@pezkuwi/util-crypto 14.0.1

package/src/secp256k1/index.ts

@@ -0,0 +1,10 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+export { secp256k1Compress } from './compress.js';
+export { secp256k1Expand } from './expand.js';
+export { secp256k1PairFromSeed } from './pair/fromSeed.js';
+export { secp256k1Recover } from './recover.js';
+export { secp256k1Sign } from './sign.js';
+export { secp256k1PrivateKeyTweakAdd } from './tweakAdd.js';
+export { secp256k1Verify } from './verify.js';

package/src/secp256k1/pair/fromSeed.spec.ts

@@ -0,0 +1,75 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { hexToU8a, u8aToHex } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { mnemonicToMiniSecret } from '../../mnemonic/index.js';
+import { perfWasm } from '../../test/index.js';
+import { secp256k1PairFromSeed } from '../index.js';
+
+// mnemonic, secret, public, account_id
+type Test = [string, string, string, string];
+
+const tests: Test[] = [
+  [
+    'life fee table ahead modify maximum dumb such tobacco boss dry nurse',
+    '0xf2360e871c830d397fe221382b503f07ddd8763df81a94bb2504390a2fb91f59',
+    '0x036b0aa6beab469dd2b748a0ff5ddbe3d13df1e15c9d28a2aa057212994e127bea',
+    '0xae8e8fcacbaeb607bcdf0bbd7e615f2b4ef484ee54f19d68a7393fb6db2dd9cd'
+  ],
+  [
+    'tide survey cradle cover column ugly author wait eye state elder blame',
+    '0x5385355a5118ec732b9dbcf1668ba21db38b07cf79082dafa9a7cc4b52e4abb0',
+    '0x03929e4f93cdad265751ad8f6365185d8e937610d19b510400f5867d542d60a313',
+    '0xf80ea815da66c42f870b687e1530770d5a7936ae81a147b009506d85bd6d621c'
+  ],
+  [
+    'laugh fish flee cake approve butter april dynamic myth license ticket lobster',
+    '0x83ec65cf9a8a7442d808aef6f8987599f1ba3be880769bb3a20621b13adbd476',
+    '0x0388299e4cfaa33d180a026bd54a46ad98df129a131320a9d2fd6f80e64bc3db39',
+    '0x35036238dd195f4c2169379354bda6cba5746f67bde03ef59a77a4cea80729bc'
+  ],
+  [
+    'animal thing fork recipe exotic pilot inquiry pledge obey slab obtain reveal',
+    '0x0fd50580eb5a58b0eee60c77656dffa50094b539262366f1227d3babfd7343e5',
+    '0x036edc954685ad89f0a23b0fb1eb2b9c3a8600eee9091c758426dfb2bc7889a7c3',
+    '0x2a94b10d1f28810dc4628e7e424b2d08bd3d17fb08f9416d112f17e86c8fa77c'
+  ]
+];
+
+describe('secp256k1PairFromSeed', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  const TEST = hexToU8a('0x4380de832af797688026ce24f85204d508243f201650c1a134929e5458b7fbae');
+  const RESULT = {
+    publicKey: hexToU8a('0x03fd8c74f795ced92064b86191cb2772b1e3a0947740aa0a5a6e379592471fd85b'),
+    secretKey: hexToU8a('0x4380de832af797688026ce24f85204d508243f201650c1a134929e5458b7fbae')
+  };
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('generates a valid publicKey/secretKey pair (u8a)', (): void => {
+        expect(secp256k1PairFromSeed(TEST, onlyJs)).toEqual(RESULT);
+      });
+
+      tests.forEach(([mnemonic, secretKey, publicKey], index): void => {
+        it(`creates valid against known (${index})`, (): void => {
+          const seed = mnemonicToMiniSecret(mnemonic);
+          const pair = secp256k1PairFromSeed(seed, onlyJs);
+
+          expect(u8aToHex(pair.secretKey)).toEqual(secretKey);
+          expect(u8aToHex(pair.publicKey)).toEqual(publicKey);
+        });
+      });
+    });
+  }
+
+  perfWasm('secp256k1PairFromSeed', 500, (input, onlyJs) =>
+    secp256k1PairFromSeed(input, onlyJs)
+  );
+});

