@pezkuwi/util-crypto 14.0.1

package/src/networks.ts

@@ -0,0 +1,5 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+// Don't use a export * since we don't want to duplicate packageInfo
+export { allNetworks, availableNetworks, selectableNetworks } from '@pezkuwi/networks';

package/src/packageDetect.ts

@@ -0,0 +1,14 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+// Do not edit, auto-generated by @polkadot/dev
+// (packageInfo imports will be kept as-is, user-editable)
+
+import { packageInfo as netInfo } from '@pezkuwi/networks/packageInfo';
+import { detectPackage } from '@pezkuwi/util';
+import { packageInfo as utilInfo } from '@pezkuwi/util/packageInfo';
+import { packageInfo as randomInfo } from '@pezkuwi/x-randomvalues';
+
+import { packageInfo } from './packageInfo.js';
+
+detectPackage(packageInfo, null, [netInfo, randomInfo, utilInfo]);

package/src/packageInfo.ts

@@ -0,0 +1,6 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+// Do not edit, auto-generated by @polkadot/dev
+
+export const packageInfo = { name: '@polkadot/util-crypto', path: 'auto', type: 'auto', version: '14.0.1' };

package/src/pbkdf2/encode.spec.ts

@@ -0,0 +1,54 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { u8aEq, u8aToHex } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { randomAsU8a } from '../random/asU8a.js';
+import { perfWasm } from '../test/index.js';
+import { pbkdf2Encode } from './index.js';
+
+const KNOWN_SALT = new Uint8Array([
+  1, 2, 3, 4, 5, 6, 7, 8,
+  9, 10, 11, 12, 13, 14, 15, 16,
+  17, 18, 19, 20, 21, 22, 23, 24,
+  25, 26, 27, 28, 29, 30, 31, 32
+]);
+const TEST_PASSWORD = 'test password';
+
+describe('pbkdf2Encode', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const rounds of [256, 1024, 2048] as const) {
+    it(`has equivalent Wasm & JS results (${rounds} rounds)`, (): void => {
+      const salt = randomAsU8a();
+
+      expect(
+        u8aEq(
+          pbkdf2Encode(TEST_PASSWORD, salt, rounds, false).password,
+          pbkdf2Encode(TEST_PASSWORD, salt, rounds, true).password
+        )
+      ).toBe(true);
+    });
+  }
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('creates known iterations', (): void => {
+        expect(
+          u8aToHex(pbkdf2Encode(TEST_PASSWORD, KNOWN_SALT, 2048, onlyJs).password)
+        ).toEqual(
+          '0x600ba9ad65e4294d112e028fdad5dd8fce0a6a6e6b89fb36ed006785ccc3b3aec46831b3105c24237293e6cfa1a0ef6717c113f87ff9237a3f73d210adfa6634'
+        );
+      });
+    });
+  }
+
+  perfWasm('pbkdf2Encode', 8, (input, onlyJs) =>
+    pbkdf2Encode(input, input, undefined, onlyJs)
+  );
+});

package/src/pbkdf2/encode.ts

@@ -0,0 +1,29 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { pbkdf2 as pbkdf2Js } from '@noble/hashes/pbkdf2';
+import { sha512 } from '@noble/hashes/sha512';
+
+import { hasBigInt, u8aToU8a } from '@pezkuwi/util';
+import { isReady, pbkdf2 } from '@pezkuwi/wasm-crypto';
+
+import { randomAsU8a } from '../random/asU8a.js';
+
+interface Result {
+  password: Uint8Array;
+  rounds: number;
+  salt: Uint8Array;
+}
+
+export function pbkdf2Encode (passphrase?: string | Uint8Array, salt: Uint8Array = randomAsU8a(), rounds = 2048, onlyJs?: boolean): Result {
+  const u8aPass = u8aToU8a(passphrase);
+  const u8aSalt = u8aToU8a(salt);
+
+  return {
+    password: !hasBigInt || (!onlyJs && isReady())
+      ? pbkdf2(u8aPass, u8aSalt, rounds)
+      : pbkdf2Js(sha512, u8aPass, u8aSalt, { c: rounds, dkLen: 64 }),
+    rounds,
+    salt
+  };
+}

package/src/pbkdf2/index.ts

@@ -0,0 +1,4 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+export { pbkdf2Encode } from './encode.js';

