@pezkuwi/util-crypto 14.0.1

package/src/sha/asU8a256.spec.ts

@@ -0,0 +1,55 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { hexToU8a } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { perfWasm } from '../test/index.js';
+import { sha256AsU8a } from './index.js';
+
+const TESTS = [
+  {
+    input: '0xe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
+    output: '0x5df6e0e2761359d30a8275058e299fcc0381534545f55cf43e41983f5d4c9456'
+  },
+  {
+    input: '0x7941cb07924fdc7b710e11d98d82850e89566e1c3cb980517ffe4b430f86dfd5',
+    output: '0xe668668fa102ccd4d3cf50e4472be8426e7dc52d6d355bee8c5e2177d1de81f7'
+  },
+  {
+    input: '0x5d9a905bc3ca7c153623af0a05231960eb3f5bdd5b8b7b55ede8b2deac689d65',
+    output: '0x6721bc38e80d03f4f45f1544819d17e0c33674eb6efcddf6c6192cd78194dd9f'
+  },
+  {
+    input: '0xb0cd6528ae4d5baf7c6f0d202e7f372b6488d22b2a5bd72f794f8f1e6031b31f',
+    output: '0x353f5a030af27885aed3571cd9e2cac9f4331c51d31cef496a586496aec32256'
+  },
+  {
+    input: '0x841267bd4110e1b634e17cd019abc6ae4f9a6dd097fb063000c1615a643b5463',
+    output: '0x8174a30d921978e7055516189872cca737b49468c6bcf7fdfe59d4a54c489a1f'
+  }
+];
+
+describe('sha256AsU8a', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      for (const { input, output } of TESTS) {
+        it(`creates known sha-256 hash, ${output}`, (): void => {
+          expect(
+            sha256AsU8a(hexToU8a(input), onlyJs)
+          ).toEqual(hexToU8a(output));
+        });
+      }
+    });
+  }
+
+  perfWasm('sha256AsU8a', 128000, (input, onlyJs) =>
+    sha256AsU8a(input, onlyJs)
+  );
+});

package/src/sha/asU8a512.spec.ts

@@ -0,0 +1,33 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { perfWasm } from '../test/index.js';
+import { sha512AsU8a } from './index.js';
+
+describe('sha512AsU8a', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  for (const onlyJs of [false, true]) {
+    describe(`onlyJs=${(onlyJs && 'true') || 'false'}`, (): void => {
+      it('creates a sha-512 hash', (): void => {
+        expect(
+          sha512AsU8a(Uint8Array.from([0x61, 0x62, 0x63, 0x64]), onlyJs)
+        ).toEqual(
+          Uint8Array.from([
+            216, 2, 47, 32, 96, 173, 110, 253, 41, 122, 183, 61, 204, 83, 85, 201, 178, 20, 5, 75, 13, 23, 118, 161, 54, 166, 105, 210, 106, 125, 59, 20, 247, 58, 160, 208, 235, 255, 25, 238, 51, 51, 104, 240, 22, 75, 100, 25, 169, 109, 164, 158, 62, 72, 23, 83, 231, 233, 107, 113, 107, 220, 203, 111
+          ])
+        );
+      });
+    });
+  }
+
+  perfWasm('sha512AsU8a', 64000, (input, onlyJs) =>
+    sha512AsU8a(input, onlyJs)
+  );
+});

package/src/sha/index.ts

@@ -0,0 +1,8 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/**
+ * @summary Implements Sha-256/512 hashing functions for a variety of input and outputs
+ */
+
+export { sha256AsU8a, sha512AsU8a, shaAsU8a } from './asU8a.js';

package/src/signature/index.ts

@@ -0,0 +1,8 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/**
+ * @summary Utilities for working with signatures
+ */
+
+export { signatureVerify } from './verify.js';

