@peerbit/crypto 1.0.1

package/src/key.ts

@@ -0,0 +1,80 @@
+import { serialize } from "@dao-xyz/borsh";
+import { sha256Base64Sync } from "./hash.js";
+import { PeerId } from "@libp2p/interface-peer-id";
+
+interface Key {
+	equals(other: Key): boolean;
+	get bytes(): Uint8Array;
+	hashcode(): string;
+	toString(): string;
+	_hashcode: string;
+}
+
+export abstract class Keypair {
+	abstract get publicKey(): PublicSignKey | PublicKeyEncryptionKey;
+
+	equals(other: Keypair): boolean {
+		throw new Error("Not implemented");
+	}
+
+	toPeerId(): Promise<PeerId> {
+		throw new Error("Not implemented");
+	}
+}
+
+// ---- SIGNATURE KEYS -----
+export interface PublicSignKey extends Key {}
+export abstract class PublicSignKey implements Key {
+	get bytes(): Uint8Array {
+		return serialize(this);
+	}
+
+	hashcode(): string {
+		return this._hashcode || (this._hashcode = sha256Base64Sync(this.bytes));
+	}
+}
+
+export interface PrivateSignKey extends Key {}
+export abstract class PrivateSignKey implements Key {
+	get bytes(): Uint8Array {
+		return serialize(this);
+	}
+
+	hashcode(): string {
+		return this._hashcode || (this._hashcode = sha256Base64Sync(this.bytes));
+	}
+}
+
+// ---- PUBLIC KEY ENCRYPTION -----
+export interface PublicKeyEncryptionKey extends Key {}
+export abstract class PublicKeyEncryptionKey implements Key {
+	get bytes(): Uint8Array {
+		return serialize(this);
+	}
+
+	hashcode(): string {
+		return this._hashcode || (this._hashcode = sha256Base64Sync(this.bytes));
+	}
+}
+export interface PrivateEncryptionKey extends Key {}
+export abstract class PrivateEncryptionKey implements Key {
+	get bytes(): Uint8Array {
+		return serialize(this);
+	}
+
+	hashcode(): string {
+		return this._hashcode || (this._hashcode = sha256Base64Sync(this.bytes));
+	}
+}
+
+// ---- OTHER KEYS ----
+export interface PlainKey extends Key {}
+export abstract class PlainKey implements Key {
+	get bytes(): Uint8Array {
+		return serialize(this);
+	}
+
+	hashcode(): string {
+		return this._hashcode || (this._hashcode = sha256Base64Sync(this.bytes));
+	}
+}

