@inversealtruism/csd-crypto 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 InverseAltruism
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/index.cjs

@@ -0,0 +1,105 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  ADDR_RE: () => ADDR_RE,
+  addrFromPriv: () => addrFromPriv,
+  addrFromPub: () => addrFromPub,
+  buildScriptSig: () => buildScriptSig,
+  hash160: () => hash160,
+  isValidAddr: () => isValidAddr,
+  isValidPriv: () => isValidPriv,
+  keygen: () => keygen,
+  pubFromPriv: () => pubFromPriv,
+  randomNonce: () => randomNonce,
+  signDigest: () => signDigest,
+  verifyDigest: () => verifyDigest
+});
+module.exports = __toCommonJS(index_exports);
+var import_secp256k1 = require("@noble/curves/secp256k1");
+var import_ripemd160 = require("@noble/hashes/ripemd160");
+var import_sha256 = require("@noble/hashes/sha256");
+var import_utils = require("@noble/hashes/utils");
+var strip0x = (h) => h.startsWith("0x") ? h.slice(2) : h;
+var hb = (h) => (0, import_utils.hexToBytes)(strip0x(h));
+var hx = (b) => "0x" + (0, import_utils.bytesToHex)(b);
+function hash160(bytes) {
+  return hx((0, import_ripemd160.ripemd160)((0, import_sha256.sha256)(bytes)));
+}
+function pubFromPriv(priv) {
+  return hx(import_secp256k1.secp256k1.getPublicKey(hb(priv), true));
+}
+function addrFromPub(pub33) {
+  return hash160(hb(pub33));
+}
+function addrFromPriv(priv) {
+  return hash160(import_secp256k1.secp256k1.getPublicKey(hb(priv), true));
+}
+var ADDR_RE = /^0x[0-9a-fA-F]{40}$/;
+function isValidAddr(a) {
+  return ADDR_RE.test(a);
+}
+function isValidPriv(h) {
+  try {
+    const b = hb(h);
+    return b.length === 32 && import_secp256k1.secp256k1.utils.isValidPrivateKey(b);
+  } catch {
+    return false;
+  }
+}
+function keygen() {
+  const k = import_secp256k1.secp256k1.utils.randomPrivateKey();
+  const priv = hx(k);
+  return { priv, pub: pubFromPriv(priv), addr: addrFromPriv(priv) };
+}
+var randomNonce = () => (0, import_utils.bytesToHex)((0, import_utils.randomBytes)(32));
+function signDigest(digestHex, priv) {
+  const sig = import_secp256k1.secp256k1.sign(hb(digestHex), hb(priv), { lowS: true });
+  return { sig64: hx(sig.toCompactRawBytes()), pub33: pubFromPriv(priv) };
+}
+function verifyDigest(sig64, pub33, digestHex) {
+  const s = hb(sig64), p = hb(pub33);
+  if (s.length !== 64 || p.length !== 33) return false;
+  try {
+    if (import_secp256k1.secp256k1.Signature.fromCompact(s).hasHighS()) return false;
+    return import_secp256k1.secp256k1.verify(s, hb(digestHex), p, { lowS: true });
+  } catch {
+    return false;
+  }
+}
+function buildScriptSig(sig64, pub33) {
+  return "0x40" + strip0x(sig64) + "21" + strip0x(pub33);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ADDR_RE,
+  addrFromPriv,
+  addrFromPub,
+  buildScriptSig,
+  hash160,
+  isValidAddr,
+  isValidPriv,
+  keygen,
+  pubFromPriv,
+  randomNonce,
+  signDigest,
+  verifyDigest
+});

package/dist/index.d.cts

@@ -0,0 +1,26 @@
+/** hash160(x) = ripemd160(sha256(x)) → 0x-hex (20 bytes). */
+declare function hash160(bytes: Uint8Array): string;
+declare function pubFromPriv(priv: string): string;
+declare function addrFromPub(pub33: string): string;
+declare function addrFromPriv(priv: string): string;
+/** A valid 0x..40-hex CSD address (raw hash160). */
+declare const ADDR_RE: RegExp;
+declare function isValidAddr(a: string): boolean;
+declare function isValidPriv(h: string): boolean;
+declare function keygen(): {
+    priv: string;
+    pub: string;
+    addr: string;
+};
+declare const randomNonce: () => string;
+/** Sign a 32-byte digest (e.g. a sighash). RFC6979 + LOW-S; returns compact 64-byte sig + pub33. */
+declare function signDigest(digestHex: string, priv: string): {
+    sig64: string;
+    pub33: string;
+};
+/** Verify a compact-64 LOW-S signature over a digest. Rejects high-S (malleability). */
+declare function verifyDigest(sig64: string, pub33: string, digestHex: string): boolean;
+/** p2pkh scriptSig = 0x40 ‖ sig64 ‖ 0x21 ‖ pub33 (the 99-byte spend script). */
+declare function buildScriptSig(sig64: string, pub33: string): string;
+
+export { ADDR_RE, addrFromPriv, addrFromPub, buildScriptSig, hash160, isValidAddr, isValidPriv, keygen, pubFromPriv, randomNonce, signDigest, verifyDigest };

