npm - @snaha/swarm-id - Versions diffs - 0.0.1 - Mend

@snaha/swarm-id 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (223) hide show

package/README.md +431 -0
package/dist/chunk/bmt.d.ts +17 -0
package/dist/chunk/bmt.d.ts.map +1 -0
package/dist/chunk/cac.d.ts +18 -0
package/dist/chunk/cac.d.ts.map +1 -0
package/dist/chunk/constants.d.ts +10 -0
package/dist/chunk/constants.d.ts.map +1 -0
package/dist/chunk/encrypted-cac.d.ts +48 -0
package/dist/chunk/encrypted-cac.d.ts.map +1 -0
package/dist/chunk/encryption.d.ts +86 -0
package/dist/chunk/encryption.d.ts.map +1 -0
package/dist/chunk/index.d.ts +6 -0
package/dist/chunk/index.d.ts.map +1 -0
package/dist/index.d.ts +46 -0
package/dist/index.d.ts.map +1 -0
package/dist/proxy/act/act.d.ts +78 -0
package/dist/proxy/act/act.d.ts.map +1 -0
package/dist/proxy/act/crypto.d.ts +44 -0
package/dist/proxy/act/crypto.d.ts.map +1 -0
package/dist/proxy/act/grantee-list.d.ts +82 -0
package/dist/proxy/act/grantee-list.d.ts.map +1 -0
package/dist/proxy/act/history.d.ts +183 -0
package/dist/proxy/act/history.d.ts.map +1 -0
package/dist/proxy/act/index.d.ts +104 -0
package/dist/proxy/act/index.d.ts.map +1 -0
package/dist/proxy/chunking-encrypted.d.ts +14 -0
package/dist/proxy/chunking-encrypted.d.ts.map +1 -0
package/dist/proxy/chunking.d.ts +15 -0
package/dist/proxy/chunking.d.ts.map +1 -0
package/dist/proxy/download-data.d.ts +16 -0
package/dist/proxy/download-data.d.ts.map +1 -0
package/dist/proxy/feed-manifest.d.ts +62 -0
package/dist/proxy/feed-manifest.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/async-finder.d.ts +77 -0
package/dist/proxy/feeds/epochs/async-finder.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/epoch.d.ts +88 -0
package/dist/proxy/feeds/epochs/epoch.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/finder.d.ts +67 -0
package/dist/proxy/feeds/epochs/finder.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/index.d.ts +35 -0
package/dist/proxy/feeds/epochs/index.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/test-utils.d.ts +93 -0
package/dist/proxy/feeds/epochs/test-utils.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/types.d.ts +109 -0
package/dist/proxy/feeds/epochs/types.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/updater.d.ts +68 -0
package/dist/proxy/feeds/epochs/updater.d.ts.map +1 -0
package/dist/proxy/feeds/epochs/utils.d.ts +22 -0
package/dist/proxy/feeds/epochs/utils.d.ts.map +1 -0
package/dist/proxy/feeds/index.d.ts +5 -0
package/dist/proxy/feeds/index.d.ts.map +1 -0
package/dist/proxy/feeds/sequence/async-finder.d.ts +14 -0
package/dist/proxy/feeds/sequence/async-finder.d.ts.map +1 -0
package/dist/proxy/feeds/sequence/finder.d.ts +17 -0
package/dist/proxy/feeds/sequence/finder.d.ts.map +1 -0
package/dist/proxy/feeds/sequence/index.d.ts +23 -0
package/dist/proxy/feeds/sequence/index.d.ts.map +1 -0
package/dist/proxy/feeds/sequence/types.d.ts +80 -0
package/dist/proxy/feeds/sequence/types.d.ts.map +1 -0
package/dist/proxy/feeds/sequence/updater.d.ts +26 -0
package/dist/proxy/feeds/sequence/updater.d.ts.map +1 -0
package/dist/proxy/index.d.ts +6 -0
package/dist/proxy/index.d.ts.map +1 -0
package/dist/proxy/manifest-builder.d.ts +183 -0
package/dist/proxy/manifest-builder.d.ts.map +1 -0
package/dist/proxy/mantaray-encrypted.d.ts +27 -0
package/dist/proxy/mantaray-encrypted.d.ts.map +1 -0
package/dist/proxy/mantaray.d.ts +26 -0
