npm - zexus - Versions diffs - 1.6.2 - Mend

zexus 1.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (227) hide show

package/LICENSE +0 -0
package/README.md +2513 -0
package/bin/zexus +2 -0
package/bin/zpics +2 -0
package/bin/zpm +2 -0
package/bin/zx +2 -0
package/bin/zx-deploy +2 -0
package/bin/zx-dev +2 -0
package/bin/zx-run +2 -0
package/package.json +66 -0
package/scripts/README.md +24 -0
package/scripts/postinstall.js +44 -0
package/shared_config.json +24 -0
package/src/README.md +1525 -0
package/src/tests/run_zexus_tests.py +117 -0
package/src/tests/test_all_phases.zx +346 -0
package/src/tests/test_blockchain_features.zx +306 -0
package/src/tests/test_complexity_features.zx +321 -0
package/src/tests/test_core_integration.py +185 -0
package/src/tests/test_phase10_ecosystem.zx +177 -0
package/src/tests/test_phase1_modifiers.zx +87 -0
package/src/tests/test_phase2_plugins.zx +80 -0
package/src/tests/test_phase3_security.zx +97 -0
package/src/tests/test_phase4_vfs.zx +116 -0
package/src/tests/test_phase5_types.zx +117 -0
package/src/tests/test_phase6_metaprogramming.zx +125 -0
package/src/tests/test_phase7_optimization.zx +132 -0
package/src/tests/test_phase9_advanced_types.zx +157 -0
package/src/tests/test_security_features.py +419 -0
package/src/tests/test_security_features.zx +276 -0
package/src/tests/test_simple_zx.zx +1 -0
package/src/tests/test_verification_simple.zx +69 -0
package/src/zexus/__init__.py +28 -0
package/src/zexus/__main__.py +5 -0
package/src/zexus/__pycache__/__init__.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/advanced_types.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/builtin_modules.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/capability_system.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/complexity_system.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/concurrency_system.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/config.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/dependency_injection.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/ecosystem.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/environment.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/error_reporter.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/hybrid_orchestrator.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/lexer.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/metaprogramming.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/module_cache.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/object.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/optimization.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/plugin_system.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/policy_engine.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/security.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/stdlib_integration.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/strategy_recovery.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/syntax_validator.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/type_system.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/virtual_filesystem.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/zexus_ast.cpython-312.pyc +0 -0
package/src/zexus/__pycache__/zexus_token.cpython-312.pyc +0 -0
package/src/zexus/advanced_types.py +401 -0
package/src/zexus/blockchain/__init__.py +40 -0
package/src/zexus/blockchain/__pycache__/__init__.cpython-312.pyc +0 -0
package/src/zexus/blockchain/__pycache__/crypto.cpython-312.pyc +0 -0
package/src/zexus/blockchain/__pycache__/ledger.cpython-312.pyc +0 -0
package/src/zexus/blockchain/__pycache__/transaction.cpython-312.pyc +0 -0
package/src/zexus/blockchain/crypto.py +463 -0
package/src/zexus/blockchain/ledger.py +255 -0
package/src/zexus/blockchain/transaction.py +267 -0
package/src/zexus/builtin_modules.py +284 -0
package/src/zexus/builtin_plugins.py +317 -0
package/src/zexus/capability_system.py +372 -0
