@peerbit/crypto 2.2.0-efee9d3 → 2.3.0-3a75d6e

package/src/ed25519.ts

@@ -1,17 +1,16 @@
 import { field, fixedArray, variant } from "@dao-xyz/borsh";
-import { PrivateSignKey, PublicSignKey, Keypair } from "./key.js";
-import { equals } from "uint8arrays";
-import { type Identity, type SignWithKey } from "./signer.js";
-import { SignatureWithKey } from "./signature.js";
-import { toHexString } from "./utils.js";
-import { peerIdFromKeys } from "@libp2p/peer-id";
 import { supportedKeys } from "@libp2p/crypto/keys";
-import { coerce } from "./bytes.js";
-import sodium from "libsodium-wrappers";
 import type { Ed25519PeerId, PeerId } from "@libp2p/interface";
+import { peerIdFromKeys } from "@libp2p/peer-id";
+import sodium from "libsodium-wrappers";
+import { concat, equals } from "uint8arrays";
+import { coerce } from "./bytes.js";
 import { sign } from "./ed25519-sign.js";
+import { Keypair, PrivateSignKey, PublicSignKey } from "./key.js";
 import { PreHash } from "./prehash.js";
-import { concat } from "uint8arrays";
+import { SignatureWithKey } from "./signature.js";
+import { type Identity, type SignWithKey } from "./signer.js";
+import { toHexString } from "./utils.js";
 
 @variant(0)
 export class Ed25519PublicKey extends PublicSignKey {
@@ -32,13 +31,14 @@ export class Ed25519PublicKey extends PublicSignKey {
 		}
 		return false;
 	}
+
 	toString(): string {
 		return "ed25119p/" + toHexString(this.publicKey);
 	}
 
 	toPeerId(): Promise<PeerId> {
 		return peerIdFromKeys(
-			new supportedKeys["ed25519"].Ed25519PublicKey(this.publicKey).bytes
+			new supportedKeys["ed25519"].Ed25519PublicKey(this.publicKey).bytes,
 		);
 	}
 
@@ -60,7 +60,7 @@ export class Ed25519PublicKey extends PublicSignKey {
 		}
 		if (id.type === "Ed25519") {
 			return new Ed25519PublicKey({
-				publicKey: coerce(id.publicKey!.slice(4))
+				publicKey: coerce(id.publicKey.slice(4)),
 			});
 		}
 		throw new Error("Unsupported key type: " + id.type);
@@ -101,7 +101,7 @@ export class Ed25519PrivateKey extends PrivateSignKey {
 		}
 		if (id.type === "Ed25519") {
 			return new Ed25519PrivateKey({
-				privateKey: coerce(id.privateKey!.slice(4, 36))
+				privateKey: coerce(id.privateKey.slice(4, 36)),
 			});
 		}
 		throw new Error("Unsupported key type: " + id.type);
@@ -130,11 +130,11 @@ export class Ed25519Keypair extends Keypair implements Identity {
 		const generated = sodium.crypto_sign_keypair();
 		const kp = new Ed25519Keypair({
 			publicKey: new Ed25519PublicKey({
-				publicKey: generated.publicKey
+				publicKey: generated.publicKey,
 			}),
 			privateKey: new Ed25519PrivateKey({
-				privateKey: generated.privateKey.slice(0, 32) // Only the private key part (?)
-			})
+				privateKey: generated.privateKey.slice(0, 32), // Only the private key part (?)
+			}),
 		});
 
 		return kp;
@@ -142,7 +142,7 @@ export class Ed25519Keypair extends Keypair implements Identity {
 
 	sign(
 		data: Uint8Array,
-		prehash: PreHash = PreHash.NONE
+		prehash: PreHash = PreHash.NONE,
 	): Promise<SignatureWithKey> {
 		return sign(data, this, prehash);
 	}
@@ -166,17 +166,17 @@ export class Ed25519Keypair extends Keypair implements Identity {
 	static fromPeerId(peerId: PeerId | Ed25519PeerId) {
 		return new Ed25519Keypair({
 			privateKey: Ed25519PrivateKey.fromPeerID(peerId),
-			publicKey: Ed25519PublicKey.fromPeerId(peerId)
+			publicKey: Ed25519PublicKey.fromPeerId(peerId),
 		});
 	}
 