package/src/signature/verify.spec.ts

@@ -0,0 +1,230 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { hexToU8a, stringToU8a, u8aConcat, u8aToHex, u8aWrapBytes } from '@pezkuwi/util';
+import { waitReady } from '@pezkuwi/wasm-crypto';
+
+import { decodeAddress } from '../address/index.js';
+import { secp256k1Sign } from '../secp256k1/sign.js';
+import { signatureVerify } from './index.js';
+
+const ADDR_ED = 'DxN4uvzwPzJLtn17yew6jEffPhXQfdKHTp2brufb98vGbPN';
+const ADDR_SR = 'EK1bFgKm2FsghcttHT7TB7rNyXApFgs9fCbijMGQNyFGBQm';
+const ADDR_SR_WRAP = 'J9nD3s7zssCX7bion1xctAF6xcVexcpy2uwy4jTm9JL8yuK';
+const ADDR_EC = 'XyFVXiGaHxoBhXZkSh6NS2rjFyVaVNUo5UiZDqZbuSfUdji';
+const ADDR_ET = '0x54Dab85EE2c7b9F7421100d7134eFb5DfA4239bF';
+const MESSAGE = 'hello world';
+const SIG_ED = '0x299d3bf4c8bb51af732f8067b3a3015c0862a5ff34721749d8ed6577ea2708365d1c5f76bd519009971e41156f12c70abc2533837ceb3bad9a05a99ab923de06';
+const SIG_SR = '0xca01419b5a17219f7b78335658cab3b126db523a5df7be4bfc2bef76c2eb3b1dcf4ca86eb877d0a6cf6df12db5995c51d13b00e005d053b892bd09c594434288';
+const SIG_SR_WRAP = '0x84b6afb1c8e54bbcb3f4872baf172580e21310e9387a53742627d6652d121447fa406b82805ed3184fb7bd519175cc9f99f283f97954d95cf966ee164df85489';
+const SIG_EC = '0x994638ee586d2c5dbd9bacacbc35d9b7e9018de8f7892f00c900db63bc57b1283e2ee7bc51a9b1c1dae121ac4f4b9e2a41cd1d6bf4bb3e24d7fed6faf6d85e0501';
+const SIG_ET = '0x4e35aad35793b71f08566615661c9b741d7c605bc8935ac08608dff685324d71b5704fbd14c9297d2f584ea0735f015dcf0def66b802b3f555e1db916eda4b7700';
+const MUL_ED = u8aToHex(u8aConcat(new Uint8Array([0]), hexToU8a(SIG_ED)));
+const MUL_SR = u8aToHex(u8aConcat(new Uint8Array([1]), hexToU8a(SIG_SR)));
+const MUL_EC = u8aToHex(u8aConcat(new Uint8Array([2]), hexToU8a(SIG_EC)));
+const MUL_ET = u8aToHex(u8aConcat(new Uint8Array([2]), hexToU8a(SIG_ET)));
+
+describe('signatureVerify', (): void => {
+  beforeEach(async (): Promise<void> => {
+    await waitReady();
+  });
+
+  it('throws on invalid signature length', (): void => {
+    expect(
+      () => signatureVerify(MESSAGE, new Uint8Array(32), ADDR_ED)
+    ).toThrow('Invalid signature length, expected [64..66] bytes, found 32');
+  });
+
+  describe('verifyDetect', (): void => {
+    it('verifies ed25519 signature', (): void => {
+      expect(signatureVerify(MESSAGE, SIG_ED, ADDR_ED)).toEqual({
+        crypto: 'ed25519',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_ED)
+      });
+    });
+
+    it('verifies ecdsa signatures', (): void => {
+      expect(signatureVerify(MESSAGE, SIG_EC, ADDR_EC)).toEqual({
+        crypto: 'ecdsa',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_EC)
+      });
+    });
+
+    it('verifies an ethereum signature', (): void => {
+      expect(signatureVerify(MESSAGE, SIG_ET, ADDR_ET)).toEqual({
