@unknownncat/curve25519-node 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Sem nome bah
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,210 @@
+# @unknownncat/curve25519-node
+
+[![npm](https://img.shields.io/npm/v/%40unknownncat%2Fcurve25519-node)](https://www.npmjs.com/package/@unknownncat/curve25519-node)
+[![downloads](https://img.shields.io/npm/dm/%40unknownncat%2Fcurve25519-node)](https://www.npmjs.com/package/@unknownncat/curve25519-node)
+[![types](https://img.shields.io/badge/types-included-blue)](./dist/index.d.ts)
+[![license](https://img.shields.io/github/license/unknownncat/curve25519-node)](./LICENSE)
+[![node](https://img.shields.io/badge/node-%3E%3D20-339933?logo=node.js&logoColor=white)](https://nodejs.org/)
+![runtime deps](https://img.shields.io/badge/runtime%20deps-0-brightgreen)
+![esm+cjs](https://img.shields.io/badge/ESM%20%2B%20CJS-compatible-blue)
+
+Modern **zero-dependency** X25519 + Ed25519 for Node.js using OpenSSL via `node:crypto`.
+
+- **Node:** `>= 20`
+- **Runtime deps:** `0`
+- **TypeScript:** `strict`, **ESM-first**
+- **Compat:** ESM + CJS (`import` e `require`)
+
+---
+
+## Why
+
+O projeto original ([curve25519-js](https://github.com/harveyconnor/curve25519-js)) fazia aritmética de campo manual (loops extensos BigInt/Float64) para Curve25519/Ed25519.
+
+Este pacote troca isso por primitivas nativas do OpenSSL (via `node:crypto`), com foco em:
+
+- **segurança** por implementação consolidada
+- **performance** melhor em Node moderno
+- **API pequena** e **bem tipada**
+
+---
+
+## Compatibility notes (importante)
+
+Este pacote **não replica o esquema `axlsign`** do `curve25519-js`.
+
+Aqui a API é **padrão moderna**:
+
+- acordo de chave: **X25519**
+- assinatura: **Ed25519**
+
+Consequências:
+
+- Chaves de X25519 e Ed25519 são **diferentes** (public keys diferentes).
+- `sign`/`verify` usam chaves **Ed25519**.
+- Conversão X25519 public key ↔ Ed25519 public key **não é exposta** por `node:crypto`.
+- `opt_random` (64 bytes) do legado **não é suportado** em Ed25519 com `node:crypto`.
+  - O compat layer aceita um 3º argumento apenas por compatibilidade de chamada, mas **sempre lança erro** se ele for fornecido.
+
+---
+
+## Install
+
+```bash
+npm i @unknownncat/curve25519-node
+```
+
+---
+
+## Usage
+
+### ESM (TypeScript / Node moderno)
+
+```ts
+import {
+  asBytes32,
+  x25519,
+  ed25519,
+  sign, // compat top-level (Ed25519)
+  verify, // compat top-level (Ed25519)
+} from "@unknownncat/curve25519-node";
+
+const aliceSeed = asBytes32(crypto.getRandomValues(new Uint8Array(32)));
+const bobSeed = asBytes32(crypto.getRandomValues(new Uint8Array(32)));
+
+const aliceX = x25519.generateKeyPair(aliceSeed);
+const bobX = x25519.generateKeyPair(bobSeed);
+
+const s1 = x25519.sharedKey(aliceX.private, bobX.public);
+const s2 = x25519.sharedKey(bobX.private, aliceX.public);
+// s1 e s2 devem ser iguais
+
+const signerSeed = asBytes32(crypto.getRandomValues(new Uint8Array(32)));
+const ed = ed25519.generateKeyPair(signerSeed);
+
+const msg = new TextEncoder().encode("hello");
+
+const sig = ed25519.sign(signerSeed, msg);
+const ok = verify(ed.public, msg, sig);
+
+const signedMsg = ed25519.signMessage(signerSeed, msg);
+const opened = ed25519.openMessage(ed.public, signedMsg);
+```
+
+### CommonJS
+
+```js
+const { x25519, ed25519, asBytes32 } = require("@unknownncat/curve25519-node");
+
+const seed = asBytes32(new Uint8Array(32));
+const kp = x25519.generateKeyPair(seed);
+
+const sig = ed25519.sign(seed, Buffer.from("hello"));
+```
+
+### Subpath imports (opcional)
+
+```ts
+import { x25519 } from "@unknownncat/curve25519-node/x25519";
+import { ed25519 } from "@unknownncat/curve25519-node/ed25519";
+import { asBytes32, asBytes64 } from "@unknownncat/curve25519-node/types";
+```
+
+---
+
+## API
+
+### Namespace `x25519`
+
+- `publicKey(secretKey32: Bytes32): Bytes32`
+- `sharedKey(secretKey32: Bytes32, publicKey32: Bytes32): Bytes32`
+- `generateKeyPair(seed32: Bytes32): { public: Bytes32; private: Bytes32 }`
+
+### Namespace `ed25519`
+
+- `publicKey(secretSeed32: Bytes32): Bytes32`
+- `generateKeyPair(seed32: Bytes32): { public: Bytes32; private: Bytes32 }`
+- `sign(secretSeed32: Bytes32, msg: Uint8Array): Bytes64`
+- `verify(publicKey32: Bytes32, msg: Uint8Array, signature64: Bytes64): boolean`
+- `signMessage(secretSeed32: Bytes32, msg: Uint8Array): Uint8Array`
+- `openMessage(publicKey32: Bytes32, signedMsg: Uint8Array): Uint8Array | null`
+
+### Top-level compat layer
+
+- `sharedKey = x25519.sharedKey`
+- `generateKeyPair = x25519.generateKeyPair`
+- `sign`, `verify`, `signMessage`, `openMessage` (**Ed25519**)
+- `generateKeyPairX25519`, `generateKeyPairEd25519`
+
+> `sign` e `signMessage` aceitam um terceiro argumento opcional **apenas para compatibilidade de chamada**, mas **sempre lançam erro** se ele for fornecido (`opt_random` legado não suportado).
+
+---
+
+## Branded types
+
+- `Bytes32`
+- `Bytes64`
+
+Helpers:
+
+- `asBytes32(u8)`
+- `asBytes64(u8)`
+
+✅ Os helpers validam tamanho e retornam o **mesmo objeto** (sem cópia).
+
+---
+
+## Technical details (RFC 8410 DER)
+
+Prefixos usados para importar/exportar RAW(32) ↔ `KeyObject` via DER prealocado:
+
+- X25519 PKCS#8 prefix: `302e020100300506032b656e04220420`
+- X25519 SPKI prefix: `302a300506032b656e032100`
+- Ed25519 PKCS#8 prefix: `302e020100300506032b657004220420`
+- Ed25519 SPKI prefix: `302a300506032b6570032100`
+
+As operações usam buffers DER prealocados + `.set`, sem loops byte-a-byte.
+
+---
+
+## Performance notes
+
+- Sem `Buffer.concat` no hot path; buffers montados por prealloc + `.set`.
+- `Uint8Array` → `Buffer` usa view zero-copy:
+  - `Buffer.from(u8.buffer, u8.byteOffset, u8.byteLength)`
+
+- `signMessage` monta `signature || msg` com `Uint8Array` prealocado e `.set`.
+- Para throughput máximo em loops longos, considere cachear `KeyObject` no nível da aplicação (evita parse ASN.1 repetido).
+
+---
+
+## Security
+
+- Validação de tipo/tamanho em todas as entradas públicas.
+- Sem logs de segredo.
+- Comparações internas de DER prefix usam `timingSafeEqual`.
+
+---
+
+## Tests
+
+```bash
+npm test
+```
+
+Cobertura inclui vetores RFC:
+
+- X25519: RFC 7748
+- Ed25519: RFC 8032
+
+---
+
+## License
+
+MIT © unknownncat — veja [LICENSE](./LICENSE)
+
+---
+
+## Thanks
+
+❤️ [curve25519-js](https://github.com/harveyconnor/curve25519-js)

