CRC32_TABLE = new Uint32Array(256);\nfor (let i = 0; i < 256; i++) {\n let crc = i;\n for (let j = 0; j < 8; j++) {\n crc = (crc & 1) !== 0 ? (crc >>> 1) ^ 0xedb88320 : crc >>> 1;\n }\n CRC32_TABLE[i] = crc >>> 0;\n}\n\n/**\n * Calculate CRC-32 checksum\n */\nexport function crc32(data: Uint8Array): number {\n let crc = 0xffffffff;\n for (const byte of data) {\n crc = CRC32_TABLE[(crc ^ byte) & 0xff] ^ (crc >>> 8);\n }\n return (crc ^ 0xffffffff) >>> 0;\n}\n\n/**\n * Calculate CRC-32 checksum and return as a 4-byte big-endian array\n */\nexport function crc32Data(data: Uint8Array): Uint8Array {\n return crc32DataOpt(data, false);\n}\n\n/**\n * Calculate CRC-32 checksum and return as a 4-byte array\n * @param data - Input data\n * @param littleEndian - If true, returns little-endian; otherwise big-endian\n */\nexport function crc32DataOpt(data: Uint8Array, littleEndian: boolean): Uint8Array {\n const checksum = crc32(data);\n const result = new Uint8Array(4);\n const view = new DataView(result.buffer);\n view.setUint32(0, checksum, littleEndian);\n return result;\n}\n\n/**\n * Calculate SHA-256 hash\n */\nexport function sha256(data: Uint8Array): Uint8Array {\n return nobleSha256(data);\n}\n\n/**\n * Calculate double SHA-256 hash (SHA-256 of SHA-256)\n * This is the standard Bitcoin hashing function\n */\nexport function doubleSha256(message: Uint8Array): Uint8Array {\n return sha256(sha256(message));\n}\n\n/**\n * Calculate SHA-512 hash\n */\nexport function sha512(data: Uint8Array): Uint8Array {\n return nobleSha512(data);\n}\n\n/**\n * Calculate HMAC-SHA-256\n */\nexport function hmacSha256(key: Uint8Array, message: Uint8Array): Uint8Array {\n return hmac(nobleSha256, key, message);\n}\n\n/**\n * Calculate HMAC-SHA-512\n */\nexport function hmacSha512(key: Uint8Array, message: Uint8Array): Uint8Array {\n return hmac(nobleSha512, key, message);\n}\n\n/**\n * Derive a key using PBKDF2 with HMAC-SHA-256\n */\nexport function pbkdf2HmacSha256(\n password: Uint8Array,\n salt: Uint8Array,\n iterations: number,\n keyLen: number,\n): Uint8Array {\n return pbkdf2(nobleSha256, password, salt, { c: iterations, dkLen: keyLen });\n}\n\n/**\n * Derive a key using PBKDF2 with HMAC-SHA-512\n */\nexport function pbkdf2HmacSha512(\n password: Uint8Array,\n salt: Uint8Array,\n iterations: number,\n keyLen: number,\n): Uint8Array {\n return pbkdf2(nobleSha512, password, salt, { c: iterations, dkLen: keyLen });\n}\n\n/**\n * Derive a key using HKDF with HMAC-SHA-256\n */\nexport function hkdfHmacSha256(\n keyMaterial: Uint8Array,\n salt: Uint8Array,\n keyLen: number,\n): Uint8Array {\n return hkdf(nobleSha256, keyMaterial, salt, undefined, keyLen);\n}\n\n/**\n * Derive a key using HKDF with HMAC-SHA-512\n */\nexport function hkdfHmacSha512(\n keyMaterial: Uint8Array,\n salt: Uint8Array,\n keyLen: number,\n): Uint8Array {\n return hkdf(nobleSha512, keyMaterial, salt, undefined, keyLen);\n}\n","// Ported from bc-crypto-rust/src/symmetric_encryption.rs\n\nimport { chacha20poly1305 } from \"@noble/ciphers/chacha.js\";\nimport { CryptoError, AeadError } from \"./error.js\";\n\n// Constants\nexport const SYMMETRIC_KEY_SIZE = 32;\nexport const SYMMETRIC_NONCE_SIZE = 12;\nexport const SYMMETRIC_AUTH_SIZE = 16;\n\n/**\n * Encrypt data using ChaCha20-Poly1305 AEAD cipher.\n *\n * **Security Warning**: The nonce MUST be unique for every encryption operation\n * with the same key. Reusing a nonce completely breaks the security of the\n * encryption scheme and can reveal plaintext.\n *\n * @param plaintext - The data to encrypt\n * @param key - 32-byte encryption key\n * @param nonce - 12-byte nonce (MUST be unique per encryption with the same key)\n * @returns Tuple of [ciphertext, authTag] where authTag is 16 bytes\n * @throws {CryptoError} If key is not 32 bytes or nonce is not 12 bytes\n */\nexport function aeadChaCha20Poly1305Encrypt(\n plaintext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n): [Uint8Array, Uint8Array] {\n return aeadChaCha20Poly1305EncryptWithAad(plaintext, key, nonce, new Uint8Array(0));\n}\n\n/**\n * Encrypt data using ChaCha20-Poly1305 AEAD cipher with additional authenticated data.\n *\n * **Security Warning**: The nonce MUST be unique for every encryption operation\n * with the same key. Reusing a nonce completely breaks the security of the\n * encryption scheme and can reveal plaintext.\n *\n * @param plaintext - The data to encrypt\n * @param key - 32-byte encryption key\n * @param nonce - 12-byte nonce (MUST be unique per encryption with the same key)\n * @param aad - Additional authenticated data (not encrypted, but integrity-protected)\n * @returns Tuple of [ciphertext, authTag] where authTag is 16 bytes\n * @throws {CryptoError} If key is not 32 bytes or nonce is not 12 bytes\n */\nexport function aeadChaCha20Poly1305EncryptWithAad(\n plaintext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n aad: Uint8Array,\n): [Uint8Array, Uint8Array] {\n if (key.length !== SYMMETRIC_KEY_SIZE) {\n throw CryptoError.invalidParameter(`Key must be ${SYMMETRIC_KEY_SIZE} bytes`);\n }\n if (nonce.length !== SYMMETRIC_NONCE_SIZE) {\n throw CryptoError.invalidParameter(`Nonce must be ${SYMMETRIC_NONCE_SIZE} bytes`);\n }\n\n const cipher = chacha20poly1305(key, nonce, aad);\n const sealed = cipher.encrypt(plaintext);\n\n // The sealed output contains ciphertext + 16-byte auth tag\n const ciphertext = sealed.slice(0, sealed.length - SYMMETRIC_AUTH_SIZE);\n const authTag = sealed.slice(sealed.length - SYMMETRIC_AUTH_SIZE);\n\n return [ciphertext, authTag];\n}\n\n/**\n * Decrypt data using ChaCha20-Poly1305 AEAD cipher.\n *\n * @param ciphertext - The encrypted data\n * @param key - 32-byte encryption key (must match key used for encryption)\n * @param nonce - 12-byte nonce (must match nonce used for encryption)\n * @param authTag - 16-byte authentication tag from encryption\n * @returns Decrypted plaintext\n * @throws {CryptoError} If key/nonce/authTag sizes are invalid\n * @throws {CryptoError} If authentication fails (tampered data or wrong key/nonce)\n */\nexport function aeadChaCha20Poly1305Decrypt(\n ciphertext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n authTag: Uint8Array,\n): Uint8Array {\n return aeadChaCha20Poly1305DecryptWithAad(ciphertext, key, nonce, new Uint8Array(0), authTag);\n}\n\n/**\n * Decrypt data using ChaCha20-Poly1305 AEAD cipher with additional authenticated data.\n *\n * @param ciphertext - The encrypted data\n * @param key - 32-byte encryption key (must match key used for encryption)\n * @param nonce - 12-byte nonce (must match nonce used for encryption)\n * @param aad - Additional authenticated data (must exactly match AAD used for encryption)\n * @param authTag - 16-byte authentication tag from encryption\n * @returns Decrypted plaintext\n * @throws {CryptoError} If key/nonce/authTag sizes are invalid\n * @throws {CryptoError} If authentication fails (tampered data, wrong key/nonce, or AAD mismatch)\n */\nexport function aeadChaCha20Poly1305DecryptWithAad(\n ciphertext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n aad: Uint8Array,\n authTag: Uint8Array,\n): Uint8Array {\n if (key.length !== SYMMETRIC_KEY_SIZE) {\n throw CryptoError.invalidParameter(`Key must be ${SYMMETRIC_KEY_SIZE} bytes`);\n }\n if (nonce.length !== SYMMETRIC_NONCE_SIZE) {\n throw CryptoError.invalidParameter(`Nonce must be ${SYMMETRIC_NONCE_SIZE} bytes`);\n }\n if (authTag.length !== SYMMETRIC_AUTH_SIZE) {\n throw CryptoError.invalidParameter(`Auth tag must be ${SYMMETRIC_AUTH_SIZE} bytes`);\n }\n\n // Combine ciphertext and auth tag for decryption\n const sealed = new Uint8Array(ciphertext.length + authTag.length);\n sealed.set(ciphertext);\n sealed.set(authTag, ciphertext.length);\n\n try {\n const cipher = chacha20poly1305(key, nonce, aad);\n return cipher.decrypt(sealed);\n } catch (error) {\n // Preserve the original error for debugging while wrapping in our error type\n const aeadError = new AeadError(\n `Decryption failed: ${error instanceof Error ? error.message : \"authentication error\"}`,\n );\n throw CryptoError.aead(aeadError);\n }\n}\n","// Ported from bc-crypto-rust/src/public_key_encryption.rs\n\nimport { x25519 } from \"@noble/curves/ed25519.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\nimport { hkdfHmacSha256 } from \"./hash.js\";\n\n// Constants\nexport const GENERIC_PRIVATE_KEY_SIZE = 32;\nexport const GENERIC_PUBLIC_KEY_SIZE = 32;\nexport const X25519_PRIVATE_KEY_SIZE = 32;\nexport const X25519_PUBLIC_KEY_SIZE = 32;\n\n/**\n * Derive an X25519 agreement private key from key material.\n * Uses HKDF with \"agreement\" as domain separation salt.\n */\nexport function deriveAgreementPrivateKey(keyMaterial: Uint8Array): Uint8Array {\n const salt = new TextEncoder().encode(\"agreement\");\n return hkdfHmacSha256(keyMaterial, salt, X25519_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive a signing private key from key material.\n * Uses HKDF with \"signing\" as domain separation salt.\n */\nexport function deriveSigningPrivateKey(keyMaterial: Uint8Array): Uint8Array {\n const salt = new TextEncoder().encode(\"signing\");\n return hkdfHmacSha256(keyMaterial, salt, 32);\n}\n\n/**\n * Generate a new random X25519 private key.\n */\nexport function x25519NewPrivateKeyUsing(rng: RandomNumberGenerator): Uint8Array {\n return rng.randomData(X25519_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive an X25519 public key from a private key.\n */\nexport function x25519PublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== X25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${X25519_PRIVATE_KEY_SIZE} bytes`);\n }\n return x25519.getPublicKey(privateKey);\n}\n\n// Symmetric key size for the derived shared key\nconst SYMMETRIC_KEY_SIZE = 32;\n\n/**\n * Compute a shared symmetric key using X25519 key agreement (ECDH).\n *\n * This function performs X25519 Diffie-Hellman key agreement and then\n * derives a symmetric key using HKDF-SHA256 with \"agreement\" as the salt.\n * This matches the Rust bc-crypto implementation for cross-platform compatibility.\n *\n * @param x25519Private - 32-byte X25519 private key\n * @param x25519Public - 32-byte X25519 public key from the other party\n * @returns 32-byte derived symmetric key\n * @throws {Error} If private key is not 32 bytes or public key is not 32 bytes\n */\nexport function x25519SharedKey(x25519Private: Uint8Array, x25519Public: Uint8Array): Uint8Array {\n if (x25519Private.length !== X25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${X25519_PRIVATE_KEY_SIZE} bytes`);\n }\n if (x25519Public.length !== X25519_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${X25519_PUBLIC_KEY_SIZE} bytes`);\n }\n // Perform raw X25519 Diffie-Hellman\n const rawSharedSecret = x25519.getSharedSecret(x25519Private, x25519Public);\n // Derive symmetric key using HKDF with \"agreement\" salt (matches Rust implementation)\n const salt = new TextEncoder().encode(\"agreement\");\n return hkdfHmacSha256(rawSharedSecret, salt, SYMMETRIC_KEY_SIZE);\n}\n","// Ported from bc-crypto-rust/src/ecdsa_keys.rs\n\nimport { secp256k1 } from \"@noble/curves/secp256k1.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\nimport { hkdfHmacSha256 } from \"./hash.js\";\n\n// Constants\nexport const ECDSA_PRIVATE_KEY_SIZE = 32;\nexport const ECDSA_PUBLIC_KEY_SIZE = 33; // Compressed\nexport const ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE = 65;\nexport const ECDSA_MESSAGE_HASH_SIZE = 32;\nexport const ECDSA_SIGNATURE_SIZE = 64;\nexport const SCHNORR_PUBLIC_KEY_SIZE = 32; // x-only\n\n/**\n * Generate a new random ECDSA private key using secp256k1.