@unknownncat/curve25519-node 2.1.0 → 2.1.2

package/README.md

@@ -1,422 +1,65 @@
 # @unknownncat/curve25519-node
 
-> 🇺🇸 English version: [README.en.md](./README.en.md)
+> English version: [README.en.md](./README.en.md)
 
-Implementação sem dependências de runtime de:
+Implementacao para Node.js com API limpa:
 
-- X25519 + Ed25519 (modo moderno via OpenSSL em `node:crypto`)
-- X25519 + Ed25519 (modo moderno opcional via WASM)
-- axlsign legado (modo opcional via WASM, compatível com `curve25519-js`)
+- `x25519` e `ed25519` via `node:crypto` (OpenSSL)
+- `axlsign` compativel com legado, acelerado por backend Rust/WASM interno
+- sem namespace `wasm`
+- sem namespace `napi`
 
-[![npm](https://img.shields.io/npm/v/@unknownncat/curve25519-node)](https://www.npmjs.com/package/@unknownncat/curve25519-node)
-[![node](https://img.shields.io/badge/node-%3E%3D20-339933?logo=node.js&logoColor=white)](https://nodejs.org/)
-[![types](https://img.shields.io/badge/types-included-blue)](./dist/index.d.ts)
-![runtime deps](https://img.shields.io/badge/runtime%20deps-0-brightgreen)
-![esm+cjs](https://img.shields.io/badge/ESM%20%2B%20CJS-compatible-blue)
-[![license](https://img.shields.io/badge/license-MIT-green)](./LICENSE)
-
-- Node: `>= 20`
-- Dependências de runtime: `0`
-- TypeScript: `strict`
-- Formatos de módulo: ESM + CJS
-
----
-
-## Instalação
+## Instalar
 
 ```bash
 npm i @unknownncat/curve25519-node
 ```
 
----
-
-## Uso Rápido
+## Uso rapido
 
 ```ts
 import { randomBytes } from "node:crypto";
-import { asBytes32, x25519, ed25519 } from "@unknownncat/curve25519-node";
+import { asBytes32, x25519, ed25519, axlsign } from "@unknownncat/curve25519-node";
 
-const aliceSeed = asBytes32(randomBytes(32));
-const bobSeed = asBytes32(randomBytes(32));
+const seedA = asBytes32(randomBytes(32));
+const seedB = asBytes32(randomBytes(32));
 
-const aliceX = x25519.generateKeyPair(aliceSeed);
-const bobX = x25519.generateKeyPair(bobSeed);
+const alice = x25519.generateKeyPair(seedA);
+const bob = x25519.generateKeyPair(seedB);
+const shared = x25519.sharedKey(alice.private, bob.public);
 
-const segredo1 = x25519.sharedKey(aliceX.private, bobX.public);
-const segredo2 = x25519.sharedKey(bobX.private, aliceX.public);
-// segredo1 === segredo2
-
-const signerSeed = asBytes32(randomBytes(32));
-const signer = ed25519.generateKeyPair(signerSeed);
 const msg = new TextEncoder().encode("hello");
+const sig = ed25519.sign(seedA, msg);
+const ok = ed25519.verify(ed25519.publicKey(seedA), msg, sig);
 
-const sig = ed25519.sign(signerSeed, msg);
-const ok = ed25519.verify(signer.public, msg, sig);
+const axlSig = axlsign.sign(alice.private, msg, randomBytes(64));
+const axlOk = axlsign.verify(alice.public, msg, axlSig);
 ```
 