+        crypto: 'ethereum',
+        isValid: true,
+        isWrapped: false,
+        publicKey: hexToU8a(ADDR_ET)
+      });
+    });
+
+    it('verifies an ethereum signature (known)', (): void => {
+      const message = 'Pay KSMs to the Kusama account:88dc3417d5058ec4b4503e0c12ea1a0a89be200fe98922423d4334014fa6b0ee';
+
+      expect(signatureVerify(
+        `\x19Ethereum Signed Message:\n${message.length.toString()}${message}`,
+        '0x55bd020bdbbdc02de34e915effc9b18a99002f4c29f64e22e8dcbb69e722ea6c28e1bb53b9484063fbbfd205e49dcc1f620929f520c9c4c3695150f05a28f52a01',
+        '0x002309df96687e44280bb72c3818358faeeb699c'
+      )).toEqual({
+        crypto: 'ethereum',
+        isValid: true,
+        isWrapped: true,
+        publicKey: hexToU8a('0x002309df96687e44280bb72c3818358faeeb699c')
+      });
+    });
+
+    it('fails on invalid ethereum signature', (): void => {
+      expect(signatureVerify(MESSAGE, SIG_EC, ADDR_ET)).toEqual({
+        crypto: 'none',
+        isValid: false,
+        isWrapped: false,
+        publicKey: hexToU8a(ADDR_ET)
+      });
+    });
+
+    it('verifies an sr25519 signature', (): void => {
+      expect(signatureVerify(MESSAGE, SIG_SR, ADDR_SR)).toEqual({
+        crypto: 'sr25519',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_SR)
+      });
+    });
+
+    it('verifies an sr25519 signature (with msg wrapper, without wrapped sig)', (): void => {
+      expect(signatureVerify(u8aWrapBytes(MESSAGE), SIG_SR_WRAP, ADDR_SR_WRAP)).toEqual({
+        crypto: 'sr25519',
+        isValid: true,
+        isWrapped: true,
+        publicKey: decodeAddress(ADDR_SR_WRAP)
+      });
+    });
+
+    it('verifies an sr25519 signature (without msg wrapper, with wrapped sig)', (): void => {
+      expect(signatureVerify(MESSAGE, SIG_SR_WRAP, ADDR_SR_WRAP)).toEqual({
+        crypto: 'sr25519',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_SR_WRAP)
+      });
+    });
+
+    it('allows various inputs', (): void => {
+      expect(signatureVerify(stringToU8a(MESSAGE), hexToU8a(SIG_ED), decodeAddress(ADDR_ED))).toEqual({
+        crypto: 'ed25519',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_ED)
+      });
+    });
+
+    it('fails on an invalid signature', (): void => {
+      expect(signatureVerify(MESSAGE, SIG_SR, ADDR_ED)).toEqual({
+        crypto: 'none',
+        isValid: false,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_ED)
+      });
+    });
+  });
+
+  describe('verifyMultisig', (): void => {
+    it('verifies an ed25519 signature', (): void => {
+      expect(signatureVerify(MESSAGE, MUL_ED, ADDR_ED)).toEqual({
+        crypto: 'ed25519',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_ED)
+      });
+    });
