@digitaldefiance/ecies-lib 4.5.18 → 4.6.1

package/src/interfaces/ecies-library.d.ts

@@ -0,0 +1,259 @@
+/**
+ * Common interfaces for ECIES library across ecies-lib (browser) and node-ecies-lib (Node.js)
+ *
+ * This file defines the shared contracts that both implementations must adhere to,
+ * ensuring consistent behavior and cross-platform compatibility.
+ */
+import type { EciesEncryptionType } from '../enumerations/ecies-encryption-type';
+import type { PlatformBuffer } from './platform-buffer';
+import type { IVotingService } from './voting-service';
+/**
+ * ECIES encryption options
+ */
+export interface IEciesEncryptionOptions {
+    /**
+     * Encryption type to use
+     */
+    encryptionType?: EciesEncryptionType;
+    /**
+     * Additional authenticated data for AES-GCM
+     */
+    aad?: PlatformBuffer;
+    /**
+     * Custom ephemeral key pair (for testing)
+     */
+    ephemeralKeyPair?: {
+        privateKey: PlatformBuffer;
+        publicKey: PlatformBuffer;
+    };
+}
+/**
+ * Common interface for ECIES encryption/decryption operations
+ */
+export interface IEciesService {
+    /**
+     * Encrypt data for a single recipient
+     *
+     * @param recipientPublicKey - Recipient's public key (compressed or uncompressed)
+     * @param plaintext - Data to encrypt
+     * @param options - Encryption options
+     * @returns Encrypted data with ephemeral public key and MAC
+     */
+    encrypt(recipientPublicKey: PlatformBuffer, plaintext: PlatformBuffer, options?: IEciesEncryptionOptions): Promise<PlatformBuffer>;
+    /**
+     * Decrypt data encrypted for this recipient
+     *
+     * @param recipientPrivateKey - Recipient's private key
+     * @param ciphertext - Encrypted data
+     * @param options - Decryption options
+     * @returns Decrypted plaintext
+     */
+    decrypt(recipientPrivateKey: PlatformBuffer, ciphertext: PlatformBuffer, options?: Partial<IEciesEncryptionOptions>): Promise<PlatformBuffer>;
+    /**
+     * Encrypt data for multiple recipients
+     *
+     * @param recipientPublicKeys - Array of recipient public keys
+     * @param plaintext - Data to encrypt
+     * @param options - Encryption options
+     * @returns Encrypted data structure for all recipients
+     */
+    encryptMultiRecipient(recipientPublicKeys: PlatformBuffer[], plaintext: PlatformBuffer, options?: IEciesEncryptionOptions): Promise<PlatformBuffer>;
+    /**
+     * Decrypt multi-recipient encrypted data
+     *
+     * @param recipientPrivateKey - Recipient's private key
+     * @param ciphertext - Multi-recipient encrypted data
+     * @param recipientIndex - Index of this recipient in the recipient list
+     * @param options - Decryption options
+     * @returns Decrypted plaintext
+     */
+    decryptMultiRecipient(recipientPrivateKey: PlatformBuffer, ciphertext: PlatformBuffer, recipientIndex: number, options?: Partial<IEciesEncryptionOptions>): Promise<PlatformBuffer>;
+}
+/**
+ * Common interface for cryptographic core operations
+ */
+export interface ICryptoCoreService {
+    /**
+     * Generate a random ECDH key pair
+     *
+     * @param curveName - Elliptic curve to use (default: 'secp256k1')
+     * @returns Key pair with private and public keys
+     */
+    generateKeyPair(curveName?: string): Promise<{
+        privateKey: PlatformBuffer;
+        publicKey: PlatformBuffer;
+    }>;
+    /**
+     * Derive public key from private key
+     *
+     * @param privateKey - ECDH private key
+     * @param curveName - Elliptic curve to use (default: 'secp256k1')
+     * @param compressed - Whether to return compressed public key
+     * @returns Public key
+     */
+    derivePublicKey(privateKey: PlatformBuffer, curveName?: string, compressed?: boolean): Promise<PlatformBuffer>;
+    /**
+     * Perform ECDH key agreement
+     *
+     * @param privateKey - Our private key
+     * @param publicKey - Their public key
+     * @param curveName - Elliptic curve to use (default: 'secp256k1')
+     * @returns Shared secret
+     */
+    deriveSharedSecret(privateKey: PlatformBuffer, publicKey: PlatformBuffer, curveName?: string): Promise<PlatformBuffer>;
+    /**
+     * Sign data with ECDSA
+     *
+     * @param privateKey - Signing key
+     * @param data - Data to sign
+     * @param curveName - Elliptic curve to use (default: 'secp256k1')
+     * @returns Signature
+     */
+    sign(privateKey: PlatformBuffer, data: PlatformBuffer, curveName?: string): Promise<PlatformBuffer>;