package/dist/proxy/mantaray.d.ts.map +1 -0
package/dist/proxy/types.d.ts +29 -0
package/dist/proxy/types.d.ts.map +1 -0
package/dist/proxy/upload-data.d.ts +17 -0
package/dist/proxy/upload-data.d.ts.map +1 -0
package/dist/proxy/upload-encrypted-data.d.ts +103 -0
package/dist/proxy/upload-encrypted-data.d.ts.map +1 -0
package/dist/schemas.d.ts +240 -0
package/dist/schemas.d.ts.map +1 -0
package/dist/storage/debounced-uploader.d.ts +62 -0
package/dist/storage/debounced-uploader.d.ts.map +1 -0
package/dist/storage/utilization-store.d.ts +108 -0
package/dist/storage/utilization-store.d.ts.map +1 -0
package/dist/swarm-id-auth.d.ts +74 -0
package/dist/swarm-id-auth.d.ts.map +1 -0
package/dist/swarm-id-auth.js +2 -0
package/dist/swarm-id-auth.js.map +1 -0
package/dist/swarm-id-client.d.ts +878 -0
package/dist/swarm-id-client.d.ts.map +1 -0
package/dist/swarm-id-client.js +2 -0
package/dist/swarm-id-client.js.map +1 -0
package/dist/swarm-id-proxy.d.ts +236 -0
package/dist/swarm-id-proxy.d.ts.map +1 -0
package/dist/swarm-id-proxy.js +2 -0
package/dist/swarm-id-proxy.js.map +1 -0
package/dist/swarm-id.esm.js +2 -0
package/dist/swarm-id.esm.js.map +1 -0
package/dist/swarm-id.umd.js +2 -0
package/dist/swarm-id.umd.js.map +1 -0
package/dist/sync/index.d.ts +9 -0
package/dist/sync/index.d.ts.map +1 -0
package/dist/sync/key-derivation.d.ts +25 -0
package/dist/sync/key-derivation.d.ts.map +1 -0
package/dist/sync/restore-account.d.ts +28 -0
package/dist/sync/restore-account.d.ts.map +1 -0
package/dist/sync/serialization.d.ts +16 -0
package/dist/sync/serialization.d.ts.map +1 -0
package/dist/sync/store-interfaces.d.ts +53 -0
package/dist/sync/store-interfaces.d.ts.map +1 -0
package/dist/sync/sync-account.d.ts +44 -0
package/dist/sync/sync-account.d.ts.map +1 -0
package/dist/sync/types.d.ts +13 -0
package/dist/sync/types.d.ts.map +1 -0
package/dist/test-fixtures.d.ts +17 -0
package/dist/test-fixtures.d.ts.map +1 -0
package/dist/types-BD_VkNn0.js +2 -0
package/dist/types-BD_VkNn0.js.map +1 -0
package/dist/types-lJCaT-50.js +2 -0
package/dist/types-lJCaT-50.js.map +1 -0
package/dist/types.d.ts +2157 -0
package/dist/types.d.ts.map +1 -0
package/dist/utils/account-payload.d.ts +94 -0
package/dist/utils/account-payload.d.ts.map +1 -0
package/dist/utils/account-state-snapshot.d.ts +38 -0
package/dist/utils/account-state-snapshot.d.ts.map +1 -0
package/dist/utils/backup-encryption.d.ts +127 -0
package/dist/utils/backup-encryption.d.ts.map +1 -0
package/dist/utils/batch-utilization.d.ts +432 -0
package/dist/utils/batch-utilization.d.ts.map +1 -0
package/dist/utils/constants.d.ts +11 -0
package/dist/utils/constants.d.ts.map +1 -0
package/dist/utils/hex.d.ts +17 -0
package/dist/utils/hex.d.ts.map +1 -0
package/dist/utils/key-derivation.d.ts +92 -0
package/dist/utils/key-derivation.d.ts.map +1 -0
package/dist/utils/storage-managers.d.ts +65 -0
package/dist/utils/storage-managers.d.ts.map +1 -0
package/dist/utils/swarm-id-export.d.ts +24 -0
package/dist/utils/swarm-id-export.d.ts.map +1 -0
package/dist/utils/ttl.d.ts +49 -0
package/dist/utils/ttl.d.ts.map +1 -0
package/dist/utils/url.d.ts +41 -0
package/dist/utils/url.d.ts.map +1 -0
package/dist/utils/versioned-storage.d.ts +131 -0
package/dist/utils/versioned-storage.d.ts.map +1 -0
package/package.json +78 -0
package/src/chunk/bmt.test.ts +217 -0
package/src/chunk/bmt.ts +57 -0
package/src/chunk/cac.test.ts +214 -0