-	_privateKeyPublicKey: Uint8Array; // length 64
+	_privateKeyPublicKey!: Uint8Array; // length 64
 	get privateKeyPublicKey(): Uint8Array {
 		return (
 			this._privateKeyPublicKey ||
 			(this._privateKeyPublicKey = concat([
 				this.privateKey.privateKey,
-				this.publicKey.publicKey
+				this.publicKey.publicKey,
 			]))
 		);
 	}
@@ -187,8 +187,8 @@ export class Ed25519Keypair extends Keypair implements Identity {
 				.bytes,
 			new supportedKeys["ed25519"].Ed25519PrivateKey(
 				this.privateKeyPublicKey,
-				this.publicKey.publicKey
-			).bytes
+				this.publicKey.publicKey,
+			).bytes,
 		);
 	}
 }

package/src/encryption.ts

@@ -1,31 +1,30 @@
-export * from "./errors.js";
-
 import {
 	type AbstractType,
 	deserialize,
 	field,
+	fixedArray,
 	serialize,
 	variant,
 	vec,
-	fixedArray
 } from "@dao-xyz/borsh";
-import { AccessError } from "./errors.js";
 import sodium from "libsodium-wrappers";
-import { X25519Keypair, X25519PublicKey, X25519SecretKey } from "./x25519.js";
+import { equals as uequals } from "uint8arrays";
 import { Ed25519PublicKey } from "./ed25519.js";
-import { randomBytes } from "./random.js";
+import { AccessError } from "./errors.js";
 import { sha256 } from "./hash.js";
+import { randomBytes } from "./random.js";
+import { X25519Keypair, X25519PublicKey, X25519SecretKey } from "./x25519.js";
+
+export * from "./errors.js";
 
-import { equals as uequals } from "uint8arrays";
 export const equals = (array1?: Uint8Array, array2?: Uint8Array) => {
-	if (!!array1 != !!array2) return false;
+	if (!!array1 !== !!array2) return false;
 	if (!array1 || !array2) {
 		return false;
 	}
 	return uequals(array1, array2);
 };
 
-
 export type MaybePromise<T> = Promise<T> | T;
 
 export type PublicKeyEncryptionParameters = {
@@ -48,7 +47,7 @@ export type KeyExchangeOptions =
 
 type EncryptReturnValue<
 	T,
-	Parameters extends KeyExchangeOptions
+	Parameters extends KeyExchangeOptions,
 > = EncryptedThing<T, EnvelopeFromParameter<Parameters>>;
 
 type CipherWithEnvelope<E = PublicKeyEnvelope | HashedKeyEnvelope> = {
@@ -61,26 +60,26 @@ type SymmetricKeys = Uint8Array;
 type PublicKeyEncryptionKeys = X25519Keypair;
 
 function isAsymmetriEncryptionParameters(
-	parameters: KeyExchangeOptions
+	parameters: KeyExchangeOptions,
 ): parameters is PublicKeyEncryptionParameters {
 	return (
 		(parameters as PublicKeyEncryptionParameters).receiverPublicKeys != null
 	);
 }
 function isAsymmetricEncryptionKeys(
-	parameters: PublicKeyEncryptionKeys | SymmetricKeys
+	parameters: PublicKeyEncryptionKeys | SymmetricKeys,
 ): parameters is PublicKeyEncryptionKeys {
 	return (parameters as PublicKeyEncryptionKeys) instanceof X25519Keypair;
 }
 
 type EnvelopeFromParameter<Parameters extends KeyExchangeOptions> =
 	Parameters extends PublicKeyEncryptionParameters
-	? PublicKeyEnvelope
-	: HashedKeyEnvelope;
+		? PublicKeyEnvelope
+		: HashedKeyEnvelope;
 
 type EncryptProvide<Parameters extends KeyExchangeOptions> = (
 	bytes: Uint8Array,
-	parameters: Parameters
+	parameters: Parameters,
 ) => Promise<CipherWithEnvelope<EnvelopeFromParameter<Parameters>>>;
 
