@interest-protocol/vortex-sdk 11.3.0 → 12.0.3

package/dist/utils/decrypt.d.ts

@@ -1,9 +1,9 @@
-import { PaginatedEvents } from '@mysten/sui/client';
-import { Commitment } from '../vortex-api.types';
-import { VortexKeypair } from '../entities/keypair';
+import type { PaginatedEvents } from '@mysten/sui/client';
+import type { Commitment } from '../vortex-api.types';
+import type { VortexKeypair } from '../entities/keypair';
+import type { Vortex } from '../vortex';
+import type { VortexPool } from '../vortex.types';
 import { Utxo } from '../entities/utxo';
-import { Vortex } from '../vortex';
-import { VortexPool } from '../vortex.types';
 interface GetUnspentUtxosArgs {
     commitmentEvents: PaginatedEvents;
     vortexKeypair: VortexKeypair;

package/dist/utils/decrypt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"decrypt.d.ts","sourceRoot":"","sources":["../../src/utils/decrypt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAErD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAExC,OAAO,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAG7C,UAAU,mBAAmB;IAC3B,gBAAgB,EAAE,eAAe,CAAC;IAClC,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,UAAU,CAAC;CACjC;AAED,eAAO,MAAM,eAAe,GAAU,6DAKnC,mBAAmB,oBAkCrB,CAAC;AAEF,UAAU,0BAA0B;IAClC,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,UAAU,CAAC;CACjC;AAED,UAAU,wCAAwC;IAChD,WAAW,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,GAAG,iBAAiB,CAAC,EAAE,CAAC;IAChE,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,UAAU,CAAC;CACjC;AAED,eAAO,MAAM,sBAAsB,GAAU,wDAK1C,0BAA0B,oBA2C5B,CAAC;AAEF,eAAO,MAAM,oCAAoC,GAAU,wDAKxD,wCAAwC;;;EAmD1C,CAAC"}
+{"version":3,"file":"decrypt.d.ts","sourceRoot":"","sources":["../../src/utils/decrypt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,KAAK,EAAe,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACtE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAGlD,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAIxC,UAAU,mBAAmB;IAC3B,gBAAgB,EAAE,eAAe,CAAC;IAClC,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,UAAU,CAAC;CACjC;AAED,eAAO,MAAM,eAAe,GAAU,6DAKnC,mBAAmB,oBAkCrB,CAAC;AAEF,UAAU,0BAA0B;IAClC,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,UAAU,CAAC;CACjC;AAED,UAAU,wCAAwC;IAChD,WAAW,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,GAAG,iBAAiB,CAAC,EAAE,CAAC;IAChE,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,UAAU,CAAC;CACjC;AAED,eAAO,MAAM,sBAAsB,GAAU,wDAK1C,0BAA0B,oBA2C5B,CAAC;AAEF,eAAO,MAAM,oCAAoC,GAAU,wDAKxD,wCAAwC;;;EAgD1C,CAAC"}