package/src/zexus/cli/__init__.py +2 -0
package/src/zexus/cli/__pycache__/__init__.cpython-312.pyc +0 -0
package/src/zexus/cli/__pycache__/main.cpython-312.pyc +0 -0
package/src/zexus/cli/main.py +707 -0
package/src/zexus/cli/zpm.py +203 -0
package/src/zexus/compare_interpreter_compiler.py +146 -0
package/src/zexus/compiler/__init__.py +169 -0
package/src/zexus/compiler/__pycache__/__init__.cpython-312.pyc +0 -0
package/src/zexus/compiler/__pycache__/lexer.cpython-312.pyc +0 -0
package/src/zexus/compiler/__pycache__/parser.cpython-312.pyc +0 -0
package/src/zexus/compiler/__pycache__/zexus_ast.cpython-312.pyc +0 -0
package/src/zexus/compiler/bytecode.py +266 -0
package/src/zexus/compiler/compat_runtime.py +277 -0
package/src/zexus/compiler/lexer.py +257 -0
package/src/zexus/compiler/parser.py +779 -0
package/src/zexus/compiler/semantic.py +118 -0
package/src/zexus/compiler/zexus_ast.py +454 -0
package/src/zexus/complexity_system.py +575 -0
package/src/zexus/concurrency_system.py +493 -0
package/src/zexus/config.py +201 -0
package/src/zexus/crypto_bridge.py +19 -0
package/src/zexus/dependency_injection.py +423 -0
package/src/zexus/ecosystem.py +434 -0
package/src/zexus/environment.py +101 -0
package/src/zexus/environment_manager.py +119 -0
package/src/zexus/error_reporter.py +314 -0
package/src/zexus/evaluator/__init__.py +12 -0
package/src/zexus/evaluator/__pycache__/__init__.cpython-312.pyc +0 -0
package/src/zexus/evaluator/__pycache__/bytecode_compiler.cpython-312.pyc +0 -0
package/src/zexus/evaluator/__pycache__/core.cpython-312.pyc +0 -0
package/src/zexus/evaluator/__pycache__/expressions.cpython-312.pyc +0 -0
package/src/zexus/evaluator/__pycache__/functions.cpython-312.pyc +0 -0
package/src/zexus/evaluator/__pycache__/integration.cpython-312.pyc +0 -0
package/src/zexus/evaluator/__pycache__/statements.cpython-312.pyc +0 -0
package/src/zexus/evaluator/__pycache__/utils.cpython-312.pyc +0 -0
package/src/zexus/evaluator/bytecode_compiler.py +700 -0
package/src/zexus/evaluator/core.py +891 -0
package/src/zexus/evaluator/expressions.py +827 -0
package/src/zexus/evaluator/functions.py +3989 -0
package/src/zexus/evaluator/integration.py +396 -0
package/src/zexus/evaluator/statements.py +4303 -0
package/src/zexus/evaluator/utils.py +126 -0
package/src/zexus/evaluator_original.py +2041 -0
package/src/zexus/external_bridge.py +16 -0
package/src/zexus/find_affected_imports.sh +155 -0
package/src/zexus/hybrid_orchestrator.py +152 -0
package/src/zexus/input_validation.py +259 -0
package/src/zexus/lexer.py +571 -0
package/src/zexus/logging.py +89 -0
package/src/zexus/lsp/__init__.py +9 -0
package/src/zexus/lsp/completion_provider.py +207 -0
package/src/zexus/lsp/definition_provider.py +22 -0
package/src/zexus/lsp/hover_provider.py +71 -0
package/src/zexus/lsp/server.py +269 -0
package/src/zexus/lsp/symbol_provider.py +31 -0
package/src/zexus/metaprogramming.py +321 -0
package/src/zexus/module_cache.py +89 -0
package/src/zexus/module_manager.py +107 -0
package/src/zexus/object.py +973 -0
package/src/zexus/optimization.py +424 -0
package/src/zexus/parser/__init__.py +31 -0
package/src/zexus/parser/__pycache__/__init__.cpython-312.pyc +0 -0
package/src/zexus/parser/__pycache__/parser.cpython-312.pyc +0 -0
package/src/zexus/parser/__pycache__/strategy_context.cpython-312.pyc +0 -0
package/src/zexus/parser/__pycache__/strategy_structural.cpython-312.pyc +0 -0
package/src/zexus/parser/integration.py +86 -0
package/src/zexus/parser/parser.py +3977 -0
package/src/zexus/parser/strategy_context.py +7254 -0
package/src/zexus/parser/strategy_structural.py +1033 -0
package/src/zexus/persistence.py +391 -0
package/src/zexus/plugin_system.py +290 -0
package/src/zexus/policy_engine.py +365 -0
package/src/zexus/profiler/__init__.py +5 -0
package/src/zexus/profiler/profiler.py +233 -0
package/src/zexus/purity_system.py +398 -0
package/src/zexus/runtime/__init__.py +20 -0
package/src/zexus/runtime/async_runtime.py +324 -0