\n *\n * Note: Unlike some implementations, this directly returns the random bytes\n * without validation. The secp256k1 library will handle any edge cases when\n * the key is used.\n */\nexport function ecdsaNewPrivateKeyUsing(rng: RandomNumberGenerator): Uint8Array {\n return rng.randomData(ECDSA_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive a compressed ECDSA public key from a private key.\n */\nexport function ecdsaPublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n return secp256k1.getPublicKey(privateKey, true); // true = compressed\n}\n\n/**\n * Decompress a compressed public key to uncompressed format.\n */\nexport function ecdsaDecompressPublicKey(compressed: Uint8Array): Uint8Array {\n if (compressed.length !== ECDSA_PUBLIC_KEY_SIZE) {\n throw new Error(`Compressed public key must be ${ECDSA_PUBLIC_KEY_SIZE} bytes`);\n }\n const point = secp256k1.Point.fromBytes(compressed);\n return point.toBytes(false); // false = uncompressed\n}\n\n/**\n * Compress an uncompressed public key.\n */\nexport function ecdsaCompressPublicKey(uncompressed: Uint8Array): Uint8Array {\n if (uncompressed.length !== ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE) {\n throw new Error(`Uncompressed public key must be ${ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE} bytes`);\n }\n const point = secp256k1.Point.fromBytes(uncompressed);\n return point.toBytes(true); // true = compressed\n}\n\n/**\n * Derive an ECDSA private key from key material using HKDF.\n *\n * Note: This directly returns the HKDF output without validation,\n * matching the Rust reference implementation behavior.\n */\nexport function ecdsaDerivePrivateKey(keyMaterial: Uint8Array): Uint8Array {\n const salt = new TextEncoder().encode(\"signing\");\n return hkdfHmacSha256(keyMaterial, salt, ECDSA_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Extract the x-only (Schnorr) public key from a private key.\n * This is used for BIP-340 Schnorr signatures.\n */\nexport function schnorrPublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n // Get the full public key and extract just the x-coordinate\n const fullPubKey = secp256k1.getPublicKey(privateKey, false); // uncompressed\n // Skip the 0x04 prefix and take only x-coordinate (first 32 bytes after prefix)\n return fullPubKey.slice(1, 33);\n}\n","// Ported from bc-crypto-rust/src/ecdsa_signing.rs\n\nimport { secp256k1 } from \"@noble/curves/secp256k1.js\";\nimport { doubleSha256 } from \"./hash.js\";\nimport {\n ECDSA_PRIVATE_KEY_SIZE,\n ECDSA_PUBLIC_KEY_SIZE,\n ECDSA_SIGNATURE_SIZE,\n} from \"./ecdsa-keys.js\";\n\n/**\n * Sign a message using ECDSA with secp256k1.\n *\n * The message is hashed with double SHA-256 before signing (Bitcoin standard).\n *\n * **Security Note**: The private key must be kept secret. ECDSA requires\n * cryptographically secure random nonces internally; this is handled by\n * the underlying library using RFC 6979 deterministic nonces.\n *\n * @param privateKey - 32-byte secp256k1 private key\n * @param message - Message to sign (any length, will be double-SHA256 hashed)\n * @returns 64-byte compact signature (r || s format)\n * @throws {Error} If private key is not 32 bytes\n */\nexport function ecdsaSign(privateKey: Uint8Array, message: Uint8Array): Uint8Array {\n if (privateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n\n const messageHash = doubleSha256(message);\n // prehash: false because we already hashed the message with doubleSha256\n return secp256k1.sign(messageHash, privateKey, { prehash: false });\n}\n\n/**\n * Verify an ECDSA signature with secp256k1.\n *\n * The message is hashed with double SHA-256 before verification (Bitcoin standard).\n *\n * @param publicKey - 33-byte compressed secp256k1 public key\n * @param signature - 64-byte compact signature (r || s format)\n * @param message - Original message that was signed\n * @returns `true` if signature is valid, `false` if signature verification fails\n * @throws {Error} If public key is not 33 bytes or signature is not 64 bytes\n */\nexport function ecdsaVerify(\n publicKey: Uint8Array,\n signature: Uint8Array,\n message: Uint8Array,\n): boolean {\n if (publicKey.length !== ECDSA_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${ECDSA_PUBLIC_KEY_SIZE} bytes`);\n }\n if (signature.length !== ECDSA_SIGNATURE_SIZE) {\n throw new Error(`Signature must be ${ECDSA_SIGNATURE_SIZE} bytes`);\n }\n\n try {\n const messageHash = doubleSha256(message);\n // prehash: false because we already hashed the message with doubleSha256\n return secp256k1.verify(signature, messageHash, publicKey, { prehash: false });\n } catch {\n return false;\n }\n}\n","// Ported from bc-crypto-rust/src/schnorr_signing.rs\n\nimport { schnorr } from \"@noble/curves/secp256k1.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\nimport { SecureRandomNumberGenerator } from \"@bcts/rand\";\nimport { ECDSA_PRIVATE_KEY_SIZE, SCHNORR_PUBLIC_KEY_SIZE } from \"./ecdsa-keys.js\";\n\n// Constants\nexport const SCHNORR_SIGNATURE_SIZE = 64;\n\n/**\n * Sign a message using Schnorr signature (BIP-340).\n * Uses secure random auxiliary randomness.\n *\n * @param ecdsaPrivateKey - 32-byte private key\n * @param message - Message to sign (not pre-hashed, per BIP-340)\n * @returns 64-byte Schnorr signature\n */\nexport function schnorrSign(ecdsaPrivateKey: Uint8Array, message: Uint8Array): Uint8Array {\n const rng = new SecureRandomNumberGenerator();\n return schnorrSignUsing(ecdsaPrivateKey, message, rng);\n}\n\n/**\n * Sign a message using Schnorr signature with a custom RNG.\n *\n * @param ecdsaPrivateKey - 32-byte private key\n * @param message - Message to sign\n * @param rng - Random number generator for auxiliary randomness\n * @returns 64-byte Schnorr signature\n */\nexport function schnorrSignUsing(\n ecdsaPrivateKey: Uint8Array,\n message: Uint8Array,\n rng: RandomNumberGenerator,\n): Uint8Array {\n const auxRand = rng.randomData(32);\n return schnorrSignWithAuxRand(ecdsaPrivateKey, message, auxRand);\n}\n\n/**\n * Sign a message using Schnorr signature with specific auxiliary randomness.\n * This is useful for deterministic signing in tests.\n *\n * @param ecdsaPrivateKey - 32-byte private key\n * @param message - Message to sign\n * @param auxRand - 32-byte auxiliary randomness (per BIP-340)\n * @returns 64-byte Schnorr signature\n */\nexport function schnorrSignWithAuxRand(\n ecdsaPrivateKey: Uint8Array,\n message: Uint8Array,\n auxRand: Uint8Array,\n): Uint8Array {\n if (ecdsaPrivateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n if (auxRand.length !== 32) {\n throw new Error(\"Auxiliary randomness must be 32 bytes\");\n }\n\n return schnorr.sign(message, ecdsaPrivateKey, auxRand);\n}\n\n/**\n * Verify a Schnorr signature (BIP-340).\n *\n * @param schnorrPublicKey - 32-byte x-only public key\n * @param signature - 64-byte Schnorr signature\n * @param message - Original message\n * @returns true if signature is valid\n */\nexport function schnorrVerify(\n schnorrPublicKey: Uint8Array,\n signature: Uint8Array,\n message: Uint8Array,\n): boolean {\n if (schnorrPublicKey.length !== SCHNORR_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${SCHNORR_PUBLIC_KEY_SIZE} bytes`);\n }\n if (signature.length !== SCHNORR_SIGNATURE_SIZE) {\n throw new Error(`Signature must be ${SCHNORR_SIGNATURE_SIZE} bytes`);\n }\n\n try {\n return schnorr.verify(signature, message, schnorrPublicKey);\n } catch {\n return false;\n }\n}\n","// Ported from bc-crypto-rust/src/ed25519_signing.rs\n\nimport { ed25519 } from \"@noble/curves/ed25519.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\n\n// Constants\nexport const ED25519_PUBLIC_KEY_SIZE = 32;\nexport const ED25519_PRIVATE_KEY_SIZE = 32;\nexport const ED25519_SIGNATURE_SIZE = 64;\n\n/**\n * Generate a new random Ed25519 private key.\n */\nexport function ed25519NewPrivateKeyUsing(rng: RandomNumberGenerator): Uint8Array {\n return rng.randomData(ED25519_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive an Ed25519 public key from a private key.\n */\nexport function ed25519PublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== ED25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ED25519_PRIVATE_KEY_SIZE} bytes`);\n }\n return ed25519.getPublicKey(privateKey);\n}\n\n/**\n * Sign a message using Ed25519.\n *\n * **Security Note**: The private key must be kept secret. The same private key\n * can safely sign multiple messages.\n *\n * @param privateKey - 32-byte Ed25519 private key\n * @param message - Message to sign (any length)\n * @returns 64-byte Ed25519 signature\n * @throws {Error} If private key is not 32 bytes\n */\nexport function ed25519Sign(privateKey: Uint8Array, message: Uint8Array): Uint8Array {\n if (privateKey.length !== ED25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ED25519_PRIVATE_KEY_SIZE} bytes`);\n }\n return ed25519.sign(message, privateKey);\n}\n\n/**\n * Verify an Ed25519 signature.\n *\n * @param publicKey - 32-byte Ed25519 public key\n * @param message - Original message that was signed\n * @param signature - 64-byte Ed25519 signature\n * @returns `true` if signature is valid, `false` if signature verification fails\n * @throws {Error} If public key is not 32 bytes or signature is not 64 bytes\n */\nexport function ed25519Verify(\n publicKey: Uint8Array,\n message: Uint8Array,\n signature: Uint8Array,\n): boolean {\n if (publicKey.length !== ED25519_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${ED25519_PUBLIC_KEY_SIZE} bytes`);\n }\n if (signature.length !== ED25519_SIGNATURE_SIZE) {\n throw new Error(`Signature must be ${ED25519_SIGNATURE_SIZE} bytes`);\n }\n\n try {\n return ed25519.verify(signature, message, publicKey);\n } catch {\n return false;\n }\n}\n","// Ported from bc-crypto-rust/src/scrypt.rs\n\nimport { scrypt as nobleScrypt } from \"@noble/hashes/scrypt.js\";\n\n/**\n * Derive a key using Scrypt with recommended parameters.\n * Uses N=2^15 (32768), r=8, p=1 as recommended defaults.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value\n * @param outputLen - Desired output length\n * @returns Derived key\n */\nexport function scrypt(password: Uint8Array, salt: Uint8Array, outputLen: number): Uint8Array {\n return scryptOpt(password, salt, outputLen, 15, 8, 1);\n}\n\n/**\n * Derive a key using Scrypt with custom parameters.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value\n * @param outputLen - Desired output length\n * @param logN - Log2 of the CPU/memory cost parameter N (must be <64)\n * @param r - Block size parameter (must be >0)\n * @param p - Parallelization parameter (must be >0)\n * @returns Derived key\n */\nexport function scryptOpt(\n password: Uint8Array,\n salt: Uint8Array,\n outputLen: number,\n logN: number,\n r: number,\n p: number,\n): Uint8Array {\n if (logN >= 64) {\n throw new Error(\"logN must be <64\");\n }\n if (r === 0) {\n throw new Error(\"r must be >0\");\n }\n if (p === 0) {\n throw new Error(\"p must be >0\");\n }\n\n const N = 1 << logN; // 2^logN\n\n return nobleScrypt(password, salt, { N, r, p, dkLen: outputLen });\n}\n","// Ported from bc-crypto-rust/src/argon.rs\n\nimport { argon2id as nobleArgon2id } from \"@noble/hashes/argon2.js\";\n\n/**\n * Derive a key using Argon2id with default parameters.