package/dist/vortex-api.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"vortex-api.d.ts","sourceRoot":"","sources":["../src/vortex-api.ts"],"names":[],"mappings":"AACA,OAAO,EACL,wBAAwB,EAExB,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,eAAe,EACf,mBAAmB,EACnB,oBAAoB,EACpB,aAAa,EACb,YAAY,EACZ,UAAU,EACV,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,kBAAkB,EAClB,yBAAyB,EACzB,mBAAmB,EACnB,eAAe,EAGhB,MAAM,oBAAoB,CAAC;AAE5B,qBAAa,SAAS;;gBAGR,EAAE,MAAuB,EAAE,GAAE,wBAA6B;IAIhE,MAAM,IAAI,OAAO,CAAC,cAAc,CAAC;IAQjC,WAAW,CAAC,IAAI,EAAE,eAAe,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAiB7D,aAAa,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC,eAAe,CAAC;IAenE,YAAY,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAsBtE,QAAQ,CAAC,IAAI,GAAE,YAAiB,GAAG,OAAO,CAAC,aAAa,CAAC;IAyBzD,cAAc,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA4BtE,iBAAiB,CACrB,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE,MAAM,CAAC,GAAG;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GAC5D,OAAO,CAAC,UAAU,EAAE,CAAC;IAoBlB,aAAa,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAmBnE,kBAAkB,CACtB,IAAI,EAAE,yBAAyB,GAC9B,OAAO,CAAC,mBAAmB,CAAC;IAczB,UAAU,IAAI,OAAO,CAAC,eAAe,CAAC;CAuD7C;AAED,eAAO,MAAM,SAAS,WAAkB,CAAC"}
+{"version":3,"file":"vortex-api.d.ts","sourceRoot":"","sources":["../src/vortex-api.ts"],"names":[],"mappings":"AACA,OAAO,EACL,wBAAwB,EAExB,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,eAAe,EACf,mBAAmB,EACnB,oBAAoB,EACpB,aAAa,EACb,YAAY,EACZ,UAAU,EACV,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,kBAAkB,EAClB,yBAAyB,EACzB,mBAAmB,EACnB,eAAe,EAGhB,MAAM,oBAAoB,CAAC;AAE5B,qBAAa,SAAS;;gBAGR,EAAE,MAAuB,EAAE,GAAE,wBAA6B;IAIhE,MAAM,IAAI,OAAO,CAAC,cAAc,CAAC;IAQjC,WAAW,CAAC,IAAI,EAAE,eAAe,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAiB7D,aAAa,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC,eAAe,CAAC;IAenE,YAAY,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAsBtE,QAAQ,CAAC,IAAI,GAAE,YAAiB,GAAG,OAAO,CAAC,aAAa,CAAC;IAyBzD,cAAc,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA4BtE,iBAAiB,CACrB,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE,MAAM,CAAC,GAAG;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GAC5D,OAAO,CAAC,UAAU,EAAE,CAAC;IAwBlB,aAAa,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAmBnE,kBAAkB,CACtB,IAAI,EAAE,yBAAyB,GAC9B,OAAO,CAAC,mBAAmB,CAAC;IAczB,UAAU,IAAI,OAAO,CAAC,eAAe,CAAC;CAuD7C;AAED,eAAO,MAAM,SAAS,WAAkB,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@interest-protocol/vortex-sdk",
-  "version": "11.3.0",
+  "version": "12.0.3",
   "description": "",
   "main": "index.js",
   "module": "./dist/index.mjs",
@@ -17,8 +17,8 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@mysten/sui": "^1.36.2",
-    "@noble/ciphers": "^2.0.1",
+    "@mysten/sui": "^1.45.2",
+    "@noble/ciphers": "^2.1.1",
     "@noble/curves": "^2.0.1",
     "@noble/hashes": "^2.0.1",
     "@polymedia/suitcase-core": "^0.0.67",
@@ -29,16 +29,16 @@
     "@interest-protocol/sui-core-sdk": "1.0.0"
   },
   "devDependencies": {
-    "@types/bn.js": "^5.1.6",
-    "@types/jest": "^29.5.5",
+    "@types/bn.js": "^5.2.0",
+    "@types/jest": "^29.5.14",
     "@types/ramda": "^0.30.2",
     "jest": "^29.7.0",
     "jest-environment-node": "^29.7.0",
-    "rimraf": "^6.0.1",
-    "ts-jest": "^29.1.1",
-    "tsup": "^8.3.5",
-    "@interest-protocol/prettier-config": "1.0.0",
-    "@interest-protocol/typescript-config": "1.0.0"
+    "rimraf": "^6.1.2",
+    "ts-jest": "^29.4.6",
+    "tsup": "^8.5.1",
+    "@interest-protocol/typescript-config": "1.0.0",
+    "@interest-protocol/prettier-config": "1.0.0"
   },
   "publishConfig": {
     "access": "public",

package/src/__tests__/entities/keypair.spec.ts

@@ -108,8 +108,165 @@ describe(VortexKeypair.name, () => {
         keypair1.encryptionKey
       );
 