package/src/zexus/search_old_imports.sh +65 -0
package/src/zexus/security.py +1407 -0
package/src/zexus/stack_trace.py +233 -0
package/src/zexus/stdlib/__init__.py +27 -0
package/src/zexus/stdlib/blockchain.py +341 -0
package/src/zexus/stdlib/compression.py +167 -0
package/src/zexus/stdlib/crypto.py +124 -0
package/src/zexus/stdlib/datetime.py +163 -0
package/src/zexus/stdlib/db_mongo.py +199 -0
package/src/zexus/stdlib/db_mysql.py +162 -0
package/src/zexus/stdlib/db_postgres.py +163 -0
package/src/zexus/stdlib/db_sqlite.py +133 -0
package/src/zexus/stdlib/encoding.py +230 -0
package/src/zexus/stdlib/fs.py +195 -0
package/src/zexus/stdlib/http.py +219 -0
package/src/zexus/stdlib/http_server.py +248 -0
package/src/zexus/stdlib/json_module.py +61 -0
package/src/zexus/stdlib/math.py +360 -0
package/src/zexus/stdlib/os_module.py +265 -0
package/src/zexus/stdlib/regex.py +148 -0
package/src/zexus/stdlib/sockets.py +253 -0
package/src/zexus/stdlib/test_framework.zx +208 -0
package/src/zexus/stdlib/test_runner.zx +119 -0
package/src/zexus/stdlib_integration.py +341 -0
package/src/zexus/strategy_recovery.py +256 -0
package/src/zexus/syntax_validator.py +356 -0
package/src/zexus/testing/zpics.py +407 -0
package/src/zexus/testing/zpics_runtime.py +369 -0
package/src/zexus/type_system.py +374 -0
package/src/zexus/validation_system.py +569 -0
package/src/zexus/virtual_filesystem.py +355 -0
package/src/zexus/vm/__init__.py +8 -0
package/src/zexus/vm/__pycache__/__init__.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/async_optimizer.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/bytecode.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/cache.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/jit.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/memory_manager.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/memory_pool.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/optimizer.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/parallel_vm.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/peephole_optimizer.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/profiler.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/register_allocator.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/register_vm.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/ssa_converter.cpython-312.pyc +0 -0
package/src/zexus/vm/__pycache__/vm.cpython-312.pyc +0 -0
package/src/zexus/vm/async_optimizer.py +420 -0
package/src/zexus/vm/bytecode.py +428 -0
package/src/zexus/vm/bytecode_converter.py +297 -0
package/src/zexus/vm/cache.py +532 -0
package/src/zexus/vm/jit.py +720 -0
package/src/zexus/vm/memory_manager.py +520 -0
package/src/zexus/vm/memory_pool.py +511 -0
package/src/zexus/vm/optimizer.py +478 -0
package/src/zexus/vm/parallel_vm.py +899 -0
package/src/zexus/vm/peephole_optimizer.py +452 -0
package/src/zexus/vm/profiler.py +527 -0
package/src/zexus/vm/register_allocator.py +462 -0
package/src/zexus/vm/register_vm.py +520 -0
package/src/zexus/vm/ssa_converter.py +757 -0
package/src/zexus/vm/vm.py +1392 -0
package/src/zexus/zexus_ast.py +1782 -0
package/src/zexus/zexus_token.py +253 -0
package/src/zexus/zpm/__init__.py +15 -0
package/src/zexus/zpm/installer.py +116 -0
package/src/zexus/zpm/package_manager.py +208 -0
package/src/zexus/zpm/publisher.py +98 -0
package/src/zexus/zpm/registry.py +110 -0
package/src/zexus.egg-info/PKG-INFO +2235 -0
package/src/zexus.egg-info/SOURCES.txt +876 -0
package/src/zexus.egg-info/dependency_links.txt +1 -0
package/src/zexus.egg-info/entry_points.txt +3 -0
package/src/zexus.egg-info/not-zip-safe +1 -0
package/src/zexus.egg-info/requires.txt +14 -0
package/src/zexus.egg-info/top_level.txt +2 -0
package/zexus.json +14 -0

package/src/zexus/blockchain/crypto.py ADDED Viewed

@@ -0,0 +1,463 @@
+"""
+Zexus Blockchain Cryptographic Primitives Plugin
+Provides built-in functions for:
+- Cryptographic hashing (SHA256, KECCAK256, etc.)