package/dist/cjs/ed25519.js

@@ -0,0 +1,80 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.publicKey = publicKey;
+exports.generateKeyPair = generateKeyPair;
+exports.sign = sign;
+exports.verify = verify;
+exports.signMessage = signMessage;
+exports.openMessage = openMessage;
+const node_crypto_1 = require("node:crypto");
+const assert_js_1 = require("./internal/assert.js");
+const der_js_1 = require("./internal/der.js");
+/**
+ * Derives an Ed25519 public key from a raw 32-byte seed.
+ */
+function publicKey(secretSeed32) {
+    (0, assert_js_1.assertBytes32)(secretSeed32, "secretSeed32");
+    return (0, der_js_1.rawPublicFromEd25519Spki)((0, node_crypto_1.createPublicKey)((0, der_js_1.keyFromEd25519Private)(secretSeed32)));
+}
+/**
+ * Deterministically creates an Ed25519 key pair from a 32-byte seed.
+ * The private key returned is the original 32-byte seed.
+ */
+function generateKeyPair(seed32) {
+    (0, assert_js_1.assertBytes32)(seed32, "seed32");
+    return {
+        public: publicKey(seed32),
+        private: seed32,
+    };
+}
+/**
+ * Signs a message with Ed25519 and returns the 64-byte detached signature.
+ */
+function sign(secretSeed32, msg) {
+    (0, assert_js_1.assertBytes32)(secretSeed32, "secretSeed32");
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    const signature = (0, node_crypto_1.sign)(null, (0, assert_js_1.toBufferView)(msg), (0, der_js_1.keyFromEd25519Private)(secretSeed32));
+    if (signature.byteLength !== 64) {
+        throw new Error(`Ed25519 signature must be 64 bytes, received ${signature.byteLength}`);
+    }
+    return (0, assert_js_1.asBytes64)(new Uint8Array(signature.buffer, signature.byteOffset, signature.byteLength), "signature");
+}
+/**
+ * Verifies a detached Ed25519 signature.
+ */
+function verify(publicKey32, msg, signature64) {
+    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    (0, assert_js_1.assertBytes64)(signature64, "signature64");
+    return (0, node_crypto_1.verify)(null, (0, assert_js_1.toBufferView)(msg), (0, der_js_1.keyFromEd25519Public)(publicKey32), (0, assert_js_1.toBufferView)(signature64));
+}
+/**
+ * Returns signature || message.
+ */
+function signMessage(secretSeed32, msg) {
+    (0, assert_js_1.assertBytes32)(secretSeed32, "secretSeed32");
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    const signature = sign(secretSeed32, msg);
+    const signed = new Uint8Array(64 + msg.byteLength);
+    signed.set(signature, 0);
+    signed.set(msg, 64);
+    return signed;
+}
+/**
+ * Verifies signature || message and returns a copy of the message if valid, else null.
+ */
+function openMessage(publicKey32, signedMsg) {
+    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
+    (0, assert_js_1.assertUint8Array)(signedMsg, "signedMsg");
+    if (signedMsg.byteLength < 64) {
+        return null;
+    }
+    const signature64 = (0, assert_js_1.asBytes64)(signedMsg.subarray(0, 64), "signedMsg signature");
+    const msg = signedMsg.subarray(64);
+    if (!verify(publicKey32, msg, signature64)) {
+        return null;
+    }
+    // Return a detached message copy to avoid retaining oversized parent buffers.
+    return new Uint8Array(msg);
+}
+//# sourceMappingURL=ed25519.js.map

package/dist/cjs/ed25519.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["../../src/ed25519.ts"],"names":[],"mappings":";;AAQA,8BAGC;AAMD,0CAMC;AAKD,oBASC;AAKD,wBAWC;AAKD,kCASC;AAKD,kCAgBC;AAxFD,6CAA0F;AAC1F,oDAA+G;AAC/G,8CAA0G;AAG1G;;GAEG;AACH,SAAgB,SAAS,CAAC,YAAqB;IAC7C,IAAA,yBAAa,EAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,OAAO,IAAA,iCAAwB,EAAC,IAAA,6BAAe,EAAC,IAAA,8BAAqB,EAAC,YAAY,CAAC,CAAC,CAAC,CAAC;AACxF,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,MAAe;IAC7C,IAAA,yBAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC;QACzB,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,IAAI,CAAC,YAAqB,EAAE,GAAe;IACzD,IAAA,yBAAa,EAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,IAAA,kBAAU,EAAC,IAAI,EAAE,IAAA,wBAAY,EAAC,GAAG,CAAC,EAAE,IAAA,8BAAqB,EAAC,YAAY,CAAC,CAAC,CAAC;IAC3F,IAAI,SAAS,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,gDAAgD,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,IAAA,qBAAS,EAAC,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC;AAC9G,CAAC;AAED;;GAEG;AACH,SAAgB,MAAM,CAAC,WAAoB,EAAE,GAAe,EAAE,WAAoB;IAChF,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAE1C,OAAO,IAAA,oBAAY,EACjB,IAAI,EACJ,IAAA,wBAAY,EAAC,GAAG,CAAC,EACjB,IAAA,6BAAoB,EAAC,WAAW,CAAC,EACjC,IAAA,wBAAY,EAAC,WAAW,CAAC,CAC1B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,YAAqB,EAAE,GAAe;IAChE,IAAA,yBAAa,EAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,WAAoB,EAAE,SAAqB;IACrE,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,IAAA,4BAAgB,EAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAEzC,IAAI,SAAS,CAAC,UAAU,GAAG,EAAE,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,IAAA,qBAAS,EAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8EAA8E;IAC9E,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC"}

package/dist/cjs/index.js

@@ -0,0 +1,88 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verify = exports.openMessage = exports.generateKeyPairEd25519 = exports.generateKeyPairX25519 = exports.generateKeyPair = exports.sharedKey = exports.ed25519 = exports.x25519 = exports.assertBytes64 = exports.assertBytes32 = exports.asBytes64 = exports.asBytes32 = void 0;
+exports.sign = sign;
+exports.signMessage = signMessage;
+const assert_js_1 = require("./internal/assert.js");
+const ed25519Api = require("./ed25519.js");
+const x25519Api = require("./x25519.js");
+var assert_js_2 = require("./internal/assert.js");
+Object.defineProperty(exports, "asBytes32", { enumerable: true, get: function () { return assert_js_2.asBytes32; } });
+Object.defineProperty(exports, "asBytes64", { enumerable: true, get: function () { return assert_js_2.asBytes64; } });
+Object.defineProperty(exports, "assertBytes32", { enumerable: true, get: function () { return assert_js_2.assertBytes32; } });
+Object.defineProperty(exports, "assertBytes64", { enumerable: true, get: function () { return assert_js_2.assertBytes64; } });
+/**
+ * Standard X25519 namespace.
+ */
+exports.x25519 = {
+    publicKey: x25519Api.publicKey,
+    sharedKey: x25519Api.sharedKey,
+    generateKeyPair: x25519Api.generateKeyPair,
+};
+/**
+ * Standard Ed25519 namespace.
+ */
+exports.ed25519 = {
+    publicKey: ed25519Api.publicKey,
+    generateKeyPair: ed25519Api.generateKeyPair,
+    sign: ed25519Api.sign,
+    verify: ed25519Api.verify,
+    signMessage: ed25519Api.signMessage,
+    openMessage: ed25519Api.openMessage,
+};
+/**
+ * Top-level compatibility alias for X25519 shared secret.
+ */
+exports.sharedKey = exports.x25519.sharedKey;
+/**
+ * Top-level compatibility alias for X25519 deterministic key generation.
+ */
+exports.generateKeyPair = exports.x25519.generateKeyPair;
+/**
+ * Explicit X25519 key generation helper.
+ */
+exports.generateKeyPairX25519 = exports.x25519.generateKeyPair;
+/**
+ * Explicit Ed25519 key generation helper.
+ */
+exports.generateKeyPairEd25519 = exports.ed25519.generateKeyPair;
+/**
+ * Compatibility wrapper for Ed25519 detached signing.
+ * opt_random from legacy curve25519-js/axlsign is intentionally unsupported.
+ */
+function sign(secretSeed32, msg, opt_random) {
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    (0, assert_js_1.assertNoOptRandom)(opt_random, "sign");
+    return exports.ed25519.sign(secretSeed32, msg);
+}
+/**
+ * Compatibility wrapper for Ed25519 signed-message mode.
+ * opt_random from legacy curve25519-js/axlsign is intentionally unsupported.
+ */
+function signMessage(secretSeed32, msg, opt_random) {
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    (0, assert_js_1.assertNoOptRandom)(opt_random, "signMessage");
+    return exports.ed25519.signMessage(secretSeed32, msg);
+}
+/**
+ * Top-level compatibility alias for signed-message verification/open.
+ */
+exports.openMessage = exports.ed25519.openMessage;
+/**
+ * Top-level compatibility alias for detached signature verification.
+ */
+exports.verify = exports.ed25519.verify;
+const api = {
+    x25519: exports.x25519,
+    ed25519: exports.ed25519,
+    sharedKey: exports.sharedKey,
+    generateKeyPair: exports.generateKeyPair,
+    generateKeyPairX25519: exports.generateKeyPairX25519,
+    generateKeyPairEd25519: exports.generateKeyPairEd25519,
+    sign,
+    signMessage,
+    openMessage: exports.openMessage,
+    verify: exports.verify,
+};
+exports.default = api;
+//# sourceMappingURL=index.js.map