 CommonJS:
 
 ```js
-const { x25519, ed25519, asBytes32 } = require("@unknownncat/curve25519-node");
-```
-
-Legado axlsign via WASM:
-
-```ts
-import { asBytes32, axlsign } from "@unknownncat/curve25519-node";
-
-const seed = asBytes32(new Uint8Array(32));
-const kp = axlsign.generateKeyPair(seed); // X25519 keypair compatível com curve25519-js
-const sig = axlsign.sign(kp.private, new TextEncoder().encode("hello"), new Uint8Array(64));
-const ok = axlsign.verify(kp.public, new TextEncoder().encode("hello"), sig);
-```
-
-Moderno via WASM (`wasm`):
-
-```ts
-import { asBytes32, wasm } from "@unknownncat/curve25519-node";
-
-const seed = asBytes32(new Uint8Array(32));
-const kp = wasm.x25519.generateKeyPair(seed);
-const shared = wasm.x25519.sharedKey(kp.private, kp.public);
-
-const msg = new TextEncoder().encode("hello");
-const sig = wasm.ed25519.sign(seed, msg);
-const ok = wasm.ed25519.verify(wasm.ed25519.publicKey(seed), msg, sig);
-```
-
----
-
-## API
-
-### `x25519`
-
-- `createPrivateKeyObject(secretKey32: Bytes32): KeyObject`
-- `createPublicKeyObject(publicKey32: Bytes32): KeyObject`
-- `publicKeyFromPrivateKeyObject(privateKey: KeyObject): Bytes32`
-- `publicKey(secretKey32: Bytes32): Bytes32`
-- `sharedKeyFromKeyObjects(privateKey: KeyObject, publicKey: KeyObject): Bytes32`
-- `sharedKey(secretKey32: Bytes32, publicKey32: Bytes32): Bytes32`
-- `sharedKeyStrict(secretKey32: Bytes32, publicKey32: Bytes32): Bytes32` (rejeita segredo all-zero)
-- `sharedKeyStrictFromKeyObjects(privateKey: KeyObject, publicKey: KeyObject): Bytes32` (rejeita segredo all-zero)
-- `isAllZero32(bytes32: Bytes32): boolean`
-- `generateKeyPair(seed32: Bytes32): { public: Bytes32; private: Bytes32 }`
-
-### `ed25519`
-
-- `createPrivateKeyObject(secretSeed32: Bytes32): KeyObject`
-- `createPublicKeyObject(publicKey32: Bytes32): KeyObject`
-- `publicKeyFromPrivateKeyObject(privateKey: KeyObject): Bytes32`
-- `publicKey(secretSeed32: Bytes32): Bytes32`
-- `generateKeyPair(seed32: Bytes32): { public: Bytes32; private: Bytes32 }`
-- `sign(secretSeed32: Bytes32, msg: Uint8Array): Bytes64`
-- `signWithPrivateKey(privateKey: KeyObject, msg: Uint8Array): Bytes64`
-- `verify(publicKey32: Bytes32, msg: Uint8Array, signature64: Bytes64): boolean`
-- `verifyWithPublicKey(publicKey: KeyObject, msg: Uint8Array, signature64: Bytes64): boolean`
-- `signMessage(secretSeed32: Bytes32, msg: Uint8Array): Uint8Array` (`assinatura || mensagem`)
-- `openMessage(publicKey32: Bytes32, signedMsg: Uint8Array): Uint8Array | null`
-
-### `axlsign` (compatibilidade legado, via WASM)
-
-- `publicKey(secretKey32: Bytes32): Bytes32`
-- `sharedKey(secretKey32: Bytes32, publicKey32: Bytes32): Bytes32`
-- `generateKeyPair(seed32: Bytes32): { public: Bytes32; private: Bytes32 }`
-- `sign(secretKey32: Bytes32, msg: Uint8Array, opt_random?: Bytes64): Bytes64`
-- `verify(publicKey32: Bytes32, msg: Uint8Array, signature64: Bytes64): boolean`
-- `signMessage(secretKey32: Bytes32, msg: Uint8Array, opt_random?: Bytes64): Uint8Array`
-- `openMessage(publicKey32: Bytes32, signedMsg: Uint8Array): Uint8Array | null`
-
-### `wasm` (modo moderno opcional, via WASM)
-
-`wasm.x25519`:
-
-- `createPrivateKeyObject(secretKey32: Bytes32): WasmX25519PrivateKeyObject`
-- `createPublicKeyObject(publicKey32: Bytes32): WasmX25519PublicKeyObject`
-- `publicKeyFromPrivateKeyObject(privateKey: WasmX25519PrivateKeyObject): Bytes32`
-- `publicKey(secretKey32: Bytes32): Bytes32`
-- `sharedKeyFromKeyObjects(privateKey: WasmX25519PrivateKeyObject, publicKey: WasmX25519PublicKeyObject): Bytes32`
-- `sharedKey(secretKey32: Bytes32, publicKey32: Bytes32): Bytes32`
-- `sharedKeyStrict(secretKey32: Bytes32, publicKey32: Bytes32): Bytes32` (rejeita segredo all-zero)
-- `sharedKeyStrictFromKeyObjects(privateKey: WasmX25519PrivateKeyObject, publicKey: WasmX25519PublicKeyObject): Bytes32` (rejeita segredo all-zero)
-- `isAllZero32(bytes32: Bytes32): boolean`
-- `generateKeyPair(seed32: Bytes32): { public: Bytes32; private: Bytes32 }`
-
-`wasm.ed25519`:
-
-- `createPrivateKeyObject(secretSeed32: Bytes32): WasmEd25519PrivateKeyObject`
-- `createPublicKeyObject(publicKey32: Bytes32): WasmEd25519PublicKeyObject`
-- `publicKeyFromPrivateKeyObject(privateKey: WasmEd25519PrivateKeyObject): Bytes32`
-- `publicKey(secretSeed32: Bytes32): Bytes32`
-- `generateKeyPair(seed32: Bytes32): { public: Bytes32; private: Bytes32 }`
-- `sign(secretSeed32: Bytes32, msg: Uint8Array): Bytes64`
-- `signWithPrivateKey(privateKey: WasmEd25519PrivateKeyObject, msg: Uint8Array): Bytes64`
-- `verify(publicKey32: Bytes32, msg: Uint8Array, signature64: Bytes64): boolean`
-- `verifyWithPublicKey(publicKey: WasmEd25519PublicKeyObject, msg: Uint8Array, signature64: Bytes64): boolean`
-- `signMessage(secretSeed32: Bytes32, msg: Uint8Array): Uint8Array`
-- `openMessage(publicKey32: Bytes32, signedMsg: Uint8Array): Uint8Array | null`
-
-### Aliases de compatibilidade (top-level)
-
-- `sharedKey = x25519.sharedKey`
-- `sharedKeyStrict = x25519.sharedKeyStrict`
-- `generateKeyPair = x25519.generateKeyPair`
-- `sign`, `verify`, `signMessage`, `openMessage` (semântica Ed25519)
-- `generateKeyPairX25519`, `generateKeyPairEd25519`
-
----
-
-## Notas de Compatibilidade
-
-Este pacote suporta três modos:
-
-- **moderno nativo (recomendado):** `x25519` + `ed25519` via `node:crypto`
-- **moderno WASM (opcional):** namespace `wasm` (`wasm.x25519` + `wasm.ed25519`)
-- **legado:** `axlsign` via WASM para compatibilidade com `curve25519-js`
-
-| Recurso                             | `curve25519-js` | `curve25519-node`                            |
-| ----------------------------------- | --------------- | -------------------------------------------- |
-| Esquema de assinatura (moderno)     | axlsign         | Ed25519 (padrão)                             |