package/src/secp256k1/pair/fromSeed.ts

@@ -0,0 +1,42 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { Keypair } from '../../types.js';
+
+import { secp256k1 } from '@noble/curves/secp256k1';
+
+import { hasBigInt, u8aEmpty } from '@pezkuwi/util';
+import { isReady, secp256k1FromSeed } from '@pezkuwi/wasm-crypto';
+
+/**
+ * @name secp256k1PairFromSeed
+ * @description Returns a object containing a `publicKey` & `secretKey` generated from the supplied seed.
+ */
+export function secp256k1PairFromSeed (seed: Uint8Array, onlyJs?: boolean): Keypair {
+  if (seed.length !== 32) {
+    throw new Error('Expected valid 32-byte private key as a seed');
+  }
+
+  if (!hasBigInt || (!onlyJs && isReady())) {
+    const full = secp256k1FromSeed(seed);
+    const publicKey = full.slice(32);
+
+    // There is an issue with the secp256k1 when running in an ASM.js environment where
+    // it seems that the lazy static section yields invalid results on the _first_ run.
+    // If this happens, fail outright, we cannot allow invalid return values
+    // https://github.com/polkadot-js/wasm/issues/307
+    if (u8aEmpty(publicKey)) {
+      throw new Error('Invalid publicKey generated from WASM interface');
+    }
+
+    return {
+      publicKey,
+      secretKey: full.slice(0, 32)
+    };
+  }
+
+  return {
+    publicKey: secp256k1.getPublicKey(seed, true),
+    secretKey: seed
+  };
+}

package/src/secp256k1/recover.spec.ts

@@ -0,0 +1,35 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { u8aToHex, u8aToU8a } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { keccakAsU8a } from '../keccak/index.js';
+import { perfWasm } from '../test/index.js';
+import { secp256k1Recover } from './index.js';
+
+const sig = u8aToU8a('0x7505f2880114da51b3f5d535f8687953c0ab9af4ab81e592eaebebf53b728d2b6dfd9b5bcd70fee412b1f31360e7c2774009305cb84fc50c1d0ff8034dfa5fff');
+const msg = u8aToU8a('0xa30b64ce1eedf409c8afb801d72c05234e64849ea538c15dd3c8cf4ffcf166c9');
+
+describe('secp256k1Recover', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('recovers a publicKey', (): void => {
+        const pubKey = '0x93a9fc7154c6da3c826415df01eb0e37fb4da4b0';
+        const res = keccakAsU8a(secp256k1Recover(msg, sig, 0, undefined, onlyJs));
+
+        expect(u8aToHex(res.subarray(-20))).toEqual(pubKey);
+      });
+    });
+  }
+
+  perfWasm('secp256k1Recover', 200, (_, onlyJs) =>
+    secp256k1Recover(msg, sig, 0, undefined, onlyJs)
+  );
+});

package/src/secp256k1/recover.ts

@@ -0,0 +1,36 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { HashType } from './types.js';
+
+import { secp256k1 } from '@noble/curves/secp256k1';
+
+import { hasBigInt, u8aToU8a } from '@pezkuwi/util';
+import { isReady, secp256k1Recover as wasm } from '@pezkuwi/wasm-crypto';
+
+import { secp256k1Compress } from './compress.js';
+import { secp256k1Expand } from './expand.js';
+
+/**
+ * @name secp256k1Recover
+ * @description Recovers a publicKey from the supplied signature
+ */
+export function secp256k1Recover (msgHash: string | Uint8Array, signature: string | Uint8Array, recovery: number, hashType: HashType = 'blake2', onlyJs?: boolean): Uint8Array {
+  const sig = u8aToU8a(signature).subarray(0, 64);
+  const msg = u8aToU8a(msgHash);
+  const publicKey = !hasBigInt || (!onlyJs && isReady())
+    ? wasm(msg, sig, recovery)
+    : secp256k1.Signature
+      .fromCompact(sig)
+      .addRecoveryBit(recovery)
+      .recoverPublicKey(msg)
+      .toRawBytes();
+
+  if (!publicKey) {
+    throw new Error('Unable to recover publicKey from signature');
+  }
+
+  return hashType === 'keccak'
+    ? secp256k1Expand(publicKey, onlyJs)
+    : secp256k1Compress(publicKey, onlyJs);
+}