+    /**
+     * Verify ECDSA signature
+     *
+     * @param publicKey - Verification key
+     * @param data - Original data
+     * @param signature - Signature to verify
+     * @param curveName - Elliptic curve to use (default: 'secp256k1')
+     * @returns True if signature is valid
+     */
+    verify(publicKey: PlatformBuffer, data: PlatformBuffer, signature: PlatformBuffer, curveName?: string): Promise<boolean>;
+}
+/**
+ * Common interface for PBKDF2 key derivation
+ */
+export interface IPbkdf2Service {
+    /**
+     * Derive a key from a password using PBKDF2
+     *
+     * @param password - Password to derive from
+     * @param salt - Salt value
+     * @param iterations - Number of iterations
+     * @param keyLength - Desired key length in bytes
+     * @param hashAlgorithm - Hash algorithm (default: 'sha256')
+     * @returns Derived key
+     */
+    derive(password: string | PlatformBuffer, salt: PlatformBuffer, iterations: number, keyLength: number, hashAlgorithm?: string): Promise<PlatformBuffer>;
+    /**
+     * Generate a random salt
+     *
+     * @param length - Salt length in bytes (default: 32)
+     * @returns Random salt
+     */
+    generateSalt(length?: number): PlatformBuffer;
+}
+/**
+ * Common interface for AES-GCM encryption
+ */
+export interface IAesGcmService {
+    /**
+     * Encrypt data with AES-GCM
+     *
+     * @param key - Encryption key (16, 24, or 32 bytes)
+     * @param plaintext - Data to encrypt
+     * @param aad - Additional authenticated data (optional)
+     * @returns IV (12 bytes) + ciphertext + auth tag (16 bytes)
+     */
+    encrypt(key: PlatformBuffer, plaintext: PlatformBuffer, aad?: PlatformBuffer): Promise<PlatformBuffer>;
+    /**
+     * Decrypt AES-GCM encrypted data
+     *
+     * @param key - Decryption key
+     * @param ciphertext - IV + encrypted data + auth tag
+     * @param aad - Additional authenticated data (optional)
+     * @returns Decrypted plaintext
+     */
+    decrypt(key: PlatformBuffer, ciphertext: PlatformBuffer, aad?: PlatformBuffer): Promise<PlatformBuffer>;
+}
+/**
+ * Common interface for checksum/hashing operations
+ */
+export interface IChecksumService {
+    /**
+     * Compute SHA-256 hash
+     *
+     * @param data - Data to hash
+     * @returns SHA-256 hash (32 bytes)
+     */
+    sha256(data: PlatformBuffer): Promise<PlatformBuffer>;
+    /**
+     * Compute SHA-512 hash
+     *
+     * @param data - Data to hash
+     * @returns SHA-512 hash (64 bytes)
+     */
+    sha512(data: PlatformBuffer): Promise<PlatformBuffer>;
+    /**
+     * Compute HMAC with SHA-256
+     *
+     * @param key - HMAC key
+     * @param data - Data to authenticate
+     * @returns HMAC tag (32 bytes)
+     */
+    hmacSha256(key: PlatformBuffer, data: PlatformBuffer): Promise<PlatformBuffer>;
+    /**
+     * Compute HMAC with SHA-512
+     *
+     * @param key - HMAC key
+     * @param data - Data to authenticate
+     * @returns HMAC tag (64 bytes)
+     */
+    hmacSha512(key: PlatformBuffer, data: PlatformBuffer): Promise<PlatformBuffer>;
+}
+/**
+ * Platform-specific random number generation
+ */
+export interface IRandomService {
+    /**
+     * Generate cryptographically secure random bytes
+     *
+     * @param length - Number of bytes to generate
+     * @returns Random bytes
+     */
+    randomBytes(length: number): PlatformBuffer;
+    /**
+     * Generate a random integer in range [0, max)
+     *
+     * @param max - Upper bound (exclusive)
+     * @returns Random integer
+     */
+    randomInt(max: number): number;
+}
+/**
+ * Root interface combining all service interfaces
+ * Both ecies-lib and node-ecies-lib should provide implementations
+ * that conform to these contracts
+ */
+export interface IEciesLibrary {
+    /**
+     * Core ECIES encryption/decryption operations
+     */
+    ecies: IEciesService;
+    /**
+     * Low-level cryptographic primitives
+     */
+    cryptoCore: ICryptoCoreService;
+    /**
+     * PBKDF2 key derivation
+     */
+    pbkdf2: IPbkdf2Service;
+    /**
+     * AES-GCM symmetric encryption
+     */
+    aesGcm: IAesGcmService;
+    /**
+     * Checksum and hashing operations
+     */
+    checksum: IChecksumService;
+    /**
+     * Voting system (Paillier homomorphic encryption)
+     */
+    voting: IVotingService;
+    /**
+     * Cryptographically secure random number generation
+     */
+    random: IRandomService;
+}
+//# sourceMappingURL=ecies-library.d.ts.map