package/src/keychain.ts

@@ -0,0 +1,197 @@
+import { KeyChain as InternalKeychain } from "@libp2p/interface-keychain";
+import { keysPBM } from "@libp2p/crypto/keys";
+import { identity } from "multiformats/hashes/identity";
+import { base58btc } from "multiformats/bases/base58";
+import { Cache } from "@peerbit/cache";
+import { Ed25519Keypair, Ed25519PublicKey } from "./ed25519.js";
+import { Keypair, PublicSignKey } from "./key.js";
+
+import { KeyInfo } from "@libp2p/interface-keychain";
+import { AccessError, X25519Keypair, X25519PublicKey } from "./x25519.js";
+
+export type KeypairFromPublicKey<T> = T extends X25519PublicKey
+	? X25519PublicKey extends T
+		? X25519Keypair
+		: Ed25519Keypair
+	: Ed25519Keypair;
+
+export interface Keychain {
+	import(keypair: Ed25519Keypair, id: Uint8Array): Promise<void>;
+
+	exportByKey<
+		T extends Ed25519PublicKey | X25519PublicKey,
+		Q = KeypairFromPublicKey<T>
+	>(
+		publicKey: T
+	): Promise<Q | undefined>;
+
+	exportById<
+		T = "ed25519" | "x25519",
+		Q = T extends "ed25519" ? Ed25519Keypair : X25519Keypair
+	>(
+		id: Uint8Array,
+		type: T
+	): Promise<Q | undefined>;
+}
+
+export class Libp2pKeychain implements Keychain {
+	constructor(
+		readonly keychain: InternalKeychain,
+		readonly options?: { cache?: Cache<X25519Keypair | Ed25519Keypair | null> }
+	) {}
+
+	keychainKeyIdFromPublicKey(publicKey: X25519PublicKey) {
+		const bytes = keysPBM.PublicKey.encode({
+			Type: keysPBM.KeyType.Ed25519,
+			Data: publicKey.publicKey,
+		}).subarray();
+
+		const encoding = identity.digest(bytes);
+		return base58btc.encode(encoding.bytes).substring(1);
+	}
+
+	private cacheKey(key: Ed25519Keypair | X25519Keypair, id?: Uint8Array) {
+		this.options?.cache?.add(base58btc.encode(key.publicKey.bytes), key);
+		id && this.options?.cache?.add(base58btc.encode(id), key);
+	}
+
+	private getCachedById(id: Uint8Array): Ed25519Keypair | null | undefined {
+		const key = base58btc.encode(id instanceof PublicSignKey ? id.bytes : id);
+		const cached = this.options?.cache?.get(key);
+		if (cached === null) {
+			return null;
+		} else if (!cached) {
+			return undefined;
+		} else if (cached instanceof Ed25519Keypair) {
+			return cached;
+		}
+		throw new Error("Unexpected cached keypair type: " + key?.constructor.name);
+	}
+
+	private getCachedByKey<
+		T extends X25519PublicKey | Ed25519PublicKey,
+		Q = KeypairFromPublicKey<T>
+	>(publicKey: T): Q | null | undefined {
+		const key = base58btc.encode(publicKey.bytes);
+		const cached = this.options?.cache?.get(key);
+		if (cached === null) {
+			return null;
+		} else if (!cached) {
+			return undefined;
+		} else if (cached instanceof Keypair) {
+			return cached as Q;
+		}
+		throw new Error("Unexpected cached keypair type: " + key?.constructor.name);
+	}
+
+	exportByKey = async <
+		T extends X25519PublicKey | Ed25519PublicKey,
+		Q = KeypairFromPublicKey<T>
+	>(
+		publicKey: T
+	): Promise<Q | undefined> => {
+		const cached = this.getCachedByKey<T, Q>(publicKey);
+		if (cached !== undefined) {
+			// if  null, means key is deleted
+			return cached ? cached : undefined;
+		}
+
+		let keyInfo: KeyInfo | undefined = undefined;
+		if (publicKey instanceof Ed25519PublicKey) {
+			try {
+				keyInfo = await this.keychain.findKeyById(
+					(await publicKey.toPeerId()).toString()
+				);
+			} catch (e: any) {
+				if (e.code !== "ERR_KEY_NOT_FOUND") {
+					throw e;
+				}
+			}
+		}
+
+		try {
+			keyInfo = await this.keychain.findKeyByName(
+				base58btc.encode(publicKey.bytes)
+			);
+		} catch (e: any) {
+			if (e.code !== "ERR_KEY_NOT_FOUND") {
+				throw e;
+			}
+		}
+
+		if (!keyInfo) {
+			return undefined;
+		}
+
+		const peerId = await this.keychain.exportPeerId(keyInfo.name);
+
+		return (
+			publicKey instanceof X25519PublicKey
+				? X25519Keypair.fromPeerId(peerId)
+				: Ed25519Keypair.fromPeerId(peerId)
+		) as Q;
+	};
+
+	async exportById<
+		T = "ed25519" | "x25519",
+		Q = T extends "ed25519" ? Ed25519Keypair : X25519Keypair
+	>(id: Uint8Array, type: T): Promise<Q | undefined> {
+		const cached = this.getCachedById(id) as Ed25519Keypair | undefined | null;
+		if (cached !== undefined) {
+			// if  null, means key is deleted
+			if (type === "x25519" && cached instanceof Ed25519Keypair) {
+				return X25519Keypair.from(cached) as Q; // TODO perf, don't do this all the time
+			}
+			return cached ? (cached as Q) : undefined;
+		}
+		try {
+			const keyInfo = await this.keychain.findKeyByName(base58btc.encode(id));
+			const peerId = await this.keychain.exportPeerId(keyInfo.name);
+			if (type === "x25519") {
+				return X25519Keypair.fromPeerId(peerId) as Q;
+			}
+			return Ed25519Keypair.fromPeerId(peerId) as Q;
+		} catch (e: any) {
+			if (e.code !== "ERR_KEY_NOT_FOUND") {
+				throw e;
+			}
+		}
+	}
+
+	import = async (keypair: Ed25519Keypair, id: Uint8Array) => {
+		const receiverKeyPeerId = await keypair.toPeerId();
+		this.cacheKey(keypair, id);
+
+		// import as ed
+		await this.keychain.importPeer(base58btc.encode(id), receiverKeyPeerId);
+
+		// import as x so we can decrypt messages with this public key (if recieved any)
+		const xKeypair = await X25519Keypair.from(keypair);
+		this.cacheKey(xKeypair);
+		await this.keychain.importPeer(
+			base58btc.encode(xKeypair.publicKey.bytes),
+			receiverKeyPeerId
+		);
+	};
+
+	// Arrow function is used so we can reference this function and use 'this' without .bind(self)
+	getAnyKeypair = async (publicKeys) => {
+		for (let i = 0; i < publicKeys.length; i++) {
+			try {
+				const key = await this.exportByKey(publicKeys[i]);
+				if (key && key instanceof X25519Keypair) {
+					return {
+						index: i,
+						keypair: key as X25519Keypair,
+					};
+				}
+			} catch (error: any) {
+				// Key missing
+				if (error.code !== "ERR_NOT_FOUND") {
+					throw error;
+				}
+			}
+		}
+		throw new AccessError("Failed to access key");
+	};
+}