package/dist/index.d.ts

@@ -0,0 +1,26 @@
+/** hash160(x) = ripemd160(sha256(x)) → 0x-hex (20 bytes). */
+declare function hash160(bytes: Uint8Array): string;
+declare function pubFromPriv(priv: string): string;
+declare function addrFromPub(pub33: string): string;
+declare function addrFromPriv(priv: string): string;
+/** A valid 0x..40-hex CSD address (raw hash160). */
+declare const ADDR_RE: RegExp;
+declare function isValidAddr(a: string): boolean;
+declare function isValidPriv(h: string): boolean;
+declare function keygen(): {
+    priv: string;
+    pub: string;
+    addr: string;
+};
+declare const randomNonce: () => string;
+/** Sign a 32-byte digest (e.g. a sighash). RFC6979 + LOW-S; returns compact 64-byte sig + pub33. */
+declare function signDigest(digestHex: string, priv: string): {
+    sig64: string;
+    pub33: string;
+};
+/** Verify a compact-64 LOW-S signature over a digest. Rejects high-S (malleability). */
+declare function verifyDigest(sig64: string, pub33: string, digestHex: string): boolean;
+/** p2pkh scriptSig = 0x40 ‖ sig64 ‖ 0x21 ‖ pub33 (the 99-byte spend script). */
+declare function buildScriptSig(sig64: string, pub33: string): string;
+
+export { ADDR_RE, addrFromPriv, addrFromPub, buildScriptSig, hash160, isValidAddr, isValidPriv, keygen, pubFromPriv, randomNonce, signDigest, verifyDigest };

package/dist/index.js

@@ -0,0 +1,69 @@
+// src/index.ts
+import { secp256k1 } from "@noble/curves/secp256k1";
+import { ripemd160 } from "@noble/hashes/ripemd160";
+import { sha256 } from "@noble/hashes/sha256";
+import { bytesToHex, hexToBytes, randomBytes } from "@noble/hashes/utils";
+var strip0x = (h) => h.startsWith("0x") ? h.slice(2) : h;
+var hb = (h) => hexToBytes(strip0x(h));
+var hx = (b) => "0x" + bytesToHex(b);
+function hash160(bytes) {
+  return hx(ripemd160(sha256(bytes)));
+}
+function pubFromPriv(priv) {
+  return hx(secp256k1.getPublicKey(hb(priv), true));
+}
+function addrFromPub(pub33) {
+  return hash160(hb(pub33));
+}
+function addrFromPriv(priv) {
+  return hash160(secp256k1.getPublicKey(hb(priv), true));
+}
+var ADDR_RE = /^0x[0-9a-fA-F]{40}$/;
+function isValidAddr(a) {
+  return ADDR_RE.test(a);
+}
+function isValidPriv(h) {
+  try {
+    const b = hb(h);
+    return b.length === 32 && secp256k1.utils.isValidPrivateKey(b);
+  } catch {
+    return false;
+  }
+}
+function keygen() {
+  const k = secp256k1.utils.randomPrivateKey();
+  const priv = hx(k);
+  return { priv, pub: pubFromPriv(priv), addr: addrFromPriv(priv) };
+}
+var randomNonce = () => bytesToHex(randomBytes(32));
+function signDigest(digestHex, priv) {
+  const sig = secp256k1.sign(hb(digestHex), hb(priv), { lowS: true });
+  return { sig64: hx(sig.toCompactRawBytes()), pub33: pubFromPriv(priv) };
+}
+function verifyDigest(sig64, pub33, digestHex) {
+  const s = hb(sig64), p = hb(pub33);
+  if (s.length !== 64 || p.length !== 33) return false;
+  try {
+    if (secp256k1.Signature.fromCompact(s).hasHighS()) return false;
+    return secp256k1.verify(s, hb(digestHex), p, { lowS: true });
+  } catch {
+    return false;
+  }
+}
+function buildScriptSig(sig64, pub33) {
+  return "0x40" + strip0x(sig64) + "21" + strip0x(pub33);
+}
+export {
+  ADDR_RE,
+  addrFromPriv,
+  addrFromPub,
+  buildScriptSig,
+  hash160,
+  isValidAddr,
+  isValidPriv,
+  keygen,
+  pubFromPriv,
+  randomNonce,
+  signDigest,
+  verifyDigest
+};

package/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "@inversealtruism/csd-crypto",
+  "version": "0.1.0",
+  "description": "Compute Substrate crypto primitives — secp256k1 keygen/sign(lowS)/verify, hash160 address derivation. Thin wrappers over @noble.",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": [
+    "dist",
+    "LICENSE"
+  ],
+  "dependencies": {
+    "@noble/curves": "1.9.7",
+    "@noble/hashes": "1.8.0",
+    "@inversealtruism/csd-codec": "0.1.0"
+  },
+  "license": "MIT",
+  "sideEffects": false,
+  "devDependencies": {
+    "@inversealtruism/csd-vectors": "0.1.0"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/InverseAltruism/csd-sdk.git",
+    "directory": "packages/crypto"
+  },
+  "homepage": "https://cairn-substrate.com",
+  "scripts": {
+    "build": "tsup src/index.ts --format esm,cjs --dts --clean",
+    "test": "tsx test/crypto.test.ts"
+  }
+}