package/src/interfaces/ecies-library.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecies-library.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/ecies-library.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,uCAAuC,CAAC;AACjF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC;;OAEG;IACH,cAAc,CAAC,EAAE,mBAAmB,CAAC;IAErC;;OAEG;IACH,GAAG,CAAC,EAAE,cAAc,CAAC;IAErB;;OAEG;IACH,gBAAgB,CAAC,EAAE;QACjB,UAAU,EAAE,cAAc,CAAC;QAC3B,SAAS,EAAE,cAAc,CAAC;KAC3B,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;;;;;;OAOG;IACH,OAAO,CACL,kBAAkB,EAAE,cAAc,EAClC,SAAS,EAAE,cAAc,EACzB,OAAO,CAAC,EAAE,uBAAuB,GAChC,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;;OAOG;IACH,OAAO,CACL,mBAAmB,EAAE,cAAc,EACnC,UAAU,EAAE,cAAc,EAC1B,OAAO,CAAC,EAAE,OAAO,CAAC,uBAAuB,CAAC,GACzC,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;;OAOG;IACH,qBAAqB,CACnB,mBAAmB,EAAE,cAAc,EAAE,EACrC,SAAS,EAAE,cAAc,EACzB,OAAO,CAAC,EAAE,uBAAuB,GAChC,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;;;OAQG;IACH,qBAAqB,CACnB,mBAAmB,EAAE,cAAc,EACnC,UAAU,EAAE,cAAc,EAC1B,cAAc,EAAE,MAAM,EACtB,OAAO,CAAC,EAAE,OAAO,CAAC,uBAAuB,CAAC,GACzC,OAAO,CAAC,cAAc,CAAC,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;;;;OAKG;IACH,eAAe,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;QAC3C,UAAU,EAAE,cAAc,CAAC;QAC3B,SAAS,EAAE,cAAc,CAAC;KAC3B,CAAC,CAAC;IAEH;;;;;;;OAOG;IACH,eAAe,CACb,UAAU,EAAE,cAAc,EAC1B,SAAS,CAAC,EAAE,MAAM,EAClB,UAAU,CAAC,EAAE,OAAO,GACnB,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;;OAOG;IACH,kBAAkB,CAChB,UAAU,EAAE,cAAc,EAC1B,SAAS,EAAE,cAAc,EACzB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;;OAOG;IACH,IAAI,CACF,UAAU,EAAE,cAAc,EAC1B,IAAI,EAAE,cAAc,EACpB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;;;OAQG;IACH,MAAM,CACJ,SAAS,EAAE,cAAc,EACzB,IAAI,EAAE,cAAc,EACpB,SAAS,EAAE,cAAc,EACzB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,OAAO,CAAC,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;;;;;OASG;IACH,MAAM,CACJ,QAAQ,EAAE,MAAM,GAAG,cAAc,EACjC,IAAI,EAAE,cAAc,EACpB,UAAU,EAAE,MAAM,EAClB,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;OAKG;IACH,YAAY,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,cAAc,CAAC;CAC/C;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;;;OAOG;IACH,OAAO,CACL,GAAG,EAAE,cAAc,EACnB,SAAS,EAAE,cAAc,EACzB,GAAG,CAAC,EAAE,cAAc,GACnB,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;;OAOG;IACH,OAAO,CACL,GAAG,EAAE,cAAc,EACnB,UAAU,EAAE,cAAc,EAC1B,GAAG,CAAC,EAAE,cAAc,GACnB,OAAO,CAAC,cAAc,CAAC,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;;OAKG;IACH,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAEtD;;;;;OAKG;IACH,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAEtD;;;;;;OAMG;IACH,UAAU,CACR,GAAG,EAAE,cAAc,EACnB,IAAI,EAAE,cAAc,GACnB,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3B;;;;;;OAMG;IACH,UAAU,CACR,GAAG,EAAE,cAAc,EACnB,IAAI,EAAE,cAAc,GACnB,OAAO,CAAC,cAAc,CAAC,CAAC;CAC5B;AAID;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,cAAc,CAAC;IAE5C;;;;;OAKG;IACH,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;CAChC;AAED;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,KAAK,EAAE,aAAa,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,kBAAkB,CAAC;IAE/B;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,QAAQ,EAAE,gBAAgB,CAAC;IAE3B;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;CACxB"}