package/dist/cjs/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAqDA,oBAIC;AAMD,kCAIC;AAnED,oDAA2E;AAC3E,2CAA2C;AAC3C,yCAAyC;AAGzC,kDAA0F;AAAjF,sGAAA,SAAS,OAAA;AAAE,sGAAA,SAAS,OAAA;AAAE,0GAAA,aAAa,OAAA;AAAE,0GAAA,aAAa,OAAA;AAG3D;;GAEG;AACU,QAAA,MAAM,GAAG;IACpB,SAAS,EAAE,SAAS,CAAC,SAAS;IAC9B,SAAS,EAAE,SAAS,CAAC,SAAS;IAC9B,eAAe,EAAE,SAAS,CAAC,eAAe;CAClC,CAAC;AAEX;;GAEG;AACU,QAAA,OAAO,GAAG;IACrB,SAAS,EAAE,UAAU,CAAC,SAAS;IAC/B,eAAe,EAAE,UAAU,CAAC,eAAe;IAC3C,IAAI,EAAE,UAAU,CAAC,IAAI;IACrB,MAAM,EAAE,UAAU,CAAC,MAAM;IACzB,WAAW,EAAE,UAAU,CAAC,WAAW;IACnC,WAAW,EAAE,UAAU,CAAC,WAAW;CAC3B,CAAC;AAEX;;GAEG;AACU,QAAA,SAAS,GAAG,cAAM,CAAC,SAAS,CAAC;AAE1C;;GAEG;AACU,QAAA,eAAe,GAAG,cAAM,CAAC,eAAe,CAAC;AAEtD;;GAEG;AACU,QAAA,qBAAqB,GAAG,cAAM,CAAC,eAAe,CAAC;AAE5D;;GAEG;AACU,QAAA,sBAAsB,GAAG,eAAO,CAAC,eAAe,CAAC;AAE9D;;;GAGG;AACH,SAAgB,IAAI,CAAC,YAAqB,EAAE,GAAe,EAAE,UAAuB;IAClF,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,IAAA,6BAAiB,EAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IACtC,OAAO,eAAO,CAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;AACzC,CAAC;AAED;;;GAGG;AACH,SAAgB,WAAW,CAAC,YAAqB,EAAE,GAAe,EAAE,UAAuB;IACzF,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,IAAA,6BAAiB,EAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAC7C,OAAO,eAAO,CAAC,WAAW,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACU,QAAA,WAAW,GAAG,eAAO,CAAC,WAAW,CAAC;AAE/C;;GAEG;AACU,QAAA,MAAM,GAAG,eAAO,CAAC,MAAM,CAAC;AAErC,MAAM,GAAG,GAAG;IACV,MAAM,EAAN,cAAM;IACN,OAAO,EAAP,eAAO;IACP,SAAS,EAAT,iBAAS;IACT,eAAe,EAAf,uBAAe;IACf,qBAAqB,EAArB,6BAAqB;IACrB,sBAAsB,EAAtB,8BAAsB;IACtB,IAAI;IACJ,WAAW;IACX,WAAW,EAAX,mBAAW;IACX,MAAM,EAAN,cAAM;CACE,CAAC;AAEX,kBAAe,GAAG,CAAC"}

package/dist/cjs/internal/assert.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.assertUint8Array = assertUint8Array;
+exports.assertBytes32 = assertBytes32;
+exports.assertBytes64 = assertBytes64;
+exports.asBytes32 = asBytes32;
+exports.asBytes64 = asBytes64;
+exports.assertNoOptRandom = assertNoOptRandom;
+exports.toBufferView = toBufferView;
+function assertUint8Array(value, name) {
+    if (!(value instanceof Uint8Array)) {
+        const actual = value === null ? "null" : typeof value;
+        throw new TypeError(`${name} must be a Uint8Array, received ${actual}`);
+    }
+}
+function assertLength(value, expected, name) {
+    if (value.byteLength !== expected) {
+        throw new RangeError(`${name} must be ${expected} bytes, received ${value.byteLength}`);
+    }
+}
+function assertBytes32(value, name = "value") {
+    assertUint8Array(value, name);
+    assertLength(value, 32, name);
+}
+function assertBytes64(value, name = "value") {
+    assertUint8Array(value, name);
+    assertLength(value, 64, name);
+}
+function asBytes32(value, name = "value") {
+    assertBytes32(value, name);
+    return value;
+}
+function asBytes64(value, name = "value") {
+    assertBytes64(value, name);
+    return value;
+}
+function assertNoOptRandom(optRandom, fnName) {
+    if (optRandom !== undefined) {
+        throw new Error(`${fnName} does not support opt_random with node:crypto Ed25519. ` +
+            "Remove the third argument and use deterministic Ed25519 signing.");
+    }
+}
+function toBufferView(value) {
+    return Buffer.from(value.buffer, value.byteOffset, value.byteLength);
+}
+//# sourceMappingURL=assert.js.map

package/dist/cjs/internal/assert.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"assert.js","sourceRoot":"","sources":["../../../src/internal/assert.ts"],"names":[],"mappings":";;AAEA,4CAKC;AAQD,sCAGC;AAED,sCAGC;AAED,8BAGC;AAED,8BAGC;AAED,8CAOC;AAED,oCAEC;AA5CD,SAAgB,gBAAgB,CAAC,KAAc,EAAE,IAAY;IAC3D,IAAI,CAAC,CAAC,KAAK,YAAY,UAAU,CAAC,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC;QACtD,MAAM,IAAI,SAAS,CAAC,GAAG,IAAI,mCAAmC,MAAM,EAAE,CAAC,CAAC;IAC1E,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,KAAiB,EAAE,QAAgB,EAAE,IAAY;IACrE,IAAI,KAAK,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QAClC,MAAM,IAAI,UAAU,CAAC,GAAG,IAAI,YAAY,QAAQ,oBAAoB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;AACH,CAAC;AAED,SAAgB,aAAa,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IAC7D,gBAAgB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC9B,YAAY,CAAC,KAAK,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAChC,CAAC;AAED,SAAgB,aAAa,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IAC7D,gBAAgB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC9B,YAAY,CAAC,KAAK,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAChC,CAAC;AAED,SAAgB,SAAS,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IACzD,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC3B,OAAO,KAAgB,CAAC;AAC1B,CAAC;AAED,SAAgB,SAAS,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IACzD,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC3B,OAAO,KAAgB,CAAC;AAC1B,CAAC;AAED,SAAgB,iBAAiB,CAAC,SAAkB,EAAE,MAAc;IAClE,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,yDAAyD;YAChE,kEAAkE,CACrE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAgB,YAAY,CAAC,KAAiB;IAC5C,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;AACvE,CAAC"}