package/src/chunk/cac.ts +65 -0
package/src/chunk/constants.ts +18 -0
package/src/chunk/encrypted-cac.test.ts +385 -0
package/src/chunk/encrypted-cac.ts +131 -0
package/src/chunk/encryption.test.ts +352 -0
package/src/chunk/encryption.ts +300 -0
package/src/chunk/index.ts +47 -0
package/src/index.ts +430 -0
package/src/proxy/act/act.test.ts +278 -0
package/src/proxy/act/act.ts +158 -0
package/src/proxy/act/bee-compat.test.ts +948 -0
package/src/proxy/act/crypto.test.ts +436 -0
package/src/proxy/act/crypto.ts +376 -0
package/src/proxy/act/grantee-list.test.ts +393 -0
package/src/proxy/act/grantee-list.ts +239 -0
package/src/proxy/act/history.test.ts +360 -0
package/src/proxy/act/history.ts +413 -0
package/src/proxy/act/index.test.ts +748 -0
package/src/proxy/act/index.ts +853 -0
package/src/proxy/chunking-encrypted.ts +95 -0
package/src/proxy/chunking.ts +65 -0
package/src/proxy/download-data.ts +448 -0
package/src/proxy/feed-manifest.ts +174 -0
package/src/proxy/feeds/epochs/async-finder.ts +372 -0
package/src/proxy/feeds/epochs/epoch.test.ts +249 -0
package/src/proxy/feeds/epochs/epoch.ts +181 -0
package/src/proxy/feeds/epochs/finder.ts +282 -0
package/src/proxy/feeds/epochs/index.ts +73 -0
package/src/proxy/feeds/epochs/integration.test.ts +1336 -0
package/src/proxy/feeds/epochs/test-utils.ts +274 -0
package/src/proxy/feeds/epochs/types.ts +128 -0
package/src/proxy/feeds/epochs/updater.ts +192 -0
package/src/proxy/feeds/epochs/utils.ts +62 -0
package/src/proxy/feeds/index.ts +5 -0
package/src/proxy/feeds/sequence/async-finder.ts +31 -0
package/src/proxy/feeds/sequence/finder.ts +73 -0
package/src/proxy/feeds/sequence/index.ts +54 -0
package/src/proxy/feeds/sequence/integration.test.ts +966 -0
package/src/proxy/feeds/sequence/types.ts +103 -0
package/src/proxy/feeds/sequence/updater.ts +71 -0
package/src/proxy/index.ts +5 -0
package/src/proxy/manifest-builder.test.ts +427 -0
package/src/proxy/manifest-builder.ts +679 -0
package/src/proxy/mantaray-encrypted.ts +78 -0
package/src/proxy/mantaray.ts +104 -0
package/src/proxy/types.ts +32 -0
package/src/proxy/upload-data.ts +189 -0
package/src/proxy/upload-encrypted-data.ts +658 -0
package/src/schemas.ts +299 -0
package/src/storage/debounced-uploader.ts +192 -0
package/src/storage/utilization-store.ts +397 -0
package/src/swarm-id-client.test.ts +99 -0
package/src/swarm-id-client.ts +3095 -0
package/src/swarm-id-proxy.ts +3891 -0
package/src/sync/index.ts +28 -0
package/src/sync/restore-account.ts +90 -0
package/src/sync/serialization.ts +39 -0
package/src/sync/store-interfaces.ts +62 -0
package/src/sync/sync-account.test.ts +302 -0
package/src/sync/sync-account.ts +396 -0
package/src/sync/types.ts +11 -0
package/src/test-fixtures.ts +109 -0
package/src/types.ts +1651 -0
package/src/utils/account-state-snapshot.test.ts +595 -0
package/src/utils/account-state-snapshot.ts +94 -0
package/src/utils/backup-encryption.test.ts +442 -0
package/src/utils/backup-encryption.ts +352 -0
package/src/utils/batch-utilization.ts +1309 -0
package/src/utils/constants.ts +20 -0
package/src/utils/hex.ts +27 -0
package/src/utils/key-derivation.ts +197 -0
package/src/utils/storage-managers.ts +365 -0
package/src/utils/ttl.ts +129 -0
package/src/utils/url.test.ts +136 -0
package/src/utils/url.ts +71 -0
package/src/utils/versioned-storage.ts +323 -0

package/src/proxy/act/crypto.ts ADDED Viewed