package/src/secp256k1/sign.spec.ts

@@ -0,0 +1,39 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { hexToU8a } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { perfWasm } from '../test/index.js';
+import { secp256k1PairFromSeed, secp256k1Sign } from './index.js';
+
+const pair = secp256k1PairFromSeed(hexToU8a('0x4380de832af797688026ce24f85204d508243f201650c1a134929e5458b7fbae'));
+const msg = hexToU8a('0xa30b64ce1eedf409c8afb801d72c05234e64849ea538c15dd3c8cf4ffcf166c9');
+
+describe('sign', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('generates a known signature', (): void => {
+        expect(
+          secp256k1Sign(msg, pair, undefined, onlyJs)
+        ).toEqual(hexToU8a(
+          // from elliptic, this is - 0xdf92f73d9f060cefacf187b5414491cb992998ace017fa48839b5cda3e264ba8c4efa521361678d9b8582744d77aa4b8d886d7380b7808a683174afad9c4700300
+          // libsecp256k1 & @noble/hashes do agree here...
+          '0xdf92f73d9f060cefacf187b5414491cb992998ace017fa48839b5cda3e264ba83b105adec9e9872647a7d8bb28855b45e22805aea3d097953cbb1391f671d13e01'
+        ));
+      });
+    });
+  }
+
+  // since the libsecp256k1 signatures don't match (but can be verified), we
+  // do both signing and verification here (checking the extracted key)
+  perfWasm('secp256k1Sign', 1000, (_, onlyJs) =>
+    secp256k1Sign(msg, pair, undefined, onlyJs)
+  );
+});

package/src/secp256k1/sign.ts

@@ -0,0 +1,37 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { Keypair } from '../types.js';
+import type { HashType } from './types.js';
+
+import { secp256k1 } from '@noble/curves/secp256k1';
+
+import { bnToU8a, hasBigInt, u8aConcat } from '@pezkuwi/util';
+import { isReady, secp256k1Sign as wasm } from '@pezkuwi/wasm-crypto';
+
+import { BN_BE_256_OPTS } from '../bn.js';
+import { hasher } from './hasher.js';
+
+/**
+ * @name secp256k1Sign
+ * @description Returns message signature of `message`, using the supplied pair
+ */
+export function secp256k1Sign (message: Uint8Array | string, { secretKey }: Partial<Keypair>, hashType: HashType = 'blake2', onlyJs?: boolean): Uint8Array {
+  if (secretKey?.length !== 32) {
+    throw new Error('Expected valid secp256k1 secretKey, 32-bytes');
+  }
+
+  const data = hasher(hashType, message, onlyJs);
+
+  if (!hasBigInt || (!onlyJs && isReady())) {
+    return wasm(data, secretKey);
+  }
+
+  const signature = secp256k1.sign(data, secretKey, { lowS: true });
+
+  return u8aConcat(
+    bnToU8a(signature.r, BN_BE_256_OPTS),
+    bnToU8a(signature.s, BN_BE_256_OPTS),
+    new Uint8Array([signature.recovery || 0])
+  );
+}