package/dist/cjs/internal/der.js

@@ -0,0 +1,79 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.derPkcs8 = derPkcs8;
+exports.derSpki = derSpki;
+exports.keyFromX25519Private = keyFromX25519Private;
+exports.keyFromX25519Public = keyFromX25519Public;
+exports.keyFromEd25519Private = keyFromEd25519Private;
+exports.keyFromEd25519Public = keyFromEd25519Public;
+exports.rawPublicFromX25519Spki = rawPublicFromX25519Spki;
+exports.rawPublicFromEd25519Spki = rawPublicFromEd25519Spki;
+const node_crypto_1 = require("node:crypto");
+const assert_js_1 = require("./assert.js");
+const X25519_PKCS8_PREFIX = Buffer.from("302e020100300506032b656e04220420", "hex");
+const X25519_SPKI_PREFIX = Buffer.from("302a300506032b656e032100", "hex");
+const ED25519_PKCS8_PREFIX = Buffer.from("302e020100300506032b657004220420", "hex");
+const ED25519_SPKI_PREFIX = Buffer.from("302a300506032b6570032100", "hex");
+function appendRaw32(prefix, raw32, inputName) {
+    (0, assert_js_1.assertBytes32)(raw32, inputName);
+    const out = Buffer.allocUnsafe(prefix.length + 32);
+    out.set(prefix, 0);
+    out.set(raw32, prefix.length);
+    return out;
+}
+function derPkcs8(prefix, raw32) {
+    return appendRaw32(prefix, raw32, "raw private key");
+}
+function derSpki(prefix, raw32) {
+    return appendRaw32(prefix, raw32, "raw public key");
+}
+function keyFromX25519Private(raw32) {
+    return (0, node_crypto_1.createPrivateKey)({
+        key: derPkcs8(X25519_PKCS8_PREFIX, raw32),
+        format: "der",
+        type: "pkcs8",
+    });
+}
+function keyFromX25519Public(raw32) {
+    return (0, node_crypto_1.createPublicKey)({
+        key: derSpki(X25519_SPKI_PREFIX, raw32),
+        format: "der",
+        type: "spki",
+    });
+}
+function keyFromEd25519Private(seed32) {
+    return (0, node_crypto_1.createPrivateKey)({
+        key: derPkcs8(ED25519_PKCS8_PREFIX, seed32),
+        format: "der",
+        type: "pkcs8",
+    });
+}
+function keyFromEd25519Public(raw32) {
+    return (0, node_crypto_1.createPublicKey)({
+        key: derSpki(ED25519_SPKI_PREFIX, raw32),
+        format: "der",
+        type: "spki",
+    });
+}
+function rawPublicFromSpki(keyObject, prefix, label) {
+    const der = keyObject.export({ format: "der", type: "spki" });
+    if (!Buffer.isBuffer(der)) {
+        throw new TypeError(`${label} SPKI export must be a Buffer`);
+    }
+    if (der.byteLength !== prefix.length + 32) {
+        throw new Error(`${label} SPKI DER length mismatch`);
+    }
+    const exportedPrefix = der.subarray(0, prefix.length);
+    if (!(0, node_crypto_1.timingSafeEqual)(exportedPrefix, prefix)) {
+        throw new Error(`${label} SPKI DER prefix mismatch`);
+    }
+    const raw = new Uint8Array(der.buffer, der.byteOffset + prefix.length, 32);
+    return (0, assert_js_1.asBytes32)(raw, `${label} public key`);
+}
+function rawPublicFromX25519Spki(keyObject) {
+    return rawPublicFromSpki(keyObject, X25519_SPKI_PREFIX, "X25519");
+}
+function rawPublicFromEd25519Spki(keyObject) {
+    return rawPublicFromSpki(keyObject, ED25519_SPKI_PREFIX, "Ed25519");
+}
+//# sourceMappingURL=der.js.map

package/dist/cjs/internal/der.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"der.js","sourceRoot":"","sources":["../../../src/internal/der.ts"],"names":[],"mappings":";;AAkBA,4BAEC;AAED,0BAEC;AAED,oDAMC;AAED,kDAMC;AAED,sDAMC;AAED,oDAMC;AAoBD,0DAEC;AAED,4DAEC;AAlFD,6CAAiG;AAEjG,2CAAuD;AAEvD,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;AACnF,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;AAE1E,MAAM,oBAAoB,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;AACpF,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;AAE3E,SAAS,WAAW,CAAC,MAAc,EAAE,KAAiB,EAAE,SAAiB;IACvE,IAAA,yBAAa,EAAC,KAAK,EAAE,SAAS,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACnD,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACnB,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC9B,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAgB,QAAQ,CAAC,MAAc,EAAE,KAAiB;IACxD,OAAO,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,iBAAiB,CAAC,CAAC;AACvD,CAAC;AAED,SAAgB,OAAO,CAAC,MAAc,EAAE,KAAiB;IACvD,OAAO,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,gBAAgB,CAAC,CAAC;AACtD,CAAC;AAED,SAAgB,oBAAoB,CAAC,KAAc;IACjD,OAAO,IAAA,8BAAgB,EAAC;QACtB,GAAG,EAAE,QAAQ,CAAC,mBAAmB,EAAE,KAAK,CAAC;QACzC,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,OAAO;KACd,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,mBAAmB,CAAC,KAAc;IAChD,OAAO,IAAA,6BAAe,EAAC;QACrB,GAAG,EAAE,OAAO,CAAC,kBAAkB,EAAE,KAAK,CAAC;QACvC,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,qBAAqB,CAAC,MAAe;IACnD,OAAO,IAAA,8BAAgB,EAAC;QACtB,GAAG,EAAE,QAAQ,CAAC,oBAAoB,EAAE,MAAM,CAAC;QAC3C,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,OAAO;KACd,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,oBAAoB,CAAC,KAAc;IACjD,OAAO,IAAA,6BAAe,EAAC;QACrB,GAAG,EAAE,OAAO,CAAC,mBAAmB,EAAE,KAAK,CAAC;QACxC,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;AACL,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAoB,EAAE,MAAc,EAAE,KAAa;IAC5E,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;IAC9D,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,SAAS,CAAC,GAAG,KAAK,+BAA+B,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,GAAG,CAAC,UAAU,KAAK,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,2BAA2B,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,cAAc,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACtD,IAAI,CAAC,IAAA,6BAAe,EAAC,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,2BAA2B,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC3E,OAAO,IAAA,qBAAS,EAAC,GAAG,EAAE,GAAG,KAAK,aAAa,CAAC,CAAC;AAC/C,CAAC;AAED,SAAgB,uBAAuB,CAAC,SAAoB;IAC1D,OAAO,iBAAiB,CAAC,SAAS,EAAE,kBAAkB,EAAE,QAAQ,CAAC,CAAC;AACpE,CAAC;AAED,SAAgB,wBAAwB,CAAC,SAAoB;IAC3D,OAAO,iBAAiB,CAAC,SAAS,EAAE,mBAAmB,EAAE,SAAS,CAAC,CAAC;AACtE,CAAC"}

package/dist/cjs/package.json

@@ -0,0 +1,3 @@
+{
+  "type": "commonjs"
+}

package/dist/cjs/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/cjs/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":""}

package/dist/cjs/x25519.js

@@ -0,0 +1,53 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.publicKey = publicKey;
+exports.sharedKey = sharedKey;
+exports.generateKeyPair = generateKeyPair;
+const node_crypto_1 = require("node:crypto");
+const assert_js_1 = require("./internal/assert.js");
+const der_js_1 = require("./internal/der.js");
+function clampScalar(seed32) {
+    const clamped = new Uint8Array(32);
+    clamped.set(seed32);
+    clamped[0] = (clamped[0] ?? 0) & 248;
+    const last = clamped[31] ?? 0;
+    clamped[31] = (last & 127) | 64;
+    return (0, assert_js_1.asBytes32)(clamped, "clamped scalar");
+}
+/**
+ * Derives an X25519 public key from a raw 32-byte secret scalar.
+ */
+function publicKey(secretKey32) {
+    (0, assert_js_1.assertBytes32)(secretKey32, "secretKey32");
+    const privateKey = (0, der_js_1.keyFromX25519Private)(secretKey32);
+    return (0, der_js_1.rawPublicFromX25519Spki)((0, node_crypto_1.createPublicKey)(privateKey));
+}
+/**
+ * Computes X25519 ECDH shared secret (raw 32 bytes).
+ */
+function sharedKey(secretKey32, publicKey32) {
+    (0, assert_js_1.assertBytes32)(secretKey32, "secretKey32");
+    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
+    const shared = (0, node_crypto_1.diffieHellman)({
+        privateKey: (0, der_js_1.keyFromX25519Private)(secretKey32),
+        publicKey: (0, der_js_1.keyFromX25519Public)(publicKey32),
+    });
+    if (shared.byteLength !== 32) {
+        throw new Error(`X25519 shared secret must be 32 bytes, received ${shared.byteLength}`);
+    }
+    return (0, assert_js_1.asBytes32)(new Uint8Array(shared.buffer, shared.byteOffset, shared.byteLength), "sharedKey");
+}
+/**
+ * Deterministically creates an X25519 key pair from a 32-byte seed.
+ * The returned private key is explicitly clamped for stable output.
+ */
+function generateKeyPair(seed32) {
+    (0, assert_js_1.assertBytes32)(seed32, "seed32");
+    const privateKey = clampScalar(seed32);
+    const publicKey32 = publicKey(privateKey);
+    return {
+        public: publicKey32,
+        private: privateKey,
+    };
+}
+//# sourceMappingURL=x25519.js.map

package/dist/cjs/x25519.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"x25519.js","sourceRoot":"","sources":["../../src/x25519.ts"],"names":[],"mappings":";;AAqBA,8BAIC;AAKD,8BAaC;AAMD,0CAQC;AAzDD,6CAA6D;AAC7D,oDAAgE;AAChE,8CAI2B;AAG3B,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;IACrC,MAAM,IAAI,GAAG,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;IAChC,OAAO,IAAA,qBAAS,EAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAoB;IAC5C,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,IAAA,6BAAoB,EAAC,WAAW,CAAC,CAAC;IACrD,OAAO,IAAA,gCAAuB,EAAC,IAAA,6BAAe,EAAC,UAAU,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAoB,EAAE,WAAoB;IAClE,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,2BAAa,EAAC;QAC3B,UAAU,EAAE,IAAA,6BAAoB,EAAC,WAAW,CAAC;QAC7C,SAAS,EAAE,IAAA,4BAAmB,EAAC,WAAW,CAAC;KAC5C,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,mDAAmD,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,IAAA,qBAAS,EAAC,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC;AACrG,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,MAAe;IAC7C,IAAA,yBAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1C,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,UAAU;KACpB,CAAC;AACJ,CAAC"}

