@twin.org/crypto 0.0.3-next.22 → 0.0.3-next.23

package/README.md

@@ -1,16 +1,6 @@
 # TWIN Framework Crypto
 
-This package contains helper methods and classes which implement cryptographic functions.
-
-- Blake2B
-- Sha256
-- HmacSha1
-- Ed25519
-- Bip32
-- Slip100
-- Pbkdf2
-
-- Totp
+This package is part of the framework workspace and provides helper methods and classes which implement cryptographic functions to support consistent development workflows across the ecosystem.
 
 ## Installation
 

package/docs/changelog.md

@@ -1,4 +1,23 @@
-# @twin.org/crypto - Changelog
+# Changelog
+
+## [0.0.3-next.23](https://github.com/twinfoundation/framework/compare/crypto-v0.0.3-next.22...crypto-v0.0.3-next.23) (2026-03-17)
+
+
+### Miscellaneous Chores
+
+* **crypto:** Synchronize repo versions
+
+
+### Dependencies
+
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/core bumped from 0.0.3-next.22 to 0.0.3-next.23
+    * @twin.org/nameof bumped from 0.0.3-next.22 to 0.0.3-next.23
+  * devDependencies
+    * @twin.org/nameof-transformer bumped from 0.0.3-next.22 to 0.0.3-next.23
+    * @twin.org/nameof-vitest-plugin bumped from 0.0.3-next.22 to 0.0.3-next.23
+    * @twin.org/validate-locales bumped from 0.0.3-next.22 to 0.0.3-next.23
 
 ## [0.0.3-next.22](https://github.com/twinfoundation/framework/compare/crypto-v0.0.3-next.21...crypto-v0.0.3-next.22) (2026-02-26)
 

