@pezkuwi/util-crypto 14.0.2 → 14.0.4

package/packageDetect.d.ts

@@ -0,0 +1 @@
+export {};

package/{src/packageDetect.ts → packageDetect.js}

@@ -1,14 +1,6 @@
-// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
-// SPDX-License-Identifier: Apache-2.0
-
-// Do not edit, auto-generated by @polkadot/dev
-// (packageInfo imports will be kept as-is, user-editable)
-
 import { packageInfo as netInfo } from '@pezkuwi/networks/packageInfo';
 import { detectPackage } from '@pezkuwi/util';
 import { packageInfo as utilInfo } from '@pezkuwi/util/packageInfo';
 import { packageInfo as randomInfo } from '@pezkuwi/x-randomvalues';
-
 import { packageInfo } from './packageInfo.js';
-
 detectPackage(packageInfo, null, [netInfo, randomInfo, utilInfo]);

package/packageInfo.d.ts

@@ -0,0 +1,6 @@
+export declare const packageInfo: {
+    name: string;
+    path: string;
+    type: string;
+    version: string;
+};

package/packageInfo.js

@@ -0,0 +1 @@
+export const packageInfo = { name: '@pezkuwi/util-crypto', path: (import.meta && import.meta.url) ? new URL(import.meta.url).pathname.substring(0, new URL(import.meta.url).pathname.lastIndexOf('/') + 1) : 'auto', type: 'esm', version: '14.0.1' };

package/pbkdf2/encode.d.ts

@@ -0,0 +1,7 @@
+interface Result {
+    password: Uint8Array;
+    rounds: number;
+    salt: Uint8Array;
+}
+export declare function pbkdf2Encode(passphrase?: string | Uint8Array, salt?: Uint8Array, rounds?: number, onlyJs?: boolean): Result;
+export {};

package/pbkdf2/encode.js

@@ -0,0 +1,16 @@
+import { pbkdf2 as pbkdf2Js } from '@noble/hashes/pbkdf2';
+import { sha512 } from '@noble/hashes/sha512';
+import { hasBigInt, u8aToU8a } from '@pezkuwi/util';
+import { isReady, pbkdf2 } from '@pezkuwi/wasm-crypto';
+import { randomAsU8a } from '../random/asU8a.js';
+export function pbkdf2Encode(passphrase, salt = randomAsU8a(), rounds = 2048, onlyJs) {
+    const u8aPass = u8aToU8a(passphrase);
+    const u8aSalt = u8aToU8a(salt);
+    return {
+        password: !hasBigInt || (!onlyJs && isReady())
+            ? pbkdf2(u8aPass, u8aSalt, rounds)
+            : pbkdf2Js(sha512, u8aPass, u8aSalt, { c: rounds, dkLen: 64 }),
+        rounds,
+        salt
+    };
+}

package/pbkdf2/index.d.ts

@@ -0,0 +1 @@
+export { pbkdf2Encode } from './encode.js';

package/pbkdf2/index.js

@@ -0,0 +1 @@
+export { pbkdf2Encode } from './encode.js';

package/random/asNumber.d.ts

@@ -0,0 +1,15 @@
+/**
+ * @name randomAsNumber
+ * @summary Creates a random number from random bytes.
+ * @description
+ * Returns a random number generated from the secure bytes.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { randomAsNumber } from '@polkadot/util-crypto';
+ *
+ * randomAsNumber(); // => <random number>
+ * ```
+ */
+export declare function randomAsNumber(): number;