-| Esquema moderno alternativo         | não             | Ed25519 via WASM (`wasm.ed25519`)            |
-| Esquema de assinatura (legado)      | axlsign         | axlsign (namespace `axlsign`)                |
-| Acordo de chave                     | X25519          | X25519                                       |
-| Acordo moderno alternativo          | não             | X25519 via WASM (`wasm.x25519`)              |
-| Mesma chave para assinatura + ECDH  | sim             | apenas no namespace `axlsign`                |
-| `opt_random` nas APIs de assinatura | sim             | sim no `axlsign`, não no top-level/`ed25519` |
-| Backend OpenSSL                     | não             | sim                                          |
-
-Importante:
-
-- Chaves públicas X25519 e Ed25519 são diferentes.
-- Para fluxos de protocolo mais rígidos (estilo Signal), prefira `sharedKeyStrict` para rejeitar segredo compartilhado all-zero.
-- `node:crypto` não expõe API para converter public key X25519 ↔ Ed25519.
-- Top-level `sign`/`signMessage` e namespace `ed25519` continuam com semântica Ed25519 e rejeitam `opt_random`.
-- Para compatibilidade com `curve25519-js` (incluindo `opt_random`), use o namespace `axlsign`.
-- Assinaturas Ed25519 continuam determinísticas (comportamento padrão do OpenSSL).
-- Os módulos WASM (`axlsign` e `wasm`) são carregados sob demanda na primeira chamada (importar apenas `x25519`/`ed25519` não inicializa WASM).
-
----
-
-## Motivação
-
-O `curve25519-js` é um projeto importante, mas usa aritmética de campo manual em JS (`Float64Array`, estilo TweetNaCl).
-
-Este pacote foca em Node moderno com primitivas do OpenSSL:
-
-- caminho de implementação mais seguro
-- melhor desempenho em Node >= 20
-- API menor e explícita
-- tipagem forte com zero dependências de runtime
-
-Além disso:
-
-- o namespace `axlsign` via WASM permite migração progressiva de código legado;
-- o namespace `wasm` via WASM oferece uma alternativa moderna sem dependência de `node:crypto` no caminho criptográfico.
-
----
-
-## Tipos Branded
-
-- `Bytes32`
-- `Bytes64`
-
-Helpers (validam sem copiar):
-
-- `asBytes32(u8)`
-- `asBytes64(u8)`
-
----
-
-## Mapa de RFCs (uso no projeto)
-
-| RFC                               | Seções usadas                                                                                                 | Uso no projeto                                                                                                                                  | Onde no código          |
-| --------------------------------- | ------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
-| RFC 7748 (X25519)                 | Seção 5 (`The X25519 and X448 Functions`)                                                                     | Regras de clamping/decoding do escalar e comportamento da função X25519 (zera 3 bits baixos, zera bit mais alto, seta o segundo bit mais alto). | `src/x25519.ts`         |
-| RFC 7748 (X25519)                 | Seção 5.2 (`Test Vectors`), Seção 6.1 (`Diffie-Hellman / Curve25519`)                                         | Vetores oficiais para validação de interoperabilidade e corretude.                                                                              | `test/x25519.test.mjs`  |
-| RFC 8032 (Ed25519)                | Seção 5.1.5 (`Key Generation`), 5.1.6 (`Sign`), 5.1.7 (`Verify`)                                              | Semântica de keygen/sign/verify Ed25519 (executada por OpenSSL via `node:crypto`).                                                              | `src/ed25519.ts`        |
-| RFC 8032 (Ed25519)                | Seção 7.1 (`Test Vectors for Ed25519`)                                                                        | Vetores determinísticos para validação de chave pública e assinatura.                                                                           | `test/ed25519.test.mjs` |
-| RFC 8410 (X25519/Ed25519 em PKIX) | Seção 3 (identificadores de algoritmo), Seção 4 (`Subject Public Key Fields`), Seção 7 (`Private Key Format`) | Estrutura DER para import/export de chaves raw de 32 bytes em SPKI/PKCS#8 com OIDs de X25519 e Ed25519.                                         | `src/internal/der.ts`   |
-
-Referências indiretas por estrutura ASN.1/PKIX:
-
-- RFC 5958 (OneAsymmetricKey / família PKCS#8)
-- RFC 5280, Seção 4.1.2.7 (`Subject Public Key Info`)
-
-Observações:
-
-- O projeto não reimplementa aritmética de curva em JS; as operações criptográficas usam OpenSSL via `node:crypto`.
-- A suíte de testes cobre vetores oficiais do RFC 7748 e RFC 8032.
-
-Rodar testes:
-
-```bash
-npm test
-```
-
----
-
-## Detalhes Técnicos (DER / RFC 8410)
-
-Chaves raw de 32 bytes são importadas/exportadas com prefixos fixos:
-
-- X25519 PKCS#8: `302e020100300506032b656e04220420`
-- X25519 SPKI: `302a300506032b656e032100`
-- Ed25519 PKCS#8: `302e020100300506032b657004220420`
-- Ed25519 SPKI: `302a300506032b6570032100`
-
-Notas de implementação:
-
-- buffers prealocados + `.set`
-- views zero-copy de `Uint8Array` quando seguro
-- sem `Buffer.concat` em hot path
-
----
-
-## Notas de Performance
-
-- Evita cópias desnecessárias de bytes nos caminhos críticos.
-- `signMessage` monta `assinatura || mensagem` com um único `Uint8Array` prealocado.
-- Para throughput máximo em loops longos, use os helpers de `KeyObject` (`create*KeyObject`, `*FromKeyObjects`) para reduzir overhead de parse ASN.1.
-
----
-
-## Notas de Segurança
-
-- validação estrita de tipo/tamanho nas APIs públicas
-- sem log de segredos
-- `timingSafeEqual` em comparações internas de tamanho fixo quando necessário
-
----
-
-## Benchmarks
-
-A suíte de benchmark fica isolada em `bench/` (subprojeto separado) e compara com `curve25519-js`.
-
-```bash
-npm run build
-cd bench
-npm install
-npm run bench
-```
-
-### Snapshot real de benchmark (`npm run bench:ci`) no GitHub Codespaces
