@kirkelliott/kdfts 1.1.0

package/dist/crypto/kdf.js

@@ -0,0 +1,113 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.quantumScrypt = quantumScrypt;
+exports.verifyKey = verifyKey;
+exports.formatCertificate = formatCertificate;
+const crypto_1 = require("crypto");
+const anu_1 = require("../qrng/anu");
+const scryptAsync = (password, salt, keyLen, opts) => new Promise((resolve, reject) => (0, crypto_1.scrypt)(password, salt, keyLen, opts, (err, key) => err ? reject(err) : resolve(key)));
+const DEFAULT_PARAMS = { N: 16384, r: 8, p: 1, keyLen: 32 };
+/**
+ * Derive a cryptographic key from a password using scrypt,
+ * with a salt sourced from ANU quantum vacuum fluctuations.
+ *
+ * The security claim:
+ *   Classical KDFs use pseudo-random salts (computationally indistinguishable
+ *   from random). This uses physically random salt — unpredictable by any
+ *   computation because the randomness comes from quantum vacuum fluctuations,
+ *   not an algorithm.
+ *
+ *   Even if an attacker breaks the PRNG used in every other system, these
+ *   salts were never generated by one.
+ */
+async function quantumScrypt(password, options = {}, qrng) {
+    const params = { ...DEFAULT_PARAMS, ...options.scrypt };
+    const saltLen = options.saltBytes ?? 32;
+    const context = options.context ?? null;
+    // Resolve QRNG
+    let source;
+    let resolvedQrng;
+    if (qrng) {
+        resolvedQrng = qrng;
+        source = qrng instanceof anu_1.ANUQRNG ? 'anu-vacuum-fluctuations' : 'crypto-fallback';
+    }
+    else {
+        try {
+            resolvedQrng = new anu_1.ANUQRNG();
+            await resolvedQrng.getBytes(1);
+            source = 'anu-vacuum-fluctuations';
+        }
+        catch {
+            resolvedQrng = new anu_1.CryptoQRNG();
+            source = 'crypto-fallback';
+        }
+    }
+    // Fetch quantum-random salt
+    const saltBytes = await resolvedQrng.getBytes(saltLen);
+    const salt = Buffer.from(saltBytes);
+    // Mix in context if provided
+    const ikm = context
+        ? Buffer.concat([Buffer.from(password), Buffer.from('\x00'), Buffer.from(context)])
+        : Buffer.from(password);
+    // Derive key via scrypt
+    const key = await scryptAsync(ikm, salt, params.keyLen, {
+        N: params.N,
+        r: params.r,
+        p: params.p,
+        maxmem: 128 * params.N * params.r * 2
+    });
+    const certificate = {
+        source,
+        fetchedAt: new Date().toISOString(),
+        entropyBytes: saltLen,
+        saltHash: sha256(salt),
+        keyHash: sha256(key),
+        scrypt: params,
+        context
+    };
+    return { key, salt, certificate };
+}
+/**
+ * Verify that a password + salt re-derives to the expected key.