\n * This matches the Rust `argon2id` function signature.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value (must be at least 8 bytes)\n * @param outputLen - Desired output length\n * @returns Derived key\n */\nexport function argon2id(password: Uint8Array, salt: Uint8Array, outputLen: number): Uint8Array {\n // Use default parameters matching Argon2::default() in Rust\n return argon2idHashOpt(password, salt, outputLen, 3, 65536, 4);\n}\n\n/**\n * Derive a key using Argon2id with custom parameters.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value (must be at least 8 bytes)\n * @param outputLen - Desired output length\n * @param iterations - Number of iterations (t)\n * @param memory - Memory in KiB (m)\n * @param parallelism - Degree of parallelism (p)\n * @returns Derived key\n */\nexport function argon2idHashOpt(\n password: Uint8Array,\n salt: Uint8Array,\n outputLen: number,\n iterations: number,\n memory: number,\n parallelism: number,\n): Uint8Array {\n return nobleArgon2id(password, salt, {\n t: iterations,\n m: memory,\n p: parallelism,\n dkLen: outputLen,\n });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAKA,IAAa,YAAb,cAA+B,MAAM;CACnC,YAAY,UAAU,8BAA8B;AAClD,QAAM,QAAQ;AACd,OAAK,OAAO;;;;;;AAOhB,IAAa,cAAb,MAAa,oBAAoB,MAAM;CACrC,AAAkB;CAElB,YAAY,SAAiB,OAAe;AAC1C,QAAM,QAAQ;AACd,OAAK,OAAO;AACZ,OAAK,QAAQ;;;;;;;;CASf,OAAO,KAAK,OAAgC;AAC1C,SAAO,IAAI,YAAY,cAAc,SAAS,IAAI,WAAW,CAAC;;;;;;;;CAShE,OAAO,iBAAiB,SAA8B;AACpD,SAAO,IAAI,YAAY,sBAAsB,UAAU;;;;;;;;;;;;;;;;;;;;;;ACvB3D,SAAgB,QAAQ,MAAsC;CAC5D,MAAM,MAAM,KAAK;AACjB,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,IACvB,MAAK,KAAK;AAGZ,KAAI,KAAK,SAAS,KAAK,KAAK,OAAO,EACjC,OAAM,IAAI,MAAM,iBAAiB;;;;;AAOrC,SAAgB,gBAAgB,QAA4B;AAC1D,MAAK,MAAM,OAAO,OAChB,SAAQ,IAAI;;;;;AC1BhB,MAAa,aAAa;AAC1B,MAAa,cAAc;AAC3B,MAAa,cAAc;AAG3B,MAAM,cAAc,IAAI,YAAY,IAAI;AACxC,KAAK,IAAI,IAAI,GAAG,IAAI,KAAK,KAAK;CAC5B,IAAI,MAAM;AACV,MAAK,IAAI,IAAI,GAAG,IAAI,GAAG,IACrB,QAAO,MAAM,OAAO,IAAK,QAAQ,IAAK,aAAa,QAAQ;AAE7D,aAAY,KAAK,QAAQ;;;;;AAM3B,SAAgB,MAAM,MAA0B;CAC9C,IAAI,MAAM;AACV,MAAK,MAAM,QAAQ,KACjB,OAAM,aAAa,MAAM,QAAQ,OAAS,QAAQ;AAEpD,SAAQ,MAAM,gBAAgB;;;;;AAMhC,SAAgB,UAAU,MAA8B;AACtD,QAAO,aAAa,MAAM,MAAM;;;;;;;AAQlC,SAAgB,aAAa,MAAkB,cAAmC;CAChF,MAAM,WAAW,MAAM,KAAK;CAC5B,MAAM,SAAS,IAAI,WAAW,EAAE;AAEhC,CADa,IAAI,SAAS,OAAO,OAAO,CACnC,UAAU,GAAG,UAAU,aAAa;AACzC,QAAO;;;;;AAMT,SAAgB,OAAO,MAA8B;AACnD,0CAAmB,KAAK;;;;;;AAO1B,SAAgB,aAAa,SAAiC;AAC5D,QAAO,OAAO,OAAO,QAAQ,CAAC;;;;;AAMhC,SAAgB,OAAO,MAA8B;AACnD,0CAAmB,KAAK;;;;;AAM1B,SAAgB,WAAW,KAAiB,SAAiC;AAC3E,wCAAYA,8BAAa,KAAK,QAAQ;;;;;AAMxC,SAAgB,WAAW,KAAiB,SAAiC;AAC3E,wCAAYC,8BAAa,KAAK,QAAQ;;;;;AAMxC,SAAgB,iBACd,UACA,MACA,YACA,QACY;AACZ,4CAAcD,8BAAa,UAAU,MAAM;EAAE,GAAG;EAAY,OAAO;EAAQ,CAAC;;;;;AAM9E,SAAgB,iBACd,UACA,MACA,YACA,QACY;AACZ,4CAAcC,8BAAa,UAAU,MAAM;EAAE,GAAG;EAAY,OAAO;EAAQ,CAAC;;;;;AAM9E,SAAgB,eACd,aACA,MACA,QACY;AACZ,wCAAYD,8BAAa,aAAa,MAAM,QAAW,OAAO;;;;;AAMhE,SAAgB,eACd,aACA,MACA,QACY;AACZ,wCAAYC,8BAAa,aAAa,MAAM,QAAW,OAAO;;;;;AC9HhE,MAAa,qBAAqB;AAClC,MAAa,uBAAuB;AACpC,MAAa,sBAAsB;;;;;;;;;;;;;;AAenC,SAAgB,4BACd,WACA,KACA,OAC0B;AAC1B,QAAO,mCAAmC,WAAW,KAAK,OAAO,IAAI,WAAW,EAAE,CAAC;;;;;;;;;;;;;;;;AAiBrF,SAAgB,mCACd,WACA,KACA,OACA,KAC0B;AAC1B,KAAI,IAAI,WAAW,mBACjB,OAAM,YAAY,iBAAiB,eAAe,mBAAmB,QAAQ;AAE/E,KAAI,MAAM,WAAW,qBACnB,OAAM,YAAY,iBAAiB,iBAAiB,qBAAqB,QAAQ;CAInF,MAAM,wDAD0B,KAAK,OAAO,IAAI,CAC1B,QAAQ,UAAU;AAMxC,QAAO,CAHY,OAAO,MAAM,GAAG,OAAO,SAAS,oBAAoB,EACvD,OAAO,MAAM,OAAO,SAAS,oBAAoB,CAErC;;;;;;;;;;;;;AAc9B,SAAgB,4BACd,YACA,KACA,OACA,SACY;AACZ,QAAO,mCAAmC,YAAY,KAAK,OAAO,IAAI,WAAW,EAAE,EAAE,QAAQ;;;;;;;;;;;;;;AAe/F,SAAgB,mCACd,YACA,KACA,OACA,KACA,SACY;AACZ,KAAI,IAAI,WAAW,mBACjB,OAAM,YAAY,iBAAiB,eAAe,mBAAmB,QAAQ;AAE/E,KAAI,MAAM,WAAW,qBACnB,OAAM,YAAY,iBAAiB,iBAAiB,qBAAqB,QAAQ;AAEnF,KAAI,QAAQ,WAAW,oBACrB,OAAM,YAAY,iBAAiB,oBAAoB,oBAAoB,QAAQ;CAIrF,MAAM,SAAS,IAAI,WAAW,WAAW,SAAS,QAAQ,OAAO;AACjE,QAAO,IAAI,WAAW;AACtB,QAAO,IAAI,SAAS,WAAW,OAAO;AAEtC,KAAI;AAEF,wDADgC,KAAK,OAAO,IAAI,CAClC,QAAQ,OAAO;UACtB,OAAO;EAEd,MAAM,YAAY,IAAI,UACpB,sBAAsB,iBAAiB,QAAQ,MAAM,UAAU,yBAChE;AACD,QAAM,YAAY,KAAK,UAAU;;;;;;AC3HrC,MAAa,2BAA2B;AACxC,MAAa,0BAA0B;AACvC,MAAa,0BAA0B;AACvC,MAAa,yBAAyB;;;;;AAMtC,SAAgB,0BAA0B,aAAqC;AAE7E,QAAO,eAAe,aADT,IAAI,aAAa,CAAC,OAAO,YAAY,EACT,wBAAwB;;;;;;AAOnE,SAAgB,wBAAwB,aAAqC;AAE3E,QAAO,eAAe,aADT,IAAI,aAAa,CAAC,OAAO,UAAU,EACP,GAAG;;;;;AAM9C,SAAgB,yBAAyB,KAAwC;AAC/E,QAAO,IAAI,WAAW,wBAAwB;;;;;AAMhD,SAAgB,8BAA8B,YAAoC;AAChF,KAAI,WAAW,WAAW,wBACxB,OAAM,IAAI,MAAM,uBAAuB,wBAAwB,QAAQ;AAEzE,QAAOC,gCAAO,aAAa,WAAW;;AAIxC,MAAMC,uBAAqB;;;;;;;;;;;;;AAc3B,SAAgB,gBAAgB,eAA2B,cAAsC;AAC/F,KAAI,cAAc,WAAW,wBAC3B,OAAM,IAAI,MAAM,uBAAuB,wBAAwB,QAAQ;AAEzE,KAAI,aAAa,WAAW,uBAC1B,OAAM,IAAI,MAAM,sBAAsB,uBAAuB,QAAQ;AAMvE,QAAO,eAHiBD,gCAAO,gBAAgB,eAAe,aAAa,EAE9D,IAAI,aAAa,CAAC,OAAO,YAAY,EACLC,qBAAmB;;;;;AClElE,MAAa,yBAAyB;AACtC,MAAa,wBAAwB;AACrC,MAAa,qCAAqC;AAClD,MAAa,0BAA0B;AACvC,MAAa,uBAAuB;AACpC,MAAa,0BAA0B;;;;;;;;AASvC,SAAgB,wBAAwB,KAAwC;AAC9E,QAAO,IAAI,WAAW,uBAAuB;;;;;AAM/C,SAAgB,6BAA6B,YAAoC;AAC/E,KAAI,WAAW,WAAW,uBACxB,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;AAExE,QAAOC,qCAAU,aAAa,YAAY,KAAK;;;;;AAMjD,SAAgB,yBAAyB,YAAoC;AAC3E,KAAI,WAAW,WAAW,sBACxB,OAAM,IAAI,MAAM,iCAAiC,sBAAsB,QAAQ;AAGjF,QADcA,qCAAU,MAAM,UAAU,WAAW,CACtC,QAAQ,MAAM;;;;;AAM7B,SAAgB,uBAAuB,cAAsC;AAC3E,KAAI,aAAa,WAAW,mCAC1B,OAAM,IAAI,MAAM,mCAAmC,mCAAmC,QAAQ;AAGhG,QADcA,qCAAU,MAAM,UAAU,aAAa,CACxC,QAAQ,KAAK;;;;;;;;AAS5B,SAAgB,sBAAsB,aAAqC;AAEzE,QAAO,eAAe,aADT,IAAI,aAAa,CAAC,OAAO,UAAU,EACP,uBAAuB;;;;;;AAOlE,SAAgB,+BAA+B,YAAoC;AACjF,KAAI,WAAW,WAAW,uBACxB,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;AAKxE,QAFmBA,qCAAU,aAAa,YAAY,MAAM,CAE1C,MAAM,GAAG,GAAG;;;;;;;;;;;;;;;;;;;ACvDhC,SAAgB,UAAU,YAAwB,SAAiC;AACjF,KAAI,WAAW,WAAW,uBACxB,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;CAGxE,MAAM,cAAc,aAAa,QAAQ;AAEzC,QAAOC,qCAAU,KAAK,aAAa,YAAY,EAAE,SAAS,OAAO,CAAC;;;;;;;;;;;;;AAcpE,SAAgB,YACd,WACA,WACA,SACS;AACT,KAAI,UAAU,WAAW,sBACvB,OAAM,IAAI,MAAM,sBAAsB,sBAAsB,QAAQ;AAEtE,KAAI,UAAU,WAAW,qBACvB,OAAM,IAAI,MAAM,qBAAqB,qBAAqB,QAAQ;AAGpE,KAAI;EACF,MAAM,cAAc,aAAa,QAAQ;AAEzC,SAAOA,qCAAU,OAAO,WAAW,aAAa,WAAW,EAAE,SAAS,OAAO,CAAC;SACxE;AACN,SAAO;;;;;;ACtDX,MAAa,yBAAyB;;;;;;;;;AAUtC,SAAgB,YAAY,iBAA6B,SAAiC;AAExF,QAAO,iBAAiB,iBAAiB,SAD7B,IAAIC,wCAA6B,CACS;;;;;;;;;;AAWxD,SAAgB,iBACd,iBACA,SACA,KACY;AAEZ,QAAO,uBAAuB,iBAAiB,SAD/B,IAAI,WAAW,GAAG,CAC8B;;;;;;;;;;;AAYlE,SAAgB,uBACd,iBACA,SACA,SACY;AACZ,KAAI,gBAAgB,WAAW,uBAC7B,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;AAExE,KAAI,QAAQ,WAAW,GACrB,OAAM,IAAI,MAAM,wCAAwC;AAG1D,QAAOC,mCAAQ,KAAK,SAAS,iBAAiB,QAAQ;;;;;;;;;;AAWxD,SAAgB,cACd,kBACA,WACA,SACS;AACT,KAAI,iBAAiB,WAAW,wBAC9B,OAAM,IAAI,MAAM,sBAAsB,wBAAwB,QAAQ;AAExE,KAAI,UAAU,WAAW,uBACvB,OAAM,IAAI,MAAM,qBAAqB,uBAAuB,QAAQ;AAGtE,KAAI;AACF,SAAOA,mCAAQ,OAAO,WAAW,SAAS,iBAAiB;SACrD;AACN,SAAO;;;;;;ACjFX,MAAa,0BAA0B;AACvC,MAAa,2BAA2B;AACxC,MAAa,yBAAyB;;;;AAKtC,SAAgB,0BAA0B,KAAwC;AAChF,QAAO,IAAI,WAAW,yBAAyB;;;;;AAMjD,SAAgB,+BAA+B,YAAoC;AACjF,KAAI,WAAW,WAAW,yBACxB,OAAM,IAAI,MAAM,uBAAuB,yBAAyB,QAAQ;AAE1E,QAAOC,iCAAQ,aAAa,WAAW;;;;;;;;;;;;;AAczC,SAAgB,YAAY,YAAwB,SAAiC;AACnF,KAAI,WAAW,WAAW,yBACxB,OAAM,IAAI,MAAM,uBAAuB,yBAAyB,QAAQ;AAE1E,QAAOA,iCAAQ,KAAK,SAAS,WAAW;;;;;;;;;;;AAY1C,SAAgB,cACd,WACA,SACA,WACS;AACT,KAAI,UAAU,WAAW,wBACvB,OAAM,IAAI,MAAM,sBAAsB,wBAAwB,QAAQ;AAExE,KAAI,UAAU,WAAW,uBACvB,OAAM,IAAI,MAAM,qBAAqB,uBAAuB,QAAQ;AAGtE,KAAI;AACF,SAAOA,iCAAQ,OAAO,WAAW,SAAS,UAAU;SAC9C;AACN,SAAO;;;;;;;;;;;;;;;ACxDX,SAAgB,OAAO,UAAsB,MAAkB,WAA+B;AAC5F,QAAO,UAAU,UAAU,MAAM,WAAW,IAAI,GAAG,EAAE;;;;;;;;;;;;;AAcvD,SAAgB,UACd,UACA,MACA,WACA,MACA,GACA,GACY;AACZ,KAAI,QAAQ,GACV,OAAM,IAAI,MAAM,mBAAmB;AAErC,KAAI,MAAM,EACR,OAAM,IAAI,MAAM,eAAe;AAEjC,KAAI,MAAM,EACR,OAAM,IAAI,MAAM,eAAe;AAKjC,4CAAmB,UAAU,MAAM;EAAE,GAF3B,KAAK;EAEyB;EAAG;EAAG,OAAO;EAAW,CAAC;;;;;;;;;;;;;;ACnCnE,SAAgB,SAAS,UAAsB,MAAkB,WAA+B;AAE9F,QAAO,gBAAgB,UAAU,MAAM,WAAW,GAAG,OAAO,EAAE;;;;;;;;;;;;;AAchE,SAAgB,gBACd,UACA,MACA,WACA,YACA,QACA,aACY;AACZ,8CAAqB,UAAU,MAAM;EACnC,GAAG;EACH,GAAG;EACH,GAAG;EACH,OAAO;EACR,CAAC"}
1
+ {"version":3,"file":"index.cjs","names":["nobleSha256","nobleSha512","x25519","SYMMETRIC_KEY_SIZE","secp256k1","secp256k1","SecureRandomNumberGenerator","schnorr","ed25519"],"sources":["../src/error.ts","../src/memzero.ts","../src/hash.ts","../src/symmetric-encryption.ts","../src/public-key-encryption.ts","../src/ecdsa-keys.ts","../src/ecdsa-signing.ts","../src/schnorr-signing.ts","../src/ed25519-signing.ts","../src/scrypt.ts","../src/argon.ts"],"sourcesContent":["/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/error.rs\n\n/**\n * AEAD-specific error for authentication failures\n */\nexport class AeadError extends Error {\n constructor(message = \"AEAD authentication failed\") {\n super(message);\n this.name = \"AeadError\";\n }\n}\n\n/**\n * Generic crypto error type\n */\nexport class CryptoError extends Error {\n override readonly cause?: Error | undefined;\n\n constructor(message: string, cause?: Error) {\n super(message);\n this.name = \"CryptoError\";\n this.cause = cause;\n }\n\n /**\n * Create a CryptoError for AEAD authentication failures.\n *\n * @param error - Optional underlying AeadError\n * @returns A CryptoError wrapping the AEAD error\n */\n static aead(error?: AeadError): CryptoError {\n return new CryptoError(\"AEAD error\", error ?? new AeadError());\n }\n\n /**\n * Create a CryptoError for invalid parameter values.\n *\n * @param message - Description of the invalid parameter\n * @returns A CryptoError describing the invalid parameter\n */\n static invalidParameter(message: string): CryptoError {\n return new CryptoError(`Invalid parameter: ${message}`);\n }\n}\n\n/**\n * Result type for crypto operations (using standard Error)\n */\nexport type CryptoResult<T> = T;\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/memzero.rs\n\n/**\n * Securely zero out a typed array.\n *\n * **IMPORTANT: This is a best-effort implementation.** Unlike the Rust reference\n * implementation which uses `std::ptr::write_volatile()` for guaranteed volatile\n * writes, JavaScript engines and JIT compilers can still potentially optimize\n * away these zeroing operations. The check at the end helps prevent optimization,\n * but it is not foolproof.\n *\n * For truly sensitive cryptographic operations, consider using the Web Crypto API's\n * `crypto.subtle` with non-extractable keys when possible, as it provides stronger\n * guarantees than what can be achieved with pure JavaScript.\n *\n * This function attempts to prevent the compiler from optimizing away\n * the zeroing operation by using a verification check after the zeroing loop.\n */\nexport function memzero(data: Uint8Array | Uint32Array): void {\n const len = data.length;\n for (let i = 0; i < len; i++) {\n data[i] = 0;\n }\n // Force a side effect to prevent optimization\n if (data.length > 0 && data[0] !== 0) {\n throw new Error(\"memzero failed\");\n }\n}\n\n/**\n * Securely zero out an array of Uint8Arrays.\n */\nexport function memzeroVecVecU8(arrays: Uint8Array[]): void {\n for (const arr of arrays) {\n memzero(arr);\n }\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/hash.rs\n\nimport { sha256 as nobleSha256, sha512 as nobleSha512 } from \"@noble/hashes/sha2.js\";\nimport { hmac } from \"@noble/hashes/hmac.js\";\nimport { pbkdf2 } from \"@noble/hashes/pbkdf2.js\";\nimport { hkdf } from \"@noble/hashes/hkdf.js\";\n\n// Constants\nexport const CRC32_SIZE = 4;\nexport const SHA256_SIZE = 32;\nexport const SHA512_SIZE = 64;\n\n// CRC-32 lookup table (IEEE polynomial 0xedb88320)\nconst CRC32_TABLE = new Uint32Array(256);\nfor (let i = 0; i < 256; i++) {\n let crc = i;\n for (let j = 0; j < 8; j++) {\n crc = (crc & 1) !