package/dist/ed25519.d.ts

@@ -0,0 +1,27 @@
+import type { Bytes32, Bytes64, KeyPair32 } from "./types.js";
+/**
+ * Derives an Ed25519 public key from a raw 32-byte seed.
+ */
+export declare function publicKey(secretSeed32: Bytes32): Bytes32;
+/**
+ * Deterministically creates an Ed25519 key pair from a 32-byte seed.
+ * The private key returned is the original 32-byte seed.
+ */
+export declare function generateKeyPair(seed32: Bytes32): KeyPair32;
+/**
+ * Signs a message with Ed25519 and returns the 64-byte detached signature.
+ */
+export declare function sign(secretSeed32: Bytes32, msg: Uint8Array): Bytes64;
+/**
+ * Verifies a detached Ed25519 signature.
+ */
+export declare function verify(publicKey32: Bytes32, msg: Uint8Array, signature64: Bytes64): boolean;
+/**
+ * Returns signature || message.
+ */
+export declare function signMessage(secretSeed32: Bytes32, msg: Uint8Array): Uint8Array;
+/**
+ * Verifies signature || message and returns a copy of the message if valid, else null.
+ */
+export declare function openMessage(publicKey32: Bytes32, signedMsg: Uint8Array): Uint8Array | null;
+//# sourceMappingURL=ed25519.d.ts.map

package/dist/ed25519.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ed25519.d.ts","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE9D;;GAEG;AACH,wBAAgB,SAAS,CAAC,YAAY,EAAE,OAAO,GAAG,OAAO,CAGxD;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,CAM1D;AAED;;GAEG;AACH,wBAAgB,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,GAAG,OAAO,CASpE;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAW3F;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,GAAG,UAAU,CAS9E;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,GAAG,UAAU,GAAG,IAAI,CAgB1F"}

package/dist/ed25519.js

@@ -0,0 +1,72 @@
+import { createPublicKey, sign as cryptoSign, verify as cryptoVerify } from "node:crypto";
+import { asBytes64, assertBytes32, assertBytes64, assertUint8Array, toBufferView } from "./internal/assert.js";
+import { keyFromEd25519Private, keyFromEd25519Public, rawPublicFromEd25519Spki } from "./internal/der.js";
+/**
+ * Derives an Ed25519 public key from a raw 32-byte seed.
+ */
+export function publicKey(secretSeed32) {
+    assertBytes32(secretSeed32, "secretSeed32");
+    return rawPublicFromEd25519Spki(createPublicKey(keyFromEd25519Private(secretSeed32)));
+}
+/**
+ * Deterministically creates an Ed25519 key pair from a 32-byte seed.
+ * The private key returned is the original 32-byte seed.
+ */
+export function generateKeyPair(seed32) {
+    assertBytes32(seed32, "seed32");
+    return {
+        public: publicKey(seed32),
+        private: seed32,
+    };
+}
+/**
+ * Signs a message with Ed25519 and returns the 64-byte detached signature.
+ */
+export function sign(secretSeed32, msg) {
+    assertBytes32(secretSeed32, "secretSeed32");
+    assertUint8Array(msg, "msg");
+    const signature = cryptoSign(null, toBufferView(msg), keyFromEd25519Private(secretSeed32));
+    if (signature.byteLength !== 64) {
+        throw new Error(`Ed25519 signature must be 64 bytes, received ${signature.byteLength}`);
+    }
+    return asBytes64(new Uint8Array(signature.buffer, signature.byteOffset, signature.byteLength), "signature");
+}
+/**
+ * Verifies a detached Ed25519 signature.
+ */
+export function verify(publicKey32, msg, signature64) {
+    assertBytes32(publicKey32, "publicKey32");
+    assertUint8Array(msg, "msg");
+    assertBytes64(signature64, "signature64");
+    return cryptoVerify(null, toBufferView(msg), keyFromEd25519Public(publicKey32), toBufferView(signature64));
+}
+/**
+ * Returns signature || message.
+ */
+export function signMessage(secretSeed32, msg) {
+    assertBytes32(secretSeed32, "secretSeed32");
+    assertUint8Array(msg, "msg");
+    const signature = sign(secretSeed32, msg);
+    const signed = new Uint8Array(64 + msg.byteLength);
+    signed.set(signature, 0);
+    signed.set(msg, 64);
+    return signed;
+}
+/**
+ * Verifies signature || message and returns a copy of the message if valid, else null.
+ */
+export function openMessage(publicKey32, signedMsg) {
+    assertBytes32(publicKey32, "publicKey32");
+    assertUint8Array(signedMsg, "signedMsg");
+    if (signedMsg.byteLength < 64) {
+        return null;
+    }
+    const signature64 = asBytes64(signedMsg.subarray(0, 64), "signedMsg signature");
+    const msg = signedMsg.subarray(64);
+    if (!verify(publicKey32, msg, signature64)) {
+        return null;
+    }
+    // Return a detached message copy to avoid retaining oversized parent buffers.
+    return new Uint8Array(msg);
+}
+//# sourceMappingURL=ed25519.js.map

package/dist/ed25519.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,IAAI,IAAI,UAAU,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,aAAa,CAAC;AAC1F,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,aAAa,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAC/G,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,mBAAmB,CAAC;AAG1G;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,YAAqB;IAC7C,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,OAAO,wBAAwB,CAAC,eAAe,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;AACxF,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,MAAe;IAC7C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC;QACzB,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,IAAI,CAAC,YAAqB,EAAE,GAAe;IACzD,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,EAAE,YAAY,CAAC,GAAG,CAAC,EAAE,qBAAqB,CAAC,YAAY,CAAC,CAAC,CAAC;IAC3F,IAAI,SAAS,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,gDAAgD,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC;AAC9G,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,MAAM,CAAC,WAAoB,EAAE,GAAe,EAAE,WAAoB;IAChF,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAE1C,OAAO,YAAY,CACjB,IAAI,EACJ,YAAY,CAAC,GAAG,CAAC,EACjB,oBAAoB,CAAC,WAAW,CAAC,EACjC,YAAY,CAAC,WAAW,CAAC,CAC1B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,YAAqB,EAAE,GAAe;IAChE,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAoB,EAAE,SAAqB;IACrE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAEzC,IAAI,SAAS,CAAC,UAAU,GAAG,EAAE,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8EAA8E;IAC9E,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,83 @@
+import * as ed25519Api from "./ed25519.js";
+import * as x25519Api from "./x25519.js";
+import type { Bytes32, Bytes64 } from "./types.js";
+export { asBytes32, asBytes64, assertBytes32, assertBytes64 } from "./internal/assert.js";
+export type { Bytes32, Bytes64, KeyPair32 } from "./types.js";
+/**
+ * Standard X25519 namespace.
+ */
+export declare const x25519: {
+    readonly publicKey: typeof x25519Api.publicKey;
+    readonly sharedKey: typeof x25519Api.sharedKey;
+    readonly generateKeyPair: typeof x25519Api.generateKeyPair;
+};
+/**
+ * Standard Ed25519 namespace.
+ */
+export declare const ed25519: {
+    readonly publicKey: typeof ed25519Api.publicKey;
+    readonly generateKeyPair: typeof ed25519Api.generateKeyPair;
+    readonly sign: typeof ed25519Api.sign;
+    readonly verify: typeof ed25519Api.verify;
+    readonly signMessage: typeof ed25519Api.signMessage;
+    readonly openMessage: typeof ed25519Api.openMessage;
+};
+/**
+ * Top-level compatibility alias for X25519 shared secret.
+ */
+export declare const sharedKey: typeof x25519Api.sharedKey;
+/**
+ * Top-level compatibility alias for X25519 deterministic key generation.
+ */
+export declare const generateKeyPair: typeof x25519Api.generateKeyPair;
+/**
+ * Explicit X25519 key generation helper.
+ */
+export declare const generateKeyPairX25519: typeof x25519Api.generateKeyPair;
+/**
+ * Explicit Ed25519 key generation helper.
+ */
+export declare const generateKeyPairEd25519: typeof ed25519Api.generateKeyPair;
+/**
+ * Compatibility wrapper for Ed25519 detached signing.
+ * opt_random from legacy curve25519-js/axlsign is intentionally unsupported.
+ */
+export declare function sign(secretSeed32: Bytes32, msg: Uint8Array, opt_random?: Uint8Array): Bytes64;
+/**
+ * Compatibility wrapper for Ed25519 signed-message mode.
+ * opt_random from legacy curve25519-js/axlsign is intentionally unsupported.
+ */
+export declare function signMessage(secretSeed32: Bytes32, msg: Uint8Array, opt_random?: Uint8Array): Uint8Array;
+/**
+ * Top-level compatibility alias for signed-message verification/open.
+ */
+export declare const openMessage: typeof ed25519Api.openMessage;
+/**
+ * Top-level compatibility alias for detached signature verification.
+ */
+export declare const verify: typeof ed25519Api.verify;
+declare const api: {
+    readonly x25519: {
+        readonly publicKey: typeof x25519Api.publicKey;
+        readonly sharedKey: typeof x25519Api.sharedKey;
+        readonly generateKeyPair: typeof x25519Api.generateKeyPair;
+    };
+    readonly ed25519: {
+        readonly publicKey: typeof ed25519Api.publicKey;
+        readonly generateKeyPair: typeof ed25519Api.generateKeyPair;
+        readonly sign: typeof ed25519Api.sign;
+        readonly verify: typeof ed25519Api.verify;
+        readonly signMessage: typeof ed25519Api.signMessage;
+        readonly openMessage: typeof ed25519Api.openMessage;
+    };
+    readonly sharedKey: typeof x25519Api.sharedKey;
+    readonly generateKeyPair: typeof x25519Api.generateKeyPair;
+    readonly generateKeyPairX25519: typeof x25519Api.generateKeyPair;
+    readonly generateKeyPairEd25519: typeof ed25519Api.generateKeyPair;
+    readonly sign: typeof sign;
+    readonly signMessage: typeof signMessage;
+    readonly openMessage: typeof ed25519Api.openMessage;
+    readonly verify: typeof ed25519Api.verify;
+};
+export default api;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AACzC,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAa,MAAM,YAAY,CAAC;AAE9D,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1F,YAAY,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE9D;;GAEG;AACH,eAAO,MAAM,MAAM;;;;CAIT,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,OAAO;;;;;;;CAOV,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,SAAS,4BAAmB,CAAC;AAE1C;;GAEG;AACH,eAAO,MAAM,eAAe,kCAAyB,CAAC;AAEtD;;GAEG;AACH,eAAO,MAAM,qBAAqB,kCAAyB,CAAC;AAE5D;;GAEG;AACH,eAAO,MAAM,sBAAsB,mCAA0B,CAAC;AAE9D;;;GAGG;AACH,wBAAgB,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,OAAO,CAI7F;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,UAAU,CAIvG;AAED;;GAEG;AACH,eAAO,MAAM,WAAW,+BAAsB,CAAC;AAE/C;;GAEG;AACH,eAAO,MAAM,MAAM,0BAAiB,CAAC;AAErC,QAAA,MAAM,GAAG;;;;;;;;;;;;;;;;;;;;;;CAWC,CAAC;AAEX,eAAe,GAAG,CAAC"}