package/{src/random/asNumber.ts → random/asNumber.js}

@@ -1,12 +1,6 @@
-// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
-// SPDX-License-Identifier: Apache-2.0
-
 import { BN, hexToBn } from '@pezkuwi/util';
-
 import { randomAsHex } from './asU8a.js';
-
 const BN_53 = new BN(0b11111111111111111111111111111111111111111111111111111);
-
 /**
  * @name randomAsNumber
  * @summary Creates a random number from random bytes.
@@ -21,8 +15,6 @@ const BN_53 = new BN(0b11111111111111111111111111111111111111111111111111111);
  * randomAsNumber(); // => <random number>
  * ```
  */
-export function randomAsNumber (): number {
-  return hexToBn(
-    randomAsHex(8)
-  ).and(BN_53).toNumber();
+export function randomAsNumber() {
+    return hexToBn(randomAsHex(8)).and(BN_53).toNumber();
 }

package/random/asU8a.d.ts

@@ -0,0 +1,20 @@
+/**
+ * @name randomAsU8a
+ * @summary Creates a Uint8Array filled with random bytes.
+ * @description
+ * Returns a `Uint8Array` with the specified (optional) length filled with random bytes.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { randomAsU8a } from '@polkadot/util-crypto';
+ *
+ * randomAsU8a(); // => Uint8Array([...])
+ * ```
+ */
+export declare function randomAsU8a(length?: number): Uint8Array;
+/**
+ * @name randomAsHex
+ * @description Creates a hex string filled with random bytes.
+ */
+export declare const randomAsHex: (length?: number | undefined) => import("@polkadot/util/types").HexString;

package/{src/random/asU8a.ts → random/asU8a.js}

@@ -1,10 +1,5 @@
-// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
-// SPDX-License-Identifier: Apache-2.0
-
 import { getRandomValues } from '@pezkuwi/x-randomvalues';
-
 import { createAsHex } from '../helpers.js';
-
 /**
  * @name randomAsU8a
  * @summary Creates a Uint8Array filled with random bytes.
@@ -19,10 +14,9 @@ import { createAsHex } from '../helpers.js';
  * randomAsU8a(); // => Uint8Array([...])
  * ```
  */
-export function randomAsU8a (length = 32): Uint8Array {
-  return getRandomValues(new Uint8Array(length));
+export function randomAsU8a(length = 32) {
+    return getRandomValues(new Uint8Array(length));
 }
-
 /**
  * @name randomAsHex
  * @description Creates a hex string filled with random bytes.

package/random/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * @summary Returns a sequence of secure random bytes in a variety of formats
+ */
+export { randomAsNumber } from './asNumber.js';
+export { randomAsHex, randomAsU8a } from './asU8a.js';

package/random/index.js

@@ -0,0 +1,5 @@
+/**
+ * @summary Returns a sequence of secure random bytes in a variety of formats
+ */
+export { randomAsNumber } from './asNumber.js';
+export { randomAsHex, randomAsU8a } from './asU8a.js';

package/scrypt/defaults.d.ts

@@ -0,0 +1,3 @@
+import type { ScryptParams } from './types.js';
+export declare const ALLOWED_PARAMS: ScryptParams[];
+export declare const DEFAULT_PARAMS: ScryptParams;

package/scrypt/defaults.js

@@ -0,0 +1,13 @@
+export const ALLOWED_PARAMS = [
+    { N: 1 << 13, p: 10, r: 8 },
+    { N: 1 << 14, p: 5, r: 8 },
+    { N: 1 << 15, p: 3, r: 8 },
+    { N: 1 << 15, p: 1, r: 8 },
+    { N: 1 << 16, p: 2, r: 8 },
+    { N: 1 << 17, p: 1, r: 8 }
+];
+export const DEFAULT_PARAMS = {
+    N: 1 << 17,
+    p: 1,
+    r: 8
+};

package/scrypt/encode.d.ts

@@ -0,0 +1,8 @@
+import type { ScryptParams } from './types.js';
+interface Result {
+    params: ScryptParams;
+    password: Uint8Array;
+    salt: Uint8Array;
+}
+export declare function scryptEncode(passphrase?: string | Uint8Array, salt?: Uint8Array, params?: ScryptParams, onlyJs?: boolean): Result;
+export {};

package/scrypt/encode.js

@@ -0,0 +1,15 @@
+import { scrypt as scryptJs } from '@noble/hashes/scrypt';
+import { hasBigInt, objectSpread, u8aToU8a } from '@pezkuwi/util';
+import { isReady, scrypt } from '@pezkuwi/wasm-crypto';
+import { randomAsU8a } from '../random/asU8a.js';
+import { DEFAULT_PARAMS } from './defaults.js';
+export function scryptEncode(passphrase, salt = randomAsU8a(), params = DEFAULT_PARAMS, onlyJs) {
+    const u8a = u8aToU8a(passphrase);
+    return {
+        params,
+        password: !hasBigInt || (!onlyJs && isReady())
+            ? scrypt(u8a, salt, Math.log2(params.N), params.r, params.p)
+            : scryptJs(u8a, salt, objectSpread({ dkLen: 64 }, params)),
+        salt
+    };
+}