@@ -0,0 +1,376 @@
+import { Binary } from "cafe-utility"
+// secp256k1 curve parameters
+const SECP256K1_P = BigInt(
+  "0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
+)
+const SECP256K1_N = BigInt(
+  "0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
+)
+const SECP256K1_GX = BigInt(
+  "0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
+)
+const SECP256K1_GY = BigInt(
+  "0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8",
+)
+// Key derivation nonces
+const LOOKUP_KEY_NONCE = 0x00
+const ACCESS_KEY_DECRYPTION_NONCE = 0x01
+// Size constants
+const PRIVATE_KEY_SIZE = 32
+const PUBLIC_KEY_COORD_SIZE = 32
+const COMPRESSED_PUBLIC_KEY_SIZE = 33
+const KEY_SIZE = 32
+const COUNTER_SIZE = 4
+/**
+ * Modular arithmetic: a mod p (always positive)
+ */
+function mod(a: bigint, p: bigint): bigint {
+  const result = a % p
+  return result >= 0n ? result : result + p
+}
+/**
+ * Extended Euclidean algorithm for modular inverse
+ */
+function modInverse(a: bigint, p: bigint): bigint {
+  let [oldR, r] = [mod(a, p), p]
+  let [oldS, s] = [1n, 0n]
+  while (r !== 0n) {
+    const quotient = oldR / r
+    ;[oldR, r] = [r, oldR - quotient * r]
+    ;[oldS, s] = [s, oldS - quotient * s]
+  }
+  if (oldR !== 1n) {
+    throw new Error("Modular inverse does not exist")
+  }
+  return mod(oldS, p)
+}
+/**
+ * Elliptic curve point addition on secp256k1
+ * Returns null for point at infinity
+ */
+function ellipticAdd(
+  x1: bigint,
+  y1: bigint,
+  x2: bigint,
+  y2: bigint,
+): [bigint, bigint] | null {
+  // Handle point at infinity cases
+  if (x1 === 0n && y1 === 0n) return [x2, y2]
+  if (x2 === 0n && y2 === 0n) return [x1, y1]
+  // If points are inverses, return point at infinity
+  if (x1 === x2 && mod(y1 + y2, SECP256K1_P) === 0n) {
+    return null
+  }
+  let slope: bigint
+  if (x1 === x2 && y1 === y2) {
+    // Point doubling
+    const numerator = mod(3n * x1 * x1, SECP256K1_P)
+    const denominator = mod(2n * y1, SECP256K1_P)
+    slope = mod(numerator * modInverse(denominator, SECP256K1_P), SECP256K1_P)
+  } else {
+    // Point addition
+    const numerator = mod(y2 - y1, SECP256K1_P)
+    const denominator = mod(x2 - x1, SECP256K1_P)
+    slope = mod(numerator * modInverse(denominator, SECP256K1_P), SECP256K1_P)
+  }
+  const x3 = mod(slope * slope - x1 - x2, SECP256K1_P)
+  const y3 = mod(slope * (x1 - x3) - y1, SECP256K1_P)
+  return [x3, y3]
+}
+/**
+ * Elliptic curve point doubling (special case of addition)
+ */
+function ellipticDouble(x: bigint, y: bigint): [bigint, bigint] | null {
+  return ellipticAdd(x, y, x, y)
+}
+/**
+ * Scalar multiplication using double-and-add algorithm
+ */
+function scalarMultiply(
+  px: bigint,
+  py: bigint,
+  scalar: bigint,
+): [bigint, bigint] | null {
+  if (scalar === 0n) return null
+  let result: [bigint, bigint] | null = null
+  let current: [bigint, bigint] | null = [px, py]
+  let s = mod(scalar, SECP256K1_N)
+  while (s > 0n) {
+    if (s & 1n) {
+      if (result === null) {
+        result = current
+      } else if (current !== null) {
+        result = ellipticAdd(result[0], result[1], current[0], current[1])
+      }
+    }
+    if (current !== null) {
+      current = ellipticDouble(current[0], current[1])
+    }
+    s >>= 1n
+  }
+  return result
+}
+/**
+ * Convert Uint8Array to bigint (big-endian)
+ */
+function uint8ArrayToBigInt(bytes: Uint8Array): bigint {