-
-Comando:
-
-```bash
-node --expose-gc bench.mjs --rounds=16 --roundMs=350 --warmupMs=500 --vectors=64 --variants=raw,cached --strict --verifyEvery=64 --jsonFile=results/bench-results.json
-```
-
-Ambiente:
-
-- Node: `v24.11.1`
-- OpenSSL: `3.5.4`
-- CPU: `AMD EPYC 7763 64-Core Processor`
-- Cores lógicos: `4`
-- Vetores: `64`
-
-### Tabela 1 - API moderna (`x25519` + `ed25519`)
-
-`sign`/`verify` abaixo comparam throughput de API, não equivalência criptográfica (Ed25519 vs axlsign legado).
-
-| Operação                       | Moderno raw | Legado raw (`curve25519-js`) | Speedup raw | Moderno cached | Legado cached (`curve25519-js`) | Speedup cached |
-| ------------------------------ | ----------: | ---------------------------: | ----------: | -------------: | ------------------------------: | -------------: |
-| `x25519.generateKeyPair`       |      14,378 |                        1,591 |       9.04x |         41,120 |                           1,478 |         27.83x |
-| `x25519.sharedKey`             |       9,970 |                        1,591 |       6.27x |         23,995 |                           1,554 |         15.44x |
-| `ed25519.sign (msg32)`         |      11,273 |                          143 |      78.95x |         23,696 |                             133 |        178.10x |
-| `ed25519.sign (msg1024)`       |      10,800 |                          138 |      78.07x |         22,502 |                             147 |        152.92x |
-| `ed25519.verify (msg32)`       |       7,280 |                          136 |      53.36x |          8,271 |                             155 |         53.37x |
-| `ed25519.verify (msg1024)`     |       7,160 |                          132 |      54.33x |          8,159 |                             154 |         52.90x |
-| `ed25519.signMessage (msg256)` |      10,624 |                          131 |      81.09x |         23,304 |                             148 |        156.97x |
-| `ed25519.openMessage (msg256)` |       6,574 |                          124 |      52.93x |          8,129 |                             154 |         52.64x |
-
-### Tabela 2 - Compatibilidade `axlsign` (equivalente ao `curve25519-js`)
-
-Aqui a comparação é de mesmo esquema criptográfico (equivalência + throughput).
-
-| Operação                                  | Moderno raw | Legado raw (`curve25519-js`) | Speedup raw | Moderno cached | Legado cached (`curve25519-js`) | Speedup cached |
-| ----------------------------------------- | ----------: | ---------------------------: | ----------: | -------------: | ------------------------------: | -------------: |
-| `axlsign.generateKeyPair`                 |       8,429 |                        1,583 |       5.33x |          8,384 |                           1,585 |          5.29x |
-| `axlsign.sharedKey`                       |       8,452 |                        1,583 |       5.34x |          8,396 |                           1,570 |          5.35x |
-| `axlsign.sign (msg32)`                    |       3,973 |                          144 |      27.61x |          3,952 |                             140 |         28.28x |
-| `axlsign.sign (msg32,opt_random)`         |       3,969 |                          147 |      27.03x |          3,984 |                             139 |         28.58x |
-| `axlsign.sign (msg1024)`                  |       3,881 |                          143 |      27.16x |          3,864 |                             139 |         27.72x |
-| `axlsign.verify (msg32)`                  |       6,527 |                          146 |      44.70x |          6,534 |                             143 |         45.72x |
-| `axlsign.verify (msg32,opt_random)`       |       6,506 |                          144 |      45.07x |          6,469 |                             141 |         45.80x |
-| `axlsign.verify (msg1024)`                |       6,361 |                          141 |      45.03x |          6,337 |                             135 |         46.92x |
-| `axlsign.signMessage (msg256)`            |       3,902 |                          140 |      27.79x |          3,935 |                             141 |         27.98x |
-| `axlsign.signMessage (msg256,opt_random)` |       3,885 |                          142 |      27.40x |          3,864 |                             145 |         26.60x |
-| `axlsign.openMessage (msg256)`            |       6,441 |                          138 |      46.57x |          6,300 |                             131 |         47.93x |
-| `axlsign.openMessage (msg256,opt_random)` |       6,362 |                          141 |      45.24x |          6,285 |                             130 |         48.22x |
-
-Notas:
-
-- `raw` inclui custo fim-a-fim da API.
-- `cached` reduz overhead de setup para evidenciar melhor o throughput criptográfico.
-- Fonte dos números: saída JSON de `bench:ci` (`results/bench-results.json`).
-
----
-
-## Build dos namespaces WASM (`axlsign` e `wasm`)
-
-No pacote publicado no npm, os artefatos WASM já vêm prontos em `dist/`.
-
-Para buildar a partir do código-fonte, você precisa:
-
-- Rust toolchain
-- `wasm-pack` instalado
-
-Com isso, `npm run build` executa:
-
-1. `wasm-pack build` (`wasm/axlsign`)
-2. `wasm-pack build` (`wasm/curve25519-wasm`)
-3. `tsc` ESM + CJS
-4. cópia dos artefatos WASM para `dist/internal/axlsign-wasm` e `dist/internal/curve25519-wasm`
-
-Referência dos crates Rust: [wasm/README.md](./wasm/README.md)
-
----
-
-## Contribuição
-
-- Guia: [CONTRIBUTING.md](./CONTRIBUTING.md)
-- Código de conduta: [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md)
-- Segurança: [SECURITY.md](./SECURITY.md)
-
-Validação local completa:
-
-```bash
-npm run ci
+const { x25519, ed25519, axlsign } = require("@unknownncat/curve25519-node");
 ```
 