package/scrypt/fromU8a.d.ts

@@ -0,0 +1,7 @@
+import type { ScryptParams } from './types.js';
+interface Result {
+    params: ScryptParams;
+    salt: Uint8Array;
+}
+export declare function scryptFromU8a(data: Uint8Array): Result;
+export {};

package/scrypt/fromU8a.js

@@ -0,0 +1,24 @@
+import { u8aToBn } from '@pezkuwi/util';
+import { BN_LE_OPTS } from '../bn.js';
+import { ALLOWED_PARAMS } from './defaults.js';
+export function scryptFromU8a(data) {
+    if (!(data instanceof Uint8Array)) {
+        throw new Error('Expected input to be a Uint8Array');
+    }
+    // Ensure the input is exactly 44 bytes: 32 for salt + 3 * 4 for N, p, r
+    if (data.length < 32 + 12) {
+        throw new Error(`Invalid input length: expected 44 bytes, found ${data.length}`);
+    }
+    const salt = data.subarray(0, 32);
+    const N = u8aToBn(data.subarray(32, 36), BN_LE_OPTS).toNumber();
+    const p = u8aToBn(data.subarray(36, 40), BN_LE_OPTS).toNumber();
+    const r = u8aToBn(data.subarray(40, 44), BN_LE_OPTS).toNumber();
+    if (N > (1 << 20) || p > 4 || r > 16) {
+        throw new Error('Scrypt parameters exceed safe limits');
+    }
+    const isAllowed = ALLOWED_PARAMS.some((preset) => preset.N === N && preset.p === p && preset.r === r);
+    if (!isAllowed) {
+        throw new Error('Invalid injected scrypt params found');
+    }
+    return { params: { N, p, r }, salt };
+}

package/scrypt/index.d.ts

@@ -0,0 +1,3 @@
+export { scryptEncode } from './encode.js';
+export { scryptFromU8a } from './fromU8a.js';
+export { scryptToU8a } from './toU8a.js';

package/scrypt/index.js

@@ -0,0 +1,3 @@
+export { scryptEncode } from './encode.js';
+export { scryptFromU8a } from './fromU8a.js';
+export { scryptToU8a } from './toU8a.js';

package/scrypt/toU8a.d.ts

@@ -0,0 +1,2 @@
+import type { ScryptParams } from './types.js';
+export declare function scryptToU8a(salt: Uint8Array, { N, p, r }: ScryptParams): Uint8Array;

package/scrypt/toU8a.js

@@ -0,0 +1,5 @@
+import { bnToU8a, u8aConcat } from '@pezkuwi/util';
+import { BN_LE_32_OPTS } from '../bn.js';
+export function scryptToU8a(salt, { N, p, r }) {
+    return u8aConcat(salt, bnToU8a(N, BN_LE_32_OPTS), bnToU8a(p, BN_LE_32_OPTS), bnToU8a(r, BN_LE_32_OPTS));
+}

package/scrypt/types.d.ts

@@ -0,0 +1,6 @@
+/** The params that control scrypt generation */
+export interface ScryptParams {
+    N: number;
+    p: number;
+    r: number;
+}

package/scrypt/types.js

@@ -0,0 +1 @@
+export {};

package/secp256k1/compress.d.ts

@@ -0,0 +1 @@
+export declare function secp256k1Compress(publicKey: Uint8Array, onlyJs?: boolean): Uint8Array;

package/secp256k1/compress.js

@@ -0,0 +1,14 @@
+import { secp256k1 } from '@noble/curves/secp256k1';
+import { hasBigInt } from '@pezkuwi/util';
+import { isReady, secp256k1Compress as wasm } from '@pezkuwi/wasm-crypto';
+export function secp256k1Compress(publicKey, onlyJs) {
+    if (![33, 65].includes(publicKey.length)) {
+        throw new Error(`Invalid publicKey provided, received ${publicKey.length} bytes input`);
+    }
+    if (publicKey.length === 33) {
+        return publicKey;
+    }
+    return !hasBigInt || (!onlyJs && isReady())
+        ? wasm(publicKey)
+        : secp256k1.ProjectivePoint.fromHex(publicKey).toRawBytes(true);
+}