 interface KeyProvider {
@@ -90,14 +89,14 @@ interface KeyProvider {
 export const createLocalEncryptProvider = <
 	K extends PublicKeyEncryptionKeys | SymmetricKeys,
 	Parameters extends KeyExchangeOptions = K extends PublicKeyEncryptionKeys
-	? PublicKeyEncryptionParameters
-	: SymmetricKeyEncryptionParameters
+		? PublicKeyEncryptionParameters
+		: SymmetricKeyEncryptionParameters,
 >(
-	keys: K
+	keys: K,
 ) => {
 	return async (
 		bytes: Uint8Array,
-		parameters: Parameters
+		parameters: Parameters,
 	): Promise<CipherWithEnvelope<EnvelopeFromParameter<Parameters>>> => {
 		const nonce = randomBytes(NONCE_LENGTH); // crypto random is faster than sodim random
 		if (
@@ -113,7 +112,7 @@ export const createLocalEncryptProvider = <
 						return X25519PublicKey.from(key);
 					}
 					return key;
-				})
+				}),
 			);
 
 			const ks = receiverX25519PublicKeys.map((receiverPublicKey) => {
@@ -124,11 +123,11 @@ export const createLocalEncryptProvider = <
 							epheremalKey,
 							kNonce,
 							receiverPublicKey.publicKey,
-							keys.secretKey.secretKey
+							keys.secretKey.secretKey,
 						),
-						nonce: kNonce
+						nonce: kNonce,
 					}),
-					receiverPublicKey
+					receiverPublicKey,
 				});
 			});
 
@@ -137,8 +136,8 @@ export const createLocalEncryptProvider = <
 				nonce,
 				envelope: new PublicKeyEnvelope({
 					senderPublicKey: keys.publicKey,
-					ks
-				}) as EnvelopeFromParameter<Parameters>
+					ks,
+				}) as EnvelopeFromParameter<Parameters>,
 			};
 		} else if (
 			!isAsymmetriEncryptionParameters(parameters) &&
@@ -149,8 +148,8 @@ export const createLocalEncryptProvider = <
 				cipher: new Uint8Array(cipher), // TODO do we need this clone?
 				nonce,
 				envelope: new HashedKeyEnvelope({
-					hash: await sha256(keys)
-				}) as EnvelopeFromParameter<Parameters>
+					hash: await sha256(keys),
+				}) as EnvelopeFromParameter<Parameters>,
 			};
 		}
 
@@ -161,22 +160,22 @@ export const createLocalEncryptProvider = <
 export type DecryptProvider = (
 	encrypted: Uint8Array,
 	nonce: Uint8Array,
-	exchange: Envelope
+	exchange: Envelope,
 ) => Promise<Uint8Array>;
 
 type KeyResolver = <T extends X25519PublicKey | Uint8Array>(
-	key: T
+	key: T,
 ) => Promise<
 	(T extends X25519PublicKey ? X25519Keypair : Uint8Array) | undefined
 >;
 
 export const createDecrypterFromKeyResolver = (
-	keyResolver: KeyResolver
+	keyResolver: KeyResolver,
 ): DecryptProvider => {
 	return async (
 		encrypted: Uint8Array,
 		nonce: Uint8Array,
-		exchange: Envelope
+		exchange: Envelope,
 	): Promise<Uint8Array> => {
 		// We only need to open with one of the keys
 
@@ -189,7 +188,7 @@ export const createDecrypterFromKeyResolver = (
 				if (exported) {
 					key = {
 						index: i,
-						keypair: exported
+						keypair: exported,
 					};
 					break;
 				}
@@ -208,7 +207,7 @@ export const createDecrypterFromKeyResolver = (
 						k._encryptedKey.cipher,
 						k._encryptedKey.nonce,
 						exchange._senderPublicKey.publicKey,
-						secretKey.secretKey
+						secretKey.secretKey,
 					);
 				} catch (error) {
 					throw new AccessError("Failed to decrypt");
@@ -240,15 +239,16 @@ export abstract class MaybeEncrypted<T> {
 	}
 
 	decrypt(
-		keyResolver?: X25519Keypair | KeyProvider
+		keyResolver?: X25519Keypair | KeyProvider,
 	): MaybePromise<DecryptedThing<T>>;
 	decrypt(provider?: DecryptProvider): MaybePromise<DecryptedThing<T>>;
 
 	decrypt(
-		provider?: X25519Keypair | DecryptProvider | KeyProvider
+		provider?: X25519Keypair | DecryptProvider | KeyProvider,
 	): MaybePromise<DecryptedThing<T>> | DecryptedThing<T> {
 		throw new Error("Not implemented");
 	}
+
 	equals(other: MaybeEncrypted<T>): boolean {
 		throw new Error("Not implemented");
 	}
@@ -289,17 +289,17 @@ export class DecryptedThing<T> extends MaybeEncrypted<T> {
 