package/src/random/asHex.spec.ts

@@ -0,0 +1,38 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { isHex } from '@pezkuwi/util';
+
+import { randomAsHex } from './index.js';
+
+describe('randomAsBuffer', (): void => {
+  it('generated results does not match', (): void => {
+    expect(
+      randomAsHex()
+    ).not.toEqual(
+      randomAsHex()
+    );
+  });
+
+  it('is a valid hex number', (): void => {
+    expect(
+      isHex(
+        randomAsHex()
+      )
+    ).toEqual(true);
+  });
+
+  it('generates 32 bytes by default', (): void => {
+    expect(
+      randomAsHex()
+    ).toHaveLength(32 * 2 + 2);
+  });
+
+  it('generates with the supplied length', (): void => {
+    expect(
+      randomAsHex(66)
+    ).toHaveLength(66 * 2 + 2);
+  });
+});

package/src/random/asNumber.spec.ts

@@ -0,0 +1,16 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { randomAsNumber } from './index.js';
+
+describe('randomAsNumber', (): void => {
+  it('generates subsequent non-matching numbers', (): void => {
+    expect(
+      randomAsNumber()
+    ).not.toEqual(
+      randomAsNumber()
+    );
+  });
+});

package/src/random/asNumber.ts

@@ -0,0 +1,28 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { BN, hexToBn } from '@pezkuwi/util';
+
+import { randomAsHex } from './asU8a.js';
+
+const BN_53 = new BN(0b11111111111111111111111111111111111111111111111111111);
+
+/**
+ * @name randomAsNumber
+ * @summary Creates a random number from random bytes.
+ * @description
+ * Returns a random number generated from the secure bytes.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { randomAsNumber } from '@pezkuwi/util-crypto';
+ *
+ * randomAsNumber(); // => <random number>
+ * ```
+ */
+export function randomAsNumber (): number {
+  return hexToBn(
+    randomAsHex(8)
+  ).and(BN_53).toNumber();
+}

package/src/random/asU8a.spec.ts

@@ -0,0 +1,36 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { isU8a } from '@pezkuwi/util';
+
+import { randomAsU8a } from './index.js';
+
+describe('randomAsU8a', (): void => {
+  it('generates a Uint8Array', (): void => {
+    expect(
+      isU8a(randomAsU8a())
+    ).toEqual(true);
+  });
+
+  it('generated results does not match', (): void => {
+    expect(
+      randomAsU8a()
+    ).not.toEqual(
+      randomAsU8a()
+    );
+  });
+
+  it('generates 32 bytes by default', (): void => {
+    expect(
+      randomAsU8a()
+    ).toHaveLength(32);
+  });
+
+  it('generates with the suuplied length', (): void => {
+    expect(
+      randomAsU8a(66)
+    ).toHaveLength(66);
+  });
+});

package/src/random/asU8a.ts

@@ -0,0 +1,30 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { getRandomValues } from '@pezkuwi/x-randomvalues';
+
+import { createAsHex } from '../helpers.js';
+
+/**
+ * @name randomAsU8a
+ * @summary Creates a Uint8Array filled with random bytes.
+ * @description
+ * Returns a `Uint8Array` with the specified (optional) length filled with random bytes.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { randomAsU8a } from '@pezkuwi/util-crypto';
+ *
+ * randomAsU8a(); // => Uint8Array([...])
+ * ```
+ */
+export function randomAsU8a (length = 32): Uint8Array {
+  return getRandomValues(new Uint8Array(length));
+}
+
+/**
+ * @name randomAsHex
+ * @description Creates a hex string filled with random bytes.
+ */
+export const randomAsHex = /*#__PURE__*/ createAsHex(randomAsU8a);

package/src/random/index.ts

@@ -0,0 +1,9 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/**
+ * @summary Returns a sequence of secure random bytes in a variety of formats
+ */
+
+export { randomAsNumber } from './asNumber.js';
+export { randomAsHex, randomAsU8a } from './asU8a.js';