package/secp256k1/deriveHard.d.ts

@@ -0,0 +1 @@
+export declare function secp256k1DeriveHard(seed: Uint8Array, chainCode: Uint8Array): Uint8Array;

package/secp256k1/deriveHard.js

@@ -0,0 +1,10 @@
+import { compactAddLength, isU8a, stringToU8a, u8aConcat } from '@pezkuwi/util';
+import { blake2AsU8a } from '../blake2/asU8a.js';
+const HDKD = compactAddLength(stringToU8a('Secp256k1HDKD'));
+export function secp256k1DeriveHard(seed, chainCode) {
+    if (!isU8a(chainCode) || chainCode.length !== 32) {
+        throw new Error('Invalid chainCode passed to derive');
+    }
+    // NOTE This is specific to the Substrate HDD derivation, so always use the blake2 hasher
+    return blake2AsU8a(u8aConcat(HDKD, seed, chainCode), 256);
+}

package/secp256k1/expand.d.ts

@@ -0,0 +1 @@
+export declare function secp256k1Expand(publicKey: Uint8Array, onlyJs?: boolean): Uint8Array;

package/secp256k1/expand.js

@@ -0,0 +1,17 @@
+import { secp256k1 } from '@noble/curves/secp256k1';
+import { bnToU8a, hasBigInt, u8aConcat } from '@pezkuwi/util';
+import { isReady, secp256k1Expand as wasm } from '@pezkuwi/wasm-crypto';
+import { BN_BE_256_OPTS } from '../bn.js';
+export function secp256k1Expand(publicKey, onlyJs) {
+    if (![33, 65].includes(publicKey.length)) {
+        throw new Error(`Invalid publicKey provided, received ${publicKey.length} bytes input`);
+    }
+    if (publicKey.length === 65) {
+        return publicKey.subarray(1);
+    }
+    if (!hasBigInt || (!onlyJs && isReady())) {
+        return wasm(publicKey).subarray(1);
+    }
+    const { px, py } = secp256k1.ProjectivePoint.fromHex(publicKey);
+    return u8aConcat(bnToU8a(px, BN_BE_256_OPTS), bnToU8a(py, BN_BE_256_OPTS));
+}

package/secp256k1/hasher.d.ts

@@ -0,0 +1,2 @@
+import type { HashType } from './types.js';
+export declare function hasher(hashType: HashType, data: Uint8Array | string, onlyJs?: boolean): Uint8Array;

package/secp256k1/hasher.js

@@ -0,0 +1,7 @@
+import { blake2AsU8a } from '../blake2/index.js';
+import { keccakAsU8a } from '../keccak/index.js';
+export function hasher(hashType, data, onlyJs) {
+    return hashType === 'keccak'
+        ? keccakAsU8a(data, undefined, onlyJs)
+        : blake2AsU8a(data, undefined, undefined, onlyJs);
+}

package/secp256k1/index.d.ts

@@ -0,0 +1,7 @@
+export { secp256k1Compress } from './compress.js';
+export { secp256k1Expand } from './expand.js';
+export { secp256k1PairFromSeed } from './pair/fromSeed.js';
+export { secp256k1Recover } from './recover.js';
+export { secp256k1Sign } from './sign.js';
+export { secp256k1PrivateKeyTweakAdd } from './tweakAdd.js';
+export { secp256k1Verify } from './verify.js';

package/secp256k1/index.js

@@ -0,0 +1,7 @@
+export { secp256k1Compress } from './compress.js';
+export { secp256k1Expand } from './expand.js';
+export { secp256k1PairFromSeed } from './pair/fromSeed.js';
+export { secp256k1Recover } from './recover.js';
+export { secp256k1Sign } from './sign.js';
+export { secp256k1PrivateKeyTweakAdd } from './tweakAdd.js';
+export { secp256k1Verify } from './verify.js';