+  let result = 0n
+  for (const byte of bytes) {
+    result = (result << 8n) | BigInt(byte)
+  }
+  return result
+}
+/**
+ * Convert bigint to Uint8Array (big-endian, fixed size)
+ */
+function bigIntToUint8Array(value: bigint, size: number): Uint8Array {
+  const result = new Uint8Array(size)
+  let v = value
+  for (let i = size - 1; i >= 0; i--) {
+    result[i] = Number(v & 0xffn)
+    v >>= 8n
+  }
+  return result
+}
+/**
+ * Derive public key from private key
+ */
+export function publicKeyFromPrivate(privKey: Uint8Array): {
+  x: Uint8Array
+  y: Uint8Array
+} {
+  if (privKey.length !== PRIVATE_KEY_SIZE) {
+    throw new Error(`Private key must be ${PRIVATE_KEY_SIZE} bytes`)
+  }
+  const scalar = uint8ArrayToBigInt(privKey)
+  const point = scalarMultiply(SECP256K1_GX, SECP256K1_GY, scalar)
+  if (point === null) {
+    throw new Error("Invalid private key")
+  }
+  return {
+    x: bigIntToUint8Array(point[0], PUBLIC_KEY_COORD_SIZE),
+    y: bigIntToUint8Array(point[1], PUBLIC_KEY_COORD_SIZE),
+  }
+}
+/**
+ * Compute ECDH shared secret (x-coordinate of shared point)
+ */
+export function ecdhSharedSecret(
+  privKey: Uint8Array,
+  pubX: Uint8Array,
+  pubY: Uint8Array,
+): Uint8Array {
+  if (privKey.length !== PRIVATE_KEY_SIZE) {
+    throw new Error(`Private key must be ${PRIVATE_KEY_SIZE} bytes`)
+  }
+  if (
+    pubX.length !== PUBLIC_KEY_COORD_SIZE ||
+    pubY.length !== PUBLIC_KEY_COORD_SIZE
+  ) {
+    throw new Error(
+      `Public key coordinates must be ${PUBLIC_KEY_COORD_SIZE} bytes each`,
+    )
+  }
+  const scalar = uint8ArrayToBigInt(privKey)
+  const px = uint8ArrayToBigInt(pubX)
+  const py = uint8ArrayToBigInt(pubY)
+  const point = scalarMultiply(px, py, scalar)
+  if (point === null) {
+    throw new Error("ECDH computation resulted in point at infinity")
+  }
+  return bigIntToUint8Array(point[0], PUBLIC_KEY_COORD_SIZE)
+}
+/**
+ * Derive lookup key and access key decryption key from ECDH shared secret
+ */
+export function deriveKeys(
+  privKey: Uint8Array,
+  pubX: Uint8Array,
+  pubY: Uint8Array,
+): { lookupKey: Uint8Array; accessKeyDecryptionKey: Uint8Array } {
+  const sharedSecret = ecdhSharedSecret(privKey, pubX, pubY)
+  // lookupKey = keccak256(sharedX || 0x00)
+  const lookupKeyInput = new Uint8Array(sharedSecret.length + 1)
+  lookupKeyInput.set(sharedSecret)
+  lookupKeyInput[sharedSecret.length] = LOOKUP_KEY_NONCE
+  const lookupKey = Binary.keccak256(lookupKeyInput)
+  // accessKeyDecryptionKey = keccak256(sharedX || 0x01)
+  const akdKeyInput = new Uint8Array(sharedSecret.length + 1)
+  akdKeyInput.set(sharedSecret)
+  akdKeyInput[sharedSecret.length] = ACCESS_KEY_DECRYPTION_NONCE
+  const accessKeyDecryptionKey = Binary.keccak256(akdKeyInput)
+  return { lookupKey, accessKeyDecryptionKey }
+}
+/**
+ * Counter-mode encryption/decryption
+ * Matches Bee's Go implementation (bee/pkg/encryption/encryption.go:134-168)
+ * For each 32-byte block i: data[i] XOR keccak256(keccak256(key || uint32LE(i)))
+ */
+export function counterModeEncrypt(
+  data: Uint8Array,
+  key: Uint8Array,
+): Uint8Array {
+  if (key.length !== KEY_SIZE) {
+    throw new Error(`Key must be ${KEY_SIZE} bytes`)
+  }
+  const result = new Uint8Array(data.length)
+  const numBlocks = Math.ceil(data.length / KEY_SIZE)
+  for (let i = 0; i < numBlocks; i++) {
+    // Create counter input: key || uint32LE(i)