package/dist/index.js

@@ -0,0 +1,79 @@
+import { assertNoOptRandom, assertUint8Array } from "./internal/assert.js";
+import * as ed25519Api from "./ed25519.js";
+import * as x25519Api from "./x25519.js";
+export { asBytes32, asBytes64, assertBytes32, assertBytes64 } from "./internal/assert.js";
+/**
+ * Standard X25519 namespace.
+ */
+export const x25519 = {
+    publicKey: x25519Api.publicKey,
+    sharedKey: x25519Api.sharedKey,
+    generateKeyPair: x25519Api.generateKeyPair,
+};
+/**
+ * Standard Ed25519 namespace.
+ */
+export const ed25519 = {
+    publicKey: ed25519Api.publicKey,
+    generateKeyPair: ed25519Api.generateKeyPair,
+    sign: ed25519Api.sign,
+    verify: ed25519Api.verify,
+    signMessage: ed25519Api.signMessage,
+    openMessage: ed25519Api.openMessage,
+};
+/**
+ * Top-level compatibility alias for X25519 shared secret.
+ */
+export const sharedKey = x25519.sharedKey;
+/**
+ * Top-level compatibility alias for X25519 deterministic key generation.
+ */
+export const generateKeyPair = x25519.generateKeyPair;
+/**
+ * Explicit X25519 key generation helper.
+ */
+export const generateKeyPairX25519 = x25519.generateKeyPair;
+/**
+ * Explicit Ed25519 key generation helper.
+ */
+export const generateKeyPairEd25519 = ed25519.generateKeyPair;
+/**
+ * Compatibility wrapper for Ed25519 detached signing.
+ * opt_random from legacy curve25519-js/axlsign is intentionally unsupported.
+ */
+export function sign(secretSeed32, msg, opt_random) {
+    assertUint8Array(msg, "msg");
+    assertNoOptRandom(opt_random, "sign");
+    return ed25519.sign(secretSeed32, msg);
+}
+/**
+ * Compatibility wrapper for Ed25519 signed-message mode.
+ * opt_random from legacy curve25519-js/axlsign is intentionally unsupported.
+ */
+export function signMessage(secretSeed32, msg, opt_random) {
+    assertUint8Array(msg, "msg");
+    assertNoOptRandom(opt_random, "signMessage");
+    return ed25519.signMessage(secretSeed32, msg);
+}
+/**
+ * Top-level compatibility alias for signed-message verification/open.
+ */
+export const openMessage = ed25519.openMessage;
+/**
+ * Top-level compatibility alias for detached signature verification.
+ */
+export const verify = ed25519.verify;
+const api = {
+    x25519,
+    ed25519,
+    sharedKey,
+    generateKeyPair,
+    generateKeyPairX25519,
+    generateKeyPairEd25519,
+    sign,
+    signMessage,
+    openMessage,
+    verify,
+};
+export default api;
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAC3E,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,KAAK,SAAS,MAAM,aAAa,CAAC;AAGzC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAG1F;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG;IACpB,SAAS,EAAE,SAAS,CAAC,SAAS;IAC9B,SAAS,EAAE,SAAS,CAAC,SAAS;IAC9B,eAAe,EAAE,SAAS,CAAC,eAAe;CAClC,CAAC;AAEX;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,SAAS,EAAE,UAAU,CAAC,SAAS;IAC/B,eAAe,EAAE,UAAU,CAAC,eAAe;IAC3C,IAAI,EAAE,UAAU,CAAC,IAAI;IACrB,MAAM,EAAE,UAAU,CAAC,MAAM;IACzB,WAAW,EAAE,UAAU,CAAC,WAAW;IACnC,WAAW,EAAE,UAAU,CAAC,WAAW;CAC3B,CAAC;AAEX;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;AAE1C;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;AAEtD;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,MAAM,CAAC,eAAe,CAAC;AAE5D;;GAEG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,OAAO,CAAC,eAAe,CAAC;AAE9D;;;GAGG;AACH,MAAM,UAAU,IAAI,CAAC,YAAqB,EAAE,GAAe,EAAE,UAAuB;IAClF,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,iBAAiB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IACtC,OAAO,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;AACzC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,YAAqB,EAAE,GAAe,EAAE,UAAuB;IACzF,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,iBAAiB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAC7C,OAAO,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;AAE/C;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;AAErC,MAAM,GAAG,GAAG;IACV,MAAM;IACN,OAAO;IACP,SAAS;IACT,eAAe;IACf,qBAAqB;IACrB,sBAAsB;IACtB,IAAI;IACJ,WAAW;IACX,WAAW;IACX,MAAM;CACE,CAAC;AAEX,eAAe,GAAG,CAAC"}

package/dist/internal/assert.d.ts

@@ -0,0 +1,9 @@
+import type { Bytes32, Bytes64 } from "../types.js";
+export declare function assertUint8Array(value: unknown, name: string): asserts value is Uint8Array;
+export declare function assertBytes32(value: Uint8Array, name?: string): asserts value is Bytes32;
+export declare function assertBytes64(value: Uint8Array, name?: string): asserts value is Bytes64;
+export declare function asBytes32(value: Uint8Array, name?: string): Bytes32;
+export declare function asBytes64(value: Uint8Array, name?: string): Bytes64;
+export declare function assertNoOptRandom(optRandom: unknown, fnName: string): void;
+export declare function toBufferView(value: Uint8Array): Buffer;
+//# sourceMappingURL=assert.d.ts.map