package/secp256k1/pair/fromSeed.d.ts

@@ -0,0 +1,6 @@
+import type { Keypair } from '../../types.js';
+/**
+ * @name secp256k1PairFromSeed
+ * @description Returns a object containing a `publicKey` & `secretKey` generated from the supplied seed.
+ */
+export declare function secp256k1PairFromSeed(seed: Uint8Array, onlyJs?: boolean): Keypair;

package/secp256k1/pair/fromSeed.js

@@ -0,0 +1,31 @@
+import { secp256k1 } from '@noble/curves/secp256k1';
+import { hasBigInt, u8aEmpty } from '@pezkuwi/util';
+import { isReady, secp256k1FromSeed } from '@pezkuwi/wasm-crypto';
+/**
+ * @name secp256k1PairFromSeed
+ * @description Returns a object containing a `publicKey` & `secretKey` generated from the supplied seed.
+ */
+export function secp256k1PairFromSeed(seed, onlyJs) {
+    if (seed.length !== 32) {
+        throw new Error('Expected valid 32-byte private key as a seed');
+    }
+    if (!hasBigInt || (!onlyJs && isReady())) {
+        const full = secp256k1FromSeed(seed);
+        const publicKey = full.slice(32);
+        // There is an issue with the secp256k1 when running in an ASM.js environment where
+        // it seems that the lazy static section yields invalid results on the _first_ run.
+        // If this happens, fail outright, we cannot allow invalid return values
+        // https://github.com/polkadot-js/wasm/issues/307
+        if (u8aEmpty(publicKey)) {
+            throw new Error('Invalid publicKey generated from WASM interface');
+        }
+        return {
+            publicKey,
+            secretKey: full.slice(0, 32)
+        };
+    }
+    return {
+        publicKey: secp256k1.getPublicKey(seed, true),
+        secretKey: seed
+    };
+}

package/secp256k1/recover.d.ts

@@ -0,0 +1,6 @@
+import type { HashType } from './types.js';
+/**
+ * @name secp256k1Recover
+ * @description Recovers a publicKey from the supplied signature
+ */
+export declare function secp256k1Recover(msgHash: string | Uint8Array, signature: string | Uint8Array, recovery: number, hashType?: HashType, onlyJs?: boolean): Uint8Array;

package/secp256k1/recover.js

@@ -0,0 +1,26 @@
+import { secp256k1 } from '@noble/curves/secp256k1';
+import { hasBigInt, u8aToU8a } from '@pezkuwi/util';
+import { isReady, secp256k1Recover as wasm } from '@pezkuwi/wasm-crypto';
+import { secp256k1Compress } from './compress.js';
+import { secp256k1Expand } from './expand.js';
+/**
+ * @name secp256k1Recover
+ * @description Recovers a publicKey from the supplied signature
+ */
+export function secp256k1Recover(msgHash, signature, recovery, hashType = 'blake2', onlyJs) {
+    const sig = u8aToU8a(signature).subarray(0, 64);
+    const msg = u8aToU8a(msgHash);
+    const publicKey = !hasBigInt || (!onlyJs && isReady())
+        ? wasm(msg, sig, recovery)
+        : secp256k1.Signature
+            .fromCompact(sig)
+            .addRecoveryBit(recovery)
+            .recoverPublicKey(msg)
+            .toRawBytes();
+    if (!publicKey) {
+        throw new Error('Unable to recover publicKey from signature');
+    }
+    return hashType === 'keccak'
+        ? secp256k1Expand(publicKey, onlyJs)
+        : secp256k1Compress(publicKey, onlyJs);
+}

package/secp256k1/sign.d.ts

@@ -0,0 +1,7 @@
+import type { Keypair } from '../types.js';
+import type { HashType } from './types.js';
+/**
+ * @name secp256k1Sign
+ * @description Returns message signature of `message`, using the supplied pair
+ */
+export declare function secp256k1Sign(message: Uint8Array | string, { secretKey }: Partial<Keypair>, hashType?: HashType, onlyJs?: boolean): Uint8Array;