-      // Attempting to decrypt with wrong keypair should throw or produce garbage
-      expect(() => keypair2.decryptUtxo(encrypted)).toThrow();
+      // Attempting to decrypt with wrong keypair should throw
+      expect(() => keypair2.decryptUtxo(encrypted)).toThrow(
+        'Decryption failed: HMAC verification failed'
+      );
+    });
+
+    it('should ALWAYS fail with wrong keypair - 100 iterations', () => {
+      // This test verifies the key-committing property of HMAC
+      // With the old Poly1305, this could sometimes succeed with garbage data
+      // With HMAC-SHA256, it should ALWAYS fail
+
+      const correctKeypair = VortexKeypair.generate();
+      const utxo = {
+        amount: 1000000n,
+        blinding: 123456789n,
+        index: 42n,
+        vortexPool:
+          '0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef',
+      };
+
+      const encrypted = VortexKeypair.encryptUtxoFor(
+        utxo,
+        correctKeypair.encryptionKey
+      );
+
+      let failureCount = 0;
+      const iterations = 100;
+
+      for (let i = 0; i < iterations; i++) {
+        const wrongKeypair = VortexKeypair.generate();
+        try {
+          wrongKeypair.decryptUtxo(encrypted);
+          // If we get here, decryption "succeeded" (BUG!)
+        } catch {
+          failureCount++;
+        }
+      }
+
+      // ALL attempts must fail - this proves the key-committing property
+      expect(failureCount).toBe(iterations);
+    });
+
+    it('should throw specific HMAC error message on wrong key', () => {
+      const keypair1 = VortexKeypair.generate();
+      const keypair2 = VortexKeypair.generate();
+
+      const utxo = {
+        amount: 500n,
+        blinding: 12345n,
+        index: 1n,
+        vortexPool: '0xabc',
+      };
+
+      const encrypted = VortexKeypair.encryptUtxoFor(
+        utxo,
+        keypair1.encryptionKey
+      );
+
+      expect(() => keypair2.decryptUtxo(encrypted)).toThrow(
+        'HMAC verification failed'
+      );
+    });
+
+    it('should decrypt correctly with the right keypair after failed attempts', () => {
+      const correctKeypair = VortexKeypair.generate();
+      const utxo = {
+        amount: 9999n,
+        blinding: 8888n,
+        index: 7n,
+        vortexPool: '0xdef',
+      };
+
+      const encrypted = VortexKeypair.encryptUtxoFor(
+        utxo,
+        correctKeypair.encryptionKey
+      );
+
+      // Try 10 wrong keypairs first
+      for (let i = 0; i < 10; i++) {
+        const wrongKeypair = VortexKeypair.generate();
+        expect(() => wrongKeypair.decryptUtxo(encrypted)).toThrow();
+      }
+
+      // Now decrypt with correct keypair - should still work
+      const decrypted = correctKeypair.decryptUtxo(encrypted);
+      expect(decrypted.amount).toBe(utxo.amount);
+      expect(decrypted.blinding).toBe(utxo.blinding);
+      expect(decrypted.index).toBe(utxo.index);
+    });
+
+    it('should handle large amounts correctly', () => {
+      const keypair = VortexKeypair.generate();
+      const utxo = {
+        amount: BigInt('999999999999999999999999999'),
+        blinding: BigInt('888888888888888888888888888'),
+        index: BigInt('77777777777'),
+        vortexPool:
+          '0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff',
+      };
+
+      const encrypted = VortexKeypair.encryptUtxoFor(
+        utxo,
+        keypair.encryptionKey
+      );
+      const decrypted = keypair.decryptUtxo(encrypted);
+
+      expect(decrypted.amount).toBe(utxo.amount);
+      expect(decrypted.blinding).toBe(utxo.blinding);
+      expect(decrypted.index).toBe(utxo.index);
+    });
+
+    it('should handle zero values correctly', () => {
+      const keypair = VortexKeypair.generate();
+      const utxo = {
+        amount: 0n,
+        blinding: 0n,
+        index: 0n,
+        vortexPool: '0x0',
+      };
+
+      const encrypted = VortexKeypair.encryptUtxoFor(
+        utxo,
+        keypair.encryptionKey
+      );
+      const decrypted = keypair.decryptUtxo(encrypted);
+
+      expect(decrypted.amount).toBe(utxo.amount);
+      expect(decrypted.blinding).toBe(utxo.blinding);
+      expect(decrypted.index).toBe(utxo.index);
+    });
+
+    it('should produce different ciphertexts for same data (random nonce)', () => {
+      const keypair = VortexKeypair.generate();
+      const utxo = {
+        amount: 1000n,
+        blinding: 999n,
+        index: 5n,
+        vortexPool: '0x123',
+      };
+
+      const encrypted1 = VortexKeypair.encryptUtxoFor(
+        utxo,
+        keypair.encryptionKey
+      );
+      const encrypted2 = VortexKeypair.encryptUtxoFor(
+        utxo,
+        keypair.encryptionKey
+      );
+
+      // Different ciphertexts due to random nonce
+      expect(encrypted1).not.toBe(encrypted2);
+
+      // But both decrypt to same data
+      const decrypted1 = keypair.decryptUtxo(encrypted1);
+      const decrypted2 = keypair.decryptUtxo(encrypted2);
+
+      expect(decrypted1.amount).toBe(decrypted2.amount);
+      expect(decrypted1.blinding).toBe(decrypted2.blinding);
+      expect(decrypted1.index).toBe(decrypted2.index);
     });
   });
 