----
-
-## Licença
-
-MIT
+## Exports
 
-Documentos complementares:
+- `x25519`
+- `ed25519`
+- `axlsign`
+- aliases top-level: `sharedKey`, `sharedKeyStrict`, `generateKeyPair`, `sign`, `verify`, `signMessage`, `openMessage`
+- tipos/helpers: `Bytes32`, `Bytes64`, `asBytes32`, `asBytes64`
 
-- [NOTICE.md](./NOTICE.md) (aviso oficial de terceiros)
-- [THIRD_PARTY_NOTICE.md](./THIRD_PARTY_NOTICE.md) e [THIRD_PARTY_NOTICES.md](./THIRD_PARTY_NOTICES.md) (aliases de compatibilidade)
-- [SECURITY.md](./SECURITY.md) (política de segurança e reporte de vulnerabilidades)
+## Observacoes
 
----
+- `sign`/`verify` top-level seguem semantica Ed25519 e rejeitam `opt_random`.
+- Para fluxo legado compativel com `curve25519-js`, use `axlsign.*`.
+- Se voce precisa de WASM no navegador, use `@unknownncat/curve25519-browser`.
 
-## Créditos
+## Licenca e avisos
 
-- [curve25519-js](https://github.com/harveyconnor/curve25519-js) (Harvey Connor, Dmitry Chestnykh)
-- [TweetNaCl.js](https://tweetnacl.js.org/)
-- Trevor Perrin, ideia de assinaturas Curve25519: <https://moderncrypto.org/mail-archive/curves/2014/000205.html>
-- [Documentação Node.js `crypto`](https://nodejs.org/api/crypto.html)
-- [OpenSSL](https://www.openssl.org/)
-- [RustCrypto](https://github.com/RustCrypto)
-- [wasm-bindgen](https://github.com/wasm-bindgen/wasm-bindgen)
-- [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek)
-- [ed25519-dalek](https://github.com/dalek-cryptography/ed25519-dalek)
-- [x25519-dalek](https://github.com/dalek-cryptography/x25519-dalek)
-- [zeroize](https://github.com/RustCrypto/utils/tree/master/zeroize)
-- [RFC 7748](https://www.rfc-editor.org/rfc/rfc7748)
-- [RFC 8032](https://www.rfc-editor.org/rfc/rfc8032)
-- [RFC 8410](https://www.rfc-editor.org/rfc/rfc8410)
-- [RFC 5958](https://www.rfc-editor.org/rfc/rfc5958)
-- [RFC 5280](https://www.rfc-editor.org/rfc/rfc5280)
+- [LICENSE](./LICENSE)
+- [NOTICE.md](./NOTICE.md)
+- [THIRD_PARTY_NOTICE.md](./THIRD_PARTY_NOTICE.md)
+- [THIRD_PARTY_NOTICES.md](./THIRD_PARTY_NOTICES.md)
+- [SECURITY.md](./SECURITY.md)