+ */
+async function verifyKey(password, salt, expectedKey, params = {}, context) {
+    const p = { ...DEFAULT_PARAMS, ...params };
+    const ikm = context
+        ? Buffer.concat([Buffer.from(password), Buffer.from('\x00'), Buffer.from(context)])
+        : Buffer.from(password);
+    const derived = await scryptAsync(ikm, salt, p.keyLen, {
+        N: p.N, r: p.r, p: p.p,
+        maxmem: 128 * p.N * p.r * 2
+    });
+    // Constant-time comparison
+    return derived.length === expectedKey.length &&
+        derived.equals(expectedKey);
+}
+function sha256(buf) {
+    return (0, crypto_1.createHash)('sha256').update(buf).digest('hex');
+}
+/** Format a certificate as a human-readable string */
+function formatCertificate(cert) {
+    const w = 52;
+    const line = '═'.repeat(w);
+    const row = (label, value) => `  ${label.padEnd(14)} ${value}`;
+    const sourceLabel = cert.source === 'anu-vacuum-fluctuations'
+        ? 'ANU Quantum Vacuum (photon shot noise)'
+        : 'crypto.getRandomValues() [classical]';
+    return [
+        line,
+        '  kwantumscrypt Key Certificate',
+        line,
+        row('Source:', sourceLabel),
+        row('Fetched:', cert.fetchedAt),
+        row('Entropy:', `${cert.entropyBytes} bytes (${cert.entropyBytes * 8} bits)`),
+        row('KDF:', 'scrypt'),
+        row('N / r / p:', `${cert.scrypt.N} / ${cert.scrypt.r} / ${cert.scrypt.p}`),
+        row('Key length:', `${cert.scrypt.keyLen} bytes (${cert.scrypt.keyLen * 8} bits)`),
+        cert.context ? row('Context:', cert.context) : null,
+        '',
+        row('Salt hash:', cert.saltHash.slice(0, 32) + '...'),
+        row('Key hash:', cert.keyHash.slice(0, 32) + '...'),
+        line,
+    ].filter(l => l !== null).join('\n');
+}

package/dist/index.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.QuantumSource = exports.verify = exports.formatCert = exports.derive = void 0;
+var kdf_1 = require("./kdf");
+Object.defineProperty(exports, "derive", { enumerable: true, get: function () { return kdf_1.derive; } });
+Object.defineProperty(exports, "formatCert", { enumerable: true, get: function () { return kdf_1.formatCert; } });
+Object.defineProperty(exports, "verify", { enumerable: true, get: function () { return kdf_1.verify; } });
+var qrng_1 = require("./qrng");
+Object.defineProperty(exports, "QuantumSource", { enumerable: true, get: function () { return qrng_1.QuantumSource; } });

package/dist/kdf.js

@@ -0,0 +1,99 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.derive = derive;
+exports.verify = verify;
+exports.formatCert = formatCert;
+const node_crypto_1 = require("node:crypto");
+const qrng_1 = require("./qrng");
+const scryptAsync = (password, salt, keyLen, opts) => new Promise((resolve, reject) => (0, node_crypto_1.scrypt)(password, salt, keyLen, opts, (err, key) => err ? reject(err) : resolve(key)));
+/**
+ * Derive a cryptographic key from a password using scrypt with a
+ * quantum-random salt sourced from ANU vacuum fluctuations.
+ */
+async function derive(password, options = {}) {
+    const saltBytes = options.saltBytes ?? 32;
+    const keyLength = options.keyLength ?? 32;
+    const context = options.context ?? null;
+    const N = options.cost?.N ?? 16384;
+    const r = options.cost?.r ?? 8;
+    const p = options.cost?.p ?? 1;
+    const qs = options.source ?? (await qrng_1.QuantumSource.create());
+    const salt = await qs.bytes(saltBytes);
+    const ikm = context
+        ? Buffer.concat([
+            Buffer.from(password),
+            Buffer.from('\x00'),
+            Buffer.from(context),
+        ])
+        : Buffer.from(password);
+    const key = await scryptAsync(ikm, salt, keyLength, {
+        N,
+        r,
+        p,
+        maxmem: 128 * N * r * 2,
+    });
+    const certificate = {
+        source: qs.source,
+        timestamp: new Date().toISOString(),
+        saltHash: sha256(salt),
+        keyHash: sha256(key),
+        params: { N, r, p, keyLength, saltBytes },
+        context,
+    };
+    return { key, salt, certificate };
+}
+/**
+ * Re-derive from password + salt and check against the expected key.
+ * Uses constant-time comparison.