+- Digital signatures (ECDSA, RSA, etc.)
+- Signature verification
+"""
+import hashlib
+import hmac
+import secrets
+from typing import Any, Optional
+# Try to import cryptography library (optional for basic hashing)
+try:
+    from cryptography.hazmat.primitives import hashes, serialization
+    from cryptography.hazmat.primitives.asymmetric import rsa, ec, padding
+    from cryptography.hazmat.backends import default_backend
+    from cryptography.exceptions import InvalidSignature
+    CRYPTO_AVAILABLE = True
+except ImportError:
+    CRYPTO_AVAILABLE = False
+    print("Warning: cryptography library not installed. Signature features will be limited.")
+    print("Install with: pip install cryptography")
+class CryptoPlugin:
+    """
+    Cryptographic primitives for blockchain operations
+    """
+    # Supported hash algorithms
+    HASH_ALGORITHMS = {
+        'SHA256': hashlib.sha256,
+        'SHA512': hashlib.sha512,
+        'SHA3-256': hashlib.sha3_256,
+        'SHA3-512': hashlib.sha3_512,
+        'BLAKE2B': hashlib.blake2b,
+        'BLAKE2S': hashlib.blake2s,
+        'KECCAK256': lambda: hashlib.sha3_256(),  # Ethereum-style Keccak
+    }
+    @staticmethod
+    def hash_data(data: Any, algorithm: str = 'SHA256') -> str:
+        """
+        Hash data using specified algorithm
+        Args:
+            data: Data to hash (will be converted to string)
+            algorithm: Hash algorithm name
+        Returns:
+            Hex-encoded hash
+        """
+        algorithm = algorithm.upper()
+        if algorithm not in CryptoPlugin.HASH_ALGORITHMS:
+            raise ValueError(f"Unsupported hash algorithm: {algorithm}. "
+                           f"Supported: {', '.join(CryptoPlugin.HASH_ALGORITHMS.keys())}")
+        # Convert data to bytes
+        if isinstance(data, bytes):
+            data_bytes = data
+        elif isinstance(data, str):
+            data_bytes = data.encode('utf-8')
+        else:
+            data_bytes = str(data).encode('utf-8')
+        # Hash the data
+        hash_func = CryptoPlugin.HASH_ALGORITHMS[algorithm]
+        hasher = hash_func()
+        hasher.update(data_bytes)
+        return hasher.hexdigest()
+    @staticmethod
+    def generate_keypair(algorithm: str = 'ECDSA') -> tuple:
+        """
+        Generate a new keypair for signing
+        Args:
+            algorithm: Signature algorithm ('ECDSA' or 'RSA')
+        Returns:
+            (private_key_pem, public_key_pem) tuple
+        """
+        if not CRYPTO_AVAILABLE:
+            raise RuntimeError("cryptography library not installed. Install with: pip install cryptography")
+        algorithm = algorithm.upper()
+        if algorithm == 'ECDSA':
+            # Generate ECDSA keypair (secp256k1 curve - used by Bitcoin/Ethereum)
+            private_key = ec.generate_private_key(ec.SECP256K1(), default_backend())
+            public_key = private_key.public_key()
+        elif algorithm == 'RSA':
+            # Generate RSA keypair
+            private_key = rsa.generate_private_key(
+                public_exponent=65537,
+                key_size=2048,
+                backend=default_backend()
+            )
+            public_key = private_key.public_key()
+        else:
+            raise ValueError(f"Unsupported signature algorithm: {algorithm}")
+        # Serialize to PEM format
+        private_pem = private_key.private_bytes(
+            encoding=serialization.Encoding.PEM,
+            format=serialization.PrivateFormat.PKCS8,
+            encryption_algorithm=serialization.NoEncryption()
+        ).decode('utf-8')
+        public_pem = public_key.public_bytes(
+            encoding=serialization.Encoding.PEM,
+            format=serialization.PublicFormat.SubjectPublicKeyInfo
+        ).decode('utf-8')
+        return (private_pem, public_pem)
+    @staticmethod
+    def sign_data(data: Any, private_key_pem: str, algorithm: str = 'ECDSA') -> str:
+        """
+        Create a digital signature
+        Args:
+            data: Data to sign
+            private_key_pem: Private key in PEM format (or mock key for testing)
+            algorithm: Signature algorithm
+        Returns:
+            Hex-encoded signature
+        """
+        algorithm = algorithm.upper()
+        # Check if this is a mock/test key (not PEM format)
+        # Real PEM keys start with "-----BEGIN"
+        if not private_key_pem.strip().startswith('-----BEGIN'):
+            # Use mock signature for testing purposes
+            # This is NOT cryptographically secure, only for testing!