package/SECURITY.md

@@ -21,3 +21,14 @@ If private reporting is not available, open a public issue without sensitive det
 
 - Cryptographic flaws, incorrect input validation, and integrity/confidentiality issues are high priority.
 - Include package version, runtime environment, and reproducible steps.
+
+## Maintainer Security Checks
+
+Before publishing a release, run:
+
+```bash
+npm run ci
+npm run audit
+npm run audit:prod
+npm run release:check
+```

package/dist/axlsign.d.ts

@@ -1,6 +1,6 @@
 import type { Bytes32, Bytes64, KeyPair32 } from "./types.js";
 /**
- * Derives an axlsign-compatible public key (Montgomery/X25519 format).
+ * Derives an axlsign-compatible public key (Montgomery/X25519 format) in Node runtime.
  */
 export declare function publicKey(secretKey32: Bytes32): Bytes32;
 /**

package/dist/axlsign.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"axlsign.d.ts","sourceRoot":"","sources":["../src/axlsign.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAqD9D;;GAEG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,OAAO,GAAG,OAAO,CAIvD;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAK7E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,CAQ1D;AAED;;;GAGG;AACH,wBAAgB,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,OAAO,CAU5F;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAK3F;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,WAAW,EAAE,OAAO,EACpB,GAAG,EAAE,UAAU,EACf,UAAU,CAAC,EAAE,UAAU,GACtB,UAAU,CAUZ;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,GAAG,UAAU,GAAG,IAAI,CAe1F"}
+{"version":3,"file":"axlsign.d.ts","sourceRoot":"","sources":["../src/axlsign.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAyB9D;;GAEG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,OAAO,GAAG,OAAO,CAIvD;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAK7E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,CAQ1D;AAED;;;GAGG;AACH,wBAAgB,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,OAAO,CAU5F;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAK3F;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,WAAW,EAAE,OAAO,EACpB,GAAG,EAAE,UAAU,EACf,UAAU,CAAC,EAAE,UAAU,GACtB,UAAU,CAUZ;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,GAAG,UAAU,GAAG,IAAI,CAe1F"}

package/dist/axlsign.js

@@ -1,27 +1,6 @@
-import { dirname, join } from "node:path";
-import { createRequire } from "node:module";
 import { asBytes32, asBytes64, assertBytes32, assertBytes64, assertUint8Array, } from "./internal/assert.js";
-const SELF_PACKAGE_NAME = "@unknownncat/curve25519-node";
-const requireBase = typeof __filename === "string"
-    ? __filename
-    : typeof process.argv[1] === "string"
-        ? process.argv[1]
-        : join(process.cwd(), "index.js");
-const nodeRequire = createRequire(requireBase);
-let wasmModulePath;
-let wasmAxl;
-function getWasmAxl() {
-    if (wasmAxl !== undefined) {
-        return wasmAxl;
-    }
-    if (wasmModulePath === undefined) {
-        const packageJsonPath = nodeRequire.resolve(`${SELF_PACKAGE_NAME}/package.json`);
-        wasmModulePath = join(dirname(packageJsonPath), "dist", "internal", "axlsign-wasm", "axlsign_wasm.js");
-    }
-    // Lazy-load WASM bindings to keep modern-only imports lightweight.
-    wasmAxl = nodeRequire(wasmModulePath);
-    return wasmAxl;
-}
+import * as rustAxlsign from "./internal/axlsign-wasm/axlsign_wasm.js";
+const rustBindings = rustAxlsign;
 function clampScalar(seed32) {
     const out = new Uint8Array(32);
     out.set(seed32);
@@ -36,11 +15,11 @@ function assertOptionalRandom64(value, fnName) {
     assertBytes64(value, `${fnName} opt_random`);
 }
 /**
- * Derives an axlsign-compatible public key (Montgomery/X25519 format).
+ * Derives an axlsign-compatible public key (Montgomery/X25519 format) in Node runtime.
  */
 export function publicKey(secretKey32) {
     assertBytes32(secretKey32, "secretKey32");
-    const out = getWasmAxl().axlsignPublicKey(secretKey32);
+    const out = rustBindings.axlsignPublicKey(secretKey32);
     return asBytes32(out, "axlsign public key");
 }
 /**
@@ -49,7 +28,7 @@ export function publicKey(secretKey32) {
 export function sharedKey(secretKey32, publicKey32) {
     assertBytes32(secretKey32, "secretKey32");
     assertBytes32(publicKey32, "publicKey32");
-    const out = getWasmAxl().axlsignSharedKey(secretKey32, publicKey32);
+    const out = rustBindings.axlsignSharedKey(secretKey32, publicKey32);
     return asBytes32(out, "axlsign shared key");
 }
 /**
@@ -73,8 +52,8 @@ export function sign(secretKey32, msg, opt_random) {
     assertUint8Array(msg, "msg");
     assertOptionalRandom64(opt_random, "sign");
     const signature = opt_random === undefined
-        ? getWasmAxl().axlsignSign(secretKey32, msg)
-        : getWasmAxl().axlsignSignRnd(secretKey32, msg, opt_random);
+        ? rustBindings.axlsignSign(secretKey32, msg)
+        : rustBindings.axlsignSignRnd(secretKey32, msg, opt_random);
     return asBytes64(signature, "axlsign signature");
 }
 /**
@@ -84,7 +63,7 @@ export function verify(publicKey32, msg, signature64) {
     assertBytes32(publicKey32, "publicKey32");
     assertUint8Array(msg, "msg");
     assertBytes64(signature64, "signature64");
-    return getWasmAxl().axlsignVerify(publicKey32, msg, signature64);
+    return rustBindings.axlsignVerify(publicKey32, msg, signature64);
 }
 /**
  * Returns signature || message (axlsign mode).