+ */
+async function verify(password, salt, key, options = {}) {
+    const keyLength = options.keyLength ?? key.length;
+    const N = options.cost?.N ?? 16384;
+    const r = options.cost?.r ?? 8;
+    const p = options.cost?.p ?? 1;
+    const context = options.context ?? null;
+    const ikm = context
+        ? Buffer.concat([
+            Buffer.from(password),
+            Buffer.from('\x00'),
+            Buffer.from(context),
+        ])
+        : Buffer.from(password);
+    const derived = await scryptAsync(ikm, salt, keyLength, {
+        N,
+        r,
+        p,
+        maxmem: 128 * N * r * 2,
+    });
+    return derived.length === key.length && (0, node_crypto_1.timingSafeEqual)(derived, key);
+}
+/** Format a certificate as a human-readable block. */
+function formatCert(cert) {
+    const w = 52;
+    const line = '═'.repeat(w);
+    const row = (label, value) => `  ${label.padEnd(14)} ${value}`;
+    const sourceLabel = cert.source === 'anu'
+        ? 'ANU Quantum Vacuum (photon shot noise)'
+        : 'crypto.getRandomValues() [classical]';
+    return [
+        line,
+        '  kdfts Key Certificate',
+        line,
+        row('Source:', sourceLabel),
+        row('Timestamp:', cert.timestamp),
+        row('KDF:', 'scrypt'),
+        row('N / r / p:', `${cert.params.N} / ${cert.params.r} / ${cert.params.p}`),
+        row('Key length:', `${cert.params.keyLength} bytes (${cert.params.keyLength * 8} bits)`),
+        row('Salt bytes:', `${cert.params.saltBytes} bytes (${cert.params.saltBytes * 8} bits)`),
+        cert.context ? row('Context:', cert.context) : null,
+        '',
+        row('Salt hash:', `${cert.saltHash.slice(0, 32)}...`),
+        row('Key hash:', `${cert.keyHash.slice(0, 32)}...`),
+        line,
+    ]
+        .filter((l) => l !== null)
+        .join('\n');
+}
+function sha256(buf) {
+    return (0, node_crypto_1.createHash)('sha256').update(buf).digest('hex');
+}

package/dist/lang/circuit.js

@@ -0,0 +1,330 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.KwantumScrypt = void 0;
+const state_1 = require("../core/state");
+const gates_1 = require("../core/gates");
+const anu_1 = require("../qrng/anu");
+const encoder_1 = require("./encoder");
+/**
+ * KwantumScrypt — a meta language that IS a quantum computer.
+ *
+ * State vector simulation + true quantum randomness (ANU QRNG) for measurement.
+ * The randomness in every measurement comes from quantum vacuum fluctuations.
+ *
+ * Usage:
+ *   const ks = await KwantumScrypt.create(3)   // 3-qubit register
+ *   ks.h(0).cx(0,1).cx(0,2)                    // GHZ state
+ *   const result = await ks.run()               // measure with real quantum noise
+ *
+ * Bitstring notation:
+ *   ks.bs('H|0⟩').bs('CX|0→1⟩').bs('M|*⟩')
+ *
+ * Binary KSIF encoding:
+ *   const bits = ks.toKSIF()                    // encode as bitstring
+ *   const ks2  = KwantumScrypt.fromKSIF(bits, 3) // decode
+ */
+class KwantumScrypt {
+    numQubits;
+    ops = [];
+    qrng;
+    qrngSource;
+    constructor(numQubits, qrng, source) {
+        if (numQubits < 1 || numQubits > 28) {
+            throw new RangeError(`numQubits must be 1–28 (got ${numQubits}). ` +
+                `At 28 qubits, state vector requires ~4 GB RAM.`);
+        }
+        this.numQubits = numQubits;
+        this.qrng = qrng;
+        this.qrngSource = source;
+    }
+    /** Create a KwantumScrypt instance, probing ANU QRNG first.
+     *  @param apiKey ANU API key. Falls back to ANU_API_KEY env var, then crypto.