package/src/secp256k1/signVerify.spec.ts

@@ -0,0 +1,94 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import '../bundleInit.js';
+
+import { stringToU8a } from '@pezkuwi/util';
+
+import { randomAsU8a } from '../random/asU8a.js';
+import { hasher } from './hasher.js';
+import { secp256k1Expand, secp256k1PairFromSeed, secp256k1Sign, secp256k1Verify } from './index.js';
+
+const MESSAGE = stringToU8a('this is a message');
+
+describe('sign and verify', (): void => {
+  it('verify message signature', (): void => {
+    const address = '0x59f587c045d4d4e9aa1016eae43770fc0551df8a385027723342753a876aeef0';
+    const sig = '0x92fcacf0946bbd10b31dfe16d567ed1d3014e81007dd9e5256e19c0f07eacc1643b151ca29e449a765e16a7ce59b88d800467d6b3412d30ea8ad22307a59664b00';
+    const msg = stringToU8a('secp256k1');
+
+    expect(secp256k1Verify(msg, sig, address)).toEqual(true);
+  });
+
+  it('has 65-byte signatures', (): void => {
+    const pair = secp256k1PairFromSeed(randomAsU8a());
+
+    expect(secp256k1Sign(MESSAGE, pair)).toHaveLength(65);
+  });
+
+  it('signs/verifies a message by random key (blake2)', (): void => {
+    const pair = secp256k1PairFromSeed(randomAsU8a());
+    const signature = secp256k1Sign(MESSAGE, pair);
+    const address = hasher('blake2', pair.publicKey);
+
+    expect(secp256k1Verify(MESSAGE, signature, address)).toEqual(true);
+  });
+
+  it('signs/verifies a message by random key (keccak)', (): void => {
+    const pair = secp256k1PairFromSeed(randomAsU8a());
+    const signature = secp256k1Sign(MESSAGE, pair, 'keccak');
+    const address = hasher('keccak', secp256k1Expand(pair.publicKey));
+
+    expect(secp256k1Verify(MESSAGE, signature, address, 'keccak')).toEqual(true);
+  });
+
+  it('fails verification on hasher mismatches', (): void => {
+    const pair = secp256k1PairFromSeed(randomAsU8a());
+    const signature = secp256k1Sign(MESSAGE, pair, 'keccak');
+    const address = hasher('keccak', secp256k1Expand(pair.publicKey));
+
+    expect(secp256k1Verify(MESSAGE, signature, address, 'blake2')).toEqual(false);
+  });
+
+  it('works over a range of random keys (blake2)', (): void => {
+    for (let i = 0; i < 256; i++) {
+      const pair = secp256k1PairFromSeed(randomAsU8a());
+
+      try {
+        expect(
+          secp256k1Verify(
+            MESSAGE,
+            secp256k1Sign(MESSAGE, pair, 'blake2'),
+            hasher('blake2', pair.publicKey),
+            'blake2'
+          )
+        ).toEqual(true);
+      } catch (error) {
+        console.error(`blake2 failed on #${i}`);
+        throw error;
+      }
+    }
+  }, 120000);
+
+  it('works over a range of random keys (keccak)', (): void => {
+    for (let i = 0; i < 256; i++) {
+      const pair = secp256k1PairFromSeed(randomAsU8a());
+
+      try {
+        expect(
+          secp256k1Verify(
+            MESSAGE,
+            secp256k1Sign(MESSAGE, pair, 'keccak'),
+            hasher('keccak', secp256k1Expand(pair.publicKey)),
+            'keccak'
+          )
+        ).toEqual(true);
+      } catch (error) {
+        console.error(`keccak failed on #${i}`);
+        throw error;
+      }
+    }
+  }, 120000);
+});

package/src/secp256k1/tweakAdd.spec.ts

@@ -0,0 +1,35 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { secp256k1PrivateKeyTweakAdd } from './tweakAdd.js';
+
+describe('TweakAdd', (): void => {
+  it('fails for wrong array length', (): void => {
+    const A = new Uint8Array([0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1]);
+    const B = new Uint8Array([3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3]);
+
+    expect(
+      () => secp256k1PrivateKeyTweakAdd(A, B)
+    ).toThrow(/Expected tweak to be an Uint8Array/);
+  });
+
+  for (const onlyBn of [false, true]) {
+    describe(`onlyBn=${(onlyBn && 'true') || 'false'}`, (): void => {
+      it('succeeds for a simple case', (): void => {
+        const A = new Uint8Array([0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1]);
+        const B = new Uint8Array([3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3]);
+
+        expect(
+          secp256k1PrivateKeyTweakAdd(A, B, onlyBn)
+        ).toEqual(new Uint8Array([
+          3, 4, 3, 4, 3, 4, 3, 4, 3,
+          4, 3, 4, 3, 4, 3, 4, 3, 4,
+          3, 4, 3, 4, 3, 4, 3, 4, 3,
+          4, 3, 4, 3, 4
+        ]));
+      });
+    });
+  }
+});