package/src/scrypt/defaults.ts

@@ -0,0 +1,19 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { ScryptParams } from './types.js';
+
+export const ALLOWED_PARAMS: ScryptParams[] = [
+  { N: 1 << 13, p: 10, r: 8 },
+  { N: 1 << 14, p: 5, r: 8 },
+  { N: 1 << 15, p: 3, r: 8 },
+  { N: 1 << 15, p: 1, r: 8 },
+  { N: 1 << 16, p: 2, r: 8 },
+  { N: 1 << 17, p: 1, r: 8 }
+];
+
+export const DEFAULT_PARAMS: ScryptParams = {
+  N: 1 << 17,
+  p: 1,
+  r: 8
+};

package/src/scrypt/encode.spec.ts

@@ -0,0 +1,43 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { perfWasm } from '../test/index.js';
+import { DEFAULT_PARAMS } from './defaults.js';
+import { scryptEncode } from './index.js';
+
+// eslint-disable-next-line jest/no-export
+export const KNOWN_TEST = 'testing, 123';
+
+// eslint-disable-next-line jest/no-export
+export const KNOWN_PASS = new Uint8Array([225, 18, 85, 30, 46, 178, 200, 63, 147, 225, 37, 46, 88, 224, 151, 132, 48, 206, 104, 234, 120, 112, 243, 198, 92, 52, 101, 127, 242, 22, 116, 55, 74, 29, 17, 197, 38, 191, 128, 39, 255, 119, 175, 113, 180, 252, 171, 10, 78, 93, 226, 7, 166, 120, 99, 198, 225, 158, 107, 132, 226, 73, 129, 35]);
+
+// eslint-disable-next-line jest/no-export
+export const KNOWN_SALT = new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8]);
+
+describe('scryptEncode', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('generates a known output', (): void => {
+        expect(
+          scryptEncode(KNOWN_TEST, KNOWN_SALT, undefined, onlyJs)
+        ).toEqual({
+          params: DEFAULT_PARAMS,
+          password: KNOWN_PASS,
+          salt: KNOWN_SALT
+        });
+      });
+    });
+  }
+
+  perfWasm('scryptEncode', 4, (input, onlyJs) =>
+    scryptEncode(input, input, undefined, onlyJs)
+  );
+});

package/src/scrypt/encode.ts

@@ -0,0 +1,30 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { ScryptParams } from './types.js';
+
+import { scrypt as scryptJs } from '@noble/hashes/scrypt';
+
+import { hasBigInt, objectSpread, u8aToU8a } from '@pezkuwi/util';
+import { isReady, scrypt } from '@pezkuwi/wasm-crypto';
+
+import { randomAsU8a } from '../random/asU8a.js';
+import { DEFAULT_PARAMS } from './defaults.js';
+
+interface Result {
+  params: ScryptParams,
+  password: Uint8Array;
+  salt: Uint8Array;
+}
+
+export function scryptEncode (passphrase?: string | Uint8Array, salt = randomAsU8a(), params = DEFAULT_PARAMS, onlyJs?: boolean): Result {
+  const u8a = u8aToU8a(passphrase);
+
+  return {
+    params,
+    password: !hasBigInt || (!onlyJs && isReady())
+      ? scrypt(u8a, salt, Math.log2(params.N), params.r, params.p)
+      : scryptJs(u8a, salt, objectSpread({ dkLen: 64 }, params)),
+    salt
+  };
+}

package/src/scrypt/fromU8a.ts

@@ -0,0 +1,44 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { ScryptParams } from './types.js';
+
+import { u8aToBn } from '@pezkuwi/util';
+
+import { BN_LE_OPTS } from '../bn.js';
+import { ALLOWED_PARAMS } from './defaults.js';
+
+interface Result {
+  params: ScryptParams,
+  salt: Uint8Array;
+}
+
+export function scryptFromU8a (data: Uint8Array): Result {
+  if (!(data instanceof Uint8Array)) {
+    throw new Error('Expected input to be a Uint8Array');
+  }
+
+  // Ensure the input is exactly 44 bytes: 32 for salt + 3 * 4 for N, p, r
+  if (data.length < 32 + 12) {
+    throw new Error(`Invalid input length: expected 44 bytes, found ${data.length}`);
+  }
+
+  const salt = data.subarray(0, 32);
+  const N = u8aToBn(data.subarray(32, 36), BN_LE_OPTS).toNumber();
+  const p = u8aToBn(data.subarray(36, 40), BN_LE_OPTS).toNumber();
+  const r = u8aToBn(data.subarray(40, 44), BN_LE_OPTS).toNumber();
+
+  if (N > (1 << 20) || p > 4 || r > 16) {
+    throw new Error('Scrypt parameters exceed safe limits');
+  }
+
+  const isAllowed = ALLOWED_PARAMS.some((preset) =>
+    preset.N === N && preset.p === p && preset.r === r
+  );
+
+  if (!isAllowed) {
+    throw new Error('Invalid injected scrypt params found');
+  }
+
+  return { params: { N, p, r }, salt };
+}