package/docs/examples.md

@@ -1 +1,130 @@
-# @twin.org/crypto - Examples
+# Crypto Examples
+
+Use these snippets as practical building blocks for hashes, signatures, key derivation, passwords and one-time passwords.
+
+## Sha3, Sha512, HmacSha512
+
+```typescript
+import { HmacSha512, Sha3, Sha512 } from '@twin.org/crypto';
+
+const message = new TextEncoder().encode('hello twin');
+const key = new TextEncoder().encode('super-secret');
+
+Sha3.sum256(message);
+Sha512.sum512(message);
+HmacSha512.sum512(key, message);
+```
+
+## Blake2b, Blake3, Sha256, HmacSha256, Sha1, HmacSha1
+
+```typescript
+import { Blake2b, Blake3, HmacSha1, HmacSha256, Sha1, Sha256 } from '@twin.org/crypto';
+
+const bytes = new TextEncoder().encode('digest me');
+const hmacKey = new TextEncoder().encode('key-01');
+
+Blake2b.sum256(bytes);
+Blake3.sum256(bytes);
+Sha256.sum256(bytes);
+Sha1.sum(bytes);
+HmacSha256.sum256(hmacKey, bytes);
+HmacSha1.sum(hmacKey, bytes);
+```
+
+## Ed25519, Secp256k1, X25519, Zip215
+
+```typescript
+import { Ed25519, Secp256k1, X25519, Zip215 } from '@twin.org/crypto';
+
+const privateKey = new Uint8Array(32).fill(7);
+const payload = new TextEncoder().encode('payload');
+
+const edPublic = Ed25519.publicKeyFromPrivateKey(privateKey);
+const edSignature = Ed25519.sign(privateKey, payload);
+Ed25519.verify(edPublic, payload, edSignature); // true
+
+const secpPublic = Secp256k1.publicKeyFromPrivateKey(privateKey);
+const secpSignature = Secp256k1.sign(privateKey, payload);
+Secp256k1.verify(secpPublic, payload, secpSignature); // true
+
+X25519.convertPublicKeyToX25519(edPublic);
+Zip215.verify(edPublic, payload, edSignature); // true
+```
+
+## Bip39, Bip32Path, Slip0010, Bip44, Bech32
+
+```typescript
+import { Bech32, Bip32Path, Bip39, Bip44, Slip0010 } from '@twin.org/crypto';
+
+const entropy = new Uint8Array(32).fill(1);
+const mnemonic = Bip39.entropyToMnemonic(entropy);
+const seed = Bip39.mnemonicToSeed(mnemonic, 'passphrase');
+
+const path = Bip32Path.fromPath("m/44'/4218'/0'/0'/0'");
+path.numberSegments(); // 5
+
+const master = Slip0010.getMasterKeyFromSeed(seed);
+const derived = Slip0010.derivePath(master.privateKey, master.chainCode, path.toString());
+
+Bip44.address(derived.privateKey); // '0x...'
+Bech32.encode('twin', new Uint8Array([1, 2, 3, 4]));
+```
+
+## ChaCha20Poly1305, Pbkdf2, IntegrityHelper, PemHelper
+
+```typescript
+import { ChaCha20Poly1305, IntegrityHelper, Pbkdf2, PemHelper } from '@twin.org/crypto';
+
+const password = new TextEncoder().encode('passw0rd!');
+const salt = new Uint8Array(16).fill(2);
+const key = Pbkdf2.sha512(password, salt, 4096, 32);
+
+const nonce = new Uint8Array(12).fill(3);
+const plaintext = new TextEncoder().encode('encrypted-content');
+const cipher = ChaCha20Poly1305.encrypt(key, nonce, plaintext, new Uint8Array(0));
+ChaCha20Poly1305.decrypt(key, nonce, cipher, new Uint8Array(0));
+
+const checksum = IntegrityHelper.generate('sha256', plaintext);
+IntegrityHelper.verify('sha256', plaintext, checksum); // true
+
+PemHelper.formatPem('PUBLIC KEY', new Uint8Array([10, 11, 12]));
+```
+
+## Hotp and Totp
+
+```typescript
+import { Hotp, Totp } from '@twin.org/crypto';
+
+const secret = Totp.generateSecret();
+
+Hotp.generate(secret, 42, 6); // '123456'
+const token = Totp.generate(secret, {
+  periodSeconds: 30,
+  digits: 6,
+  timestamp: Date.now()
+});
+
+Totp.verify(secret, token, {
+  periodSeconds: 30,
+  digits: 6,
+  timestamp: Date.now()
+}); // true
+```
+
+## PasswordGenerator and PasswordValidator
+
+```typescript
+import { PasswordGenerator, PasswordValidator } from '@twin.org/crypto';
+
+const generated = PasswordGenerator.generate({
+  length: 20,
+  includeLowercase: true,
+  includeUppercase: true,
+  includeNumbers: true,
+  includeSymbols: true
+});
+
+const hashed = await PasswordGenerator.hashPassword(generated);
+PasswordValidator.validate(generated);
+await PasswordValidator.comparePasswordHashes(generated, hashed); // true
+```

package/docs/reference/classes/Bech32.md

@@ -14,7 +14,7 @@ Bech32 encoding and decoding.
 
 ## Properties
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -22,7 +22,7 @@ Runtime name for the class.
 
 ## Methods
 
-### encode()
+### encode() {#encode}
 
 > `static` **encode**(`humanReadablePart`, `data`): `string`
 
@@ -50,7 +50,7 @@ The encoded data.
 
 ***
 
-### decode()
+### decode() {#decode}
 
 > `static` **decode**(`bech`): `object`
 
@@ -84,7 +84,7 @@ An error if the decoding fails.
 
 ***
 
-### isBech32()
+### isBech32() {#isbech32}
 
 > `static` **isBech32**(`bech`): `bech is string`
 

package/docs/reference/classes/Bip32Path.md

@@ -24,7 +24,7 @@ Initial path to create.
 
 ## Methods
 
-### fromPath()
+### fromPath() {#frompath}
 
 > `static` **fromPath**(`bip32Path`): `Bip32Path`
 
@@ -46,7 +46,7 @@ A new instance of Bip32Path.
 
 ***
 
-### toString()
+### toString() {#tostring}
 
 > **toString**(): `string`
 
@@ -60,7 +60,7 @@ The path as a string.
 