== 0 ? (crc >>> 1) ^ 0xedb88320 : crc >>> 1;\n }\n CRC32_TABLE[i] = crc >>> 0;\n}\n\n/**\n * Calculate CRC-32 checksum\n */\nexport function crc32(data: Uint8Array): number {\n let crc = 0xffffffff;\n for (const byte of data) {\n crc = CRC32_TABLE[(crc ^ byte) & 0xff] ^ (crc >>> 8);\n }\n return (crc ^ 0xffffffff) >>> 0;\n}\n\n/**\n * Calculate CRC-32 checksum and return as a 4-byte big-endian array\n */\nexport function crc32Data(data: Uint8Array): Uint8Array {\n return crc32DataOpt(data, false);\n}\n\n/**\n * Calculate CRC-32 checksum and return as a 4-byte array\n * @param data - Input data\n * @param littleEndian - If true, returns little-endian; otherwise big-endian\n */\nexport function crc32DataOpt(data: Uint8Array, littleEndian: boolean): Uint8Array {\n const checksum = crc32(data);\n const result = new Uint8Array(4);\n const view = new DataView(result.buffer);\n view.setUint32(0, checksum, littleEndian);\n return result;\n}\n\n/**\n * Calculate SHA-256 hash\n */\nexport function sha256(data: Uint8Array): Uint8Array {\n return nobleSha256(data);\n}\n\n/**\n * Calculate double SHA-256 hash (SHA-256 of SHA-256)\n * This is the standard Bitcoin hashing function\n */\nexport function doubleSha256(message: Uint8Array): Uint8Array {\n return sha256(sha256(message));\n}\n\n/**\n * Calculate SHA-512 hash\n */\nexport function sha512(data: Uint8Array): Uint8Array {\n return nobleSha512(data);\n}\n\n/**\n * Calculate HMAC-SHA-256\n */\nexport function hmacSha256(key: Uint8Array, message: Uint8Array): Uint8Array {\n return hmac(nobleSha256, key, message);\n}\n\n/**\n * Calculate HMAC-SHA-512\n */\nexport function hmacSha512(key: Uint8Array, message: Uint8Array): Uint8Array {\n return hmac(nobleSha512, key, message);\n}\n\n/**\n * Derive a key using PBKDF2 with HMAC-SHA-256\n */\nexport function pbkdf2HmacSha256(\n password: Uint8Array,\n salt: Uint8Array,\n iterations: number,\n keyLen: number,\n): Uint8Array {\n return pbkdf2(nobleSha256, password, salt, { c: iterations, dkLen: keyLen });\n}\n\n/**\n * Derive a key using PBKDF2 with HMAC-SHA-512\n */\nexport function pbkdf2HmacSha512(\n password: Uint8Array,\n salt: Uint8Array,\n iterations: number,\n keyLen: number,\n): Uint8Array {\n return pbkdf2(nobleSha512, password, salt, { c: iterations, dkLen: keyLen });\n}\n\n/**\n * Derive a key using HKDF with HMAC-SHA-256\n */\nexport function hkdfHmacSha256(\n keyMaterial: Uint8Array,\n salt: Uint8Array,\n keyLen: number,\n): Uint8Array {\n return hkdf(nobleSha256, keyMaterial, salt, undefined, keyLen);\n}\n\n/**\n * Derive a key using HKDF with HMAC-SHA-512\n */\nexport function hkdfHmacSha512(\n keyMaterial: Uint8Array,\n salt: Uint8Array,\n keyLen: number,\n): Uint8Array {\n return hkdf(nobleSha512, keyMaterial, salt, undefined, keyLen);\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/symmetric_encryption.rs\n\nimport { chacha20poly1305 } from \"@noble/ciphers/chacha.js\";\nimport { CryptoError, AeadError } from \"./error.js\";\n\n// Constants\nexport const SYMMETRIC_KEY_SIZE = 32;\nexport const SYMMETRIC_NONCE_SIZE = 12;\nexport const SYMMETRIC_AUTH_SIZE = 16;\n\n/**\n * Encrypt data using ChaCha20-Poly1305 AEAD cipher.\n *\n * **Security Warning**: The nonce MUST be unique for every encryption operation\n * with the same key. Reusing a nonce completely breaks the security of the\n * encryption scheme and can reveal plaintext.\n *\n * @param plaintext - The data to encrypt\n * @param key - 32-byte encryption key\n * @param nonce - 12-byte nonce (MUST be unique per encryption with the same key)\n * @returns Tuple of [ciphertext, authTag] where authTag is 16 bytes\n * @throws {CryptoError} If key is not 32 bytes or nonce is not 12 bytes\n */\nexport function aeadChaCha20Poly1305Encrypt(\n plaintext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n): [Uint8Array, Uint8Array] {\n return aeadChaCha20Poly1305EncryptWithAad(plaintext, key, nonce, new Uint8Array(0));\n}\n\n/**\n * Encrypt data using ChaCha20-Poly1305 AEAD cipher with additional authenticated data.\n *\n * **Security Warning**: The nonce MUST be unique for every encryption operation\n * with the same key. Reusing a nonce completely breaks the security of the\n * encryption scheme and can reveal plaintext.\n *\n * @param plaintext - The data to encrypt\n * @param key - 32-byte encryption key\n * @param nonce - 12-byte nonce (MUST be unique per encryption with the same key)\n * @param aad - Additional authenticated data (not encrypted, but integrity-protected)\n * @returns Tuple of [ciphertext, authTag] where authTag is 16 bytes\n * @throws {CryptoError} If key is not 32 bytes or nonce is not 12 bytes\n */\nexport function aeadChaCha20Poly1305EncryptWithAad(\n plaintext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n aad: Uint8Array,\n): [Uint8Array, Uint8Array] {\n if (key.length !== SYMMETRIC_KEY_SIZE) {\n throw CryptoError.invalidParameter(`Key must be ${SYMMETRIC_KEY_SIZE} bytes`);\n }\n if (nonce.length !== SYMMETRIC_NONCE_SIZE) {\n throw CryptoError.invalidParameter(`Nonce must be ${SYMMETRIC_NONCE_SIZE} bytes`);\n }\n\n const cipher = chacha20poly1305(key, nonce, aad);\n const sealed = cipher.encrypt(plaintext);\n\n // The sealed output contains ciphertext + 16-byte auth tag\n const ciphertext = sealed.slice(0, sealed.length - SYMMETRIC_AUTH_SIZE);\n const authTag = sealed.slice(sealed.length - SYMMETRIC_AUTH_SIZE);\n\n return [ciphertext, authTag];\n}\n\n/**\n * Decrypt data using ChaCha20-Poly1305 AEAD cipher.\n *\n * @param ciphertext - The encrypted data\n * @param key - 32-byte encryption key (must match key used for encryption)\n * @param nonce - 12-byte nonce (must match nonce used for encryption)\n * @param authTag - 16-byte authentication tag from encryption\n * @returns Decrypted plaintext\n * @throws {CryptoError} If key/nonce/authTag sizes are invalid\n * @throws {CryptoError} If authentication fails (tampered data or wrong key/nonce)\n */\nexport function aeadChaCha20Poly1305Decrypt(\n ciphertext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n authTag: Uint8Array,\n): Uint8Array {\n return aeadChaCha20Poly1305DecryptWithAad(ciphertext, key, nonce, new Uint8Array(0), authTag);\n}\n\n/**\n * Decrypt data using ChaCha20-Poly1305 AEAD cipher with additional authenticated data.\n *\n * @param ciphertext - The encrypted data\n * @param key - 32-byte encryption key (must match key used for encryption)\n * @param nonce - 12-byte nonce (must match nonce used for encryption)\n * @param aad - Additional authenticated data (must exactly match AAD used for encryption)\n * @param authTag - 16-byte authentication tag from encryption\n * @returns Decrypted plaintext\n * @throws {CryptoError} If key/nonce/authTag sizes are invalid\n * @throws {CryptoError} If authentication fails (tampered data, wrong key/nonce, or AAD mismatch)\n */\nexport function aeadChaCha20Poly1305DecryptWithAad(\n ciphertext: Uint8Array,\n key: Uint8Array,\n nonce: Uint8Array,\n aad: Uint8Array,\n authTag: Uint8Array,\n): Uint8Array {\n if (key.length !== SYMMETRIC_KEY_SIZE) {\n throw CryptoError.invalidParameter(`Key must be ${SYMMETRIC_KEY_SIZE} bytes`);\n }\n if (nonce.length !== SYMMETRIC_NONCE_SIZE) {\n throw CryptoError.invalidParameter(`Nonce must be ${SYMMETRIC_NONCE_SIZE} bytes`);\n }\n if (authTag.length !== SYMMETRIC_AUTH_SIZE) {\n throw CryptoError.invalidParameter(`Auth tag must be ${SYMMETRIC_AUTH_SIZE} bytes`);\n }\n\n // Combine ciphertext and auth tag for decryption\n const sealed = new Uint8Array(ciphertext.length + authTag.length);\n sealed.set(ciphertext);\n sealed.set(authTag, ciphertext.length);\n\n try {\n const cipher = chacha20poly1305(key, nonce, aad);\n return cipher.decrypt(sealed);\n } catch (error) {\n // Preserve the original error for debugging while wrapping in our error type\n const aeadError = new AeadError(\n `Decryption failed: ${error instanceof Error ? error.message : \"authentication error\"}`,\n );\n throw CryptoError.aead(aeadError);\n }\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/public_key_encryption.rs\n\nimport { x25519 } from \"@noble/curves/ed25519.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\nimport { hkdfHmacSha256 } from \"./hash.js\";\n\n// Constants\nexport const GENERIC_PRIVATE_KEY_SIZE = 32;\nexport const GENERIC_PUBLIC_KEY_SIZE = 32;\nexport const X25519_PRIVATE_KEY_SIZE = 32;\nexport const X25519_PUBLIC_KEY_SIZE = 32;\n\n/**\n * Derive an X25519 agreement private key from key material.\n * Uses HKDF with \"agreement\" as domain separation salt.\n */\nexport function deriveAgreementPrivateKey(keyMaterial: Uint8Array): Uint8Array {\n const salt = new TextEncoder().encode(\"agreement\");\n return hkdfHmacSha256(keyMaterial, salt, X25519_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive a signing private key from key material.\n * Uses HKDF with \"signing\" as domain separation salt.\n */\nexport function deriveSigningPrivateKey(keyMaterial: Uint8Array): Uint8Array {\n const salt = new TextEncoder().encode(\"signing\");\n return hkdfHmacSha256(keyMaterial, salt, 32);\n}\n\n/**\n * Generate a new random X25519 private key.\n */\nexport function x25519NewPrivateKeyUsing(rng: RandomNumberGenerator): Uint8Array {\n return rng.randomData(X25519_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive an X25519 public key from a private key.\n */\nexport function x25519PublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== X25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${X25519_PRIVATE_KEY_SIZE} bytes`);\n }\n return x25519.getPublicKey(privateKey);\n}\n\n// Symmetric key size for the derived shared key\nconst SYMMETRIC_KEY_SIZE = 32;\n\n/**\n * Compute a shared symmetric key using X25519 key agreement (ECDH).\n *\n * This function performs X25519 Diffie-Hellman key agreement and then\n * derives a symmetric key using HKDF-SHA256 with \"agreement\" as the salt.\n * This matches the Rust bc-crypto implementation for cross-platform compatibility.\n *\n * @param x25519Private - 32-byte X25519 private key\n * @param x25519Public - 32-byte X25519 public key from the other party\n * @returns 32-byte derived symmetric key\n * @throws {Error} If private key is not 32 bytes or public key is not 32 bytes\n */\nexport function x25519SharedKey(x25519Private: Uint8Array, x25519Public: Uint8Array): Uint8Array {\n if (x25519Private.length !== X25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${X25519_PRIVATE_KEY_SIZE} bytes`);\n }\n if (x25519Public.length !== X25519_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${X25519_PUBLIC_KEY_SIZE} bytes`);\n }\n // Perform raw X25519 Diffie-Hellman\n const rawSharedSecret = x25519.getSharedSecret(x25519Private, x25519Public);\n // Derive symmetric key using HKDF with \"agreement\" salt (matches Rust implementation)\n const salt = new TextEncoder().encode(\"agreement\");\n return hkdfHmacSha256(rawSharedSecret, salt, SYMMETRIC_KEY_SIZE);\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/ecdsa_keys.rs\n\nimport { secp256k1 } from \"@noble/curves/secp256k1.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\nimport { hkdfHmacSha256 } from \"./hash.js\";\n\n// Constants\nexport const ECDSA_PRIVATE_KEY_SIZE = 32;\nexport const ECDSA_PUBLIC_KEY_SIZE = 33; // Compressed\nexport const ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE = 65;\nexport const ECDSA_MESSAGE_HASH_SIZE = 32;\nexport const ECDSA_SIGNATURE_SIZE = 64;\nexport const SCHNORR_PUBLIC_KEY_SIZE = 32; // x-only\n\n/**\n * Generate a new random ECDSA private key using secp256k1.