package/src/libp2p.ts

@@ -0,0 +1,27 @@
+import { PeerId } from "@libp2p/interface-peer-id";
+import { Ed25519Keypair, Ed25519PublicKey } from "./ed25519.js";
+import { Secp256k1Keypair, Secp256k1PublicKey } from "./sepc256k1.js";
+
+export const getKeypairFromPeerId = (
+	peerId: PeerId
+): Ed25519Keypair | Secp256k1Keypair => {
+	if (peerId.type === "Ed25519") {
+		return Ed25519Keypair.fromPeerId(peerId);
+	}
+	if (peerId.type === "secp256k1") {
+		return Secp256k1Keypair.fromPeerId(peerId);
+	}
+	throw new Error("Unsupported key type");
+};
+
+export const getPublicKeyFromPeerId = (
+	peerId: PeerId
+): Ed25519PublicKey | Secp256k1PublicKey => {
+	if (peerId.type === "Ed25519") {
+		return Ed25519PublicKey.fromPeerId(peerId);
+	}
+	if (peerId.type === "secp256k1") {
+		return Secp256k1PublicKey.from(peerId);
+	}
+	throw new Error("Unsupported key type");
+};

package/src/prehash.ts

@@ -0,0 +1,42 @@
+import { sha256 } from "./hash.js";
+import sha3 from "js-sha3";
+import { toUtf8Bytes } from "@ethersproject/strings";
+import { concat } from "uint8arrays";
+
+const messagePrefix = "\x19Ethereum Signed Message:\n";
+const ethKeccak256Hash = (message: Uint8Array) =>
+	new Uint8Array(
+		sha3.keccak256
+			.update(
+				concat([
+					toUtf8Bytes(messagePrefix),
+					toUtf8Bytes(String(message.length)),
+					message,
+				])
+			)
+			.arrayBuffer()
+	);
+
+export enum PreHash {
+	NONE = 0,
+	SHA_256 = 1,
+	//BLAKE3 = 2,
+	ETH_KECCAK_256 = 3,
+}
+
+export const prehashFn = (
+	data: Uint8Array,
+	prehash: PreHash
+): Promise<Uint8Array> | Uint8Array => {
+	if (prehash === PreHash.NONE) {
+		return data;
+	}
+	if (prehash === PreHash.SHA_256) {
+		return sha256(data);
+	}
+	if (prehash === PreHash.ETH_KECCAK_256) {
+		return ethKeccak256Hash(data);
+	}
+
+	throw new Error("Unsupported");
+};