+     */
+    static async create(numQubits, apiKey) {
+        try {
+            const qrng = new anu_1.ANUQRNG(apiKey);
+            await qrng.getBytes(1); // probe
+            console.log('[kwantumscrypt] Quantum source: ANU vacuum fluctuations ✓');
+            return new KwantumScrypt(numQubits, qrng, 'anu');
+        }
+        catch {
+            console.warn('[kwantumscrypt] ANU QRNG unreachable — using crypto.getRandomValues()');
+            return new KwantumScrypt(numQubits, new anu_1.CryptoQRNG(), 'crypto');
+        }
+    }
+    /** Create with explicit QRNG (for testing) */
+    static withQRNG(numQubits, qrng, source) {
+        return new KwantumScrypt(numQubits, qrng, source);
+    }
+    // ── Fluent gate API ──────────────────────────────────────────────────────
+    h(target) { return this.push({ kind: 'H', target }); }
+    x(target) { return this.push({ kind: 'X', target }); }
+    y(target) { return this.push({ kind: 'Y', target }); }
+    z(target) { return this.push({ kind: 'Z', target }); }
+    s(target) { return this.push({ kind: 'S', target }); }
+    si(target) { return this.push({ kind: 'SI', target }); }
+    t(target) { return this.push({ kind: 'T', target }); }
+    ti(target) { return this.push({ kind: 'TI', target }); }
+    rx(angle, target) { return this.push({ kind: 'RX', target, angle }); }
+    ry(angle, target) { return this.push({ kind: 'RY', target, angle }); }
+    rz(angle, target) { return this.push({ kind: 'RZ', target, angle }); }
+    cx(control, target) { return this.push({ kind: 'CX', control, target }); }
+    swap(a, b) { return this.push({ kind: 'SWAP', a, b }); }
+    xx(angle, a, b) { return this.push({ kind: 'XX', a, b, angle }); }
+    gpi(phase, target) { return this.push({ kind: 'GPi', target, phase }); }
+    gpi2(phase, target) { return this.push({ kind: 'GPi2', target, phase }); }
+    /** Measure specific qubits. No args = measure all */
+    measure(...targets) {
+        if (targets.length === 0) {
+            for (let i = 0; i < this.numQubits; i++)
+                this.push({ kind: 'MEASURE', target: i });
+        }
+        else {
+            targets.forEach(t => this.push({ kind: 'MEASURE', target: t }));
+        }
+        return this;
+    }
+    // ── Quantum notation parser ───────────────────────────────────────────────
+    /**
+     * Parse quantum notation strings into circuit ops.
+     *
+     * Examples:
+     *   ks.bs('H|0⟩')          → H on qubit 0
+     *   ks.bs('X|3⟩')          → X on qubit 3
+     *   ks.bs('CX|0→1⟩')       → CNOT control=0 target=1
+     *   ks.bs('SWAP|1↔2⟩')     → SWAP qubits 1 and 2
+     *   ks.bs('RX(π/2)|0⟩')    → RX(π/2) on qubit 0
+     *   ks.bs('M|*⟩')           → measure all
+     *   ks.bs('M|0,1,2⟩')       → measure qubits 0,1,2
+     */
+    bs(notation) {
+        const parsed = parseNotation(notation, this.numQubits);
+        parsed.forEach(op => this.push(op));
+        return this;
+    }
+    // ── Binary KSIF encoding ──────────────────────────────────────────────────
+    /** Encode the current circuit as a binary bitstring */
+    toKSIF() {
+        return (0, encoder_1.encode)(this.ops);
+    }
+    /** Load a circuit from a KSIF binary bitstring */
+    static fromKSIF(ksif, numQubits, qrng, source) {
+        const ks = new KwantumScrypt(numQubits, qrng, source);
+        ks.ops = (0, encoder_1.decode)(ksif);
+        return ks;
+    }
+    // ── Execution ─────────────────────────────────────────────────────────────
+    /**
+     * Execute the circuit once.
+     * Returns measured bitstring + full superposition snapshot before measurement.