package/dist/axlsign.js.map

@@ -1 +1 @@
-{"version":3,"file":"axlsign.js","sourceRoot":"","sources":["../src/axlsign.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EACL,SAAS,EACT,SAAS,EACT,aAAa,EACb,aAAa,EACb,gBAAgB,GACjB,MAAM,sBAAsB,CAAC;AAI9B,MAAM,iBAAiB,GAAG,8BAA8B,CAAC;AAEzD,MAAM,WAAW,GACf,OAAO,UAAU,KAAK,QAAQ;IAC5B,CAAC,CAAC,UAAU;IACZ,CAAC,CAAC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ;QACnC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACjB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;AAExC,MAAM,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;AAE/C,IAAI,cAAkC,CAAC;AAEvC,IAAI,OAAyC,CAAC;AAE9C,SAAS,UAAU;IACjB,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACjC,MAAM,eAAe,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,iBAAiB,eAAe,CAAC,CAAC;QACjF,cAAc,GAAG,IAAI,CACnB,OAAO,CAAC,eAAe,CAAC,EACxB,MAAM,EACN,UAAU,EACV,cAAc,EACd,iBAAiB,CAClB,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,OAAO,GAAG,WAAW,CAAC,cAAc,CAAyB,CAAC;IAC9D,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChB,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;IAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC1B,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;IAC5B,OAAO,SAAS,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;AAC1C,CAAC;AAED,SAAS,sBAAsB,CAAC,KAA6B,EAAE,MAAc;IAC3E,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO;IAChC,aAAa,CAAC,KAAK,EAAE,GAAG,MAAM,aAAa,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,WAAoB;IAC5C,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;IACvD,OAAO,SAAS,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,WAAoB,EAAE,WAAoB;IAClE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC,gBAAgB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACpE,OAAO,SAAS,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,MAAe;IAC7C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1C,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,UAAU;KACpB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,IAAI,CAAC,WAAoB,EAAE,GAAe,EAAE,UAAuB;IACjF,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,sBAAsB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,SAAS,GACb,UAAU,KAAK,SAAS;QACtB,CAAC,CAAC,UAAU,EAAE,CAAC,WAAW,CAAC,WAAW,EAAE,GAAG,CAAC;QAC5C,CAAC,CAAC,UAAU,EAAE,CAAC,cAAc,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC;IAChE,OAAO,SAAS,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,MAAM,CAAC,WAAoB,EAAE,GAAe,EAAE,WAAoB;IAChF,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,UAAU,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,WAAoB,EACpB,GAAe,EACf,UAAuB;IAEvB,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,sBAAsB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAElD,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC;IACrD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACtB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACjB,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAoB,EAAE,SAAqB;IACrE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAEzC,IAAI,SAAS,CAAC,UAAU,GAAG,EAAE,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC"}
+{"version":3,"file":"axlsign.js","sourceRoot":"","sources":["../src/axlsign.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,SAAS,EACT,SAAS,EACT,aAAa,EACb,aAAa,EACb,gBAAgB,GACjB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yCAAyC,CAAC;AAUvE,MAAM,YAAY,GAAG,WAA6C,CAAC;AAEnE,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChB,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;IAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC1B,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;IAC5B,OAAO,SAAS,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;AAC1C,CAAC;AAED,SAAS,sBAAsB,CAAC,KAA6B,EAAE,MAAc;IAC3E,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO;IAChC,aAAa,CAAC,KAAK,EAAE,GAAG,MAAM,aAAa,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,WAAoB;IAC5C,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;IACvD,OAAO,SAAS,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,WAAoB,EAAE,WAAoB;IAClE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,YAAY,CAAC,gBAAgB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACpE,OAAO,SAAS,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,MAAe;IAC7C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1C,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,UAAU;KACpB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,IAAI,CAAC,WAAoB,EAAE,GAAe,EAAE,UAAuB;IACjF,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,sBAAsB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,SAAS,GACb,UAAU,KAAK,SAAS;QACtB,CAAC,CAAC,YAAY,CAAC,WAAW,CAAC,WAAW,EAAE,GAAG,CAAC;QAC5C,CAAC,CAAC,YAAY,CAAC,cAAc,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC;IAChE,OAAO,SAAS,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,MAAM,CAAC,WAAoB,EAAE,GAAe,EAAE,WAAoB;IAChF,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,YAAY,CAAC,aAAa,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,WAAoB,EACpB,GAAe,EACf,UAAuB;IAEvB,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,sBAAsB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAElD,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC;IACrD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACtB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACjB,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAoB,EAAE,SAAqB;IACrE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAEzC,IAAI,SAAS,CAAC,UAAU,GAAG,EAAE,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC"}