package/src/random-browser.ts

@@ -0,0 +1,2 @@
+export const randomBytes = (len: number) =>
+	globalThis.crypto.getRandomValues(new Uint8Array(len));

package/src/random.ts

@@ -0,0 +1,2 @@
+import crypto from "crypto";
+export const randomBytes = (len: number) => crypto.randomBytes(len);

package/src/sepc256k1.ts

@@ -0,0 +1,229 @@
+import { field, fixedArray, variant, vec } from "@dao-xyz/borsh";
+import { Keypair, PrivateSignKey, PublicSignKey } from "./key.js";
+import { Wallet } from "@ethersproject/wallet";
+import { arrayify } from "@ethersproject/bytes";
+import { joinSignature } from "@ethersproject/bytes";
+import { SignatureLike, splitSignature } from "@ethersproject/bytes";
+import _ec from "elliptic";
+import EC = _ec.ec;
+let _curve: EC;
+
+import { equals } from "@peerbit/uint8arrays";
+import { toHexString } from "./utils.js";
+import { PeerId } from "@libp2p/interface-peer-id";
+import { Identity, Signer } from "./signer.js";
+import { coerce } from "./bytes.js";
+import { generateKeyPair, supportedKeys } from "@libp2p/crypto/keys";
+import utf8 from "@protobufjs/utf8";
+import { SignatureWithKey } from "./signature.js";
+import { PreHash, prehashFn } from "./prehash.js";
+import { peerIdFromKeys } from "@libp2p/peer-id";
+
+@variant(1)
+export class Secp256k1PublicKey extends PublicSignKey {
+	@field({ type: fixedArray("u8", 33) })
+	publicKey: Uint8Array;
+
+	constructor(properties: { publicKey: Uint8Array }) {
+		super();
+		if (properties.publicKey.length !== 33) {
+			throw new Error("Expecting key to have length 33");
+		}
+		this.publicKey = properties.publicKey;
+	}
+
+	static async recover(wallet: Wallet) {
+		// Signa message
+		const toSign = new Uint8Array([0]);
+		const signature = await wallet.signMessage(toSign);
+
+		// So we can recover the public key
+		const publicKey = recoverPublicKeyFromSignature(
+			await prehashFn(toSign, PreHash.ETH_KECCAK_256),
+			signature
+		);
+
+		return new Secp256k1PublicKey({ publicKey });
+	}
+
+	equals(other: PublicSignKey): boolean {
+		if (other instanceof Secp256k1PublicKey) {
+			return equals(this.publicKey, other.publicKey);
+		}
+		return false;
+	}
+
+	toString(): string {
+		return "sepc256k1/" + toHexString(this.publicKey);
+	}
+
+	static from(id: PeerId) {
+		if (!id.publicKey) {
+			throw new Error("Missing public key");
+		}
+		if (id.type === "secp256k1") {
+			return new Secp256k1PublicKey({
+				publicKey: id.publicKey.slice(4), // computeAddress(!.slice(4)),
+			});
+		}
+		throw new Error("Unsupported key type: " + id.type);
+	}
+}
+
+@variant(1)
+export class Secp256k1PrivateKey extends PrivateSignKey {
+	@field({ type: Uint8Array })
+	privateKey: Uint8Array;
+
+	constructor(properties: { privateKey: Uint8Array }) {
+		super();
+		if (properties.privateKey.length !== 32) {
+			throw new Error("Expecting key to have length 32");
+		}
+
+		this.privateKey = properties.privateKey;
+	}
+
+	equals(other: Secp256k1PrivateKey): boolean {
+		if (other instanceof Secp256k1PrivateKey) {
+			return equals(this.privateKey, other.privateKey);
+		}
+		return false;
+	}
+
+	toString(): string {
+		return "secp256k1s/" + toHexString(this.privateKey);
+	}
+
+	static from(id: PeerId) {
+		if (!id.privateKey) {