\n *\n * Note: Unlike some implementations, this directly returns the random bytes\n * without validation. The secp256k1 library will handle any edge cases when\n * the key is used.\n */\nexport function ecdsaNewPrivateKeyUsing(rng: RandomNumberGenerator): Uint8Array {\n return rng.randomData(ECDSA_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive a compressed ECDSA public key from a private key.\n */\nexport function ecdsaPublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n return secp256k1.getPublicKey(privateKey, true); // true = compressed\n}\n\n/**\n * Decompress a compressed public key to uncompressed format.\n */\nexport function ecdsaDecompressPublicKey(compressed: Uint8Array): Uint8Array {\n if (compressed.length !== ECDSA_PUBLIC_KEY_SIZE) {\n throw new Error(`Compressed public key must be ${ECDSA_PUBLIC_KEY_SIZE} bytes`);\n }\n const point = secp256k1.Point.fromBytes(compressed);\n return point.toBytes(false); // false = uncompressed\n}\n\n/**\n * Compress an uncompressed public key.\n */\nexport function ecdsaCompressPublicKey(uncompressed: Uint8Array): Uint8Array {\n if (uncompressed.length !== ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE) {\n throw new Error(`Uncompressed public key must be ${ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE} bytes`);\n }\n const point = secp256k1.Point.fromBytes(uncompressed);\n return point.toBytes(true); // true = compressed\n}\n\n/**\n * Derive an ECDSA private key from key material using HKDF.\n *\n * Note: This directly returns the HKDF output without validation,\n * matching the Rust reference implementation behavior.\n */\nexport function ecdsaDerivePrivateKey(keyMaterial: Uint8Array): Uint8Array {\n const salt = new TextEncoder().encode(\"signing\");\n return hkdfHmacSha256(keyMaterial, salt, ECDSA_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Extract the x-only (Schnorr) public key from a private key.\n * This is used for BIP-340 Schnorr signatures.\n */\nexport function schnorrPublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n // Get the full public key and extract just the x-coordinate\n const fullPubKey = secp256k1.getPublicKey(privateKey, false); // uncompressed\n // Skip the 0x04 prefix and take only x-coordinate (first 32 bytes after prefix)\n return fullPubKey.slice(1, 33);\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/ecdsa_signing.rs\n\nimport { secp256k1 } from \"@noble/curves/secp256k1.js\";\nimport { doubleSha256 } from \"./hash.js\";\nimport {\n ECDSA_PRIVATE_KEY_SIZE,\n ECDSA_PUBLIC_KEY_SIZE,\n ECDSA_SIGNATURE_SIZE,\n} from \"./ecdsa-keys.js\";\n\n/**\n * Sign a message using ECDSA with secp256k1.\n *\n * The message is hashed with double SHA-256 before signing (Bitcoin standard).\n *\n * **Security Note**: The private key must be kept secret. ECDSA requires\n * cryptographically secure random nonces internally; this is handled by\n * the underlying library using RFC 6979 deterministic nonces.\n *\n * @param privateKey - 32-byte secp256k1 private key\n * @param message - Message to sign (any length, will be double-SHA256 hashed)\n * @returns 64-byte compact signature (r || s format)\n * @throws {Error} If private key is not 32 bytes\n */\nexport function ecdsaSign(privateKey: Uint8Array, message: Uint8Array): Uint8Array {\n if (privateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n\n const messageHash = doubleSha256(message);\n // prehash: false because we already hashed the message with doubleSha256\n return secp256k1.sign(messageHash, privateKey, { prehash: false });\n}\n\n/**\n * Verify an ECDSA signature with secp256k1.\n *\n * The message is hashed with double SHA-256 before verification (Bitcoin standard).\n *\n * @param publicKey - 33-byte compressed secp256k1 public key\n * @param signature - 64-byte compact signature (r || s format)\n * @param message - Original message that was signed\n * @returns `true` if signature is valid, `false` if signature verification fails\n * @throws {Error} If public key is not 33 bytes or signature is not 64 bytes\n */\nexport function ecdsaVerify(\n publicKey: Uint8Array,\n signature: Uint8Array,\n message: Uint8Array,\n): boolean {\n if (publicKey.length !== ECDSA_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${ECDSA_PUBLIC_KEY_SIZE} bytes`);\n }\n if (signature.length !== ECDSA_SIGNATURE_SIZE) {\n throw new Error(`Signature must be ${ECDSA_SIGNATURE_SIZE} bytes`);\n }\n\n try {\n const messageHash = doubleSha256(message);\n // prehash: false because we already hashed the message with doubleSha256\n return secp256k1.verify(signature, messageHash, publicKey, { prehash: false });\n } catch {\n return false;\n }\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/schnorr_signing.rs\n\nimport { schnorr } from \"@noble/curves/secp256k1.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\nimport { SecureRandomNumberGenerator } from \"@bcts/rand\";\nimport { ECDSA_PRIVATE_KEY_SIZE, SCHNORR_PUBLIC_KEY_SIZE } from \"./ecdsa-keys.js\";\n\n// Constants\nexport const SCHNORR_SIGNATURE_SIZE = 64;\n\n/**\n * Sign a message using Schnorr signature (BIP-340).\n * Uses secure random auxiliary randomness.\n *\n * @param ecdsaPrivateKey - 32-byte private key\n * @param message - Message to sign (not pre-hashed, per BIP-340)\n * @returns 64-byte Schnorr signature\n */\nexport function schnorrSign(ecdsaPrivateKey: Uint8Array, message: Uint8Array): Uint8Array {\n const rng = new SecureRandomNumberGenerator();\n return schnorrSignUsing(ecdsaPrivateKey, message, rng);\n}\n\n/**\n * Sign a message using Schnorr signature with a custom RNG.\n *\n * @param ecdsaPrivateKey - 32-byte private key\n * @param message - Message to sign\n * @param rng - Random number generator for auxiliary randomness\n * @returns 64-byte Schnorr signature\n */\nexport function schnorrSignUsing(\n ecdsaPrivateKey: Uint8Array,\n message: Uint8Array,\n rng: RandomNumberGenerator,\n): Uint8Array {\n const auxRand = rng.randomData(32);\n return schnorrSignWithAuxRand(ecdsaPrivateKey, message, auxRand);\n}\n\n/**\n * Sign a message using Schnorr signature with specific auxiliary randomness.\n * This is useful for deterministic signing in tests.\n *\n * @param ecdsaPrivateKey - 32-byte private key\n * @param message - Message to sign\n * @param auxRand - 32-byte auxiliary randomness (per BIP-340)\n * @returns 64-byte Schnorr signature\n */\nexport function schnorrSignWithAuxRand(\n ecdsaPrivateKey: Uint8Array,\n message: Uint8Array,\n auxRand: Uint8Array,\n): Uint8Array {\n if (ecdsaPrivateKey.length !== ECDSA_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ECDSA_PRIVATE_KEY_SIZE} bytes`);\n }\n if (auxRand.length !== 32) {\n throw new Error(\"Auxiliary randomness must be 32 bytes\");\n }\n\n return schnorr.sign(message, ecdsaPrivateKey, auxRand);\n}\n\n/**\n * Verify a Schnorr signature (BIP-340).\n *\n * @param schnorrPublicKey - 32-byte x-only public key\n * @param signature - 64-byte Schnorr signature\n * @param message - Original message\n * @returns true if signature is valid\n */\nexport function schnorrVerify(\n schnorrPublicKey: Uint8Array,\n signature: Uint8Array,\n message: Uint8Array,\n): boolean {\n if (schnorrPublicKey.length !== SCHNORR_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${SCHNORR_PUBLIC_KEY_SIZE} bytes`);\n }\n if (signature.length !== SCHNORR_SIGNATURE_SIZE) {\n throw new Error(`Signature must be ${SCHNORR_SIGNATURE_SIZE} bytes`);\n }\n\n try {\n return schnorr.verify(signature, message, schnorrPublicKey);\n } catch {\n return false;\n }\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/ed25519_signing.rs\n\nimport { ed25519 } from \"@noble/curves/ed25519.js\";\nimport type { RandomNumberGenerator } from \"@bcts/rand\";\n\n// Constants\nexport const ED25519_PUBLIC_KEY_SIZE = 32;\nexport const ED25519_PRIVATE_KEY_SIZE = 32;\nexport const ED25519_SIGNATURE_SIZE = 64;\n\n/**\n * Generate a new random Ed25519 private key.\n */\nexport function ed25519NewPrivateKeyUsing(rng: RandomNumberGenerator): Uint8Array {\n return rng.randomData(ED25519_PRIVATE_KEY_SIZE);\n}\n\n/**\n * Derive an Ed25519 public key from a private key.\n */\nexport function ed25519PublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array {\n if (privateKey.length !== ED25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ED25519_PRIVATE_KEY_SIZE} bytes`);\n }\n return ed25519.getPublicKey(privateKey);\n}\n\n/**\n * Sign a message using Ed25519.\n *\n * **Security Note**: The private key must be kept secret. The same private key\n * can safely sign multiple messages.\n *\n * @param privateKey - 32-byte Ed25519 private key\n * @param message - Message to sign (any length)\n * @returns 64-byte Ed25519 signature\n * @throws {Error} If private key is not 32 bytes\n */\nexport function ed25519Sign(privateKey: Uint8Array, message: Uint8Array): Uint8Array {\n if (privateKey.length !== ED25519_PRIVATE_KEY_SIZE) {\n throw new Error(`Private key must be ${ED25519_PRIVATE_KEY_SIZE} bytes`);\n }\n return ed25519.sign(message, privateKey);\n}\n\n/**\n * Verify an Ed25519 signature.\n *\n * @param publicKey - 32-byte Ed25519 public key\n * @param message - Original message that was signed\n * @param signature - 64-byte Ed25519 signature\n * @returns `true` if signature is valid, `false` if signature verification fails\n * @throws {Error} If public key is not 32 bytes or signature is not 64 bytes\n */\nexport function ed25519Verify(\n publicKey: Uint8Array,\n message: Uint8Array,\n signature: Uint8Array,\n): boolean {\n if (publicKey.length !== ED25519_PUBLIC_KEY_SIZE) {\n throw new Error(`Public key must be ${ED25519_PUBLIC_KEY_SIZE} bytes`);\n }\n if (signature.length !== ED25519_SIGNATURE_SIZE) {\n throw new Error(`Signature must be ${ED25519_SIGNATURE_SIZE} bytes`);\n }\n\n try {\n return ed25519.verify(signature, message, publicKey);\n } catch {\n return false;\n }\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/scrypt.rs\n\nimport { scrypt as nobleScrypt } from \"@noble/hashes/scrypt.js\";\n\n/**\n * Derive a key using Scrypt with recommended parameters.\n * Uses N=2^15 (32768), r=8, p=1 as recommended defaults.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value\n * @param outputLen - Desired output length\n * @returns Derived key\n */\nexport function scrypt(password: Uint8Array, salt: Uint8Array, outputLen: number): Uint8Array {\n return scryptOpt(password, salt, outputLen, 15, 8, 1);\n}\n\n/**\n * Derive a key using Scrypt with custom parameters.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value\n * @param outputLen - Desired output length\n * @param logN - Log2 of the CPU/memory cost parameter N (must be <64)\n * @param r - Block size parameter (must be >0)\n * @param p - Parallelization parameter (must be >0)\n * @returns Derived key\n */\nexport function scryptOpt(\n password: Uint8Array,\n salt: Uint8Array,\n outputLen: number,\n logN: number,\n r: number,\n p: number,\n): Uint8Array {\n if (logN >= 64) {\n throw new Error(\"logN must be <64\");\n }\n if (r === 0) {\n throw new Error(\"r must be >0\");\n }\n if (p === 0) {\n throw new Error(\"p must be >0\");\n }\n\n const N = 1 << logN; // 2^logN\n\n return nobleScrypt(password, salt, { N, r, p, dkLen: outputLen });\n}\n","/**\n * Copyright © 2023-2026 Blockchain Commons, LLC\n * Copyright © 2025-2026 Parity Technologies\n *\n */\n\n// Ported from bc-crypto-rust/src/argon.rs\n\nimport { argon2id as nobleArgon2id } from \"@noble/hashes/argon2.js\";\n\n/**\n * Derive a key using Argon2id with default parameters.