 	async encrypt<Parameters extends KeyExchangeOptions>(
 		provider: EncryptProvide<Parameters>,
-		parameters: Parameters
+		parameters: Parameters,
 	): Promise<EncryptReturnValue<T, Parameters>>;
 
 	async encrypt(
 		x25519Keypair: X25519Keypair,
-		receiverPublicKeys: (X25519PublicKey | Ed25519PublicKey)[]
+		receiverPublicKeys: (X25519PublicKey | Ed25519PublicKey)[],
 	): Promise<EncryptReturnValue<T, PublicKeyEncryptionParameters>>;
 
 	async encrypt(
 		keypair: EncryptProvide<any> | X25519Keypair,
-		parameters: KeyExchangeOptions | (X25519PublicKey | Ed25519PublicKey)[]
+		parameters: KeyExchangeOptions | (X25519PublicKey | Ed25519PublicKey)[],
 	): Promise<EncryptReturnValue<T, any>> {
 		let provider: EncryptProvide<any>;
 		let options: KeyExchangeOptions;
@@ -310,7 +310,7 @@ export class DecryptedThing<T> extends MaybeEncrypted<T> {
 					| X25519PublicKey
 					| Ed25519PublicKey
 				)[],
-				type: "publicKey"
+				type: "publicKey",
 			};
 		} else {
 			provider = keypair;
@@ -322,17 +322,17 @@ export class DecryptedThing<T> extends MaybeEncrypted<T> {
 		const enc = new EncryptedThing<T, EnvelopeFromParameter<any>>({
 			encrypted: cipher,
 			envelope,
-			nonce
+			nonce,
 		});
 		enc._decrypted = this;
 		return enc;
 	}
 
-	get decrypted(): DecryptedThing<T> {
+	get decrypted(): this {
 		return this;
 	}
 
-	decrypt(): DecryptedThing<T> {
+	decrypt(): this {
 		return this;
 	}
 
@@ -361,11 +361,9 @@ export class CipherWithNonce {
 	@field({ type: Uint8Array })
 	cipher: Uint8Array;
 
-	constructor(props?: { nonce: Uint8Array; cipher: Uint8Array }) {
-		if (props) {
-			this.nonce = props.nonce;
-			this.cipher = props.cipher;
-		}
+	constructor(props: { nonce: Uint8Array; cipher: Uint8Array }) {
+		this.nonce = props.nonce;
+		this.cipher = props.cipher;
 	}
 
 	equals(other: CipherWithNonce): boolean {
@@ -387,14 +385,12 @@ export class K {
 	@field({ type: X25519PublicKey })
 	_receiverPublicKey: X25519PublicKey;
 
-	constructor(props?: {
+	constructor(props: {
 		encryptedKey: CipherWithNonce;
 		receiverPublicKey: X25519PublicKey;
 	}) {
-		if (props) {
-			this._encryptedKey = props.encryptedKey;
-			this._receiverPublicKey = props.receiverPublicKey;
-		}
+		this._encryptedKey = props.encryptedKey;
+		this._receiverPublicKey = props.receiverPublicKey;
 	}
 
 	equals(other: K): boolean {
@@ -421,12 +417,10 @@ class PublicKeyEnvelope extends Envelope {
 	@field({ type: vec(K) })
 	_ks: K[];
 
-	constructor(props?: { senderPublicKey: X25519PublicKey; ks: K[] }) {
+	constructor(props: { senderPublicKey: X25519PublicKey; ks: K[] }) {
 		super();
-		if (props) {
-			this._senderPublicKey = props.senderPublicKey;
-			this._ks = props.ks;
-		}
+		this._senderPublicKey = props.senderPublicKey;
+		this._ks = props.ks;
 	}
 
 	// TODO: should this be comparable to AbstractEnvelope?
@@ -455,12 +449,11 @@ class PublicKeyEnvelope extends Envelope {
 class HashedKeyEnvelope extends Envelope {
 	@field({ type: fixedArray("u8", 32) })
 	hash: Uint8Array;
+
 	// TODO: Do we need a salt here?
-	constructor(props?: { hash: Uint8Array }) {
+	constructor(props: { hash: Uint8Array }) {
 		super();
-		if (props) {
-			this.hash = props.hash;
-		}
+		this.hash = props.hash;
 	}
 