+			throw new Error("Missing privateKey key");
+		}
+		if (id.type === "secp256k1") {
+			return new Secp256k1PrivateKey({
+				privateKey: coerce(id.privateKey!.slice(4)),
+			});
+		}
+		throw new Error("Unsupported key type: " + id.type);
+	}
+}
+
+@variant(2)
+export class Secp256k1Keypair extends Keypair implements Identity {
+	@field({ type: Secp256k1PublicKey })
+	publicKey: Secp256k1PublicKey;
+
+	@field({ type: Secp256k1PrivateKey })
+	privateKey: Secp256k1PrivateKey;
+
+	_wallet: Wallet;
+	constructor(properties: {
+		publicKey: Secp256k1PublicKey;
+		privateKey: Secp256k1PrivateKey;
+	}) {
+		super();
+		this.privateKey = properties.privateKey;
+		this.publicKey = properties.publicKey;
+	}
+
+	static async create(): Promise<Secp256k1Keypair> {
+		const generated = await generateKeyPair("secp256k1");
+		const kp = new Secp256k1Keypair({
+			publicKey: new Secp256k1PublicKey({
+				publicKey: generated.public.marshal(),
+			}),
+			privateKey: new Secp256k1PrivateKey({
+				privateKey: generated.marshal(),
+			}),
+		});
+
+		return kp;
+	}
+
+	async sign(
+		data: Uint8Array,
+		prehash: PreHash = PreHash.ETH_KECCAK_256
+	): Promise<SignatureWithKey> {
+		const maybeHashed = await prehashFn(data, prehash);
+
+		const signature = joinSignature(
+			(this._wallet || (this._wallet = new Wallet(this.privateKey.privateKey)))
+				._signingKey()
+				.signDigest(maybeHashed)
+		);
+		const signatureBytes = new Uint8Array(utf8.length(signature)); // TODO utilize Buffer allocUnsafe
+		utf8.write(signature, signatureBytes, 0);
+
+		return new SignatureWithKey({
+			prehash,
+			publicKey: this.publicKey,
+			signature: signatureBytes,
+		});
+	}
+
+	equals(other: Keypair) {
+		if (other instanceof Secp256k1Keypair) {
+			return (
+				this.publicKey.equals(other.publicKey) &&
+				this.privateKey.equals(other.privateKey)
+			);
+		}
+		return false;
+	}
+
+	static fromPeerId(peerId: PeerId) {
+		return new Secp256k1Keypair({
+			privateKey: Secp256k1PrivateKey.from(peerId),
+			publicKey: Secp256k1PublicKey.from(peerId),
+		});
+	}
+
+	toPeerId(): Promise<PeerId> {
+		return peerIdFromKeys(
+			new supportedKeys["secp256k1"].Secp256k1PublicKey(
+				this.publicKey.publicKey
+			).bytes,
+			new supportedKeys["secp256k1"].Secp256k1PrivateKey(
+				this.privateKey.privateKey,
+				this.publicKey.publicKey
+			).bytes
+		);
+	}
+}
+
+const decoder = new TextDecoder();
+
+function getCurve() {
+	if (!_curve) {
+		_curve = new EC("secp256k1");
+	}
+	return _curve;
+}
+
+export const recoverPublicKeyFromSignature = (
+	digest: Uint8Array,
+	signature: SignatureLike
+): Uint8Array => {
+	const sig = splitSignature(signature);
+	const rs = { r: arrayify(sig.r), s: arrayify(sig.s) };
+	return new Uint8Array(
+		getCurve()
+			.recoverPubKey(arrayify(digest), rs, sig.recoveryParam)
+			.encodeCompressed()
+	);
+};
+
+export const verifySignatureSecp256k1 = async (
+	signature: SignatureWithKey,
+	data: Uint8Array
+): Promise<boolean> => {
+	const hashedData = await prehashFn(data, signature.prehash);
+	const signerKey = recoverPublicKeyFromSignature(
+		arrayify(hashedData),
+		decoder.decode(signature.signature)
+	);
+	return equals(
+		signerKey,
+		(signature.publicKey as Secp256k1PublicKey).publicKey
+	);
+};