package/src/interfaces/ecies-library.js

@@ -0,0 +1,9 @@
+"use strict";
+/**
+ * Common interfaces for ECIES library across ecies-lib (browser) and node-ecies-lib (Node.js)
+ *
+ * This file defines the shared contracts that both implementations must adhere to,
+ * ensuring consistent behavior and cross-platform compatibility.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=ecies-library.js.map

package/src/interfaces/ecies-library.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecies-library.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/ecies-library.ts"],"names":[],"mappings":";AAAA;;;;;GAKG"}

package/src/interfaces/index.d.ts

@@ -4,6 +4,7 @@ export * from './constants';
 export * from './ecies-config';
 export * from './ecies-consts';
 export * from './ecies-file-service';
+export * from './ecies-library';
 export * from './frontend-member-operational';
 export * from './guid';
 export type * from './member';
@@ -12,4 +13,8 @@ export type * from './member-with-mnemonic';
 export * from './pbkdf2-config';
 export * from './pbkdf2-consts';
 export * from './pbkdf2-result';
+export * from './platform-buffer';
+export * from './voting-consts';
+export * from './voting-service';
+export * from './isolated-keys';
 //# sourceMappingURL=index.d.ts.map

package/src/interfaces/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,mBAAmB,CAAC;AAClC,cAAc,aAAa,CAAC;AAC5B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,sBAAsB,CAAC;AACrC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,QAAQ,CAAC;AACvB,mBAAmB,UAAU,CAAC;AAC9B,cAAc,kBAAkB,CAAC;AACjC,mBAAmB,wBAAwB,CAAC;AAC5C,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,mBAAmB,CAAC;AAClC,cAAc,aAAa,CAAC;AAC5B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,sBAAsB,CAAC;AACrC,cAAc,iBAAiB,CAAC;AAChC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,QAAQ,CAAC;AACvB,mBAAmB,UAAU,CAAC;AAC9B,cAAc,kBAAkB,CAAC;AACjC,mBAAmB,wBAAwB,CAAC;AAC5C,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAChC,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAChC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC"}

package/src/interfaces/index.js

@@ -7,10 +7,15 @@ tslib_1.__exportStar(require("./constants"), exports);
 tslib_1.__exportStar(require("./ecies-config"), exports);
 tslib_1.__exportStar(require("./ecies-consts"), exports);
 tslib_1.__exportStar(require("./ecies-file-service"), exports);
+tslib_1.__exportStar(require("./ecies-library"), exports);
 tslib_1.__exportStar(require("./frontend-member-operational"), exports);
 tslib_1.__exportStar(require("./guid"), exports);
 tslib_1.__exportStar(require("./member-storage"), exports);
 tslib_1.__exportStar(require("./pbkdf2-config"), exports);
 tslib_1.__exportStar(require("./pbkdf2-consts"), exports);
 tslib_1.__exportStar(require("./pbkdf2-result"), exports);
+tslib_1.__exportStar(require("./platform-buffer"), exports);
+tslib_1.__exportStar(require("./voting-consts"), exports);
+tslib_1.__exportStar(require("./voting-service"), exports);
+tslib_1.__exportStar(require("./isolated-keys"), exports);
 //# sourceMappingURL=index.js.map

package/src/interfaces/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/index.ts"],"names":[],"mappings":";;;AAAA,4DAAkC;AAClC,4DAAkC;AAClC,sDAA4B;AAC5B,yDAA+B;AAC/B,yDAA+B;AAC/B,+DAAqC;AACrC,wEAA8C;AAC9C,iDAAuB;AAEvB,2DAAiC;AAEjC,0DAAgC;AAChC,0DAAgC;AAChC,0DAAgC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/index.ts"],"names":[],"mappings":";;;AAAA,4DAAkC;AAClC,4DAAkC;AAClC,sDAA4B;AAC5B,yDAA+B;AAC/B,yDAA+B;AAC/B,+DAAqC;AACrC,0DAAgC;AAChC,wEAA8C;AAC9C,iDAAuB;AAEvB,2DAAiC;AAEjC,0DAAgC;AAChC,0DAAgC;AAChC,0DAAgC;AAChC,4DAAkC;AAClC,0DAAgC;AAChC,2DAAiC;AACjC,0DAAgC"}

package/src/interfaces/isolated-keys.d.ts

@@ -0,0 +1,83 @@
+/**
+ * Shared interfaces for IsolatedPublicKey and IsolatedPrivateKey
+ * These interfaces define the common API that both ecies-lib (Uint8Array)
+ * and node-ecies-lib (Buffer) must implement.
+ */
+import type { PrivateKey, PublicKey } from 'paillier-bigint';
+/**
+ * Async/Sync mode flag for conditional return types
+ */
+export type AsyncMode = 'async' | 'sync';
+/**
+ * Conditional return type based on async mode
+ */
+export type MaybePromise<T, TMode extends AsyncMode> = TMode extends 'async' ? Promise<T> : T;
+/**
+ * Common interface for IsolatedPublicKey implementations
+ * @template TBuffer - The buffer type (Uint8Array for browser, Buffer for Node.js)
+ * @template TMode - 'async' for browser (ecies-lib), 'sync' for Node.js (node-ecies-lib)
+ */
+export interface IIsolatedPublicKey<TBuffer extends Uint8Array | Buffer = Uint8Array, TMode extends AsyncMode = 'async'> extends PublicKey {
+    /**
+     * Deterministic identifier derived from the public key (SHA-256 of 'n')
+     */
+    readonly keyId: TBuffer;
+    /**
+     * Returns a copy of the keyId
+     */
+    getKeyId(): TBuffer;
+    /**
+     * Returns a copy of the current instance ID
+     */
+    getInstanceId(): TBuffer;
+    /**
+     * Updates the current instance ID to a new random value
+     * This invalidates all previously encrypted ciphertexts
+     */
+    updateInstanceId(): MaybePromise<void, TMode>;
+    /**
+     * Verifies that the keyId matches the SHA-256 hash of the public key 'n'
+     */
+    verifyKeyId(): void;
+    /**
+     * Encrypts a message and tags it with instance HMAC
+     */
+    encryptIsolated(m: bigint): MaybePromise<bigint, TMode>;
+    /**
+     * Multiplies a ciphertext by a constant, preserving instance HMAC
+     */
+    multiplyIsolated(ciphertext: bigint, constant: bigint): MaybePromise<bigint, TMode>;
+    /**
+     * Adds two ciphertexts, preserving instance HMAC
+     */
+    additionIsolated(a: bigint, b: bigint): MaybePromise<bigint, TMode>;
+    /**
+     * Extracts and validates the instance ID from a tagged ciphertext
+     * Returns the instance ID if valid, or zero-filled array if invalid
+     */
+    extractInstanceId(ciphertext: bigint): MaybePromise<TBuffer, TMode>;
+}
+/**
+ * Common interface for IsolatedPrivateKey implementations
+ * @template TBuffer - The buffer type (Uint8Array for browser, Buffer for Node.js)
+ * @template TMode - 'async' for browser (ecies-lib), 'sync' for Node.js (node-ecies-lib)
+ */
+export interface IIsolatedPrivateKey<TBuffer extends Uint8Array | Buffer = Uint8Array, TMode extends AsyncMode = 'async'> extends PrivateKey {
+    /**
+     * Decrypts a tagged ciphertext after validating instance ID and HMAC
+     */
+    decryptIsolated(taggedCiphertext: bigint): MaybePromise<bigint, TMode>;
+    /**
+     * Gets a copy of the original keyId
+     */
+    getOriginalKeyId(): TBuffer;
+    /**
+     * Gets a copy of the original instanceId
+     */
+    getOriginalInstanceId(): TBuffer;
+    /**
+     * Gets the original public key reference
+     */
+    getOriginalPublicKey(): IIsolatedPublicKey<TBuffer, TMode>;
+}
+//# sourceMappingURL=isolated-keys.d.ts.map