\n * This matches the Rust `argon2id` function signature.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value (must be at least 8 bytes)\n * @param outputLen - Desired output length\n * @returns Derived key\n */\nexport function argon2id(password: Uint8Array, salt: Uint8Array, outputLen: number): Uint8Array {\n // Use default parameters matching Argon2::default() in Rust\n return argon2idHashOpt(password, salt, outputLen, 3, 65536, 4);\n}\n\n/**\n * Derive a key using Argon2id with custom parameters.\n *\n * @param password - Password or passphrase\n * @param salt - Salt value (must be at least 8 bytes)\n * @param outputLen - Desired output length\n * @param iterations - Number of iterations (t)\n * @param memory - Memory in KiB (m)\n * @param parallelism - Degree of parallelism (p)\n * @returns Derived key\n */\nexport function argon2idHashOpt(\n password: Uint8Array,\n salt: Uint8Array,\n outputLen: number,\n iterations: number,\n memory: number,\n parallelism: number,\n): Uint8Array {\n return nobleArgon2id(password, salt, {\n t: iterations,\n m: memory,\n p: parallelism,\n dkLen: outputLen,\n });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAWA,IAAa,YAAb,cAA+B,MAAM;CACnC,YAAY,UAAU,8BAA8B;AAClD,QAAM,QAAQ;AACd,OAAK,OAAO;;;;;;AAOhB,IAAa,cAAb,MAAa,oBAAoB,MAAM;CACrC,AAAkB;CAElB,YAAY,SAAiB,OAAe;AAC1C,QAAM,QAAQ;AACd,OAAK,OAAO;AACZ,OAAK,QAAQ;;;;;;;;CASf,OAAO,KAAK,OAAgC;AAC1C,SAAO,IAAI,YAAY,cAAc,SAAS,IAAI,WAAW,CAAC;;;;;;;;CAShE,OAAO,iBAAiB,SAA8B;AACpD,SAAO,IAAI,YAAY,sBAAsB,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;ACvB3D,SAAgB,QAAQ,MAAsC;CAC5D,MAAM,MAAM,KAAK;AACjB,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,IACvB,MAAK,KAAK;AAGZ,KAAI,KAAK,SAAS,KAAK,KAAK,OAAO,EACjC,OAAM,IAAI,MAAM,iBAAiB;;;;;AAOrC,SAAgB,gBAAgB,QAA4B;AAC1D,MAAK,MAAM,OAAO,OAChB,SAAQ,IAAI;;;;;;;;;;AC1BhB,MAAa,aAAa;AAC1B,MAAa,cAAc;AAC3B,MAAa,cAAc;AAG3B,MAAM,cAAc,IAAI,YAAY,IAAI;AACxC,KAAK,IAAI,IAAI,GAAG,IAAI,KAAK,KAAK;CAC5B,IAAI,MAAM;AACV,MAAK,IAAI,IAAI,GAAG,IAAI,GAAG,IACrB,QAAO,MAAM,OAAO,IAAK,QAAQ,IAAK,aAAa,QAAQ;AAE7D,aAAY,KAAK,QAAQ;;;;;AAM3B,SAAgB,MAAM,MAA0B;CAC9C,IAAI,MAAM;AACV,MAAK,MAAM,QAAQ,KACjB,OAAM,aAAa,MAAM,QAAQ,OAAS,QAAQ;AAEpD,SAAQ,MAAM,gBAAgB;;;;;AAMhC,SAAgB,UAAU,MAA8B;AACtD,QAAO,aAAa,MAAM,MAAM;;;;;;;AAQlC,SAAgB,aAAa,MAAkB,cAAmC;CAChF,MAAM,WAAW,MAAM,KAAK;CAC5B,MAAM,SAAS,IAAI,WAAW,EAAE;AAEhC,CADa,IAAI,SAAS,OAAO,OAAO,CACnC,UAAU,GAAG,UAAU,aAAa;AACzC,QAAO;;;;;AAMT,SAAgB,OAAO,MAA8B;AACnD,0CAAmB,KAAK;;;;;;AAO1B,SAAgB,aAAa,SAAiC;AAC5D,QAAO,OAAO,OAAO,QAAQ,CAAC;;;;;AAMhC,SAAgB,OAAO,MAA8B;AACnD,0CAAmB,KAAK;;;;;AAM1B,SAAgB,WAAW,KAAiB,SAAiC;AAC3E,wCAAYA,8BAAa,KAAK,QAAQ;;;;;AAMxC,SAAgB,WAAW,KAAiB,SAAiC;AAC3E,wCAAYC,8BAAa,KAAK,QAAQ;;;;;AAMxC,SAAgB,iBACd,UACA,MACA,YACA,QACY;AACZ,4CAAcD,8BAAa,UAAU,MAAM;EAAE,GAAG;EAAY,OAAO;EAAQ,CAAC;;;;;AAM9E,SAAgB,iBACd,UACA,MACA,YACA,QACY;AACZ,4CAAcC,8BAAa,UAAU,MAAM;EAAE,GAAG;EAAY,OAAO;EAAQ,CAAC;;;;;AAM9E,SAAgB,eACd,aACA,MACA,QACY;AACZ,wCAAYD,8BAAa,aAAa,MAAM,QAAW,OAAO;;;;;AAMhE,SAAgB,eACd,aACA,MACA,QACY;AACZ,wCAAYC,8BAAa,aAAa,MAAM,QAAW,OAAO;;;;;;;;;;AC9HhE,MAAa,qBAAqB;AAClC,MAAa,uBAAuB;AACpC,MAAa,sBAAsB;;;;;;;;;;;;;;AAenC,SAAgB,4BACd,WACA,KACA,OAC0B;AAC1B,QAAO,mCAAmC,WAAW,KAAK,OAAO,IAAI,WAAW,EAAE,CAAC;;;;;;;;;;;;;;;;AAiBrF,SAAgB,mCACd,WACA,KACA,OACA,KAC0B;AAC1B,KAAI,IAAI,WAAW,mBACjB,OAAM,YAAY,iBAAiB,eAAe,mBAAmB,QAAQ;AAE/E,KAAI,MAAM,WAAW,qBACnB,OAAM,YAAY,iBAAiB,iBAAiB,qBAAqB,QAAQ;CAInF,MAAM,wDAD0B,KAAK,OAAO,IAAI,CAC1B,QAAQ,UAAU;AAMxC,QAAO,CAHY,OAAO,MAAM,GAAG,OAAO,SAAS,oBAAoB,EACvD,OAAO,MAAM,OAAO,SAAS,oBAAoB,CAErC;;;;;;;;;;;;;AAc9B,SAAgB,4BACd,YACA,KACA,OACA,SACY;AACZ,QAAO,mCAAmC,YAAY,KAAK,OAAO,IAAI,WAAW,EAAE,EAAE,QAAQ;;;;;;;;;;;;;;AAe/F,SAAgB,mCACd,YACA,KACA,OACA,KACA,SACY;AACZ,KAAI,IAAI,WAAW,mBACjB,OAAM,YAAY,iBAAiB,eAAe,mBAAmB,QAAQ;AAE/E,KAAI,MAAM,WAAW,qBACnB,OAAM,YAAY,iBAAiB,iBAAiB,qBAAqB,QAAQ;AAEnF,KAAI,QAAQ,WAAW,oBACrB,OAAM,YAAY,iBAAiB,oBAAoB,oBAAoB,QAAQ;CAIrF,MAAM,SAAS,IAAI,WAAW,WAAW,SAAS,QAAQ,OAAO;AACjE,QAAO,IAAI,WAAW;AACtB,QAAO,IAAI,SAAS,WAAW,OAAO;AAEtC,KAAI;AAEF,wDADgC,KAAK,OAAO,IAAI,CAClC,QAAQ,OAAO;UACtB,OAAO;EAEd,MAAM,YAAY,IAAI,UACpB,sBAAsB,iBAAiB,QAAQ,MAAM,UAAU,yBAChE;AACD,QAAM,YAAY,KAAK,UAAU;;;;;;;;;;;AC3HrC,MAAa,2BAA2B;AACxC,MAAa,0BAA0B;AACvC,MAAa,0BAA0B;AACvC,MAAa,yBAAyB;;;;;AAMtC,SAAgB,0BAA0B,aAAqC;AAE7E,QAAO,eAAe,aADT,IAAI,aAAa,CAAC,OAAO,YAAY,EACT,wBAAwB;;;;;;AAOnE,SAAgB,wBAAwB,aAAqC;AAE3E,QAAO,eAAe,aADT,IAAI,aAAa,CAAC,OAAO,UAAU,EACP,GAAG;;;;;AAM9C,SAAgB,yBAAyB,KAAwC;AAC/E,QAAO,IAAI,WAAW,wBAAwB;;;;;AAMhD,SAAgB,8BAA8B,YAAoC;AAChF,KAAI,WAAW,WAAW,wBACxB,OAAM,IAAI,MAAM,uBAAuB,wBAAwB,QAAQ;AAEzE,QAAOC,gCAAO,aAAa,WAAW;;AAIxC,MAAMC,uBAAqB;;;;;;;;;;;;;AAc3B,SAAgB,gBAAgB,eAA2B,cAAsC;AAC/F,KAAI,cAAc,WAAW,wBAC3B,OAAM,IAAI,MAAM,uBAAuB,wBAAwB,QAAQ;AAEzE,KAAI,aAAa,WAAW,uBAC1B,OAAM,IAAI,MAAM,sBAAsB,uBAAuB,QAAQ;AAMvE,QAAO,eAHiBD,gCAAO,gBAAgB,eAAe,aAAa,EAE9D,IAAI,aAAa,CAAC,OAAO,YAAY,EACLC,qBAAmB;;;;;;;;;;AClElE,MAAa,yBAAyB;AACtC,MAAa,wBAAwB;AACrC,MAAa,qCAAqC;AAClD,MAAa,0BAA0B;AACvC,MAAa,uBAAuB;AACpC,MAAa,0BAA0B;;;;;;;;AASvC,SAAgB,wBAAwB,KAAwC;AAC9E,QAAO,IAAI,WAAW,uBAAuB;;;;;AAM/C,SAAgB,6BAA6B,YAAoC;AAC/E,KAAI,WAAW,WAAW,uBACxB,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;AAExE,QAAOC,qCAAU,aAAa,YAAY,KAAK;;;;;AAMjD,SAAgB,yBAAyB,YAAoC;AAC3E,KAAI,WAAW,WAAW,sBACxB,OAAM,IAAI,MAAM,iCAAiC,sBAAsB,QAAQ;AAGjF,QADcA,qCAAU,MAAM,UAAU,WAAW,CACtC,QAAQ,MAAM;;;;;AAM7B,SAAgB,uBAAuB,cAAsC;AAC3E,KAAI,aAAa,WAAW,mCAC1B,OAAM,IAAI,MAAM,mCAAmC,mCAAmC,QAAQ;AAGhG,QADcA,qCAAU,MAAM,UAAU,aAAa,CACxC,QAAQ,KAAK;;;;;;;;AAS5B,SAAgB,sBAAsB,aAAqC;AAEzE,QAAO,eAAe,aADT,IAAI,aAAa,CAAC,OAAO,UAAU,EACP,uBAAuB;;;;;;AAOlE,SAAgB,+BAA+B,YAAoC;AACjF,KAAI,WAAW,WAAW,uBACxB,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;AAKxE,QAFmBA,qCAAU,aAAa,YAAY,MAAM,CAE1C,MAAM,GAAG,GAAG;;;;;;;;;;;;;;;;;;;;;;;;ACvDhC,SAAgB,UAAU,YAAwB,SAAiC;AACjF,KAAI,WAAW,WAAW,uBACxB,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;CAGxE,MAAM,cAAc,aAAa,QAAQ;AAEzC,QAAOC,qCAAU,KAAK,aAAa,YAAY,EAAE,SAAS,OAAO,CAAC;;;;;;;;;;;;;AAcpE,SAAgB,YACd,WACA,WACA,SACS;AACT,KAAI,UAAU,WAAW,sBACvB,OAAM,IAAI,MAAM,sBAAsB,sBAAsB,QAAQ;AAEtE,KAAI,UAAU,WAAW,qBACvB,OAAM,IAAI,MAAM,qBAAqB,qBAAqB,QAAQ;AAGpE,KAAI;EACF,MAAM,cAAc,aAAa,QAAQ;AAEzC,SAAOA,qCAAU,OAAO,WAAW,aAAa,WAAW,EAAE,SAAS,OAAO,CAAC;SACxE;AACN,SAAO;;;;;;;;;;;ACtDX,MAAa,yBAAyB;;;;;;;;;AAUtC,SAAgB,YAAY,iBAA6B,SAAiC;AAExF,QAAO,iBAAiB,iBAAiB,SAD7B,IAAIC,wCAA6B,CACS;;;;;;;;;;AAWxD,SAAgB,iBACd,iBACA,SACA,KACY;AAEZ,QAAO,uBAAuB,iBAAiB,SAD/B,IAAI,WAAW,GAAG,CAC8B;;;;;;;;;;;AAYlE,SAAgB,uBACd,iBACA,SACA,SACY;AACZ,KAAI,gBAAgB,WAAW,uBAC7B,OAAM,IAAI,MAAM,uBAAuB,uBAAuB,QAAQ;AAExE,KAAI,QAAQ,WAAW,GACrB,OAAM,IAAI,MAAM,wCAAwC;AAG1D,QAAOC,mCAAQ,KAAK,SAAS,iBAAiB,QAAQ;;;;;;;;;;AAWxD,SAAgB,cACd,kBACA,WACA,SACS;AACT,KAAI,iBAAiB,WAAW,wBAC9B,OAAM,IAAI,MAAM,sBAAsB,wBAAwB,QAAQ;AAExE,KAAI,UAAU,WAAW,uBACvB,OAAM,IAAI,MAAM,qBAAqB,uBAAuB,QAAQ;AAGtE,KAAI;AACF,SAAOA,mCAAQ,OAAO,WAAW,SAAS,iBAAiB;SACrD;AACN,SAAO;;;;;;;;;;;ACjFX,MAAa,0BAA0B;AACvC,MAAa,2BAA2B;AACxC,MAAa,yBAAyB;;;;AAKtC,SAAgB,0BAA0B,KAAwC;AAChF,QAAO,IAAI,WAAW,yBAAyB;;;;;AAMjD,SAAgB,+BAA+B,YAAoC;AACjF,KAAI,WAAW,WAAW,yBACxB,OAAM,IAAI,MAAM,uBAAuB,yBAAyB,QAAQ;AAE1E,QAAOC,iCAAQ,aAAa,WAAW;;;;;;;;;;;;;AAczC,SAAgB,YAAY,YAAwB,SAAiC;AACnF,KAAI,WAAW,WAAW,yBACxB,OAAM,IAAI,MAAM,uBAAuB,yBAAyB,QAAQ;AAE1E,QAAOA,iCAAQ,KAAK,SAAS,WAAW;;;;;;;;;;;AAY1C,SAAgB,cACd,WACA,SACA,WACS;AACT,KAAI,UAAU,WAAW,wBACvB,OAAM,IAAI,MAAM,sBAAsB,wBAAwB,QAAQ;AAExE,KAAI,UAAU,WAAW,uBACvB,OAAM,IAAI,MAAM,qBAAqB,uBAAuB,QAAQ;AAGtE,KAAI;AACF,SAAOA,iCAAQ,OAAO,WAAW,SAAS,UAAU;SAC9C;AACN,SAAO;;;;;;;;;;;;;;;;;;;;ACxDX,SAAgB,OAAO,UAAsB,MAAkB,WAA+B;AAC5F,QAAO,UAAU,UAAU,MAAM,WAAW,IAAI,GAAG,EAAE;;;;;;;;;;;;;AAcvD,SAAgB,UACd,UACA,MACA,WACA,MACA,GACA,GACY;AACZ,KAAI,QAAQ,GACV,OAAM,IAAI,MAAM,mBAAmB;AAErC,KAAI,MAAM,EACR,OAAM,IAAI,MAAM,eAAe;AAEjC,KAAI,MAAM,EACR,OAAM,IAAI,MAAM,eAAe;AAKjC,4CAAmB,UAAU,MAAM;EAAE,GAF3B,KAAK;EAEyB;EAAG;EAAG,OAAO;EAAW,CAAC;;;;;;;;;;;;;;;;;;;ACnCnE,SAAgB,SAAS,UAAsB,MAAkB,WAA+B;AAE9F,QAAO,gBAAgB,UAAU,MAAM,WAAW,GAAG,OAAO,EAAE;;;;;;;;;;;;;AAchE,SAAgB,gBACd,UACA,MACA,WACA,YACA,QACA,aACY;AACZ,8CAAqB,UAAU,MAAM;EACnC,GAAG;EACH,GAAG;EACH,GAAG;EACH,OAAO;EACR,CAAC"}
package/dist/index.d.cts CHANGED
@@ -1,6 +1,11 @@
1
1
  import { RandomNumberGenerator } from "@bcts/rand";
2
2
 
3
3
  //#region src/error.d.ts
4
+ /**
5
+ * Copyright © 2023-2026 Blockchain Commons, LLC
6
+ * Copyright © 2025-2026 Parity Technologies
7
+ *
8
+ */
4
9
  /**
5
10
  * AEAD-specific error for authentication failures
6
11
  */
@@ -34,6 +39,11 @@ declare class CryptoError extends Error {
34
39
  type CryptoResult<T> = T;
35
40
  //#endregion
36
41
  //#region src/memzero.d.ts
42
+ /**
43
+ * Copyright © 2023-2026 Blockchain Commons, LLC
44
+ * Copyright © 2025-2026 Parity Technologies
45
+ *
46
+ */
37
47
  /**
38
48
  * Securely zero out a typed array.
39
49
  *
@@ -57,6 +67,11 @@ declare function memzero(data: Uint8Array | Uint32Array): void;
57
67
  declare function memzeroVecVecU8(arrays: Uint8Array[]): void;
58
68
  //#endregion
59
69
  //#region src/hash.d.ts
70
+ /**
71
+ * Copyright © 2023-2026 Blockchain Commons, LLC
72
+ * Copyright © 2025-2026 Parity Technologies
73
+ *
74
+ */
60
75
  declare const CRC32_SIZE = 4;
61
76
  declare const SHA256_SIZE = 32;
62
77
  declare const SHA512_SIZE = 64;
@@ -113,6 +128,11 @@ declare function hkdfHmacSha256(keyMaterial: Uint8Array, salt: Uint8Array, keyLe
113
128
  declare function hkdfHmacSha512(keyMaterial: Uint8Array, salt: Uint8Array, keyLen: number): Uint8Array;
114
129
  //#endregion
115
130
  //#region src/symmetric-encryption.d.ts
131
+ /**
132
+ * Copyright © 2023-2026 Blockchain Commons, LLC
133
+ * Copyright © 2025-2026 Parity Technologies
134
+ *
135
+ */
116
136
  declare const SYMMETRIC_KEY_SIZE = 32;
117
137
  declare const SYMMETRIC_NONCE_SIZE = 12;
118
138
  declare const SYMMETRIC_AUTH_SIZE = 16;
@@ -249,6 +269,11 @@ declare function ecdsaDerivePrivateKey(keyMaterial: Uint8Array): Uint8Array;
249
269
  declare function schnorrPublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array;
250
270
  //#endregion
251
271
  //#region src/ecdsa-signing.d.ts
272
+ /**
273
+ * Copyright © 2023-2026 Blockchain Commons, LLC
274
+ * Copyright © 2025-2026 Parity Technologies
275
+ *
276
+ */
252
277
  /**
253
278
  * Sign a message using ECDSA with secp256k1.
254
279
  *
@@ -353,6 +378,11 @@ declare function ed25519Sign(privateKey: Uint8Array, message: Uint8Array): Uint8
353
378
  declare function ed25519Verify(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): boolean;
354
379
  //#endregion
355
380
  //#region src/scrypt.d.ts
381
+ /**
382
+ * Copyright © 2023-2026 Blockchain Commons, LLC
383
+ * Copyright © 2025-2026 Parity Technologies
384
+ *
385
+ */
356
386
  /**
357
387
  * Derive a key using Scrypt with recommended parameters.
358
388
  * Uses N=2^15 (32768), r=8, p=1 as recommended defaults.
@@ -377,6 +407,11 @@ declare function scrypt(password: Uint8Array, salt: Uint8Array, outputLen: numbe
377
407
  declare function scryptOpt(password: Uint8Array, salt: Uint8Array, outputLen: number, logN: number, r: number, p: number): Uint8Array;
378
408
  //#endregion
379
409
  //#region src/argon.d.ts
410
+ /**
411
+ * Copyright © 2023-2026 Blockchain Commons, LLC
412
+ * Copyright © 2025-2026 Parity Technologies
413
+ *
414
+ */
380
415
  /**
381
416
  * Derive a key using Argon2id with default parameters.