+     */
+    async run(shots = 1) {
+        if (shots < 1)
+            throw new RangeError('shots must be >= 1');
+        // Build the state vector
+        const state = this.buildState();
+        const superposition = state.toBitstrings();
+        // Sample `shots` times
+        const counts = {};
+        let lastBits = '0'.repeat(this.numQubits);
+        for (let s = 0; s < shots; s++) {
+            const rand = await this.qrng.getFloat();
+            lastBits = sampleBorn(superposition, rand);
+            counts[lastBits] = (counts[lastBits] ?? 0) + 1;
+        }
+        return {
+            bitstring: lastBits,
+            superposition,
+            counts,
+            qrngSource: this.qrngSource
+        };
+    }
+    /** Inspect the state vector without measuring */
+    inspect() {
+        return this.buildState();
+    }
+    /** Reset all gates */
+    reset() {
+        this.ops = [];
+        return this;
+    }
+    // ── Internals ─────────────────────────────────────────────────────────────
+    push(op) {
+        this.validate(op);
+        this.ops.push(op);
+        return this;
+    }
+    validate(op) {
+        const q = (n) => {
+            if (n < 0 || n >= this.numQubits)
+                throw new RangeError(`Qubit ${n} out of range (circuit has ${this.numQubits} qubits)`);
+        };
+        switch (op.kind) {
+            case 'H':
+            case 'X':
+            case 'Y':
+            case 'Z':
+            case 'S':
+            case 'SI':
+            case 'T':
+            case 'TI':
+            case 'RX':
+            case 'RY':
+            case 'RZ':
+            case 'GPi':
+            case 'GPi2':
+            case 'MEASURE':
+                q(op.target);
+                break;
+            case 'CX':
+                q(op.control);
+                q(op.target);
+                break;
+            case 'SWAP':
+                q(op.a);
+                q(op.b);
+                break;
+            case 'XX':
+                q(op.a);
+                q(op.b);
+                break;
+        }
+    }
+    buildState() {
+        const state = new state_1.StateVector(this.numQubits);
+        for (const op of this.ops) {
+            if (op.kind === 'MEASURE')
+                continue; // measure after all unitary ops
+            applyOp(state, op);
+        }
+        return state;
+    }
+}
+exports.KwantumScrypt = KwantumScrypt;
+// ── Apply a single op to a state vector ──────────────────────────────────────
+function applyOp(state, op) {
+    switch (op.kind) {
+        case 'H':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.H);
+            break;
+        case 'X':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.X);
+            break;
+        case 'Y':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.Y);
+            break;
+        case 'Z':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.Z);
+            break;
+        case 'S':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.S);
+            break;
+        case 'SI':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.SI);
+            break;
+        case 'T':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.T);
+            break;
+        case 'TI':
+            (0, gates_1.applySingleQubit)(state, op.target, gates_1.GATE_MATRICES.TI);
+            break;
+        case 'RX':
+            (0, gates_1.applySingleQubit)(state, op.target, (0, gates_1.rx)(op.angle));
+            break;
+        case 'RY':
+            (0, gates_1.applySingleQubit)(state, op.target, (0, gates_1.ry)(op.angle));
+            break;