+
+    it('verifies an ecdsa signature', (): void => {
+      expect(signatureVerify(MESSAGE, MUL_EC, ADDR_EC)).toEqual({
+        crypto: 'ecdsa',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_EC)
+      });
+    });
+
+    it('verifies an ethereum signature', (): void => {
+      expect(signatureVerify(MESSAGE, MUL_ET, ADDR_ET)).toEqual({
+        crypto: 'ethereum',
+        isValid: true,
+        isWrapped: false,
+        publicKey: hexToU8a(ADDR_ET)
+      });
+    });
+
+    it('verifies an sr25519 signature', (): void => {
+      expect(signatureVerify(MESSAGE, MUL_SR, ADDR_SR)).toEqual({
+        crypto: 'sr25519',
+        isValid: true,
+        isWrapped: false,
+        publicKey: decodeAddress(ADDR_SR)
+      });
+    });
+
+    it('fails on an invalid signature', (): void => {
+      expect(signatureVerify(MESSAGE, MUL_SR, ADDR_ED)).toEqual({
+        crypto: 'none',
+        isValid: false,
+        isWrapped: false,
+        publicKey: new Uint8Array([61, 12, 55, 211, 0, 211, 97, 199, 4, 37, 17, 213, 81, 175, 166, 23, 251, 199, 144, 210, 19, 83, 186, 1, 196, 231, 14, 156, 171, 46, 141, 146])
+      });
+    });
+    /**
+     * ref: https://github.com/polkadot-js/common/issues/1898
+     *
+     * The following test ensures that we cover a reproduction that showed
+     * an inherent issue with verifying ecdsa signatures which is fixed in
+     * https://github.com/polkadot-js/common/pull/1973.
+     *
+     * It uses a random secretKey, and publicKey pair along with `secp256k1Sign`
+     * as the signer which is used for `ecdsa`.
+     */
+    it('Ensure ecdsa can sign and verify 1000 messages', (): void => {
+      const verifyThousandMessages = () => {
+        const secretKey = new Uint8Array([
+          103, 97, 114, 98, 97, 103, 101, 32, 114, 105, 100,
+          103, 101, 32, 107, 105, 99, 107, 32, 114, 111, 115,
+          101, 32, 101, 110, 100, 32, 115, 113, 117, 101
+        ]);
+        const publicKey = new Uint8Array([
+          2, 179, 102, 92, 246, 50, 172, 88,
+          81, 116, 8, 211, 192, 131, 154, 184,
+          122, 83, 180, 104, 4, 227, 214, 195,
+          140, 11, 82, 229, 49, 211, 185, 176,
+          63
+        ]);
+
+        for (let i = 0; i < 1000; i++) {
+          const message = `message ${i}`;
+          const encodedMessage = stringToU8a(message);
+          const signature = secp256k1Sign(encodedMessage, { secretKey });
+
+          const { isValid: valid } = signatureVerify(
+            message,
+            signature,
+            publicKey
+          );
+
+          if (!valid) {
+            return false;
+          }
+        }
+
+        return true;
+      };
+
+      expect(verifyThousandMessages()).toEqual(true);
+    });
+  });
+});