package/dist/internal/assert.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"assert.d.ts","sourceRoot":"","sources":["../../src/internal/assert.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAEpD,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,IAAI,UAAU,CAK1F;AAQD,wBAAgB,aAAa,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,SAAU,GAAG,OAAO,CAAC,KAAK,IAAI,OAAO,CAGzF;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,SAAU,GAAG,OAAO,CAAC,KAAK,IAAI,OAAO,CAGzF;AAED,wBAAgB,SAAS,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,SAAU,GAAG,OAAO,CAGpE;AAED,wBAAgB,SAAS,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,SAAU,GAAG,OAAO,CAGpE;AAED,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI,CAO1E;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAEtD"}

package/dist/internal/assert.js

@@ -0,0 +1,37 @@
+export function assertUint8Array(value, name) {
+    if (!(value instanceof Uint8Array)) {
+        const actual = value === null ? "null" : typeof value;
+        throw new TypeError(`${name} must be a Uint8Array, received ${actual}`);
+    }
+}
+function assertLength(value, expected, name) {
+    if (value.byteLength !== expected) {
+        throw new RangeError(`${name} must be ${expected} bytes, received ${value.byteLength}`);
+    }
+}
+export function assertBytes32(value, name = "value") {
+    assertUint8Array(value, name);
+    assertLength(value, 32, name);
+}
+export function assertBytes64(value, name = "value") {
+    assertUint8Array(value, name);
+    assertLength(value, 64, name);
+}
+export function asBytes32(value, name = "value") {
+    assertBytes32(value, name);
+    return value;
+}
+export function asBytes64(value, name = "value") {
+    assertBytes64(value, name);
+    return value;
+}
+export function assertNoOptRandom(optRandom, fnName) {
+    if (optRandom !== undefined) {
+        throw new Error(`${fnName} does not support opt_random with node:crypto Ed25519. ` +
+            "Remove the third argument and use deterministic Ed25519 signing.");
+    }
+}
+export function toBufferView(value) {
+    return Buffer.from(value.buffer, value.byteOffset, value.byteLength);
+}
+//# sourceMappingURL=assert.js.map

package/dist/internal/assert.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"assert.js","sourceRoot":"","sources":["../../src/internal/assert.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,gBAAgB,CAAC,KAAc,EAAE,IAAY;IAC3D,IAAI,CAAC,CAAC,KAAK,YAAY,UAAU,CAAC,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC;QACtD,MAAM,IAAI,SAAS,CAAC,GAAG,IAAI,mCAAmC,MAAM,EAAE,CAAC,CAAC;IAC1E,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,KAAiB,EAAE,QAAgB,EAAE,IAAY;IACrE,IAAI,KAAK,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QAClC,MAAM,IAAI,UAAU,CAAC,GAAG,IAAI,YAAY,QAAQ,oBAAoB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IAC7D,gBAAgB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC9B,YAAY,CAAC,KAAK,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IAC7D,gBAAgB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC9B,YAAY,CAAC,KAAK,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IACzD,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC3B,OAAO,KAAgB,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAiB,EAAE,IAAI,GAAG,OAAO;IACzD,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC3B,OAAO,KAAgB,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,SAAkB,EAAE,MAAc;IAClE,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,yDAAyD;YAChE,kEAAkE,CACrE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,KAAiB;IAC5C,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;AACvE,CAAC"}

package/dist/internal/der.d.ts

@@ -0,0 +1,11 @@
+import { type KeyObject } from "node:crypto";
+import type { Bytes32 } from "../types.js";
+export declare function derPkcs8(prefix: Buffer, raw32: Uint8Array): Buffer;
+export declare function derSpki(prefix: Buffer, raw32: Uint8Array): Buffer;
+export declare function keyFromX25519Private(raw32: Bytes32): KeyObject;
+export declare function keyFromX25519Public(raw32: Bytes32): KeyObject;
+export declare function keyFromEd25519Private(seed32: Bytes32): KeyObject;
+export declare function keyFromEd25519Public(raw32: Bytes32): KeyObject;
+export declare function rawPublicFromX25519Spki(keyObject: KeyObject): Bytes32;
+export declare function rawPublicFromEd25519Spki(keyObject: KeyObject): Bytes32;
+//# sourceMappingURL=der.d.ts.map

package/dist/internal/der.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"der.d.ts","sourceRoot":"","sources":["../../src/internal/der.ts"],"names":[],"mappings":"AAAA,OAAO,EAAsD,KAAK,SAAS,EAAE,MAAM,aAAa,CAAC;AACjG,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAiB3C,wBAAgB,QAAQ,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,GAAG,MAAM,CAElE;AAED,wBAAgB,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,GAAG,MAAM,CAEjE;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,SAAS,CAM9D;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,SAAS,CAM7D;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,CAMhE;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,SAAS,CAM9D;AAoBD,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAErE;AAED,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAEtE"}

package/dist/internal/der.js

@@ -0,0 +1,69 @@
+import { createPrivateKey, createPublicKey, timingSafeEqual } from "node:crypto";
+import { asBytes32, assertBytes32 } from "./assert.js";
+const X25519_PKCS8_PREFIX = Buffer.from("302e020100300506032b656e04220420", "hex");
+const X25519_SPKI_PREFIX = Buffer.from("302a300506032b656e032100", "hex");
+const ED25519_PKCS8_PREFIX = Buffer.from("302e020100300506032b657004220420", "hex");
+const ED25519_SPKI_PREFIX = Buffer.from("302a300506032b6570032100", "hex");
+function appendRaw32(prefix, raw32, inputName) {
+    assertBytes32(raw32, inputName);
+    const out = Buffer.allocUnsafe(prefix.length + 32);
+    out.set(prefix, 0);
+    out.set(raw32, prefix.length);
+    return out;
+}
+export function derPkcs8(prefix, raw32) {
+    return appendRaw32(prefix, raw32, "raw private key");
+}
+export function derSpki(prefix, raw32) {
+    return appendRaw32(prefix, raw32, "raw public key");
+}
+export function keyFromX25519Private(raw32) {
+    return createPrivateKey({
+        key: derPkcs8(X25519_PKCS8_PREFIX, raw32),
+        format: "der",
+        type: "pkcs8",
+    });
+}
+export function keyFromX25519Public(raw32) {
+    return createPublicKey({
+        key: derSpki(X25519_SPKI_PREFIX, raw32),
+        format: "der",
+        type: "spki",
+    });
+}
+export function keyFromEd25519Private(seed32) {
+    return createPrivateKey({
+        key: derPkcs8(ED25519_PKCS8_PREFIX, seed32),
+        format: "der",
+        type: "pkcs8",
+    });
+}
+export function keyFromEd25519Public(raw32) {
+    return createPublicKey({
+        key: derSpki(ED25519_SPKI_PREFIX, raw32),
+        format: "der",
+        type: "spki",
+    });
+}
+function rawPublicFromSpki(keyObject, prefix, label) {
+    const der = keyObject.export({ format: "der", type: "spki" });
+    if (!Buffer.isBuffer(der)) {
+        throw new TypeError(`${label} SPKI export must be a Buffer`);
+    }
+    if (der.byteLength !== prefix.length + 32) {
+        throw new Error(`${label} SPKI DER length mismatch`);
+    }
+    const exportedPrefix = der.subarray(0, prefix.length);
+    if (!timingSafeEqual(exportedPrefix, prefix)) {
+        throw new Error(`${label} SPKI DER prefix mismatch`);
+    }
+    const raw = new Uint8Array(der.buffer, der.byteOffset + prefix.length, 32);
+    return asBytes32(raw, `${label} public key`);
+}
+export function rawPublicFromX25519Spki(keyObject) {
+    return rawPublicFromSpki(keyObject, X25519_SPKI_PREFIX, "X25519");
+}
+export function rawPublicFromEd25519Spki(keyObject) {
+    return rawPublicFromSpki(keyObject, ED25519_SPKI_PREFIX, "Ed25519");
+}
+//# sourceMappingURL=der.js.map