 ***
 
-### push()
+### push() {#push}
 
 > **push**(`index`): `void`
 
@@ -80,7 +80,7 @@ The index to add to the path.
 
 ***
 
-### pushHardened()
+### pushHardened() {#pushhardened}
 
 > **pushHardened**(`index`): `void`
 
@@ -100,7 +100,7 @@ The index to add to the path.
 
 ***
 
-### pop()
+### pop() {#pop}
 
 > **pop**(): `void`
 
@@ -112,7 +112,7 @@ Pop an index from the path.
 
 ***
 
-### numberSegments()
+### numberSegments() {#numbersegments}
 
 > **numberSegments**(): `number`[]
 

package/docs/reference/classes/Bip39.md

@@ -14,7 +14,7 @@ Implementation of Bip39 for mnemonic generation.
 
 ## Properties
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -22,21 +22,21 @@ Runtime name for the class.
 
 ## Methods
 
-### randomMnemonic()
+### randomMnemonic() {#randommnemonic}
 
-> `static` **randomMnemonic**(`strength`, `words`): `string`
+> `static` **randomMnemonic**(`strength?`, `words?`): `string`
 
 Generate a random mnemonic.
 
 #### Parameters
 
-##### strength
+##### strength?
 
 `number` = `256`
 
 The strength of the mnemonic to generate, defaults to 256.
 
-##### words
+##### words?
 
 `string`[] = `wordlist`
 
@@ -54,9 +54,9 @@ Error if the length is not a multiple of 32.
 
 ***
 
-### entropyToMnemonic()
+### entropyToMnemonic() {#entropytomnemonic}
 
-> `static` **entropyToMnemonic**(`entropy`, `words`): `string`
+> `static` **entropyToMnemonic**(`entropy`, `words?`): `string`
 
 Generate a mnemonic from the entropy.
 
@@ -68,7 +68,7 @@ Generate a mnemonic from the entropy.
 
 The entropy to generate.
 
-##### words
+##### words?
 
 `string`[] = `wordlist`
 
@@ -86,7 +86,7 @@ Error if the length of the entropy is not a multiple of 4, or is less than 16 or
 
 ***
 
-### mnemonicToSeed()
+### mnemonicToSeed() {#mnemonictoseed}
 
 > `static` **mnemonicToSeed**(`mnemonic`, `password?`): `Uint8Array`
 
@@ -114,9 +114,9 @@ The seed.
 
 ***
 
-### mnemonicToEntropy()
+### mnemonicToEntropy() {#mnemonictoentropy}
 
-> `static` **mnemonicToEntropy**(`mnemonic`, `words`): `Uint8Array`
+> `static` **mnemonicToEntropy**(`mnemonic`, `words?`): `Uint8Array`
 
 Convert the mnemonic back to entropy.
 
@@ -128,7 +128,7 @@ Convert the mnemonic back to entropy.
 
 The mnemonic to convert.
 
-##### words
+##### words?
 
 `string`[] = `wordlist`
 
@@ -146,9 +146,9 @@ Error if the number of words is not a multiple of 3.
 
 ***
 
-### validateMnemonic()
+### validateMnemonic() {#validatemnemonic}
 
-> `static` **validateMnemonic**(`mnemonic`, `wordCount`, `words`): `boolean`
+> `static` **validateMnemonic**(`mnemonic`, `wordCount?`, `words?`): `boolean`
 
 Validate the mnemonic.
 
@@ -160,13 +160,13 @@ Validate the mnemonic.
 
 The mnemonic to validate.
 
-##### wordCount
+##### wordCount?
 
 `number` = `24`
 
 The expected number of words in the mnemonic, defaults to 24.
 
-##### words
+##### words?
 
 `string`[] = `wordlist`
 

package/docs/reference/classes/Bip44.md

@@ -14,7 +14,7 @@ Implementation of Bip44 for address generation.
 