 	// TODO: should this be comparable to AbstractEnvelope?
@@ -479,7 +472,7 @@ class HashedKeyEnvelope extends Envelope {
 @variant(1)
 export class EncryptedThing<
 	T,
-	E extends Envelope = PublicKeyEnvelope | HashedKeyEnvelope
+	E extends Envelope = PublicKeyEnvelope | HashedKeyEnvelope,
 > extends MaybeEncrypted<T> {
 	@field({ type: Uint8Array })
 	_encrypted: Uint8Array;
@@ -490,36 +483,34 @@ export class EncryptedThing<
 	@field({ type: Envelope })
 	_keyexchange: E;
 
-	constructor(props?: {
+	constructor(props: {
 		encrypted: Uint8Array;
 		nonce: Uint8Array;
 		envelope: E;
 	}) {
 		super();
-		if (props) {
-			this._encrypted = props.encrypted;
-			this._nonce = props.nonce;
-			this._keyexchange = props.envelope;
-		}
+		this._encrypted = props.encrypted;
+		this._nonce = props.nonce;
+		this._keyexchange = props.envelope;
 	}
 
 	_decrypted?: DecryptedThing<T>;
 	get decrypted(): DecryptedThing<T> {
 		if (!this._decrypted) {
 			throw new Error(
-				"Entry has not been decrypted, invoke decrypt method before"
+				"Entry has not been decrypted, invoke decrypt method before",
 			);
 		}
 		return this._decrypted;
 	}
 
 	async decrypt(
-		keyResolver?: X25519Keypair | KeyProvider
+		keyResolver?: X25519Keypair | KeyProvider,
 	): Promise<DecryptedThing<T>>;
 	async decrypt(provider?: DecryptProvider): Promise<DecryptedThing<T>>;
 
 	async decrypt(
-		providerOrResolver?: X25519Keypair | DecryptProvider | KeyProvider
+		providerOrResolver?: X25519Keypair | DecryptProvider | KeyProvider,
 	): Promise<DecryptedThing<T>> {
 		let provider: DecryptProvider | undefined;
 		if (typeof providerOrResolver === "function") {
@@ -554,7 +545,7 @@ export class EncryptedThing<
 		const decrypted = await provider(
 			this._encrypted,
 			this._nonce,
-			this._keyexchange
+			this._keyexchange,
 		);
 		if (decrypted) {
 			const der = deserialize(decrypted, DecryptedThing);

package/src/errors.ts

@@ -1,5 +1 @@
-export class AccessError extends Error {
-	constructor(message?: string) {
-		super(message);
-	}
-}
+export class AccessError extends Error {}

package/src/hash.browser.ts

@@ -1,5 +1,6 @@
-import { toBase64 } from "./utils.js";
 import { SHA256 } from "@stablelib/sha256";
+import { toBase64 } from "./utils.js";
+
 export const sha256Base64 = async (bytes: Uint8Array): Promise<string> =>
 	toBase64(await sha256(bytes));
 export const sha256Base64Sync = (bytes: Uint8Array): string =>

package/src/index.ts

@@ -1,3 +1,5 @@
+import libsodium from "libsodium-wrappers";
+
 export * from "./key.js";
 export * from "./ed25519.js";
 export * from "./signature.js";
@@ -10,6 +12,6 @@ export * from "./hash.js";
 export * from "./random.js";
 export * from "./prehash.js";
 export * from "./signer.js";
-import libsodium from "libsodium-wrappers";
+
 const ready = libsodium.ready;
 export { ready };

package/src/key.ts

@@ -1,7 +1,7 @@
 import { field, serialize } from "@dao-xyz/borsh";
-import { sha256Base64Sync } from "./hash.js";
 import { type PeerId } from "@libp2p/interface";
 import { compare } from "uint8arrays";
+import { sha256Base64Sync } from "./hash.js";
 import { toHexString } from "./utils.js";
 
 interface Key {
@@ -27,11 +27,12 @@ export abstract class Keypair {
 }
 
 // ---- SIGNATURE KEYS -----
-export interface PublicSignKey extends Key { }
+export interface PublicSignKey extends Key {}
 export abstract class PublicSignKey implements Key {
-	private _bytes: Uint8Array;
+	private _bytes!: Uint8Array;
+
 	get bytes(): Uint8Array {
-		return this._bytes || this._bytes || serialize(this);
+		return this._bytes || (this._bytes = serialize(this));
 	}
 
 	hashcode(): string {
@@ -43,7 +44,7 @@ export abstract class PublicSignKey implements Key {
 	}
 }
 