package/src/signature/verify.ts

@@ -0,0 +1,114 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { KeypairType, VerifyResult } from '../types.js';
+
+import { u8aIsWrapped, u8aToU8a, u8aUnwrapBytes, u8aWrapBytes } from '@pezkuwi/util';
+
+import { decodeAddress } from '../address/decode.js';
+import { ed25519Verify } from '../ed25519/verify.js';
+import { secp256k1Verify } from '../secp256k1/verify.js';
+import { sr25519Verify } from '../sr25519/verify.js';
+
+interface VerifyInput {
+  message: Uint8Array;
+  publicKey: Uint8Array;
+  signature: Uint8Array;
+}
+
+type Verifier = [KeypairType, (message: Uint8Array | string, signature: Uint8Array, publicKey: Uint8Array) => boolean];
+
+type VerifyFn = (result: VerifyResult, input: VerifyInput) => VerifyResult;
+
+const secp256k1VerifyHasher = (hashType: 'blake2' | 'keccak') =>
+  (message: Uint8Array | string, signature: Uint8Array, publicKey: Uint8Array) =>
+    secp256k1Verify(message, signature, publicKey, hashType, true);
+
+const VERIFIERS_ECDSA: Verifier[] = [
+  ['ecdsa', secp256k1VerifyHasher('blake2')],
+  ['ethereum', secp256k1VerifyHasher('keccak')]
+];
+
+const VERIFIERS: Verifier[] = [
+  ['ed25519', ed25519Verify],
+  ['sr25519', sr25519Verify]
+];
+
+function verifyDetect (result: VerifyResult, { message, publicKey, signature }: VerifyInput, verifiers = [...VERIFIERS, ...VERIFIERS_ECDSA]): VerifyResult {
+  result.isValid = verifiers.some(([crypto, verify]): boolean => {
+    try {
+      if (verify(message, signature, publicKey)) {
+        result.crypto = crypto;
+
+        return true;
+      }
+    } catch {
+      // do nothing, result.isValid still set to false
+    }
+
+    return false;
+  });
+
+  return result;
+}
+
+function verifyMultisig (result: VerifyResult, { message, publicKey, signature }: VerifyInput): VerifyResult {
+  if (![0, 1, 2].includes(signature[0]) || ![65, 66].includes(signature.length)) {
+    throw new Error(`Unknown crypto type, expected signature prefix [0..2], found ${signature[0]}`);
+  }
+
+  // If the signature is 66 bytes it must be an ecdsa signature
+  // containing: prefix [1 byte] + signature [65] bytes.
+  // Remove the and then verify
+  if (signature.length === 66) {
+    result = verifyDetect(result, { message, publicKey, signature: signature.subarray(1) }, VERIFIERS_ECDSA);
+  } else {
+    // The signature contains 65 bytes which is either
+    // - A ed25519 or sr25519 signature [1 byte prefix + 64 bytes]
+    // - An ecdsa signature [65 bytes]
+    result = verifyDetect(result, { message, publicKey, signature: signature.subarray(1) }, VERIFIERS);
+
+    if (!result.isValid) {
+      result = verifyDetect(result, { message, publicKey, signature }, VERIFIERS_ECDSA);
+    }
+
+    // If both failed, explicitly set crypto to 'none'
+    if (!result.isValid) {
+      result.crypto = 'none';
+    }
+  }
+
+  return result;
+}
+
+function getVerifyFn (signature: Uint8Array): VerifyFn {
+  return [0, 1, 2].includes(signature[0]) && [65, 66].includes(signature.length)
+    ? verifyMultisig
+    : verifyDetect;
+}
+
+export function signatureVerify (message: string | Uint8Array, signature: string | Uint8Array, addressOrPublicKey: string | Uint8Array): VerifyResult {
+  const signatureU8a = u8aToU8a(signature);
+
+  if (![64, 65, 66].includes(signatureU8a.length)) {
+    throw new Error(`Invalid signature length, expected [64..66] bytes, found ${signatureU8a.length}`);
+  }
+
+  const publicKey = decodeAddress(addressOrPublicKey);
+  const input = { message: u8aToU8a(message), publicKey, signature: signatureU8a };
+  const result: VerifyResult = { crypto: 'none', isValid: false, isWrapped: u8aIsWrapped(input.message, true), publicKey };
+  const isWrappedBytes = u8aIsWrapped(input.message, false);
+  const verifyFn = getVerifyFn(signatureU8a);
+
+  verifyFn(result, input);
+
+  if (result.crypto !== 'none' || (result.isWrapped && !isWrappedBytes)) {
+    return result;
+  }
+
+  input.message = isWrappedBytes
+    ? u8aUnwrapBytes(input.message)
+    : u8aWrapBytes(input.message);
+
+  return verifyFn(result, input);
+}

package/src/sr25519/agreement.spec.ts

@@ -0,0 +1,31 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import type { Keypair } from '../types.js';
+
+import { u8aToHex } from '@pezkuwi/util';
+
+import { sr25519Agreement, sr25519PairFromSeed } from './index.js';
+
+describe('agreement', (): void => {
+  let pairA: Keypair;
+  let pairB: Keypair;
+
+  beforeEach((): void => {
+    pairA = sr25519PairFromSeed('0x98b3d305d5a5eace562387e47e59badd4d77e3f72cabfb10a60f8a197059f0a8');
+    pairB = sr25519PairFromSeed('0x9732eea001851ff862d949a1699c9971f3a26edbede2ad7922cbbe9a0701f366');
+  });
+
+  it('matches a known agreement (both ways)', (): void => {
+    const TEST = '0xb03a0b198c34c16f35cae933d88b16341b4cef3e84e851f20e664c6a30527f4e';
+
+    expect(
+      u8aToHex(sr25519Agreement(pairA.secretKey, pairB.publicKey))
+    ).toEqual(TEST);
+    expect(
+      u8aToHex(sr25519Agreement(pairB.secretKey, pairA.publicKey))
+    ).toEqual(TEST);
+  });
+});