package/src/constants.ts

@@ -1,5 +1,3 @@
-import { SUI_TYPE_ARG } from '@mysten/sui/utils';
-
 export const BN254_FIELD_MODULUS =
   21888242871839275222246405745257275088548364400416034343698204186575808495617n;
 
@@ -73,24 +71,24 @@ export const ERROR_CODES = {
 };
 
 export const VORTEX_PACKAGE_ID =
-  '0xcf81b96e392f82b776ee980108357426b726c4043c838822545a307e12c5ded6';
+  '0xd9d3b65c318e7d7dd208050a28e113a45256765b4c45acd119626d8a228d7555';
 
 export const VORTEX_UPGRADE_CAP =
-  '0xc2d1925fd45559e09c51f5491ec96d61f9e9108c967d34fe22a053c1b307ddfc';
+  '0xa0d5c1dec2ad7c732cf8d01378eba8fc1451841b051fa0292d3ad07ce92aad80';
 
 export const REGISTRY_OBJECT_ID =
-  '0xf2c11c297e0581e0279714f6ba47e26d03d9a70756036fab5882ebc0f1d2b3b1';
+  '0x6cec550fb43435462f34b15aee9f8b8030e0433e16c8104e966013f0443b2e36';
 
 export const VORTEX_SWAP_PACKAGE_ID =
-  '0x2ddd33debbac3e0461b3551bb00bd40d3055ea5cd441b4fad8624dcbb095e8fb';
+  '0x325610fc0c15c91682f8bf263ef0991c28fe7ff77fd98266821c3e696e459cdf';
 
 export const VORTEX_SWAP_UPGRADE_CAP =
-  '0xec0beaf1453b0e09d92f8addf25abcfb4bc6ce43ead828914836cadc8df249a0';
+  '0x3f535b61b6baa2174dc301179bd2bc392563086ddca23b8eec69da505d54e3c1';
 
 export const SECRET_PACKAGE_ID =
   '0x2d57ed0dd0d5f44d91f865fee3bc33d13ef3ce97c7daf88ad5f5fbb32468ccd6';
 
-export const INITIAL_SHARED_VERSION = '692442863';
+export const INITIAL_SHARED_VERSION = '738926997';
 
 export const LSK_FETCH_OFFSET = 'fetch_offset';
 
@@ -106,8 +104,3 @@ export const TREASURY_ADDRESS =
 export const DEPOSIT_FEE_IN_BASIS_POINTS = 50n;
 
 export const BASIS_POINTS = 10_000n;
-
-export const VORTEX_POOL_IDS = {
-  [SUI_TYPE_ARG]:
-    '0x1e3672f35853fccded923505434b5138543829231f025120d57fda95b86b504c',
-};

package/src/crypto/ff/f1field.ts

@@ -1,5 +1,6 @@
+/* eslint-disable */
 import * as Scalar from './scalar';
-import { getRandomBytes } from './random';
+import { randomBytes } from '@noble/ciphers/utils.js';
 
 export class F1Field {
   type: string;
@@ -288,7 +289,7 @@ export class F1Field {
     const nBytes = (this.bitLength * 2) / 8;
     let res = this.zero;
     for (let i = 0; i < nBytes; i++) {
-      res = (res << BigInt(8)) + BigInt(getRandomBytes(1)[0]!);
+      res = (res << BigInt(8)) + BigInt(randomBytes(1)[0]!);
     }
     return res % this.p;
   }

package/src/crypto/ff/index.ts

@@ -1,6 +1,6 @@
+/* eslint-disable */
 import * as utils from './utils';
 import * as Scalar from './scalar';
 import { F1Field } from './f1field';
-import { getRandomBytes } from './random';
 