-export interface PrivateSignKey extends Key { }
+export interface PrivateSignKey extends Key {}
 export abstract class PrivateSignKey implements Key {
 	get bytes(): Uint8Array {
 		return serialize(this);
@@ -55,7 +56,7 @@ export abstract class PrivateSignKey implements Key {
 }
 
 // ---- PUBLIC KEY ENCRYPTION -----
-export interface PublicKeyEncryptionKey extends Key { }
+export interface PublicKeyEncryptionKey extends Key {}
 export abstract class PublicKeyEncryptionKey implements Key {
 	get bytes(): Uint8Array {
 		return serialize(this);
@@ -65,7 +66,7 @@ export abstract class PublicKeyEncryptionKey implements Key {
 		return this._hashcode || (this._hashcode = sha256Base64Sync(this.bytes));
 	}
 }
-export interface PrivateEncryptionKey extends Key { }
+export interface PrivateEncryptionKey extends Key {}
 export abstract class PrivateEncryptionKey implements Key {
 	get bytes(): Uint8Array {
 		return serialize(this);
@@ -77,7 +78,7 @@ export abstract class PrivateEncryptionKey implements Key {
 }
 
 // ---- OTHER KEYS ----
-export interface PlainKey extends Key { }
+export interface PlainKey extends Key {}
 export abstract class PlainKey implements Key {
 	get bytes(): Uint8Array {
 		return serialize(this);

package/src/peerid.ts

@@ -3,7 +3,7 @@ import { Ed25519Keypair, Ed25519PublicKey } from "./ed25519.js";
 import { Secp256k1Keypair, Secp256k1PublicKey } from "./sepc256k1.js";
 
 export const getKeypairFromPeerId = (
-	peerId: PeerId
+	peerId: PeerId,
 ): Ed25519Keypair | Secp256k1Keypair => {
 	if (peerId.type === "Ed25519") {
 		return Ed25519Keypair.fromPeerId(peerId);
@@ -15,7 +15,7 @@ export const getKeypairFromPeerId = (
 };
 
 export const getPublicKeyFromPeerId = (
-	peerId: PeerId
+	peerId: PeerId,
 ): Ed25519PublicKey | Secp256k1PublicKey => {
 	if (peerId.type === "Ed25519") {
 		return Ed25519PublicKey.fromPeerId(peerId);

package/src/prehash.ts

@@ -1,7 +1,7 @@
-import { sha256 } from "./hash.js";
-import sha3 from "js-sha3";
 import { toUtf8Bytes } from "@ethersproject/strings";
+import sha3 from "js-sha3";
 import { concat } from "uint8arrays";
+import { sha256 } from "./hash.js";
 
 const messagePrefix = "\x19Ethereum Signed Message:\n";
 const ethKeccak256Hash = (message: Uint8Array) =>
@@ -11,22 +11,22 @@ const ethKeccak256Hash = (message: Uint8Array) =>
 				concat([
 					toUtf8Bytes(messagePrefix),
 					toUtf8Bytes(String(message.length)),
-					message
-				])
+					message,
+				]),
 			)
-			.arrayBuffer()
+			.arrayBuffer(),
 	);
 
 export enum PreHash {
 	NONE = 0,
 	SHA_256 = 1,
-	//BLAKE3 = 2,
-	ETH_KECCAK_256 = 3
+	// BLAKE3 = 2,
+	ETH_KECCAK_256 = 3,
 }
 
 export const prehashFn = (
 	data: Uint8Array,
-	prehash: PreHash
+	prehash: PreHash,
 ): Promise<Uint8Array> | Uint8Array => {
 	if (prehash === PreHash.NONE) {
 		return data;

package/src/random.ts

@@ -1,2 +1,3 @@
 import crypto from "crypto";
+
 export const randomBytes = (len: number) => crypto.randomBytes(len);