package/src/sr25519/agreement.ts

@@ -0,0 +1,23 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import { getSharedSecret } from '@scure/sr25519';
+
+import { u8aToU8a } from '@pezkuwi/util';
+
+/**
+ * @name sr25519Agreement
+ * @description Key agreement between other's public key and self secret key
+ */
+export function sr25519Agreement (secretKey: string | Uint8Array, publicKey: string | Uint8Array): Uint8Array {
+  const secretKeyU8a = u8aToU8a(secretKey);
+  const publicKeyU8a = u8aToU8a(publicKey);
+
+  if (publicKeyU8a.length !== 32) {
+    throw new Error(`Invalid publicKey, received ${publicKeyU8a.length} bytes, expected 32`);
+  } else if (secretKeyU8a.length !== 64) {
+    throw new Error(`Invalid secretKey, received ${secretKeyU8a.length} bytes, expected 64`);
+  }
+
+  return getSharedSecret(secretKeyU8a, publicKeyU8a);
+}

package/src/sr25519/derive.ts

@@ -0,0 +1,21 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { Keypair } from '../types.js';
+
+import * as sr25519 from '@scure/sr25519';
+
+import { isU8a } from '@pezkuwi/util';
+
+export function createDeriveFn (derive: (pair: Uint8Array, cc: Uint8Array) => Uint8Array): (keypair: Keypair, chainCode: Uint8Array) => Keypair {
+  return (keypair: Keypair, chainCode: Uint8Array): Keypair => {
+    if (!isU8a(chainCode) || chainCode.length !== 32) {
+      throw new Error('Invalid chainCode passed to derive');
+    }
+
+    const secretKey = derive(keypair.secretKey, chainCode);
+    const publicKey = sr25519.getPublicKey(secretKey);
+
+    return { publicKey, secretKey };
+  };
+}

package/src/sr25519/deriveHard.ts

@@ -0,0 +1,9 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import * as sr25519 from '@scure/sr25519';
+
+import { createDeriveFn } from './derive.js';
+
+// eslint-disable-next-line @typescript-eslint/unbound-method
+export const sr25519DeriveHard = /*#__PURE__*/ createDeriveFn(sr25519.HDKD.secretHard);

package/src/sr25519/derivePublic.ts

@@ -0,0 +1,18 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import * as sr25519 from '@scure/sr25519';
+
+import { isU8a, u8aToU8a } from '@pezkuwi/util';
+
+export function sr25519DerivePublic (publicKey: string | Uint8Array, chainCode: Uint8Array): Uint8Array {
+  const publicKeyU8a = u8aToU8a(publicKey);
+
+  if (!isU8a(chainCode) || chainCode.length !== 32) {
+    throw new Error('Invalid chainCode passed to derive');
+  } else if (publicKeyU8a.length !== 32) {
+    throw new Error(`Invalid publicKey, received ${publicKeyU8a.length} bytes, expected 32`);
+  }
+
+  return sr25519.HDKD.publicSoft(publicKeyU8a, chainCode);
+}

package/src/sr25519/deriveSoft.ts

@@ -0,0 +1,9 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import * as sr25519 from '@scure/sr25519';
+
+import { createDeriveFn } from './derive.js';
+
+// eslint-disable-next-line @typescript-eslint/unbound-method
+export const sr25519DeriveSoft = /*#__PURE__*/ createDeriveFn(sr25519.HDKD.secretSoft);

package/src/sr25519/index.ts

@@ -0,0 +1,12 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+export { sr25519Agreement } from './agreement.js';
+export { sr25519DeriveHard } from './deriveHard.js';
+export { sr25519DerivePublic } from './derivePublic.js';
+export { sr25519DeriveSoft } from './deriveSoft.js';
+export { sr25519PairFromSeed } from './pair/fromSeed.js';
+export { sr25519Sign } from './sign.js';
+export { sr25519Verify } from './verify.js';
+export { sr25519VrfSign } from './vrfSign.js';
+export { sr25519VrfVerify } from './vrfVerify.js';