package/dist/internal/der.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"der.js","sourceRoot":"","sources":["../../src/internal/der.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,eAAe,EAAkB,MAAM,aAAa,CAAC;AAEjG,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAEvD,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;AACnF,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;AAE1E,MAAM,oBAAoB,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;AACpF,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;AAE3E,SAAS,WAAW,CAAC,MAAc,EAAE,KAAiB,EAAE,SAAiB;IACvE,aAAa,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACnD,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACnB,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC9B,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,MAAc,EAAE,KAAiB;IACxD,OAAO,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,iBAAiB,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,MAAc,EAAE,KAAiB;IACvD,OAAO,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,gBAAgB,CAAC,CAAC;AACtD,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,KAAc;IACjD,OAAO,gBAAgB,CAAC;QACtB,GAAG,EAAE,QAAQ,CAAC,mBAAmB,EAAE,KAAK,CAAC;QACzC,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,OAAO;KACd,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,OAAO,eAAe,CAAC;QACrB,GAAG,EAAE,OAAO,CAAC,kBAAkB,EAAE,KAAK,CAAC;QACvC,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAAe;IACnD,OAAO,gBAAgB,CAAC;QACtB,GAAG,EAAE,QAAQ,CAAC,oBAAoB,EAAE,MAAM,CAAC;QAC3C,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,OAAO;KACd,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,KAAc;IACjD,OAAO,eAAe,CAAC;QACrB,GAAG,EAAE,OAAO,CAAC,mBAAmB,EAAE,KAAK,CAAC;QACxC,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;AACL,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAoB,EAAE,MAAc,EAAE,KAAa;IAC5E,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;IAC9D,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,SAAS,CAAC,GAAG,KAAK,+BAA+B,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,GAAG,CAAC,UAAU,KAAK,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,2BAA2B,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,cAAc,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACtD,IAAI,CAAC,eAAe,CAAC,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,2BAA2B,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC3E,OAAO,SAAS,CAAC,GAAG,EAAE,GAAG,KAAK,aAAa,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,SAAoB;IAC1D,OAAO,iBAAiB,CAAC,SAAS,EAAE,kBAAkB,EAAE,QAAQ,CAAC,CAAC;AACpE,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,SAAoB;IAC3D,OAAO,iBAAiB,CAAC,SAAS,EAAE,mBAAmB,EAAE,SAAS,CAAC,CAAC;AACtE,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,14 @@
+declare const bytes32Brand: unique symbol;
+declare const bytes64Brand: unique symbol;
+export type Bytes32 = Uint8Array & {
+    readonly __brand: typeof bytes32Brand;
+};
+export type Bytes64 = Uint8Array & {
+    readonly __brand: typeof bytes64Brand;
+};
+export interface KeyPair32 {
+    public: Bytes32;
+    private: Bytes32;
+}
+export {};
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,YAAY,EAAE,OAAO,MAAM,CAAC;AAC1C,OAAO,CAAC,MAAM,YAAY,EAAE,OAAO,MAAM,CAAC;AAE1C,MAAM,MAAM,OAAO,GAAG,UAAU,GAAG;IAAE,QAAQ,CAAC,OAAO,EAAE,OAAO,YAAY,CAAA;CAAE,CAAC;AAC7E,MAAM,MAAM,OAAO,GAAG,UAAU,GAAG;IAAE,QAAQ,CAAC,OAAO,EAAE,OAAO,YAAY,CAAA;CAAE,CAAC;AAE7E,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;CAClB"}

package/dist/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/dist/x25519.d.ts

@@ -0,0 +1,15 @@
+import type { Bytes32, KeyPair32 } from "./types.js";
+/**
+ * Derives an X25519 public key from a raw 32-byte secret scalar.
+ */
+export declare function publicKey(secretKey32: Bytes32): Bytes32;
+/**
+ * Computes X25519 ECDH shared secret (raw 32 bytes).
+ */
+export declare function sharedKey(secretKey32: Bytes32, publicKey32: Bytes32): Bytes32;
+/**
+ * Deterministically creates an X25519 key pair from a 32-byte seed.
+ * The returned private key is explicitly clamped for stable output.
+ */
+export declare function generateKeyPair(seed32: Bytes32): KeyPair32;
+//# sourceMappingURL=x25519.d.ts.map

package/dist/x25519.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"x25519.d.ts","sourceRoot":"","sources":["../src/x25519.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAWrD;;GAEG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,OAAO,GAAG,OAAO,CAIvD;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAa7E;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,CAQ1D"}

package/dist/x25519.js

@@ -0,0 +1,48 @@
+import { createPublicKey, diffieHellman } from "node:crypto";
+import { asBytes32, assertBytes32 } from "./internal/assert.js";
+import { keyFromX25519Private, keyFromX25519Public, rawPublicFromX25519Spki, } from "./internal/der.js";
+function clampScalar(seed32) {
+    const clamped = new Uint8Array(32);
+    clamped.set(seed32);
+    clamped[0] = (clamped[0] ?? 0) & 248;
+    const last = clamped[31] ?? 0;
+    clamped[31] = (last & 127) | 64;
+    return asBytes32(clamped, "clamped scalar");
+}
+/**
+ * Derives an X25519 public key from a raw 32-byte secret scalar.
+ */
+export function publicKey(secretKey32) {
+    assertBytes32(secretKey32, "secretKey32");
+    const privateKey = keyFromX25519Private(secretKey32);
+    return rawPublicFromX25519Spki(createPublicKey(privateKey));
+}
+/**
+ * Computes X25519 ECDH shared secret (raw 32 bytes).
+ */
+export function sharedKey(secretKey32, publicKey32) {
+    assertBytes32(secretKey32, "secretKey32");
+    assertBytes32(publicKey32, "publicKey32");
+    const shared = diffieHellman({
+        privateKey: keyFromX25519Private(secretKey32),
+        publicKey: keyFromX25519Public(publicKey32),
+    });
+    if (shared.byteLength !== 32) {
+        throw new Error(`X25519 shared secret must be 32 bytes, received ${shared.byteLength}`);
+    }
+    return asBytes32(new Uint8Array(shared.buffer, shared.byteOffset, shared.byteLength), "sharedKey");
+}
+/**
+ * Deterministically creates an X25519 key pair from a 32-byte seed.
+ * The returned private key is explicitly clamped for stable output.
+ */
+export function generateKeyPair(seed32) {
+    assertBytes32(seed32, "seed32");
+    const privateKey = clampScalar(seed32);
+    const publicKey32 = publicKey(privateKey);
+    return {
+        public: publicKey32,
+        private: privateKey,
+    };
+}
+//# sourceMappingURL=x25519.js.map

package/dist/x25519.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"x25519.js","sourceRoot":"","sources":["../src/x25519.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAChE,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,mBAAmB,CAAC;AAG3B,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;IACrC,MAAM,IAAI,GAAG,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;IAChC,OAAO,SAAS,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,WAAoB;IAC5C,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;IACrD,OAAO,uBAAuB,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,WAAoB,EAAE,WAAoB;IAClE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,aAAa,CAAC;QAC3B,UAAU,EAAE,oBAAoB,CAAC,WAAW,CAAC;QAC7C,SAAS,EAAE,mBAAmB,CAAC,WAAW,CAAC;KAC5C,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,mDAAmD,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC;AACrG,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,MAAe;IAC7C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1C,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,UAAU;KACpB,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,77 @@
+{
+  "name": "@unknownncat/curve25519-node",
+  "version": "1.0.0",
+  "description": "Modern zero-dependency X25519 + Ed25519 for Node.js using OpenSSL via node:crypto",
+  "keywords": [
+    "curve25519",
+    "x25519",
+    "ed25519",
+    "crypto",
+    "cryptography",
+    "openssl",
+    "node"
+  ],
+  "homepage": "https://github.com/unknownncat/curve25519-node#readme",
+  "bugs": {
+    "url": "https://github.com/unknownncat/curve25519-node/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/unknownncat/curve25519-node.git"
+  },
+  "license": "MIT",
+  "author": "unknownncat",
+  "type": "module",
+  "sideEffects": false,
+  "main": "./dist/cjs/index.js",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/cjs/index.js",
+      "default": "./dist/index.js"
+    },
+    "./x25519": {
+      "types": "./dist/x25519.d.ts",
+      "import": "./dist/x25519.js",
+      "require": "./dist/cjs/x25519.js",
+      "default": "./dist/x25519.js"
+    },
+    "./ed25519": {
+      "types": "./dist/ed25519.d.ts",
+      "import": "./dist/ed25519.js",
+      "require": "./dist/cjs/ed25519.js",
+      "default": "./dist/ed25519.js"
+    },
+    "./types": {
+      "types": "./dist/types.d.ts",
+      "import": "./dist/types.js",
+      "require": "./dist/cjs/types.js",
+      "default": "./dist/types.js"
+    },
+    "./package.json": "./package.json"
+  },
+  "files": [
+    "dist/**/*",
+    "README.md",
+    "LICENSE"
+  ],
+  "engines": {
+    "node": ">=20"
+  },
+  "scripts": {
+    "clean": "node scripts/clean.mjs",
+    "build:esm": "tsc -p tsconfig.json",
+    "build:cjs": "tsc -p tsconfig.cjs.json && node scripts/write-cjs-package-json.mjs",
+    "build": "npm run clean && npm run build:esm && npm run build:cjs",
+    "test": "npm run build && node --test \"test/*.test.mjs\"",
+    "prepack": "npm run test",
+    "prepublishOnly": "npm run test"
+  },
+  "devDependencies": {
+    "@types/node": "^22.18.6",
+    "typescript": "^5.9.2"
+  }
+}