 ## Properties
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -22,7 +22,7 @@ Runtime name for the class.
 
 ## Methods
 
-### keyPair()
+### keyPair() {#keypair}
 
 > `static` **keyPair**(`seed`, `keyType`, `coinType`, `accountIndex`, `isInternal`, `addressIndex`): `object`
 
@@ -86,7 +86,7 @@ Error if the address type is not supported.
 
 ***
 
-### path()
+### path() {#path}
 
 > `static` **path**(`coinType`, `accountIndex`, `isInternal`, `addressIndex`): [`Bip32Path`](Bip32Path.md)
 
@@ -126,7 +126,7 @@ The generated path.
 
 ***
 
-### basePath()
+### basePath() {#basepath}
 
 > `static` **basePath**(`coinType`): `string`
 
@@ -148,7 +148,7 @@ The bip44 address base path.
 
 ***
 
-### address()
+### address() {#address}
 
 > `static` **address**(`seed`, `keyType`, `coinType`, `accountIndex`, `isInternal`, `addressIndex`): `object`
 
@@ -212,7 +212,7 @@ The generated path and the associated keypair.
 
 ***
 
-### addressBech32()
+### addressBech32() {#addressbech32}
 
 > `static` **addressBech32**(`seed`, `keyType`, `hrp`, `coinType`, `accountIndex`, `isInternal`, `addressIndex`): `object`
 

package/docs/reference/classes/Blake2b.md

@@ -30,7 +30,7 @@ Optional key for the hash.
 
 ## Properties
 
-### SIZE\_160
+### SIZE\_160 {#size_160}
 
 > `static` **SIZE\_160**: `number` = `20`
 
@@ -38,7 +38,7 @@ Blake2b 160.
 
 ***
 
-### SIZE\_256
+### SIZE\_256 {#size_256}
 
 > `static` **SIZE\_256**: `number` = `32`
 
@@ -46,7 +46,7 @@ Blake2b 256.
 
 ***
 
-### SIZE\_512
+### SIZE\_512 {#size_512}
 
 > `static` **SIZE\_512**: `number` = `64`
 
@@ -54,7 +54,7 @@ Blake2b 512.
 
 ***
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -62,7 +62,7 @@ Runtime name for the class.
 
 ## Methods
 
-### sum160()
+### sum160() {#sum160}
 
 > `static` **sum160**(`block`, `key?`): `Uint8Array`
 
@@ -90,7 +90,7 @@ The sum 160 of the block.
 
 ***
 
-### sum256()
+### sum256() {#sum256}
 
 > `static` **sum256**(`block`, `key?`): `Uint8Array`
 
@@ -118,7 +118,7 @@ The sum 256 of the block.
 
 ***
 
-### sum512()
+### sum512() {#sum512}
 
 > `static` **sum512**(`block`, `key?`): `Uint8Array`
 
@@ -146,7 +146,7 @@ The sum 512 of the block.
 
 ***
 
-### update()
+### update() {#update}
 
 > **update**(`block`): `Blake2b`
 
@@ -168,7 +168,7 @@ The instance for chaining.
 
 ***
 
-### digest()
+### digest() {#digest}
 
 > **digest**(): `Uint8Array`
 

package/docs/reference/classes/Blake3.md

@@ -30,7 +30,7 @@ Optional key for the hash.
 
 ## Properties
 
-### SIZE\_256
+### SIZE\_256 {#size_256}
 
 > `static` **SIZE\_256**: `number` = `32`
 
@@ -38,7 +38,7 @@ Blake3 256.
 
 ***
 
-### SIZE\_512
+### SIZE\_512 {#size_512}
 
 > `static` **SIZE\_512**: `number` = `64`
 
@@ -46,7 +46,7 @@ Blake3 512.
 
 ***
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -54,7 +54,7 @@ Runtime name for the class.
 
 ## Methods
 
-### sum256()
+### sum256() {#sum256}
 
 > `static` **sum256**(`block`, `key?`): `Uint8Array`
 
@@ -82,7 +82,7 @@ The sum 256 of the block.
 