package/src/interfaces/isolated-keys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"isolated-keys.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/isolated-keys.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE7D;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,OAAO,GAAG,MAAM,CAAC;AAEzC;;GAEG;AACH,MAAM,MAAM,YAAY,CAAC,CAAC,EAAE,KAAK,SAAS,SAAS,IAAI,KAAK,SAAS,OAAO,GACxE,OAAO,CAAC,CAAC,CAAC,GACV,CAAC,CAAC;AAEN;;;;GAIG;AACH,MAAM,WAAW,kBAAkB,CACjC,OAAO,SAAS,UAAU,GAAG,MAAM,GAAG,UAAU,EAChD,KAAK,SAAS,SAAS,GAAG,OAAO,CACjC,SAAQ,SAAS;IACjB;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IAExB;;OAEG;IACH,QAAQ,IAAI,OAAO,CAAC;IAEpB;;OAEG;IACH,aAAa,IAAI,OAAO,CAAC;IAEzB;;;OAGG;IACH,gBAAgB,IAAI,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAE9C;;OAEG;IACH,WAAW,IAAI,IAAI,CAAC;IAEpB;;OAEG;IACH,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAExD;;OAEG;IACH,gBAAgB,CACd,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,YAAY,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAE/B;;OAEG;IACH,gBAAgB,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAEpE;;;OAGG;IACH,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,YAAY,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;CACrE;AAED;;;;GAIG;AACH,MAAM,WAAW,mBAAmB,CAClC,OAAO,SAAS,UAAU,GAAG,MAAM,GAAG,UAAU,EAChD,KAAK,SAAS,SAAS,GAAG,OAAO,CACjC,SAAQ,UAAU;IAClB;;OAEG;IACH,eAAe,CAAC,gBAAgB,EAAE,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAEvE;;OAEG;IACH,gBAAgB,IAAI,OAAO,CAAC;IAE5B;;OAEG;IACH,qBAAqB,IAAI,OAAO,CAAC;IAEjC;;OAEG;IACH,oBAAoB,IAAI,kBAAkB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;CAC5D"}

package/src/interfaces/isolated-keys.js

@@ -0,0 +1,8 @@
+"use strict";
+/**
+ * Shared interfaces for IsolatedPublicKey and IsolatedPrivateKey
+ * These interfaces define the common API that both ecies-lib (Uint8Array)
+ * and node-ecies-lib (Buffer) must implement.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=isolated-keys.js.map

package/src/interfaces/isolated-keys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"isolated-keys.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/isolated-keys.ts"],"names":[],"mappings":";AAAA;;;;GAIG"}