package/secp256k1/sign.js

@@ -0,0 +1,20 @@
+import { secp256k1 } from '@noble/curves/secp256k1';
+import { bnToU8a, hasBigInt, u8aConcat } from '@pezkuwi/util';
+import { isReady, secp256k1Sign as wasm } from '@pezkuwi/wasm-crypto';
+import { BN_BE_256_OPTS } from '../bn.js';
+import { hasher } from './hasher.js';
+/**
+ * @name secp256k1Sign
+ * @description Returns message signature of `message`, using the supplied pair
+ */
+export function secp256k1Sign(message, { secretKey }, hashType = 'blake2', onlyJs) {
+    if (secretKey?.length !== 32) {
+        throw new Error('Expected valid secp256k1 secretKey, 32-bytes');
+    }
+    const data = hasher(hashType, message, onlyJs);
+    if (!hasBigInt || (!onlyJs && isReady())) {
+        return wasm(data, secretKey);
+    }
+    const signature = secp256k1.sign(data, secretKey, { lowS: true });
+    return u8aConcat(bnToU8a(signature.r, BN_BE_256_OPTS), bnToU8a(signature.s, BN_BE_256_OPTS), new Uint8Array([signature.recovery || 0]));
+}

package/secp256k1/tweakAdd.d.ts

@@ -0,0 +1 @@
+export declare function secp256k1PrivateKeyTweakAdd(seckey: Uint8Array, tweak: Uint8Array, onlyBn?: boolean): Uint8Array;

package/secp256k1/tweakAdd.js

@@ -0,0 +1,45 @@
+import { _0n, BN, bnToU8a, hasBigInt, isU8a, nToU8a, u8aToBigInt } from '@pezkuwi/util';
+import { BigInt } from '@pezkuwi/x-bigint';
+import { BN_BE_256_OPTS, BN_BE_OPTS } from '../bn.js';
+const N = 'ffffffff ffffffff ffffffff fffffffe baaedce6 af48a03b bfd25e8c d0364141'.replace(/ /g, '');
+const N_BI = BigInt(`0x${N}`);
+const N_BN = new BN(N, 'hex');
+function addBi(seckey, tweak) {
+    let res = u8aToBigInt(tweak, BN_BE_OPTS);
+    if (res >= N_BI) {
+        throw new Error('Tweak parameter is out of range');
+    }
+    res += u8aToBigInt(seckey, BN_BE_OPTS);
+    if (res >= N_BI) {
+        res -= N_BI;
+    }
+    if (res === _0n) {
+        throw new Error('Invalid resulting private key');
+    }
+    return nToU8a(res, BN_BE_256_OPTS);
+}
+function addBn(seckey, tweak) {
+    const res = new BN(tweak);
+    if (res.cmp(N_BN) >= 0) {
+        throw new Error('Tweak parameter is out of range');
+    }
+    res.iadd(new BN(seckey));
+    if (res.cmp(N_BN) >= 0) {
+        res.isub(N_BN);
+    }
+    if (res.isZero()) {
+        throw new Error('Invalid resulting private key');
+    }
+    return bnToU8a(res, BN_BE_256_OPTS);
+}
+export function secp256k1PrivateKeyTweakAdd(seckey, tweak, onlyBn) {
+    if (!isU8a(seckey) || seckey.length !== 32) {
+        throw new Error('Expected seckey to be an Uint8Array with length 32');
+    }
+    else if (!isU8a(tweak) || tweak.length !== 32) {
+        throw new Error('Expected tweak to be an Uint8Array with length 32');
+    }
+    return !hasBigInt || onlyBn
+        ? addBn(seckey, tweak)
+        : addBi(seckey, tweak);
+}

package/secp256k1/types.d.ts

@@ -0,0 +1 @@
+export type HashType = 'blake2' | 'keccak';

package/secp256k1/types.js

@@ -0,0 +1 @@
+export {};

package/secp256k1/verify.d.ts

@@ -0,0 +1,6 @@
+import type { HashType } from './types.js';
+/**
+ * @name secp256k1Verify
+ * @description Verifies the signature of `message`, using the supplied pair
+ */
+export declare function secp256k1Verify(msgHash: string | Uint8Array, signature: string | Uint8Array, address: string | Uint8Array, hashType?: HashType, onlyJs?: boolean): boolean;