-export { utils, Scalar, F1Field, getRandomBytes };
+export { utils, Scalar, F1Field };

package/src/crypto/ff/scalar.ts

@@ -1,3 +1,4 @@
+/* eslint-disable */
 const hexLen = [0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4];
 
 export const fromString = (s: string, radix?: number): bigint => {

package/src/crypto/ff/utils.ts

@@ -1,3 +1,4 @@
+/* eslint-disable */
 import * as Scalar from './scalar';
 import { fromBase64 } from '@mysten/sui/utils';
 export function unStringifyBigInts(o: unknown): unknown {

package/src/entities/keypair.ts

@@ -6,10 +6,22 @@ import { Ed25519Keypair } from '@mysten/sui/keypairs/ed25519';
 import invariant from 'tiny-invariant';
 import { randomBytes } from '@noble/ciphers/utils.js';
 import { x25519 } from '@noble/curves/ed25519.js';
-import { xsalsa20poly1305 } from '@noble/ciphers/salsa.js';
+import { xchacha20 } from '@noble/ciphers/chacha.js';
+import { hmac } from '@noble/hashes/hmac.js';
+import { sha256 } from '@noble/hashes/sha2.js';
 import { blake2b } from '@noble/hashes/blake2.js';
 import { normalizeSuiAddress } from '@mysten/sui/utils';
 
+// Constant-time comparison to prevent timing attacks
+function constantTimeEqual(a: Uint8Array, b: Uint8Array): boolean {
+  if (a.length !== b.length) return false;
+  let diff = 0;
+  for (let i = 0; i < a.length; i++) {
+    diff |= a[i] ^ b[i];
+  }
+  return diff === 0;
+}
+
 export interface UtxoPayload {
   amount: bigint;
   blinding: bigint;
@@ -21,6 +33,7 @@ interface EncryptedMessage {
   version: string;
   nonce: string; // base64
   ephemPublicKey: string; // base64
+  hmacTag: string; // base64 - HMAC-SHA256 tag for key-committing authentication
   ciphertext: string; // base64
 }
 
@@ -30,12 +43,14 @@ type SignMessageFn = (message: Uint8Array) => Promise<{
   bytes: string;
 }>;
 
+// Message format: nonce (24) | ephemPublicKey (32) | hmacTag (32) | ciphertext (variable)
 function packEncryptedMessage(encryptedMessage: EncryptedMessage): string {
   const nonceBuf = Buffer.from(encryptedMessage.nonce, 'base64');
   const ephemPublicKeyBuf = Buffer.from(
     encryptedMessage.ephemPublicKey,
     'base64'
   );
+  const hmacTagBuf = Buffer.from(encryptedMessage.hmacTag, 'base64');
   const ciphertextBuf = Buffer.from(encryptedMessage.ciphertext, 'base64');
 
   const messageBuff = Buffer.concat([
@@ -43,6 +58,8 @@ function packEncryptedMessage(encryptedMessage: EncryptedMessage): string {
     nonceBuf,
     Buffer.alloc(32 - ephemPublicKeyBuf.length),
     ephemPublicKeyBuf,
+    Buffer.alloc(32 - hmacTagBuf.length),
+    hmacTagBuf,
     ciphertextBuf,
   ]);
 
@@ -58,12 +75,14 @@ function unpackEncryptedMessage(encryptedMessage: string): EncryptedMessage {
 
   const nonceBuf = messageBuff.subarray(0, 24);
   const ephemPublicKeyBuf = messageBuff.subarray(24, 56);
-  const ciphertextBuf = messageBuff.subarray(56);
+  const hmacTagBuf = messageBuff.subarray(56, 88);
+  const ciphertextBuf = messageBuff.subarray(88);
 
   return {
-    version: 'x25519-xsalsa20-poly1305',
+    version: 'x25519-xchacha20-hmac-sha256',
     nonce: nonceBuf.toString('base64'),
     ephemPublicKey: ephemPublicKeyBuf.toString('base64'),
+    hmacTag: hmacTagBuf.toString('base64'),
     ciphertext: ciphertextBuf.toString('base64'),
   };
 }
@@ -159,14 +178,19 @@ export class VortexKeypair {
       recipientPublicKey
     );
 