382
417
  * This matches the Rust `argon2id` function signature.
package/dist/index.d.cts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.cts","names":[],"sources":["../src/error.ts","../src/memzero.ts","../src/hash.ts","../src/symmetric-encryption.ts","../src/public-key-encryption.ts","../src/ecdsa-keys.ts","../src/ecdsa-signing.ts","../src/schnorr-signing.ts","../src/ed25519-signing.ts","../src/scrypt.ts","../src/argon.ts"],"mappings":";;;;;;cAKa,SAAA,SAAkB,KAAA;cACjB,OAAA;AAAA;;;;cASD,WAAA,SAAoB,KAAA;EAAA,SACb,KAAA,GAAQ,KAAA;cAEd,OAAA,UAAiB,KAAA,GAAQ,KAAA;EAH1B;;;;;;EAAA,OAeJ,IAAA,CAAK,KAAA,GAAQ,SAAA,GAAY,WAAA;EAUU;;;;;;EAAA,OAAnC,gBAAA,CAAiB,OAAA,WAAkB,WAAA;AAAA;;;;KAQhC,YAAA,MAAkB,CAAA;;;;;;AA3C9B;;;;;;;;;AAUA;;;;iBCGgB,OAAA,CAAQ,IAAA,EAAM,UAAA,GAAa,WAAA;;;;iBAc3B,eAAA,CAAgB,MAAA,EAAQ,UAAA;;;cCxB3B,UAAA;AAAA,cACA,WAAA;AAAA,cACA,WAAA;AFLb;;;AAAA,iBEoBgB,KAAA,CAAM,IAAA,EAAM,UAAA;;;;iBAWZ,SAAA,CAAU,IAAA,EAAM,UAAA,GAAa,UAAA;;AFrB7C;;;;iBE8BgB,YAAA,CAAa,IAAA,EAAM,UAAA,EAAY,YAAA,YAAwB,UAAA;;;;iBAWvD,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;;iBAQ1B,YAAA,CAAa,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOnC,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;iBAO1B,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOlD,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;AFrClE;;iBE4CgB,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;;;;iBAOa,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;;AD3FH;;iBCkGgB,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;;;iBAOa,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;;cC7HU,kBAAA;AAAA,cACA,oBAAA;AAAA,cACA,mBAAA;AHHb;;;;;;;;;AAUA;;;;AAVA,iBGkBgB,2BAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,IACL,UAAA,EAAY,UAAA;;;;;;;;;;;;;;;iBAkBA,kCAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,IACH,UAAA,EAAY,UAAA;;;;;;;;AHFhB;;;;iBG+BgB,2BAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,OAAA,EAAS,UAAA,GACR,UAAA;;;;AFlEH;;;;;;;;;iBEkFgB,kCAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,EACL,OAAA,EAAS,UAAA,GACR,UAAA;;;cCnGU,wBAAA;AAAA,cACA,uBAAA;AAAA,cACA,uBAAA;AAAA,cACA,sBAAA;;;;;iBAMG,yBAAA,CAA0B,WAAA,EAAa,UAAA,GAAa,UAAA;;;AJDpE;;iBIUgB,uBAAA,CAAwB,WAAA,EAAa,UAAA,GAAa,UAAA;;;;iBAQlD,wBAAA,CAAyB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOtD,6BAAA,CAA8B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;;;;;;;;iBAsBvD,eAAA,CAAgB,aAAA,EAAe,UAAA,EAAY,YAAA,EAAc,UAAA,GAAa,UAAA;;;cCvDzE,sBAAA;AAAA,cACA,qBAAA;AAAA,cACA,kCAAA;AAAA,cACA,uBAAA;AAAA,cACA,oBAAA;AAAA,cACA,uBAAA;;;;;;ALGb;;iBKMgB,uBAAA,CAAwB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOrD,4BAAA,CAA6B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAUtD,wBAAA,CAAyB,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAWlD,sBAAA,CAAuB,YAAA,EAAc,UAAA,GAAa,UAAA;;;;;;;iBAclD,qBAAA,CAAsB,WAAA,EAAa,UAAA,GAAa,UAAA;;;;;iBAShD,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;ALnExE;;;;;;;;;AAUA;;iBMSgB,SAAA,CAAU,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;;;iBAqBxD,WAAA,CACd,SAAA,EAAW,UAAA,EACX,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCxCE,sBAAA;;APHb;;;;;;;iBOagB,WAAA,CAAY,eAAA,EAAiB,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;APH/E;;;;;;;iBOgBgB,gBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,GAAA,EAAK,qBAAA,GACJ,UAAA;;;;;;;;;;iBAca,sBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,OAAA,EAAS,UAAA,GACR,UAAA;;;;;;;;;iBAmBa,aAAA,CACd,gBAAA,EAAkB,UAAA,EAClB,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCrEE,uBAAA;AAAA,cACA,wBAAA;AAAA,cACA,sBAAA;;;;iBAKG,yBAAA,CAA0B,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOvD,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;ARLxE;;;;;;;;;;;AAAA,iBQuBgB,WAAA,CAAY,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;iBAgB1D,aAAA,CACd,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA,EACT,SAAA,EAAW,UAAA;;;;;;ARpDb;;;;;;iBSQgB,MAAA,CAAO,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;ATEnF;;;;;;;;;iBSagB,SAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,IAAA,UACA,CAAA,UACA,CAAA,WACC,UAAA;;;;;;AT9BH;;;;;;iBUQgB,QAAA,CAAS,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;AVErF;;;;;;;;;iBUcgB,eAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,UAAA,UACA,MAAA,UACA,WAAA,WACC,UAAA"}
1
+ {"version":3,"file":"index.d.cts","names":[],"sources":["../src/error.ts","../src/memzero.ts","../src/hash.ts","../src/symmetric-encryption.ts","../src/public-key-encryption.ts","../src/ecdsa-keys.ts","../src/ecdsa-signing.ts","../src/schnorr-signing.ts","../src/ed25519-signing.ts","../src/scrypt.ts","../src/argon.ts"],"mappings":";;;;;;AAWA;;;;;cAAa,SAAA,SAAkB,KAAA;cACjB,OAAA;AAAA;;AASd;;cAAa,WAAA,SAAoB,KAAA;EAAA,SACb,KAAA,GAAQ,KAAA;cAEd,OAAA,UAAiB,KAAA,GAAQ,KAAA;EAYjB;;;;;;EAAA,OAAb,IAAA,CAAK,KAAA,GAAQ,SAAA,GAAY,WAAA;EAdd;;;;;;EAAA,OAwBX,gBAAA,CAAiB,OAAA,WAAkB,WAAA;AAAA;;;;KAQhC,YAAA,MAAkB,CAAA;;;;;;AA3C9B;;;;;;;;;AAUA;;;;;;;;;iBCGgB,OAAA,CAAQ,IAAA,EAAM,UAAA,GAAa,WAAA;;;;iBAc3B,eAAA,CAAgB,MAAA,EAAQ,UAAA;;;;;;AD3BxC;;cEGa,UAAA;AAAA,cACA,WAAA;AAAA,cACA,WAAA;;;;iBAeG,KAAA,CAAM,IAAA,EAAM,UAAA;AFV5B;;;AAAA,iBEqBgB,SAAA,CAAU,IAAA,EAAM,UAAA,GAAa,UAAA;;;;;;iBAS7B,YAAA,CAAa,IAAA,EAAM,UAAA,EAAY,YAAA,YAAwB,UAAA;;;;iBAWvD,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;;iBAQ1B,YAAA,CAAa,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOnC,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;iBAO1B,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;AF9BlE;;;AAAA,iBEqCgB,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOlD,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;AD/EH;;;AAAA,iBCsFgB,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;;;;iBAOa,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;ADxFH;;iBC+FgB,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;;;;;AF9HH;;cGCa,kBAAA;AAAA,cACA,oBAAA;AAAA,cACA,mBAAA;;;;;AHOb;;;;;;;;;iBGQgB,2BAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,IACL,UAAA,EAAY,UAAA;;;;;;;;;;;;;;;iBAkBA,kCAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,IACH,UAAA,EAAY,UAAA;;;AHFhB;;;;;;;;AC9BA;iBE6DgB,2BAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,OAAA,EAAS,UAAA,GACR,UAAA;;;;;;;;AFpDH;;;;;iBEoEgB,kCAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,EACL,OAAA,EAAS,UAAA,GACR,UAAA;;;cCnGU,wBAAA;AAAA,cACA,uBAAA;AAAA,cACA,uBAAA;AAAA,cACA,sBAAA;;;AJKb;;iBICgB,yBAAA,CAA0B,WAAA,EAAa,UAAA,GAAa,UAAA;;;;;iBASpD,uBAAA,CAAwB,WAAA,EAAa,UAAA,GAAa,UAAA;;;;iBAQlD,wBAAA,CAAyB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOtD,6BAAA,CAA8B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;;;;;;;AJQvE;iBIcgB,eAAA,CAAgB,aAAA,EAAe,UAAA,EAAY,YAAA,EAAc,UAAA,GAAa,UAAA;;;cCvDzE,sBAAA;AAAA,cACA,qBAAA;AAAA,cACA,kCAAA;AAAA,cACA,uBAAA;AAAA,cACA,oBAAA;AAAA,cACA,uBAAA;ALGb;;;;;;;AAAA,iBKMgB,uBAAA,CAAwB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOrD,4BAAA,CAA6B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAUtD,wBAAA,CAAyB,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAWlD,sBAAA,CAAuB,YAAA,EAAc,UAAA,GAAa,UAAA;;;;;;;iBAclD,qBAAA,CAAsB,WAAA,EAAa,UAAA,GAAa,UAAA;ALfhE;;;;AAAA,iBKwBgB,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;ALnExE;;;;;;;;;AAUA;;;;;;;iBMSgB,SAAA,CAAU,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;;;iBAqBxD,WAAA,CACd,SAAA,EAAW,UAAA,EACX,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCxCE,sBAAA;;;;;;APOb;;;iBOGgB,WAAA,CAAY,eAAA,EAAiB,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;iBAa/D,gBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,GAAA,EAAK,qBAAA,GACJ,UAAA;;;;;;;;;;iBAca,sBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,OAAA,EAAS,UAAA,GACR,UAAA;;;;;APLH;;;;iBOwBgB,aAAA,CACd,gBAAA,EAAkB,UAAA,EAClB,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCrEE,uBAAA;AAAA,cACA,wBAAA;AAAA,cACA,sBAAA;;;;iBAKG,yBAAA,CAA0B,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOvD,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;;;;;;;iBAkBxD,WAAA,CAAY,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;iBAgB1D,aAAA,CACd,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA,EACT,SAAA,EAAW,UAAA;;;;;;ARpDb;;;;;;;;;AAUA;;iBSFgB,MAAA,CAAO,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;;;;;;;;;;iBAenE,SAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,IAAA,UACA,CAAA,UACA,CAAA,WACC,UAAA;;;;;;AT9BH;;;;;;;;;AAUA;;iBUFgB,QAAA,CAAS,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;;;;;;;;;;iBAgBrE,eAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,UAAA,UACA,MAAA,UACA,WAAA,WACC,UAAA"}
package/dist/index.d.mts CHANGED
@@ -1,6 +1,11 @@
1
1
  import { RandomNumberGenerator } from "@bcts/rand";
2
2
 
3
3
  //#region src/error.d.ts
4
+ /**
5
+ * Copyright © 2023-2026 Blockchain Commons, LLC
6
+ * Copyright © 2025-2026 Parity Technologies
7
+ *
8
+ */
4
9
  /**
5
10
  * AEAD-specific error for authentication failures
6
11
  */
@@ -34,6 +39,11 @@ declare class CryptoError extends Error {
34
39
  type CryptoResult<T> = T;
35
40
  //#endregion
36
41
  //#region src/memzero.d.ts
42
+ /**
43
+ * Copyright © 2023-2026 Blockchain Commons, LLC
44
+ * Copyright © 2025-2026 Parity Technologies
45
+ *
46
+ */
37
47
  /**
38
48
  * Securely zero out a typed array.
39
49
  *
@@ -57,6 +67,11 @@ declare function memzero(data: Uint8Array | Uint32Array): void;
57
67
  declare function memzeroVecVecU8(arrays: Uint8Array[]): void;
58
68
  //#endregion
59
69
  //#region src/hash.d.ts
70
+ /**
71
+ * Copyright © 2023-2026 Blockchain Commons, LLC
72
+ * Copyright © 2025-2026 Parity Technologies
73
+ *
74
+ */
60
75
  declare const CRC32_SIZE = 4;
61
76
  declare const SHA256_SIZE = 32;
62
77
  declare const SHA512_SIZE = 64;
@@ -113,6 +128,11 @@ declare function hkdfHmacSha256(keyMaterial: Uint8Array, salt: Uint8Array, keyLe
113
128
  declare function hkdfHmacSha512(keyMaterial: Uint8Array, salt: Uint8Array, keyLen: number): Uint8Array;
114
129
  //#endregion
115
130
  //#region src/symmetric-encryption.d.ts
131
+ /**
132
+ * Copyright © 2023-2026 Blockchain Commons, LLC
133
+ * Copyright © 2025-2026 Parity Technologies
134
+ *
135
+ */
116
136
  declare const SYMMETRIC_KEY_SIZE = 32;
117
137
  declare const SYMMETRIC_NONCE_SIZE = 12;
118
138
  declare const SYMMETRIC_AUTH_SIZE = 16;
@@ -249,6 +269,11 @@ declare function ecdsaDerivePrivateKey(keyMaterial: Uint8Array): Uint8Array;
249
269
  declare function schnorrPublicKeyFromPrivateKey(privateKey: Uint8Array): Uint8Array;
250
270
  //#endregion
251
271
  //#region src/ecdsa-signing.d.ts
272
+ /**
273
+ * Copyright © 2023-2026 Blockchain Commons, LLC
274
+ * Copyright © 2025-2026 Parity Technologies
275
+ *
276
+ */
252
277
  /**
253
278
  * Sign a message using ECDSA with secp256k1.
254
279
  *
@@ -353,6 +378,11 @@ declare function ed25519Sign(privateKey: Uint8Array, message: Uint8Array): Uint8
353
378
  declare function ed25519Verify(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): boolean;
354
379
  //#endregion
355
380
  //#region src/scrypt.d.ts
381
+ /**
382
+ * Copyright © 2023-2026 Blockchain Commons, LLC
383
+ * Copyright © 2025-2026 Parity Technologies
384
+ *
385
+ */
356
386
  /**
357
387
  * Derive a key using Scrypt with recommended parameters.
358
388
  * Uses N=2^15 (32768), r=8, p=1 as recommended defaults.
@@ -377,6 +407,11 @@ declare function scrypt(password: Uint8Array, salt: Uint8Array, outputLen: numbe
377
407
  declare function scryptOpt(password: Uint8Array, salt: Uint8Array, outputLen: number, logN: number, r: number, p: number): Uint8Array;
378
408
  //#endregion
379
409
  //#region src/argon.d.ts
410
+ /**
411
+ * Copyright © 2023-2026 Blockchain Commons, LLC
412
+ * Copyright © 2025-2026 Parity Technologies
413
+ *
414
+ */
380
415
  /**
381
416
  * Derive a key using Argon2id with default parameters.