package/src/secp256k1/tweakAdd.ts

@@ -0,0 +1,65 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { _0n, BN, bnToU8a, hasBigInt, isU8a, nToU8a, u8aToBigInt } from '@pezkuwi/util';
+import { BigInt } from '@pezkuwi/x-bigint';
+
+import { BN_BE_256_OPTS, BN_BE_OPTS } from '../bn.js';
+
+// pre-defined curve param as lifted form elliptic
+// https://github.com/indutny/elliptic/blob/e71b2d9359c5fe9437fbf46f1f05096de447de57/lib/elliptic/curves.js#L182
+const N = 'ffffffff ffffffff ffffffff fffffffe baaedce6 af48a03b bfd25e8c d0364141'.replace(/ /g, '');
+const N_BI = BigInt(`0x${N}`);
+const N_BN = new BN(N, 'hex');
+
+function addBi (seckey: Uint8Array, tweak: Uint8Array): Uint8Array {
+  let res = u8aToBigInt(tweak, BN_BE_OPTS);
+
+  if (res >= N_BI) {
+    throw new Error('Tweak parameter is out of range');
+  }
+
+  res += u8aToBigInt(seckey, BN_BE_OPTS);
+
+  if (res >= N_BI) {
+    res -= N_BI;
+  }
+
+  if (res === _0n) {
+    throw new Error('Invalid resulting private key');
+  }
+
+  return nToU8a(res, BN_BE_256_OPTS);
+}
+
+function addBn (seckey: Uint8Array, tweak: Uint8Array): Uint8Array {
+  const res = new BN(tweak);
+
+  if (res.cmp(N_BN) >= 0) {
+    throw new Error('Tweak parameter is out of range');
+  }
+
+  res.iadd(new BN(seckey));
+
+  if (res.cmp(N_BN) >= 0) {
+    res.isub(N_BN);
+  }
+
+  if (res.isZero()) {
+    throw new Error('Invalid resulting private key');
+  }
+
+  return bnToU8a(res, BN_BE_256_OPTS);
+}
+
+export function secp256k1PrivateKeyTweakAdd (seckey: Uint8Array, tweak: Uint8Array, onlyBn?: boolean): Uint8Array {
+  if (!isU8a(seckey) || seckey.length !== 32) {
+    throw new Error('Expected seckey to be an Uint8Array with length 32');
+  } else if (!isU8a(tweak) || tweak.length !== 32) {
+    throw new Error('Expected tweak to be an Uint8Array with length 32');
+  }
+
+  return !hasBigInt || onlyBn
+    ? addBn(seckey, tweak)
+    : addBi(seckey, tweak);
+}

package/src/secp256k1/types.ts

@@ -0,0 +1,4 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+export type HashType = 'blake2' | 'keccak';