package/src/scrypt/index.ts

@@ -0,0 +1,6 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+export { scryptEncode } from './encode.js';
+export { scryptFromU8a } from './fromU8a.js';
+export { scryptToU8a } from './toU8a.js';

package/src/scrypt/toU8a.ts

@@ -0,0 +1,17 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { ScryptParams } from './types.js';
+
+import { bnToU8a, u8aConcat } from '@pezkuwi/util';
+
+import { BN_LE_32_OPTS } from '../bn.js';
+
+export function scryptToU8a (salt: Uint8Array, { N, p, r }: ScryptParams): Uint8Array {
+  return u8aConcat(
+    salt,
+    bnToU8a(N, BN_LE_32_OPTS),
+    bnToU8a(p, BN_LE_32_OPTS),
+    bnToU8a(r, BN_LE_32_OPTS)
+  );
+}

package/src/scrypt/types.ts

@@ -0,0 +1,9 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/** The params that control scrypt generation */
+export interface ScryptParams {
+  N: number;
+  p: number;
+  r: number;
+}

package/src/secp256k1/compress.spec.ts

@@ -0,0 +1,47 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { hexToU8a } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { perfWasm } from '../test/index.js';
+import { secp256k1Compress } from './index.js';
+
+describe('secp256k1Compress', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('returns a compressed key as-is', (): void => {
+        expect(
+          secp256k1Compress(
+            hexToU8a('0x03b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb13077'),
+            onlyJs
+          )
+        ).toEqual(
+          hexToU8a('0x03b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb13077')
+        );
+      });
+
+      it('compresses a known key', (): void => {
+        expect(
+          secp256k1Compress(
+            hexToU8a('0x04b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb1307763fe926c273235fd979a134076d00fd1683cbd35868cb485d4a3a640e52184af'),
+            onlyJs
+          )
+        ).toEqual(
+          hexToU8a('0x03b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb13077')
+        );
+      });
+    });
+  }
+
+  perfWasm('secp256k1Compress', 100000, (input, onlyJs) => secp256k1Compress(input, onlyJs), [[
+    hexToU8a('0x04b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb1307763fe926c273235fd979a134076d00fd1683cbd35868cb485d4a3a640e52184af')
+  ]]
+  );
+});

package/src/secp256k1/compress.ts

@@ -0,0 +1,21 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { secp256k1 } from '@noble/curves/secp256k1';
+
+import { hasBigInt } from '@pezkuwi/util';
+import { isReady, secp256k1Compress as wasm } from '@pezkuwi/wasm-crypto';
+
+export function secp256k1Compress (publicKey: Uint8Array, onlyJs?: boolean): Uint8Array {
+  if (![33, 65].includes(publicKey.length)) {
+    throw new Error(`Invalid publicKey provided, received ${publicKey.length} bytes input`);
+  }
+
+  if (publicKey.length === 33) {
+    return publicKey;
+  }
+
+  return !hasBigInt || (!onlyJs && isReady())
+    ? wasm(publicKey)
+    : secp256k1.ProjectivePoint.fromHex(publicKey).toRawBytes(true);
+}

package/src/secp256k1/deriveHard.ts

@@ -0,0 +1,17 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { compactAddLength, isU8a, stringToU8a, u8aConcat } from '@pezkuwi/util';
+
+import { blake2AsU8a } from '../blake2/asU8a.js';
+
+const HDKD = compactAddLength(stringToU8a('Secp256k1HDKD'));
+
+export function secp256k1DeriveHard (seed: Uint8Array, chainCode: Uint8Array): Uint8Array {
+  if (!isU8a(chainCode) || chainCode.length !== 32) {
+    throw new Error('Invalid chainCode passed to derive');
+  }
+
+  // NOTE This is specific to the Substrate HDD derivation, so always use the blake2 hasher
+  return blake2AsU8a(u8aConcat(HDKD, seed, chainCode), 256);
+}