package/src/interfaces/member.d.ts

@@ -4,21 +4,25 @@ import type { EmailString } from '../email-string';
 import type { MemberType } from '../enumerations/member-type';
 import type { SecureBuffer } from '../secure-buffer';
 import type { SecureString } from '../secure-string';
-import type { SignatureUint8Array } from '../types';
 import type { IECIESConstants } from './ecies-consts';
 import type { IEncryptedChunk } from './encrypted-chunk';
+import type { PlatformBuffer } from './platform-buffer';
 /**
- * Interface representing a member with cryptographic capabilities.
- * This interface defines the contract for member operations without
- * referencing concrete class implementations.
+ * Generic interface representing a member with cryptographic capabilities.
+ * This interface defines the contract for member operations across both
+ * ecies-lib (Uint8Array) and node-ecies-lib (Buffer) implementations.
+ *
+ * @template TBuffer - The buffer type (Uint8Array for browser, Buffer for Node.js)
+ * @template TID - The ID type (Uint8Array for browser, Buffer/string/ObjectId for Node.js)
+ * @template TSignature - The signature type (SignatureUint8Array for browser, SignatureBuffer for Node.js)
  */
-export interface IMember {
-    readonly id: Uint8Array;
+export interface IMember<TBuffer extends PlatformBuffer = Uint8Array, TID extends string | TBuffer = TBuffer, TSignature extends TBuffer = TBuffer> {
+    readonly id: TID;
     readonly type: MemberType;
     readonly name: string;
     readonly email: EmailString;
-    readonly publicKey: Uint8Array;
-    readonly creatorId: Uint8Array;
+    readonly publicKey: TBuffer;
+    readonly creatorId: TID;
     readonly dateCreated: Date;
     readonly dateUpdated: Date;
     readonly privateKey: SecureBuffer | undefined;
@@ -32,30 +36,30 @@ export interface IMember {
     unloadWalletAndPrivateKey(): void;
     loadWallet(mnemonic: SecureString, eciesParams?: IECIESConstants): void;
     loadPrivateKey(privateKey: SecureBuffer): void;
-    loadVotingKeys?(votingPublicKey: PublicKey, votingPrivateKey?: PrivateKey): void;
-    deriveVotingKeys?(): void;
-    unloadVotingPrivateKey?(): void;
-    sign(data: Uint8Array): SignatureUint8Array;
-    signData(data: Uint8Array): SignatureUint8Array;
-    verify(signature: SignatureUint8Array, data: Uint8Array): boolean;
-    verifySignature(data: Uint8Array, signature: Uint8Array, publicKey: Uint8Array): boolean;
-    encryptDataStream(source: AsyncIterable<Uint8Array> | ReadableStream<Uint8Array>, options?: {
-        recipientPublicKey?: Uint8Array;
+    loadVotingKeys(votingPublicKey: PublicKey, votingPrivateKey?: PrivateKey): void;
+    deriveVotingKeys(options?: Record<string, unknown>): Promise<void>;
+    unloadVotingPrivateKey(): void;
+    sign(data: TBuffer): TSignature;
+    signData(data: TBuffer): TSignature;
+    verify(signature: TSignature, data: TBuffer): boolean;
+    verifySignature(data: TBuffer, signature: TBuffer, publicKey: TBuffer): boolean;
+    encryptDataStream(source: AsyncIterable<TBuffer> | ReadableStream<TBuffer>, options?: {
+        recipientPublicKey?: TBuffer;
         onProgress?: (progress: {
             bytesProcessed: number;
             chunksProcessed: number;
         }) => void;
         signal?: AbortSignal;
     }): AsyncGenerator<IEncryptedChunk, void, unknown>;
-    decryptDataStream(source: AsyncIterable<Uint8Array> | ReadableStream<Uint8Array>, options?: {
+    decryptDataStream(source: AsyncIterable<TBuffer> | ReadableStream<TBuffer>, options?: {
         onProgress?: (progress: {
             bytesProcessed: number;
             chunksProcessed: number;
         }) => void;
         signal?: AbortSignal;
-    }): AsyncGenerator<Uint8Array, void, unknown>;
-    encryptData(data: string | Uint8Array, recipientPublicKey?: Uint8Array): Promise<Uint8Array>;
-    decryptData(encryptedData: Uint8Array): Promise<Uint8Array>;
+    }): AsyncGenerator<TBuffer, void, unknown>;
+    encryptData(data: string | TBuffer, recipientPublicKey?: TBuffer): Promise<TBuffer> | TBuffer;
+    decryptData(encryptedData: TBuffer): Promise<TBuffer> | TBuffer;
     toJson(): string;
     dispose(): void;
 }