package/src/secp256k1/verify.spec.ts

@@ -0,0 +1,81 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import '../bundleInit.js';
+
+import { hexToU8a } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { perfWasm } from '../test/index.js';
+import { hasher } from './hasher.js';
+import { secp256k1PairFromSeed, secp256k1Verify } from './index.js';
+
+const message = 'Pay KSMs to the Kusama account:88dc3417d5058ec4b4503e0c12ea1a0a89be200fe98922423d4334014fa6b0ee';
+
+describe('secp256k1Verify', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('validates known ETH against address', (): void => {
+        expect(
+          secp256k1Verify(
+            `\x19Ethereum Signed Message:\n${message.length.toString()}${message}`,
+            '0x55bd020bdbbdc02de34e915effc9b18a99002f4c29f64e22e8dcbb69e722ea6c28e1bb53b9484063fbbfd205e49dcc1f620929f520c9c4c3695150f05a28f52a01',
+            '0x002309df96687e44280bb72c3818358faeeb699c',
+            'keccak',
+            onlyJs
+          )
+        ).toEqual(true);
+      });
+
+      for (const isPublic of [false, true]) {
+        describe(`validation against known, isPublic=${(isPublic && 'true') || 'false'}`, (): void => {
+          const pair = secp256k1PairFromSeed(hexToU8a('0x4380de832af797688026ce24f85204d508243f201650c1a134929e5458b7fbae'));
+          const msg = hexToU8a('0xa30b64ce1eedf409c8afb801d72c05234e64849ea538c15dd3c8cf4ffcf166c9');
+          const addr = isPublic
+            ? pair.publicKey
+            : hasher('blake2', pair.publicKey, onlyJs);
+
+          it('signature from JS', (): void => {
+            expect(
+              secp256k1Verify(
+                msg,
+                '0xdf92f73d9f060cefacf187b5414491cb992998ace017fa48839b5cda3e264ba8c4efa521361678d9b8582744d77aa4b8d886d7380b7808a683174afad9c4700300',
+                addr,
+                'blake2',
+                onlyJs
+              )
+            ).toEqual(true);
+          });
+
+          it('signature from wasm', (): void => {
+            expect(
+              secp256k1Verify(
+                msg,
+                '0xdf92f73d9f060cefacf187b5414491cb992998ace017fa48839b5cda3e264ba83b105adec9e9872647a7d8bb28855b45e22805aea3d097953cbb1391f671d13e01',
+                addr,
+                'blake2',
+                onlyJs
+              )
+            ).toEqual(true);
+          });
+        });
+      }
+    });
+  }
+
+  perfWasm('secp256k1Verify', 100, (_, onlyJs) =>
+    secp256k1Verify(
+      `\x19Ethereum Signed Message:\n${message.length.toString()}${message}`,
+      '0x55bd020bdbbdc02de34e915effc9b18a99002f4c29f64e22e8dcbb69e722ea6c28e1bb53b9484063fbbfd205e49dcc1f620929f520c9c4c3695150f05a28f52a01',
+      '0x002309df96687e44280bb72c3818358faeeb699c',
+      'keccak',
+      onlyJs
+    )
+  );
+});

package/src/secp256k1/verify.ts

@@ -0,0 +1,32 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { HashType } from './types.js';
+
+import { u8aEq, u8aToU8a } from '@pezkuwi/util';
+
+import { hasher } from './hasher.js';
+import { secp256k1Recover } from './recover.js';
+
+/**
+ * @name secp256k1Verify
+ * @description Verifies the signature of `message`, using the supplied pair
+ */
+export function secp256k1Verify (msgHash: string | Uint8Array, signature: string | Uint8Array, address: string | Uint8Array, hashType: HashType = 'blake2', onlyJs?: boolean): boolean {
+  const sig = u8aToU8a(signature);
+
+  if (sig.length !== 65) {
+    throw new Error(`Expected signature with 65 bytes, ${sig.length} found instead`);
+  }
+
+  const publicKey = secp256k1Recover(hasher(hashType, msgHash), sig, sig[64], hashType, onlyJs);
+  const signerAddr = hasher(hashType, publicKey, onlyJs);
+  const inputAddr = u8aToU8a(address);
+
+  // for Ethereum (keccak) the last 20 bytes is the address
+  return u8aEq(publicKey, inputAddr) || (
+    hashType === 'keccak'
+      ? u8aEq(signerAddr.slice(-20), inputAddr.slice(-20))
+      : u8aEq(signerAddr, inputAddr)
+  );
+}

package/src/sha/asU8a.ts

@@ -0,0 +1,30 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { sha256 as sha256Js } from '@noble/hashes/sha256';
+import { sha512 as sha512Js } from '@noble/hashes/sha512';
+
+import { sha256, sha512 } from '@pezkuwi/wasm-crypto';
+
+import { createBitHasher, createDualHasher } from '../helpers.js';
+
+/**
+ * @name shaAsU8a
+ * @summary Creates a sha Uint8Array from the input.
+ */
+export const shaAsU8a = /*#__PURE__*/ createDualHasher(
+  { 256: sha256, 512: sha512 },
+  { 256: sha256Js, 512: sha512Js }
+);
+
+/**
+ * @name sha256AsU8a
+ * @summary Creates a sha256 Uint8Array from the input.
+ */
+export const sha256AsU8a = /*#__PURE__*/ createBitHasher(256, shaAsU8a);
+
+/**
+ * @name sha512AsU8a
+ * @summary Creates a sha512 Uint8Array from the input.
+ */
+export const sha512AsU8a = /*#__PURE__*/ createBitHasher(512, shaAsU8a);