package/src/secp256k1/expand.spec.ts

@@ -0,0 +1,47 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { hexToU8a } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { perfWasm } from '../test/index.js';
+import { secp256k1Expand } from './index.js';
+
+describe('secp256k1Expand', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('expands a known key', (): void => {
+        expect(
+          secp256k1Expand(
+            hexToU8a('0x03b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb13077'),
+            onlyJs
+          )
+        ).toEqual(
+          hexToU8a('0xb9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb1307763fe926c273235fd979a134076d00fd1683cbd35868cb485d4a3a640e52184af')
+        );
+      });
+
+      it('expands a known full key', (): void => {
+        expect(
+          secp256k1Expand(
+            hexToU8a('0x04b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb1307763fe926c273235fd979a134076d00fd1683cbd35868cb485d4a3a640e52184af'),
+            onlyJs
+          )
+        ).toEqual(
+          hexToU8a('0xb9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb1307763fe926c273235fd979a134076d00fd1683cbd35868cb485d4a3a640e52184af')
+        );
+      });
+    });
+  }
+
+  perfWasm('secp256k1Expand', 2000, (input, onlyJs) => secp256k1Expand(input, onlyJs), [[
+    hexToU8a('0x03b9dc646dd71118e5f7fda681ad9eca36eb3ee96f344f582fbe7b5bcdebb13077')
+  ]]
+  );
+});

package/src/secp256k1/expand.ts

@@ -0,0 +1,30 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { secp256k1 } from '@noble/curves/secp256k1';
+
+import { bnToU8a, hasBigInt, u8aConcat } from '@pezkuwi/util';
+import { isReady, secp256k1Expand as wasm } from '@pezkuwi/wasm-crypto';
+
+import { BN_BE_256_OPTS } from '../bn.js';
+
+export function secp256k1Expand (publicKey: Uint8Array, onlyJs?: boolean): Uint8Array {
+  if (![33, 65].includes(publicKey.length)) {
+    throw new Error(`Invalid publicKey provided, received ${publicKey.length} bytes input`);
+  }
+
+  if (publicKey.length === 65) {
+    return publicKey.subarray(1);
+  }
+
+  if (!hasBigInt || (!onlyJs && isReady())) {
+    return wasm(publicKey).subarray(1);
+  }
+
+  const { px, py } = secp256k1.ProjectivePoint.fromHex(publicKey);
+
+  return u8aConcat(
+    bnToU8a(px, BN_BE_256_OPTS),
+    bnToU8a(py, BN_BE_256_OPTS)
+  );
+}

package/src/secp256k1/hasher.spec.ts

@@ -0,0 +1,24 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { hasher } from './hasher.js';
+
+describe('hasher', (): void => {
+  it('creates a blake2 hash', (): void => {
+    expect(
+      hasher('blake2', 'abc')
+    ).toEqual(
+      new Uint8Array([189, 221, 129, 60, 99, 66, 57, 114, 49, 113, 239, 63, 238, 152, 87, 155, 148, 150, 78, 59, 177, 203, 62, 66, 114, 98, 200, 192, 104, 213, 35, 25])
+    );
+  });
+
+  it('creates a keccak hash', (): void => {
+    expect(
+      hasher('keccak', 'abc')
+    ).toEqual(
+      new Uint8Array([78, 3, 101, 122, 234, 69, 169, 79, 199, 212, 123, 168, 38, 200, 214, 103, 192, 209, 230, 227, 58, 100, 160, 54, 236, 68, 245, 143, 161, 45, 108, 69])
+    );
+  });
+});

package/src/secp256k1/hasher.ts

@@ -0,0 +1,13 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { HashType } from './types.js';
+
+import { blake2AsU8a } from '../blake2/index.js';
+import { keccakAsU8a } from '../keccak/index.js';
+
+export function hasher (hashType: HashType, data: Uint8Array | string, onlyJs?: boolean): Uint8Array {
+  return hashType === 'keccak'
+    ? keccakAsU8a(data, undefined, onlyJs)
+    : blake2AsU8a(data, undefined, undefined, onlyJs);
+}