382
417
  * This matches the Rust `argon2id` function signature.
package/dist/index.d.mts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.mts","names":[],"sources":["../src/error.ts","../src/memzero.ts","../src/hash.ts","../src/symmetric-encryption.ts","../src/public-key-encryption.ts","../src/ecdsa-keys.ts","../src/ecdsa-signing.ts","../src/schnorr-signing.ts","../src/ed25519-signing.ts","../src/scrypt.ts","../src/argon.ts"],"mappings":";;;;;;cAKa,SAAA,SAAkB,KAAA;cACjB,OAAA;AAAA;;;;cASD,WAAA,SAAoB,KAAA;EAAA,SACb,KAAA,GAAQ,KAAA;cAEd,OAAA,UAAiB,KAAA,GAAQ,KAAA;EAH1B;;;;;;EAAA,OAeJ,IAAA,CAAK,KAAA,GAAQ,SAAA,GAAY,WAAA;EAUU;;;;;;EAAA,OAAnC,gBAAA,CAAiB,OAAA,WAAkB,WAAA;AAAA;;;;KAQhC,YAAA,MAAkB,CAAA;;;;;;AA3C9B;;;;;;;;;AAUA;;;;iBCGgB,OAAA,CAAQ,IAAA,EAAM,UAAA,GAAa,WAAA;;;;iBAc3B,eAAA,CAAgB,MAAA,EAAQ,UAAA;;;cCxB3B,UAAA;AAAA,cACA,WAAA;AAAA,cACA,WAAA;AFLb;;;AAAA,iBEoBgB,KAAA,CAAM,IAAA,EAAM,UAAA;;;;iBAWZ,SAAA,CAAU,IAAA,EAAM,UAAA,GAAa,UAAA;;AFrB7C;;;;iBE8BgB,YAAA,CAAa,IAAA,EAAM,UAAA,EAAY,YAAA,YAAwB,UAAA;;;;iBAWvD,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;;iBAQ1B,YAAA,CAAa,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOnC,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;iBAO1B,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOlD,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;AFrClE;;iBE4CgB,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;;;;iBAOa,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;;AD3FH;;iBCkGgB,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;;;iBAOa,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;;cC7HU,kBAAA;AAAA,cACA,oBAAA;AAAA,cACA,mBAAA;AHHb;;;;;;;;;AAUA;;;;AAVA,iBGkBgB,2BAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,IACL,UAAA,EAAY,UAAA;;;;;;;;;;;;;;;iBAkBA,kCAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,IACH,UAAA,EAAY,UAAA;;;;;;;;AHFhB;;;;iBG+BgB,2BAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,OAAA,EAAS,UAAA,GACR,UAAA;;;;AFlEH;;;;;;;;;iBEkFgB,kCAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,EACL,OAAA,EAAS,UAAA,GACR,UAAA;;;cCnGU,wBAAA;AAAA,cACA,uBAAA;AAAA,cACA,uBAAA;AAAA,cACA,sBAAA;;;;;iBAMG,yBAAA,CAA0B,WAAA,EAAa,UAAA,GAAa,UAAA;;;AJDpE;;iBIUgB,uBAAA,CAAwB,WAAA,EAAa,UAAA,GAAa,UAAA;;;;iBAQlD,wBAAA,CAAyB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOtD,6BAAA,CAA8B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;;;;;;;;iBAsBvD,eAAA,CAAgB,aAAA,EAAe,UAAA,EAAY,YAAA,EAAc,UAAA,GAAa,UAAA;;;cCvDzE,sBAAA;AAAA,cACA,qBAAA;AAAA,cACA,kCAAA;AAAA,cACA,uBAAA;AAAA,cACA,oBAAA;AAAA,cACA,uBAAA;;;;;;ALGb;;iBKMgB,uBAAA,CAAwB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOrD,4BAAA,CAA6B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAUtD,wBAAA,CAAyB,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAWlD,sBAAA,CAAuB,YAAA,EAAc,UAAA,GAAa,UAAA;;;;;;;iBAclD,qBAAA,CAAsB,WAAA,EAAa,UAAA,GAAa,UAAA;;;;;iBAShD,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;ALnExE;;;;;;;;;AAUA;;iBMSgB,SAAA,CAAU,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;;;iBAqBxD,WAAA,CACd,SAAA,EAAW,UAAA,EACX,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCxCE,sBAAA;;APHb;;;;;;;iBOagB,WAAA,CAAY,eAAA,EAAiB,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;APH/E;;;;;;;iBOgBgB,gBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,GAAA,EAAK,qBAAA,GACJ,UAAA;;;;;;;;;;iBAca,sBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,OAAA,EAAS,UAAA,GACR,UAAA;;;;;;;;;iBAmBa,aAAA,CACd,gBAAA,EAAkB,UAAA,EAClB,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCrEE,uBAAA;AAAA,cACA,wBAAA;AAAA,cACA,sBAAA;;;;iBAKG,yBAAA,CAA0B,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOvD,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;ARLxE;;;;;;;;;;;AAAA,iBQuBgB,WAAA,CAAY,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;iBAgB1D,aAAA,CACd,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA,EACT,SAAA,EAAW,UAAA;;;;;;ARpDb;;;;;;iBSQgB,MAAA,CAAO,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;ATEnF;;;;;;;;;iBSagB,SAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,IAAA,UACA,CAAA,UACA,CAAA,WACC,UAAA;;;;;;AT9BH;;;;;;iBUQgB,QAAA,CAAS,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;AVErF;;;;;;;;;iBUcgB,eAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,UAAA,UACA,MAAA,UACA,WAAA,WACC,UAAA"}
1
+ {"version":3,"file":"index.d.mts","names":[],"sources":["../src/error.ts","../src/memzero.ts","../src/hash.ts","../src/symmetric-encryption.ts","../src/public-key-encryption.ts","../src/ecdsa-keys.ts","../src/ecdsa-signing.ts","../src/schnorr-signing.ts","../src/ed25519-signing.ts","../src/scrypt.ts","../src/argon.ts"],"mappings":";;;;;;AAWA;;;;;cAAa,SAAA,SAAkB,KAAA;cACjB,OAAA;AAAA;;AASd;;cAAa,WAAA,SAAoB,KAAA;EAAA,SACb,KAAA,GAAQ,KAAA;cAEd,OAAA,UAAiB,KAAA,GAAQ,KAAA;EAYjB;;;;;;EAAA,OAAb,IAAA,CAAK,KAAA,GAAQ,SAAA,GAAY,WAAA;EAdd;;;;;;EAAA,OAwBX,gBAAA,CAAiB,OAAA,WAAkB,WAAA;AAAA;;;;KAQhC,YAAA,MAAkB,CAAA;;;;;;AA3C9B;;;;;;;;;AAUA;;;;;;;;;iBCGgB,OAAA,CAAQ,IAAA,EAAM,UAAA,GAAa,WAAA;;;;iBAc3B,eAAA,CAAgB,MAAA,EAAQ,UAAA;;;;;;AD3BxC;;cEGa,UAAA;AAAA,cACA,WAAA;AAAA,cACA,WAAA;;;;iBAeG,KAAA,CAAM,IAAA,EAAM,UAAA;AFV5B;;;AAAA,iBEqBgB,SAAA,CAAU,IAAA,EAAM,UAAA,GAAa,UAAA;;;;;;iBAS7B,YAAA,CAAa,IAAA,EAAM,UAAA,EAAY,YAAA,YAAwB,UAAA;;;;iBAWvD,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;;iBAQ1B,YAAA,CAAa,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOnC,MAAA,CAAO,IAAA,EAAM,UAAA,GAAa,UAAA;;;;iBAO1B,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;AF9BlE;;;AAAA,iBEqCgB,UAAA,CAAW,GAAA,EAAK,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;iBAOlD,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;AD/EH;;;AAAA,iBCsFgB,gBAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,UAAA,UACA,MAAA,WACC,UAAA;;;;iBAOa,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;ADxFH;;iBC+FgB,cAAA,CACd,WAAA,EAAa,UAAA,EACb,IAAA,EAAM,UAAA,EACN,MAAA,WACC,UAAA;;;;;;AF9HH;;cGCa,kBAAA;AAAA,cACA,oBAAA;AAAA,cACA,mBAAA;;;;;AHOb;;;;;;;;;iBGQgB,2BAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,IACL,UAAA,EAAY,UAAA;;;;;;;;;;;;;;;iBAkBA,kCAAA,CACd,SAAA,EAAW,UAAA,EACX,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,IACH,UAAA,EAAY,UAAA;;;AHFhB;;;;;;;;AC9BA;iBE6DgB,2BAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,OAAA,EAAS,UAAA,GACR,UAAA;;;;;;;;AFpDH;;;;;iBEoEgB,kCAAA,CACd,UAAA,EAAY,UAAA,EACZ,GAAA,EAAK,UAAA,EACL,KAAA,EAAO,UAAA,EACP,GAAA,EAAK,UAAA,EACL,OAAA,EAAS,UAAA,GACR,UAAA;;;cCnGU,wBAAA;AAAA,cACA,uBAAA;AAAA,cACA,uBAAA;AAAA,cACA,sBAAA;;;AJKb;;iBICgB,yBAAA,CAA0B,WAAA,EAAa,UAAA,GAAa,UAAA;;;;;iBASpD,uBAAA,CAAwB,WAAA,EAAa,UAAA,GAAa,UAAA;;;;iBAQlD,wBAAA,CAAyB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOtD,6BAAA,CAA8B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;;;;;;;AJQvE;iBIcgB,eAAA,CAAgB,aAAA,EAAe,UAAA,EAAY,YAAA,EAAc,UAAA,GAAa,UAAA;;;cCvDzE,sBAAA;AAAA,cACA,qBAAA;AAAA,cACA,kCAAA;AAAA,cACA,uBAAA;AAAA,cACA,oBAAA;AAAA,cACA,uBAAA;ALGb;;;;;;;AAAA,iBKMgB,uBAAA,CAAwB,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOrD,4BAAA,CAA6B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAUtD,wBAAA,CAAyB,UAAA,EAAY,UAAA,GAAa,UAAA;;;;iBAWlD,sBAAA,CAAuB,YAAA,EAAc,UAAA,GAAa,UAAA;;;;;;;iBAclD,qBAAA,CAAsB,WAAA,EAAa,UAAA,GAAa,UAAA;ALfhE;;;;AAAA,iBKwBgB,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;ALnExE;;;;;;;;;AAUA;;;;;;;iBMSgB,SAAA,CAAU,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;;;iBAqBxD,WAAA,CACd,SAAA,EAAW,UAAA,EACX,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCxCE,sBAAA;;;;;;APOb;;;iBOGgB,WAAA,CAAY,eAAA,EAAiB,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;iBAa/D,gBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,GAAA,EAAK,qBAAA,GACJ,UAAA;;;;;;;;;;iBAca,sBAAA,CACd,eAAA,EAAiB,UAAA,EACjB,OAAA,EAAS,UAAA,EACT,OAAA,EAAS,UAAA,GACR,UAAA;;;;;APLH;;;;iBOwBgB,aAAA,CACd,gBAAA,EAAkB,UAAA,EAClB,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA;;;cCrEE,uBAAA;AAAA,cACA,wBAAA;AAAA,cACA,sBAAA;;;;iBAKG,yBAAA,CAA0B,GAAA,EAAK,qBAAA,GAAwB,UAAA;;;;iBAOvD,8BAAA,CAA+B,UAAA,EAAY,UAAA,GAAa,UAAA;;;;;;;;;;;;iBAkBxD,WAAA,CAAY,UAAA,EAAY,UAAA,EAAY,OAAA,EAAS,UAAA,GAAa,UAAA;;;;;;;;;;iBAgB1D,aAAA,CACd,SAAA,EAAW,UAAA,EACX,OAAA,EAAS,UAAA,EACT,SAAA,EAAW,UAAA;;;;;;ARpDb;;;;;;;;;AAUA;;iBSFgB,MAAA,CAAO,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;;;;;;;;;;iBAenE,SAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,IAAA,UACA,CAAA,UACA,CAAA,WACC,UAAA;;;;;;AT9BH;;;;;;;;;AAUA;;iBUFgB,QAAA,CAAS,QAAA,EAAU,UAAA,EAAY,IAAA,EAAM,UAAA,EAAY,SAAA,WAAoB,UAAA;;;;;;;;;;;;iBAgBrE,eAAA,CACd,QAAA,EAAU,UAAA,EACV,IAAA,EAAM,UAAA,EACN,SAAA,UACA,UAAA,UACA,MAAA,UACA,WAAA,WACC,UAAA"}
package/dist/index.iife.js CHANGED
@@ -4,6 +4,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
4
4
 
5
5
  //#region src/error.ts
6
6
  /**
7
+ * Copyright © 2023-2026 Blockchain Commons, LLC
8
+ * Copyright © 2025-2026 Parity Technologies
9
+ *
10
+ */
11
+ /**
7
12
  * AEAD-specific error for authentication failures
8
13
  */
9
14
  var AeadError = class extends Error {
@@ -45,6 +50,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
45
50
  //#endregion
46
51
  //#region src/memzero.ts
47
52
  /**
53
+ * Copyright © 2023-2026 Blockchain Commons, LLC
54
+ * Copyright © 2025-2026 Parity Technologies
55
+ *
56
+ */
57
+ /**
48
58
  * Securely zero out a typed array.
49
59
  *
50
60
  * **IMPORTANT: This is a best-effort implementation.** Unlike the Rust reference
@@ -74,6 +84,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
74
84
 
75
85
  //#endregion
76
86
  //#region src/hash.ts
87
+ /**
88
+ * Copyright © 2023-2026 Blockchain Commons, LLC
89
+ * Copyright © 2025-2026 Parity Technologies
90
+ *
91
+ */
77
92
  const CRC32_SIZE = 4;
78
93
  const SHA256_SIZE = 32;
79
94
  const SHA512_SIZE = 64;
@@ -172,6 +187,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
172
187
 
173
188
  //#endregion
174
189
  //#region src/symmetric-encryption.ts
190
+ /**
191
+ * Copyright © 2023-2026 Blockchain Commons, LLC
192
+ * Copyright © 2025-2026 Parity Technologies
193
+ *
194
+ */
175
195
  const SYMMETRIC_KEY_SIZE = 32;
176
196
  const SYMMETRIC_NONCE_SIZE = 12;
177
197
  const SYMMETRIC_AUTH_SIZE = 16;
@@ -254,6 +274,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
254
274
 
255
275
  //#endregion
256
276
  //#region src/public-key-encryption.ts
277
+ /**
278
+ * Copyright © 2023-2026 Blockchain Commons, LLC
279
+ * Copyright © 2025-2026 Parity Technologies
280
+ *
281
+ */
257
282
  const GENERIC_PRIVATE_KEY_SIZE = 32;
258
283
  const GENERIC_PUBLIC_KEY_SIZE = 32;
259
284
  const X25519_PRIVATE_KEY_SIZE = 32;
@@ -306,6 +331,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
306
331
 
307
332
  //#endregion
308
333
  //#region src/ecdsa-keys.ts
334
+ /**
335
+ * Copyright © 2023-2026 Blockchain Commons, LLC
336
+ * Copyright © 2025-2026 Parity Technologies
337
+ *
338
+ */
309
339
  const ECDSA_PRIVATE_KEY_SIZE = 32;
310
340
  const ECDSA_PUBLIC_KEY_SIZE = 33;
311
341
  const ECDSA_UNCOMPRESSED_PUBLIC_KEY_SIZE = 65;
@@ -364,6 +394,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
364
394
  //#endregion
365
395
  //#region src/ecdsa-signing.ts
366
396
  /**
397
+ * Copyright © 2023-2026 Blockchain Commons, LLC
398
+ * Copyright © 2025-2026 Parity Technologies
399
+ *
400
+ */
401
+ /**
367
402
  * Sign a message using ECDSA with secp256k1.
368
403
  *
369
404
  * The message is hashed with double SHA-256 before signing (Bitcoin standard).
@@ -406,6 +441,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
406
441
 
407
442
  //#endregion
408
443
  //#region src/schnorr-signing.ts
444
+ /**
445
+ * Copyright © 2023-2026 Blockchain Commons, LLC
446
+ * Copyright © 2025-2026 Parity Technologies
447
+ *
448
+ */
409
449
  const SCHNORR_SIGNATURE_SIZE = 64;
410
450
  /**
411
451
  * Sign a message using Schnorr signature (BIP-340).
@@ -463,6 +503,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
463
503
 
464
504
  //#endregion
465
505
  //#region src/ed25519-signing.ts
506
+ /**
507
+ * Copyright © 2023-2026 Blockchain Commons, LLC
508
+ * Copyright © 2025-2026 Parity Technologies
509
+ *
510
+ */
466
511
  const ED25519_PUBLIC_KEY_SIZE = 32;
467
512
  const ED25519_PRIVATE_KEY_SIZE = 32;
468
513
  const ED25519_SIGNATURE_SIZE = 64;
@@ -516,6 +561,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
516
561
  //#endregion
517
562
  //#region src/scrypt.ts
518
563
  /**
564
+ * Copyright © 2023-2026 Blockchain Commons, LLC
565
+ * Copyright © 2025-2026 Parity Technologies
566
+ *
567
+ */
568
+ /**
519
569
  * Derive a key using Scrypt with recommended parameters.
520
570
  * Uses N=2^15 (32768), r=8, p=1 as recommended defaults.
521
571
  *
@@ -553,6 +603,11 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
553
603
  //#endregion
554
604
  //#region src/argon.ts
555
605
  /**
606
+ * Copyright © 2023-2026 Blockchain Commons, LLC
607
+ * Copyright © 2025-2026 Parity Technologies
608
+ *
609
+ */
610
+ /**
556
611
  * Derive a key using Argon2id with default parameters.
557
612
  * This matches the Rust `argon2id` function signature.
558
613
  *