+        case 'RZ':
+            (0, gates_1.applySingleQubit)(state, op.target, (0, gates_1.rz)(op.angle));
+            break;
+        case 'CX':
+            (0, gates_1.applyCX)(state, op.control, op.target);
+            break;
+        case 'SWAP':
+            (0, gates_1.applySWAP)(state, op.a, op.b);
+            break;
+        case 'XX':
+            (0, gates_1.applyXX)(state, op.a, op.b, op.angle);
+            break;
+        case 'GPi':
+            (0, gates_1.applyGPi)(state, op.target, op.phase);
+            break;
+        case 'GPi2':
+            (0, gates_1.applyGPi2)(state, op.target, op.phase);
+            break;
+        case 'MEASURE': break;
+    }
+}
+// ── Born-rule sampler ─────────────────────────────────────────────────────────
+function sampleBorn(probs, rand) {
+    let cumulative = 0;
+    for (const [bits, p] of Object.entries(probs)) {
+        cumulative += p;
+        if (rand < cumulative)
+            return bits;
+    }
+    // Floating-point edge case: return last entry
+    return Object.keys(probs).at(-1);
+}
+// ── Quantum notation parser ───────────────────────────────────────────────────
+const PI = Math.PI;
+function parseNotation(notation, numQubits) {
+    const s = notation.trim();
+    // M|*⟩  or  MEASURE|*⟩
+    if (/^M(EASURE)?\|\*[⟩>]?$/i.test(s)) {
+        return Array.from({ length: numQubits }, (_, i) => ({ kind: 'MEASURE', target: i }));
+    }
+    // M|0,1,2⟩
+    const measureMatch = s.match(/^M(EASURE)?\|([0-9,\s]+)[⟩>]?$/i);
+    if (measureMatch) {
+        return measureMatch[2].split(',').map(n => ({ kind: 'MEASURE', target: parseInt(n.trim()) }));
+    }
+    // CX|ctrl→tgt⟩
+    const cxMatch = s.match(/^CX\|(\d+)[→>](\d+)[⟩>]?$/i);
+    if (cxMatch) {
+        return [{ kind: 'CX', control: parseInt(cxMatch[1]), target: parseInt(cxMatch[2]) }];
+    }
+    // SWAP|a↔b⟩
+    const swapMatch = s.match(/^SWAP\|(\d+)[↔<>](\d+)[⟩>]?$/i);
+    if (swapMatch) {
+        return [{ kind: 'SWAP', a: parseInt(swapMatch[1]), b: parseInt(swapMatch[2]) }];
+    }
+    // XX(θ)|a,b⟩
+    const xxMatch = s.match(/^XX\(([^)]+)\)\|(\d+),(\d+)[⟩>]?$/i);
+    if (xxMatch) {
+        return [{ kind: 'XX', a: parseInt(xxMatch[2]), b: parseInt(xxMatch[3]), angle: parseAngle(xxMatch[1]) }];
+    }
+    // RX(θ)|q⟩  RY(θ)|q⟩  RZ(θ)|q⟩
+    const rotMatch = s.match(/^(RX|RY|RZ)\(([^)]+)\)\|(\d+)[⟩>]?$/i);
+    if (rotMatch) {
+        const kind = rotMatch[1].toUpperCase();
+        return [{ kind, target: parseInt(rotMatch[3]), angle: parseAngle(rotMatch[2]) }];
+    }
+    // GPi(φ)|q⟩  GPi2(φ)|q⟩
+    const gpiMatch = s.match(/^(GPi2?)\(([^)]+)\)\|(\d+)[⟩>]?$/i);
+    if (gpiMatch) {
+        const kind = gpiMatch[1].toLowerCase() === 'gpi2' ? 'GPi2' : 'GPi';
+        return [{ kind, target: parseInt(gpiMatch[3]), phase: parseAngle(gpiMatch[2]) }];
+    }
+    // H|q⟩  X|q⟩  Y|q⟩  Z|q⟩  S|q⟩  T|q⟩
+    const singleMatch = s.match(/^(H|X|Y|Z|S|SI|T|TI)\|(\d+)[⟩>]?$/i);
+    if (singleMatch) {
+        const kind = singleMatch[1].toUpperCase();
+        return [{ kind, target: parseInt(singleMatch[2]) }];
+    }
+    throw new SyntaxError(`Cannot parse quantum notation: "${notation}"`);
+}
+function parseAngle(expr) {
+    const s = expr.trim().replace(/\s/g, '');
+    if (s === 'π' || s === 'pi')
+        return PI;
+    if (s === 'π/2' || s === 'pi/2')
+        return PI / 2;
+    if (s === 'π/4' || s === 'pi/4')
+        return PI / 4;
+    if (s === '2π' || s === '2pi')
+        return 2 * PI;
+    if (s === '3π/2' || s === '3pi/2')
+        return 3 * PI / 2;
+    return parseFloat(s.replace('π', String(PI)).replace('pi', String(PI)));
+}