package/secp256k1/verify.js

@@ -0,0 +1,20 @@
+import { u8aEq, u8aToU8a } from '@pezkuwi/util';
+import { hasher } from './hasher.js';
+import { secp256k1Recover } from './recover.js';
+/**
+ * @name secp256k1Verify
+ * @description Verifies the signature of `message`, using the supplied pair
+ */
+export function secp256k1Verify(msgHash, signature, address, hashType = 'blake2', onlyJs) {
+    const sig = u8aToU8a(signature);
+    if (sig.length !== 65) {
+        throw new Error(`Expected signature with 65 bytes, ${sig.length} found instead`);
+    }
+    const publicKey = secp256k1Recover(hasher(hashType, msgHash), sig, sig[64], hashType, onlyJs);
+    const signerAddr = hasher(hashType, publicKey, onlyJs);
+    const inputAddr = u8aToU8a(address);
+    // for Ethereum (keccak) the last 20 bytes is the address
+    return u8aEq(publicKey, inputAddr) || (hashType === 'keccak'
+        ? u8aEq(signerAddr.slice(-20), inputAddr.slice(-20))
+        : u8aEq(signerAddr, inputAddr));
+}

package/sha/asU8a.d.ts

@@ -0,0 +1,15 @@
+/**
+ * @name shaAsU8a
+ * @summary Creates a sha Uint8Array from the input.
+ */
+export declare const shaAsU8a: (value: string | Uint8Array, bitLength?: 256 | 512, onlyJs?: boolean) => Uint8Array;
+/**
+ * @name sha256AsU8a
+ * @summary Creates a sha256 Uint8Array from the input.
+ */
+export declare const sha256AsU8a: (data: string | Uint8Array, onlyJs?: boolean) => Uint8Array;
+/**
+ * @name sha512AsU8a
+ * @summary Creates a sha512 Uint8Array from the input.
+ */
+export declare const sha512AsU8a: (data: string | Uint8Array, onlyJs?: boolean) => Uint8Array;

package/{src/sha/asU8a.ts → sha/asU8a.js}

@@ -1,28 +1,17 @@
-// Copyright 2017-2025 @polkadot/util-crypto authors & contributors
-// SPDX-License-Identifier: Apache-2.0
-
 import { sha256 as sha256Js } from '@noble/hashes/sha256';
 import { sha512 as sha512Js } from '@noble/hashes/sha512';
-
 import { sha256, sha512 } from '@pezkuwi/wasm-crypto';
-
 import { createBitHasher, createDualHasher } from '../helpers.js';
-
 /**
  * @name shaAsU8a
  * @summary Creates a sha Uint8Array from the input.
  */
-export const shaAsU8a = /*#__PURE__*/ createDualHasher(
-  { 256: sha256, 512: sha512 },
-  { 256: sha256Js, 512: sha512Js }
-);
-
+export const shaAsU8a = /*#__PURE__*/ createDualHasher({ 256: sha256, 512: sha512 }, { 256: sha256Js, 512: sha512Js });
 /**
  * @name sha256AsU8a
  * @summary Creates a sha256 Uint8Array from the input.
  */
 export const sha256AsU8a = /*#__PURE__*/ createBitHasher(256, shaAsU8a);
-
 /**
  * @name sha512AsU8a
  * @summary Creates a sha512 Uint8Array from the input.

package/sha/index.d.ts

@@ -0,0 +1,4 @@
+/**
+ * @summary Implements Sha-256/512 hashing functions for a variety of input and outputs
+ */
+export { sha256AsU8a, sha512AsU8a, shaAsU8a } from './asU8a.js';

package/sha/index.js

@@ -0,0 +1,4 @@
+/**
+ * @summary Implements Sha-256/512 hashing functions for a variety of input and outputs
+ */
+export { sha256AsU8a, sha512AsU8a, shaAsU8a } from './asU8a.js';

package/signature/index.d.ts

@@ -0,0 +1,4 @@
+/**
+ * @summary Utilities for working with signatures
+ */
+export { signatureVerify } from './verify.js';

package/signature/index.js

@@ -0,0 +1,4 @@
+/**
+ * @summary Utilities for working with signatures
+ */
+export { signatureVerify } from './verify.js';

package/signature/verify.d.ts

@@ -0,0 +1,2 @@
+import type { VerifyResult } from '../types.js';
+export declare function signatureVerify(message: string | Uint8Array, signature: string | Uint8Array, addressOrPublicKey: string | Uint8Array): VerifyResult;