package/src/sr25519/pair/fromSeed.spec.ts

@@ -0,0 +1,35 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+/// <reference types="@polkadot/dev-test/globals.d.ts" />
+
+import { stringToU8a, u8aToHex } from '@pezkuwi/util';
+
+import { mnemonicToMiniSecret } from '../../mnemonic/index.js';
+import { sr25519PairFromSeed } from '../index.js';
+import tests from './testing.spec.js';
+
+describe('sr25519PairFromSeed', (): void => {
+  const TEST = stringToU8a('12345678901234567890123456789012');
+  const RESULT = {
+    publicKey: new Uint8Array([116, 28, 8, 160, 111, 65, 197, 150, 96, 143, 103, 116, 37, 155, 217, 4, 51, 4, 173, 250, 93, 62, 234, 98, 118, 11, 217, 190, 151, 99, 77, 99]),
+    secretKey: new Uint8Array([240, 16, 102, 96, 195, 221, 162, 63, 22, 218, 169, 172, 91, 129, 27, 150, 48, 119, 245, 188, 10, 248, 159, 133, 128, 79, 13, 232, 228, 36, 240, 80, 249, 141, 102, 243, 148, 66, 80, 111, 249, 71, 253, 145, 31, 24, 199, 167, 165, 218, 99, 154, 99, 232, 211, 180, 226, 51, 247, 65, 67, 217, 81, 193])
+  };
+
+  it('generates a valid publicKey/secretKey pair (u8a)', (): void => {
+    expect(
+      sr25519PairFromSeed(TEST)
+    ).toEqual(RESULT);
+  });
+
+  tests.forEach(([mnemonic, , , secret], index): void => {
+    it(`creates valid against known (${index})`, (): void => {
+      const seed = mnemonicToMiniSecret(mnemonic, 'Substrate');
+      const pair = sr25519PairFromSeed(seed);
+
+      expect(
+        u8aToHex(pair.secretKey)
+      ).toEqual(secret);
+    });
+  });
+});

package/src/sr25519/pair/fromSeed.ts

@@ -0,0 +1,28 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { Keypair } from '../../types.js';
+
+import * as sr25519 from '@scure/sr25519';
+
+import { u8aToU8a } from '@pezkuwi/util';
+
+/**
+ * @name sr25519PairFromSeed
+ * @description Returns a object containing a `publicKey` & `secretKey` generated from the supplied seed.
+ */
+export function sr25519PairFromSeed (seed: string | Uint8Array): Keypair {
+  const seedU8a = u8aToU8a(seed);
+
+  if (seedU8a.length !== 32) {
+    throw new Error(`Expected a seed matching 32 bytes, found ${seedU8a.length}`);
+  }
+
+  const sec = sr25519.secretFromSeed(seedU8a);
+  const pub = sr25519.getPublicKey(sec);
+
+  return {
+    publicKey: pub,
+    secretKey: sec
+  };
+}

package/src/sr25519/pair/fromU8a.ts

@@ -0,0 +1,23 @@
+// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import type { Keypair } from '../../types.js';
+
+import { u8aToU8a } from '@pezkuwi/util';
+
+const SEC_LEN = 64;
+const PUB_LEN = 32;
+const TOT_LEN = SEC_LEN + PUB_LEN;
+
+export function sr25519PairFromU8a (full: string | Uint8Array): Keypair {
+  const fullU8a = u8aToU8a(full);
+
+  if (fullU8a.length !== TOT_LEN) {
+    throw new Error(`Expected keypair with ${TOT_LEN} bytes, found ${fullU8a.length}`);
+  }
+
+  return {
+    publicKey: fullU8a.slice(SEC_LEN, TOT_LEN),
+    secretKey: fullU8a.slice(0, SEC_LEN)
+  };
+}