+    // Must match Bee's Go implementation which uses binary.LittleEndian.PutUint32
+    const counterInput = new Uint8Array(key.length + COUNTER_SIZE)
+    counterInput.set(key)
+    // LITTLE ENDIAN counter (matches Bee's binary.LittleEndian.PutUint32)
+    counterInput[key.length] = i & 0xff
+    counterInput[key.length + 1] = (i >> 8) & 0xff
+    counterInput[key.length + 2] = (i >> 16) & 0xff
+    counterInput[key.length + 3] = (i >> 24) & 0xff
+    // First hash: keccak256(key || counter)
+    const ctrHash = Binary.keccak256(counterInput)
+    // Second hash for "selective disclosure" (matches Bee's implementation)
+    const keyStream = Binary.keccak256(ctrHash)
+    // XOR data block with keystream
+    const blockStart = i * KEY_SIZE
+    const blockEnd = Math.min(blockStart + KEY_SIZE, data.length)
+    for (let j = blockStart; j < blockEnd; j++) {
+      result[j] = data[j] ^ keyStream[j - blockStart]
+    }
+  }
+  return result
+}
+/**
+ * Counter-mode decryption (symmetric with encryption)
+ */
+export const counterModeDecrypt = counterModeEncrypt
+/**
+ * Parse compressed public key (33 bytes) to uncompressed coordinates
+ */
+export function publicKeyFromCompressed(compressed: Uint8Array): {
+  x: Uint8Array
+  y: Uint8Array
+} {
+  if (compressed.length !== COMPRESSED_PUBLIC_KEY_SIZE) {
+    throw new Error(
+      `Compressed public key must be ${COMPRESSED_PUBLIC_KEY_SIZE} bytes`,
+    )
+  }
+  const prefix = compressed[0]
+  if (prefix !== 0x02 && prefix !== 0x03) {
+    throw new Error("Invalid compressed public key prefix")
+  }
+  const x = uint8ArrayToBigInt(compressed.slice(1))
+  // y² = x³ + 7 (mod p)
+  const ySquared = mod(x * x * x + 7n, SECP256K1_P)
+  // Compute modular square root using Tonelli-Shanks
+  // For secp256k1, p ≡ 3 (mod 4), so y = (y²)^((p+1)/4) mod p
+  const exponent = (SECP256K1_P + 1n) / 4n
+  let y = modPow(ySquared, exponent, SECP256K1_P)
+  // Check parity and adjust if needed
+  const isEven = (y & 1n) === 0n
+  const shouldBeEven = prefix === 0x02
+  if (isEven !== shouldBeEven) {
+    y = SECP256K1_P - y
+  }
+  return {
+    x: bigIntToUint8Array(x, PUBLIC_KEY_COORD_SIZE),
+    y: bigIntToUint8Array(y, PUBLIC_KEY_COORD_SIZE),
+  }
+}
+/**
+ * Compress public key to 33 bytes
+ */
+export function compressPublicKey(x: Uint8Array, y: Uint8Array): Uint8Array {
+  if (
+    x.length !== PUBLIC_KEY_COORD_SIZE ||
+    y.length !== PUBLIC_KEY_COORD_SIZE
+  ) {
+    throw new Error(
+      `Public key coordinates must be ${PUBLIC_KEY_COORD_SIZE} bytes each`,
+    )
+  }
+  const yBigInt = uint8ArrayToBigInt(y)
+  const prefix = (yBigInt & 1n) === 0n ? 0x02 : 0x03
+  const result = new Uint8Array(COMPRESSED_PUBLIC_KEY_SIZE)
+  result[0] = prefix
+  result.set(x, 1)
+  return result
+}
+/**
+ * Modular exponentiation using square-and-multiply
+ */
+function modPow(base: bigint, exponent: bigint, modulus: bigint): bigint {
+  let result = 1n
+  base = mod(base, modulus)
+  while (exponent > 0n) {
+    if (exponent & 1n) {
+      result = mod(result * base, modulus)
+    }
+    exponent >>= 1n
+    base = mod(base * base, modulus)
+  }
+  return result
+}
+/**
+ * Generate a random 32-byte key using crypto.getRandomValues
+ */
+export function generateRandomKey(): Uint8Array {
+  const key = new Uint8Array(KEY_SIZE)
+  crypto.getRandomValues(key)
+  return key
+}