package/src/interfaces/member.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"member.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/member.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEzD;;;;GAIG;AACH,MAAM,WAAW,OAAO;IAEtB,QAAQ,CAAC,EAAE,EAAE,UAAU,CAAC;IACxB,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,UAAU,CAAC;IAC/B,QAAQ,CAAC,SAAS,EAAE,UAAU,CAAC;IAC/B,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC;IAG3B,QAAQ,CAAC,UAAU,EAAE,YAAY,GAAG,SAAS,CAAC;IAC9C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAGxB,QAAQ,CAAC,eAAe,CAAC,EAAE,SAAS,CAAC;IACrC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,UAAU,CAAC;IAGvC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAChC,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IAGtC,gBAAgB,IAAI,IAAI,CAAC;IACzB,YAAY,IAAI,IAAI,CAAC;IACrB,yBAAyB,IAAI,IAAI,CAAC;IAClC,UAAU,CAAC,QAAQ,EAAE,YAAY,EAAE,WAAW,CAAC,EAAE,eAAe,GAAG,IAAI,CAAC;IACxE,cAAc,CAAC,UAAU,EAAE,YAAY,GAAG,IAAI,CAAC;IAG/C,cAAc,CAAC,CACb,eAAe,EAAE,SAAS,EAC1B,gBAAgB,CAAC,EAAE,UAAU,GAC5B,IAAI,CAAC;IACR,gBAAgB,CAAC,IAAI,IAAI,CAAC;IAC1B,sBAAsB,CAAC,IAAI,IAAI,CAAC;IAGhC,IAAI,CAAC,IAAI,EAAE,UAAU,GAAG,mBAAmB,CAAC;IAC5C,QAAQ,CAAC,IAAI,EAAE,UAAU,GAAG,mBAAmB,CAAC;IAChD,MAAM,CAAC,SAAS,EAAE,mBAAmB,EAAE,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC;IAClE,eAAe,CACb,IAAI,EAAE,UAAU,EAChB,SAAS,EAAE,UAAU,EACrB,SAAS,EAAE,UAAU,GACpB,OAAO,CAAC;IAGX,iBAAiB,CACf,MAAM,EAAE,aAAa,CAAC,UAAU,CAAC,GAAG,cAAc,CAAC,UAAU,CAAC,EAC9D,OAAO,CAAC,EAAE;QACR,kBAAkB,CAAC,EAAE,UAAU,CAAC;QAChC,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;YACtB,cAAc,EAAE,MAAM,CAAC;YACvB,eAAe,EAAE,MAAM,CAAC;SACzB,KAAK,IAAI,CAAC;QACX,MAAM,CAAC,EAAE,WAAW,CAAC;KACtB,GACA,cAAc,CAAC,eAAe,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAElD,iBAAiB,CACf,MAAM,EAAE,aAAa,CAAC,UAAU,CAAC,GAAG,cAAc,CAAC,UAAU,CAAC,EAC9D,OAAO,CAAC,EAAE;QACR,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;YACtB,cAAc,EAAE,MAAM,CAAC;YACvB,eAAe,EAAE,MAAM,CAAC;SACzB,KAAK,IAAI,CAAC;QACX,MAAM,CAAC,EAAE,WAAW,CAAC;KACtB,GACA,cAAc,CAAC,UAAU,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAE7C,WAAW,CACT,IAAI,EAAE,MAAM,GAAG,UAAU,EACzB,kBAAkB,CAAC,EAAE,UAAU,GAC9B,OAAO,CAAC,UAAU,CAAC,CAAC;IAEvB,WAAW,CAAC,aAAa,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAG5D,MAAM,IAAI,MAAM,CAAC;IACjB,OAAO,IAAI,IAAI,CAAC;CACjB"}
+{"version":3,"file":"member.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/member.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACzD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAExD;;;;;;;;GAQG;AACH,MAAM,WAAW,OAAO,CACtB,OAAO,SAAS,cAAc,GAAG,UAAU,EAC3C,GAAG,SAAS,MAAM,GAAG,OAAO,GAAG,OAAO,EACtC,UAAU,SAAS,OAAO,GAAG,OAAO;IAGpC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC;IACjB,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,GAAG,CAAC;IACxB,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC;IAG3B,QAAQ,CAAC,UAAU,EAAE,YAAY,GAAG,SAAS,CAAC;IAC9C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAGxB,QAAQ,CAAC,eAAe,CAAC,EAAE,SAAS,CAAC;IACrC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,UAAU,CAAC;IAGvC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAChC,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IAGtC,gBAAgB,IAAI,IAAI,CAAC;IACzB,YAAY,IAAI,IAAI,CAAC;IACrB,yBAAyB,IAAI,IAAI,CAAC;IAClC,UAAU,CAAC,QAAQ,EAAE,YAAY,EAAE,WAAW,CAAC,EAAE,eAAe,GAAG,IAAI,CAAC;IACxE,cAAc,CAAC,UAAU,EAAE,YAAY,GAAG,IAAI,CAAC;IAG/C,cAAc,CACZ,eAAe,EAAE,SAAS,EAC1B,gBAAgB,CAAC,EAAE,UAAU,GAC5B,IAAI,CAAC;IACR,gBAAgB,CACd,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAChC,OAAO,CAAC,IAAI,CAAC,CAAC;IACjB,sBAAsB,IAAI,IAAI,CAAC;IAG/B,IAAI,CAAC,IAAI,EAAE,OAAO,GAAG,UAAU,CAAC;IAChC,QAAQ,CAAC,IAAI,EAAE,OAAO,GAAG,UAAU,CAAC;IACpC,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC;IACtD,eAAe,CACb,IAAI,EAAE,OAAO,EACb,SAAS,EAAE,OAAO,EAClB,SAAS,EAAE,OAAO,GACjB,OAAO,CAAC;IAGX,iBAAiB,CACf,MAAM,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,EACxD,OAAO,CAAC,EAAE;QACR,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAC7B,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;YACtB,cAAc,EAAE,MAAM,CAAC;YACvB,eAAe,EAAE,MAAM,CAAC;SACzB,KAAK,IAAI,CAAC;QACX,MAAM,CAAC,EAAE,WAAW,CAAC;KACtB,GACA,cAAc,CAAC,eAAe,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAElD,iBAAiB,CACf,MAAM,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,EACxD,OAAO,CAAC,EAAE;QACR,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;YACtB,cAAc,EAAE,MAAM,CAAC;YACvB,eAAe,EAAE,MAAM,CAAC;SACzB,KAAK,IAAI,CAAC;QACX,MAAM,CAAC,EAAE,WAAW,CAAC;KACtB,GACA,cAAc,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAE1C,WAAW,CACT,IAAI,EAAE,MAAM,GAAG,OAAO,EACtB,kBAAkB,CAAC,EAAE,OAAO,GAC3B,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;IAE9B,WAAW,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;IAGhE,MAAM,IAAI,MAAM,CAAC;IACjB,OAAO,IAAI,IAAI,CAAC;CACjB"}

package/src/interfaces/platform-buffer.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Platform-agnostic buffer type
+ *
+ * This type adapts to the execution environment:
+ * - Browser (ecies-lib): Uint8Array
+ * - Node.js (node-ecies-lib): Buffer (which extends Uint8Array)
+ */
+export type PlatformBuffer = Uint8Array | Buffer;
+//# sourceMappingURL=platform-buffer.d.ts.map