package/dist/cjs/axlsign.js

@@ -7,30 +7,9 @@ exports.sign = sign;
 exports.verify = verify;
 exports.signMessage = signMessage;
 exports.openMessage = openMessage;
-const node_path_1 = require("node:path");
-const node_module_1 = require("node:module");
 const assert_js_1 = require("./internal/assert.js");
-const SELF_PACKAGE_NAME = "@unknownncat/curve25519-node";
-const requireBase = typeof __filename === "string"
-    ? __filename
-    : typeof process.argv[1] === "string"
-        ? process.argv[1]
-        : (0, node_path_1.join)(process.cwd(), "index.js");
-const nodeRequire = (0, node_module_1.createRequire)(requireBase);
-let wasmModulePath;
-let wasmAxl;
-function getWasmAxl() {
-    if (wasmAxl !== undefined) {
-        return wasmAxl;
-    }
-    if (wasmModulePath === undefined) {
-        const packageJsonPath = nodeRequire.resolve(`${SELF_PACKAGE_NAME}/package.json`);
-        wasmModulePath = (0, node_path_1.join)((0, node_path_1.dirname)(packageJsonPath), "dist", "internal", "axlsign-wasm", "axlsign_wasm.js");
-    }
-    // Lazy-load WASM bindings to keep modern-only imports lightweight.
-    wasmAxl = nodeRequire(wasmModulePath);
-    return wasmAxl;
-}
+const rustAxlsign = require("./internal/axlsign-wasm/axlsign_wasm.js");
+const rustBindings = rustAxlsign;
 function clampScalar(seed32) {
     const out = new Uint8Array(32);
     out.set(seed32);
@@ -45,11 +24,11 @@ function assertOptionalRandom64(value, fnName) {
     (0, assert_js_1.assertBytes64)(value, `${fnName} opt_random`);
 }
 /**
- * Derives an axlsign-compatible public key (Montgomery/X25519 format).
+ * Derives an axlsign-compatible public key (Montgomery/X25519 format) in Node runtime.
  */
 function publicKey(secretKey32) {
     (0, assert_js_1.assertBytes32)(secretKey32, "secretKey32");
-    const out = getWasmAxl().axlsignPublicKey(secretKey32);
+    const out = rustBindings.axlsignPublicKey(secretKey32);
     return (0, assert_js_1.asBytes32)(out, "axlsign public key");
 }
 /**
@@ -58,7 +37,7 @@ function publicKey(secretKey32) {
 function sharedKey(secretKey32, publicKey32) {
     (0, assert_js_1.assertBytes32)(secretKey32, "secretKey32");
     (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
-    const out = getWasmAxl().axlsignSharedKey(secretKey32, publicKey32);
+    const out = rustBindings.axlsignSharedKey(secretKey32, publicKey32);
     return (0, assert_js_1.asBytes32)(out, "axlsign shared key");
 }
 /**
@@ -82,8 +61,8 @@ function sign(secretKey32, msg, opt_random) {
     (0, assert_js_1.assertUint8Array)(msg, "msg");
     assertOptionalRandom64(opt_random, "sign");
     const signature = opt_random === undefined
-        ? getWasmAxl().axlsignSign(secretKey32, msg)
-        : getWasmAxl().axlsignSignRnd(secretKey32, msg, opt_random);
+        ? rustBindings.axlsignSign(secretKey32, msg)
+        : rustBindings.axlsignSignRnd(secretKey32, msg, opt_random);
     return (0, assert_js_1.asBytes64)(signature, "axlsign signature");
 }
 /**
@@ -93,7 +72,7 @@ function verify(publicKey32, msg, signature64) {
     (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
     (0, assert_js_1.assertUint8Array)(msg, "msg");
     (0, assert_js_1.assertBytes64)(signature64, "signature64");
-    return getWasmAxl().axlsignVerify(publicKey32, msg, signature64);
+    return rustBindings.axlsignVerify(publicKey32, msg, signature64);
 }
 /**
  * Returns signature || message (axlsign mode).