+    // Encrypt with XChaCha20
     const nonce = randomBytes(24);
-    const cipher = xsalsa20poly1305(sharedSecret, nonce);
-    const ciphertext = cipher.encrypt(bytes);
+    const ciphertext = xchacha20(sharedSecret, nonce, bytes);
+
+    // Compute HMAC-SHA256 over ciphertext (Encrypt-then-MAC)
+    // This provides key-committing authentication
+    const hmacTag = hmac(sha256, sharedSecret, ciphertext);
 
     const encryptedMessage: EncryptedMessage = {
-      version: 'x25519-xsalsa20-poly1305',
+      version: 'x25519-xchacha20-hmac-sha256',
       nonce: Buffer.from(nonce).toString('base64'),
       ephemPublicKey: Buffer.from(ephemeralPublicKey).toString('base64'),
+      hmacTag: Buffer.from(hmacTag).toString('base64'),
       ciphertext: Buffer.from(ciphertext).toString('base64'),
     };
 
@@ -189,10 +213,28 @@ export class VortexKeypair {
 
     invariant(parts.length === 4, 'Invalid UTXO format after decryption');
 
+    const amount = BigInt(parts[0]);
+    const blinding = BigInt(parts[1]);
+    const index = BigInt(parts[2]);
+
+    // Validate values are within BN254 field to prevent proof failures
+    invariant(
+      amount >= 0n && amount < BN254_FIELD_MODULUS,
+      'Amount exceeds field modulus'
+    );
+    invariant(
+      blinding >= 0n && blinding < BN254_FIELD_MODULUS,
+      'Blinding exceeds field modulus'
+    );
+    invariant(
+      index >= 0n && index < BN254_FIELD_MODULUS,
+      'Index exceeds field modulus'
+    );
+
     return {
-      amount: BigInt(parts[0]),
-      blinding: BigInt(parts[1]),
-      index: BigInt(parts[2]),
+      amount,
+      blinding,
+      index,
       vortexPool: normalizeSuiAddress(parts[3]),
     };
   }
@@ -254,12 +296,20 @@ export class VortexKeypair {
       ephemeralPublicKey
     );
 
-    // Decrypt using XSalsa20-Poly1305
-    const nonce = Buffer.from(encryptedMessage.nonce, 'base64');
     const ciphertext = Buffer.from(encryptedMessage.ciphertext, 'base64');
+    const receivedHmacTag = Buffer.from(encryptedMessage.hmacTag, 'base64');
 
-    const cipher = xsalsa20poly1305(sharedSecret, nonce);
-    const decrypted = cipher.decrypt(ciphertext);
+    // Verify HMAC-SHA256 first (Encrypt-then-MAC verification)
+    // This is key-committing: wrong key = wrong HMAC = guaranteed failure
+    const expectedHmacTag = hmac(sha256, sharedSecret, ciphertext);
+
+    if (!constantTimeEqual(receivedHmacTag, expectedHmacTag)) {
+      throw new Error('Decryption failed: HMAC verification failed');
+    }
+
+    // Decrypt using XChaCha20
+    const nonce = Buffer.from(encryptedMessage.nonce, 'base64');
+    const decrypted = xchacha20(sharedSecret, nonce, ciphertext);
 
     return Buffer.from(decrypted);
   }

package/src/entities/utxo.ts

@@ -1,6 +1,8 @@
 import { VortexKeypair } from './keypair';
 import { poseidon3, poseidon4 } from '../crypto';
-import { normalizeSuiAddress } from '@mysten/sui/utils';
+import { normalizeSuiAddress, toHex } from '@mysten/sui/utils';
+import { randomBytes } from '@noble/ciphers/utils.js';
+import { BN254_FIELD_MODULUS } from '../constants';
 
 interface UtxoConstructorArgs {
   amount: bigint;
@@ -53,7 +55,10 @@ export class Utxo {
   }
 
   static blinding() {
-    return BigInt(Math.floor(Math.random() * 1_000_000_000));
+    // Use cryptographically secure randomness (works on web + Node.js)
+    // 31 bytes = 248 bits, safely below BN254 field modulus (~254 bits)
+    const bytes = randomBytes(31);
+    return BigInt('0x' + toHex(bytes)) % BN254_FIELD_MODULUS;
   }
 
   commitment() {

package/src/utils/decrypt.ts

@@ -1,12 +1,12 @@
-import { PaginatedEvents } from '@mysten/sui/client';
+import type { PaginatedEvents } from '@mysten/sui/client';
+import type { Commitment } from '../vortex-api.types';
+import type { UtxoPayload, VortexKeypair } from '../entities/keypair';
+import type { Vortex } from '../vortex';
+import type { VortexPool } from '../vortex.types';
+
 import { parseNewCommitmentEvent } from './events';
-import { Commitment } from '../vortex-api.types';
-import { UtxoPayload } from '../entities/keypair';
-import { VortexKeypair } from '../entities/keypair';
 import { Utxo } from '../entities/utxo';
 import { normalizeStructTag, toHex } from '@mysten/sui/utils';
-import { Vortex } from '../vortex';
-import { VortexPool } from '../vortex.types';
 import invariant from 'tiny-invariant';
 
 interface GetUnspentUtxosArgs {
@@ -26,18 +26,18 @@ export const getUnspentUtxos = async ({
 
   const allUtxos = [] as UtxoPayload[];
 