package/src/interfaces/platform-buffer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"platform-buffer.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/platform-buffer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,MAAM,CAAC"}

package/src/interfaces/platform-buffer.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=platform-buffer.js.map

package/src/interfaces/platform-buffer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"platform-buffer.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/platform-buffer.ts"],"names":[],"mappings":""}

package/src/interfaces/voting-consts.d.ts

@@ -0,0 +1,82 @@
+/**
+ * Constants for voting operations using Paillier homomorphic encryption.
+ * These values are critical for cryptographic operations and should be consistent
+ * across all implementations (ecies-lib, node-ecies-lib, BrightChain).
+ */
+export interface IVotingConsts {
+    /**
+     * Info string used in HKDF for prime generation.
+     * This provides domain separation in the key derivation process.
+     */
+    readonly PRIME_GEN_INFO: 'PaillierPrimeGen';
+    /**
+     * Number of iterations for Miller-Rabin primality test.
+     * With 256 rounds, probability of false positive is < 2^-512.
+     */
+    readonly PRIME_TEST_ITERATIONS: 256;
+    /**
+     * Bit length for Paillier key pair generation.
+     * 3072 bits provides ~128-bit security level (NIST recommended).
+     */
+    readonly KEYPAIR_BIT_LENGTH: 3072;
+    /**
+     * Offset of the public key in the key pair buffer.
+     * Used for buffer serialization calculations.
+     */
+    readonly PUB_KEY_OFFSET: 768;
+    /**
+     * HKDF output length in bytes.
+     * SHA-512 produces 64 bytes.
+     */
+    readonly HKDF_LENGTH: 64;
+    /**
+     * HMAC algorithm for HKDF key derivation.
+     */
+    readonly HMAC_ALGORITHM: 'sha512';
+    /**
+     * Hash algorithm for key ID generation and HMAC tagging.
+     */
+    readonly HASH_ALGORITHM: 'sha256';
+    /**
+     * Radix for bit string representation (binary).
+     */
+    readonly BITS_RADIX: 2;
+    /**
+     * Radix for key serialization (hexadecimal).
+     */
+    readonly KEY_RADIX: 16;
+    /**
+     * Format for key serialization.
+     */
+    readonly KEY_FORMAT: 'hex';
+    /**
+     * Format for digest output.
+     */
+    readonly DIGEST_FORMAT: 'hex';
+    /**
+     * Current version of the voting key format.
+     * Increment when serialization format changes.
+     */
+    readonly KEY_VERSION: 1;
+    /**
+     * Magic identifier for voting keys.
+     * Used to identify key type in serialized format.
+     */
+    readonly KEY_MAGIC: 'BCVK';
+    /**
+     * Maximum attempts to generate a prime number using DRBG.
+     * Prevents infinite loops in prime generation.
+     */
+    readonly DRBG_PRIME_ATTEMPTS: 20000;
+    /**
+     * Length of key ID in bytes.
+     * SHA-256 produces 32 bytes.
+     */
+    readonly KEY_ID_LENGTH: 32;
+    /**
+     * Length of instance ID in bytes.
+     * SHA-256 produces 32 bytes.
+     */
+    readonly INSTANCE_ID_LENGTH: 32;
+}
+//# sourceMappingURL=voting-consts.d.ts.map

package/src/interfaces/voting-consts.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"voting-consts.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/voting-consts.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B;;;OAGG;IACH,QAAQ,CAAC,cAAc,EAAE,kBAAkB,CAAC;IAE5C;;;OAGG;IACH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,CAAC;IAEpC;;;OAGG;IACH,QAAQ,CAAC,kBAAkB,EAAE,IAAI,CAAC;IAElC;;;OAGG;IACH,QAAQ,CAAC,cAAc,EAAE,GAAG,CAAC;IAE7B;;;OAGG;IACH,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC;IAEzB;;OAEG;IACH,QAAQ,CAAC,cAAc,EAAE,QAAQ,CAAC;IAElC;;OAEG;IACH,QAAQ,CAAC,cAAc,EAAE,QAAQ,CAAC;IAElC;;OAEG;IACH,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IAEvB;;OAEG;IACH,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC;IAEvB;;OAEG;IACH,QAAQ,CAAC,UAAU,EAAE,KAAK,CAAC;IAE3B;;OAEG;IACH,QAAQ,CAAC,aAAa,EAAE,KAAK,CAAC;IAE9B;;;OAGG;IACH,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;IAExB;;;OAGG;IACH,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAE3B;;;OAGG;IACH,QAAQ,CAAC,mBAAmB,EAAE,KAAK,CAAC;IAEpC;;;OAGG;IACH,QAAQ,CAAC,aAAa,EAAE,EAAE,CAAC;IAE3B;;;OAGG;IACH,QAAQ,CAAC,kBAAkB,EAAE,EAAE,CAAC;CACjC"}

package/src/interfaces/voting-consts.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=voting-consts.js.map

package/src/interfaces/voting-consts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"voting-consts.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/interfaces/voting-consts.ts"],"names":[],"mappings":""}