 ***
 
-### sum512()
+### sum512() {#sum512}
 
 > `static` **sum512**(`block`, `key?`): `Uint8Array`
 
@@ -110,7 +110,7 @@ The sum 512 of the block.
 
 ***
 
-### update()
+### update() {#update}
 
 > **update**(`block`): `Blake3`
 
@@ -132,7 +132,7 @@ The instance for chaining.
 
 ***
 
-### digest()
+### digest() {#digest}
 
 > **digest**(): `Uint8Array`
 

package/docs/reference/classes/ChaCha20Poly1305.md

@@ -36,7 +36,7 @@ The additional authenticated data.
 
 ## Properties
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -44,7 +44,7 @@ Runtime name for the class.
 
 ## Methods
 
-### encrypt()
+### encrypt() {#encrypt}
 
 > **encrypt**(`block`): `Uint8Array`
 
@@ -66,7 +66,7 @@ The block encrypted.
 
 ***
 
-### decrypt()
+### decrypt() {#decrypt}
 
 > **decrypt**(`block`): `Uint8Array`
 

package/docs/reference/classes/Ed25519.md

@@ -14,7 +14,7 @@ Implementation of Ed25519.
 
 ## Properties
 
-### PRIVATE\_KEY\_SIZE
+### PRIVATE\_KEY\_SIZE {#private_key_size}
 
 > `static` **PRIVATE\_KEY\_SIZE**: `number` = `32`
 
@@ -22,7 +22,7 @@ Private Key Size is the size, in bytes, of private keys as used in this package.
 
 ***
 
-### PUBLIC\_KEY\_SIZE
+### PUBLIC\_KEY\_SIZE {#public_key_size}
 
 > `static` **PUBLIC\_KEY\_SIZE**: `number` = `32`
 
@@ -30,7 +30,7 @@ Public Key Size is the size, in bytes, of public keys as used in this package.
 
 ***
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -38,7 +38,7 @@ Runtime name for the class.
 
 ## Methods
 
-### publicKeyFromPrivateKey()
+### publicKeyFromPrivateKey() {#publickeyfromprivatekey}
 
 > `static` **publicKeyFromPrivateKey**(`privateKey`): `Uint8Array`
 
@@ -64,7 +64,7 @@ Error if the private key is not the correct length.
 
 ***
 
-### sign()
+### sign() {#sign}
 
 > `static` **sign**(`privateKey`, `block`): `Uint8Array`
 
@@ -96,7 +96,7 @@ Error if the private key is not the correct length.
 
 ***
 
-### verify()
+### verify() {#verify}
 
 > `static` **verify**(`publicKey`, `block`, `signature`): `boolean`
 
@@ -134,7 +134,7 @@ Error if the public key is not the correct length.
 
 ***
 
-### privateKeyToPkcs8()
+### privateKeyToPkcs8() {#privatekeytopkcs8}
 
 > `static` **privateKeyToPkcs8**(`privateKey`): `Promise`\<`CryptoKey`\>
 
@@ -156,7 +156,7 @@ The private key in PKCS8 format.
 
 ***
 
-### pkcs8ToPrivateKey()
+### pkcs8ToPrivateKey() {#pkcs8toprivatekey}
 
 > `static` **pkcs8ToPrivateKey**(`cryptoKey`): `Promise`\<`Uint8Array`\<`ArrayBufferLike`\>\>
 

package/docs/reference/classes/HmacSha1.md

@@ -24,7 +24,7 @@ The key for the hmac.
 
 ## Properties
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -32,7 +32,7 @@ Runtime name for the class.
 
 ## Methods
 
-### sum()
+### sum() {#sum}
 
 > `static` **sum**(`key`, `block`): `Uint8Array`
 
@@ -60,7 +60,7 @@ The sum of the block.
 
 ***
 
-### update()
+### update() {#update}
 
 > **update**(`block`): `HmacSha1`
 
@@ -82,7 +82,7 @@ The instance for chaining.
 
 ***
 
-### digest()
+### digest() {#digest}
 
 > **digest**(): `Uint8Array`