+  const vortexObjectId =
+    typeof vortexPool === 'string' ? vortexPool : vortexPool.objectId;
+
   commitments.forEach((commitment) => {
     try {
       const utxo = vortexKeypair.decryptUtxo(commitment.encryptedOutput);
       allUtxos.push(utxo);
     } catch {
-      // Do nothing
+      // HMAC verification failed - wrong keypair
     }
   });
 
-  const vortexObjectId =
-    typeof vortexPool === 'string' ? vortexPool : vortexPool.objectId;
-
   const utxos = allUtxos.map(
     (utxo) =>
       new Utxo({ ...utxo, keypair: vortexKeypair, vortexPool: vortexObjectId })
@@ -94,7 +94,7 @@ export const getUnspentUtxosWithApi = async ({
       const utxo = vortexKeypair.decryptUtxo(encryptedOutputHex);
       allUtxos.push(utxo);
     } catch {
-      // Do nothing
+      // HMAC verification failed - wrong keypair
     }
   });
 
@@ -128,10 +128,7 @@ export const getUnspentUtxosWithApiAndCommitments = async ({
   vortexPool,
 }: GetUnspentUtxosWithApiAndCommitmentsArgs) => {
   const allUtxos = [] as UtxoPayload[];
-  const userCommitments = [] as Pick<
-    Commitment,
-    'coinType' | 'encryptedOutput'
-  >[];
+  const userCommitments = [] as Pick<Commitment, 'coinType' | 'encryptedOutput'>[];
 
   const vortexObject = await vortexSdk.resolveVortexPool(vortexPool);
 
@@ -152,7 +149,7 @@ export const getUnspentUtxosWithApiAndCommitments = async ({
       });
       allUtxos.push(utxo);
     } catch {
-      // Do nothing
+      // HMAC verification failed - wrong keypair
     }
   });
 

package/src/vortex-api.ts

@@ -154,7 +154,11 @@ export class VortexAPI {
     let hasNext = true;
 
     while (hasNext) {
-      const response = await this.getCommitments({ ...args, page, apiKey: args.apiKey });
+      const response = await this.getCommitments({
+        ...args,
+        page,
+        apiKey: args.apiKey,
+      });
       allCommitments.push(...response.data.items);
       hasNext = response.data.pagination.hasNext;
       page++;

package/dist/crypto/ff/random.d.ts

@@ -1,2 +0,0 @@
-export declare function getRandomBytes(length: number): Uint8Array;
-//# sourceMappingURL=random.d.ts.map

package/dist/crypto/ff/random.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"random.d.ts","sourceRoot":"","sources":["../../../src/crypto/ff/random.ts"],"names":[],"mappings":"AAUA,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAqBzD"}

package/src/crypto/ff/random.ts

@@ -1,32 +0,0 @@
-/**
- * Type definition for the browser crypto object.
- */
-type BrowserCrypto = {
-  crypto?: { getRandomValues?: (arg0: Uint8Array) => void };
-};
-
-// Type declaration for Node.js require (used in Node.js environment fallback)
-declare const require: (module: string) => any;
-
-export function getRandomBytes(length: number): Uint8Array {
-  if (length <= 0) {
-    throw new Error('Length must be greater than 0');
-  }
-  const global = globalThis as BrowserCrypto;
-  if (global.crypto?.getRandomValues) {
-    const randomValues = new Uint8Array(length);
-    global.crypto.getRandomValues(randomValues);
-    return randomValues;
-  }
-  // eslint-disable-next-line no-unused-labels
-  NODE: {
-    // eslint-disable-next-line @typescript-eslint/no-require-imports
-    // eslint-disable-next-line @typescript-eslint/no-require-imports
-    const crypto = require('crypto');
-    return crypto.randomBytes(length);
-  }
-
-  throw new Error(
-    'Random byte generation is not supported in this environment'
-  );
-}