+            data_str = str(data) if not isinstance(data, (str, bytes)) else data
+            data_bytes = data_str.encode('utf-8') if isinstance(data_str, str) else data_str
+            key_bytes = private_key_pem.encode('utf-8')
+            # Generate deterministic mock signature
+            mock_signature = hmac.new(key_bytes, data_bytes, hashlib.sha256).hexdigest()
+            return f"mock_{algorithm.lower()}_{mock_signature}"
+        # Real PEM key - use cryptography library
+        if not CRYPTO_AVAILABLE:
+            raise RuntimeError("cryptography library not installed. Install with: pip install cryptography")
+        # Convert data to bytes
+        if isinstance(data, bytes):
+            data_bytes = data
+        elif isinstance(data, str):
+            data_bytes = data.encode('utf-8')
+        else:
+            data_bytes = str(data).encode('utf-8')
+        # Load private key
+        private_key = serialization.load_pem_private_key(
+            private_key_pem.encode('utf-8'),
+            password=None,
+            backend=default_backend()
+        )
+        # Sign data
+        if algorithm == 'ECDSA':
+            signature = private_key.sign(
+                data_bytes,
+                ec.ECDSA(hashes.SHA256())
+            )
+        elif algorithm == 'RSA':
+            signature = private_key.sign(
+                data_bytes,
+                padding.PSS(
+                    mgf=padding.MGF1(hashes.SHA256()),
+                    salt_length=padding.PSS.MAX_LENGTH
+                ),
+                hashes.SHA256()
+            )
+        else:
+            raise ValueError(f"Unsupported signature algorithm: {algorithm}")
+        return signature.hex()
+    @staticmethod
+    def verify_signature(data: Any, signature_hex: str, public_key_pem: str,
+                        algorithm: str = 'ECDSA') -> bool:
+        """
+        Verify a digital signature
+        Args:
+            data: Original data
+            signature_hex: Hex-encoded signature (or mock signature for testing)
+            public_key_pem: Public key in PEM format (or mock key for testing)
+            algorithm: Signature algorithm
+        Returns:
+            True if signature is valid, False otherwise
+        """
+        algorithm = algorithm.upper()
+        # Check if this is a mock signature (for testing)
+        if signature_hex.startswith('mock_'):
+            # Verify mock signature using HMAC
+            try:
+                # Extract algorithm and signature parts
+                parts = signature_hex.split('_', 2)
+                if len(parts) != 3:
+                    return False
+                sig_algorithm = parts[1]  # already lowercase from mock signature
+                sig_hash = parts[2]
+                # Verify algorithm matches (compare lowercase to lowercase)
+                if sig_algorithm != algorithm.lower():
+                    return False
+                # Reconstruct signature to verify
+                data_str = str(data) if not isinstance(data, (str, bytes)) else data
+                data_bytes = data_str.encode('utf-8') if isinstance(data_str, str) else data_str
+                # Note: In mock mode, "public key" is actually the same as private key for testing
+                key_bytes = public_key_pem.encode('utf-8')
+                expected_sig = hmac.new(key_bytes, data_bytes, hashlib.sha256).hexdigest()
+                return sig_hash == expected_sig
+            except Exception:
+                return False
+        # Real PEM signature - use cryptography library
+        if not CRYPTO_AVAILABLE:
+            return False
+        # Convert data to bytes
+        if isinstance(data, bytes):
+            data_bytes = data
+        elif isinstance(data, str):
+            data_bytes = data.encode('utf-8')
+        else:
+            data_bytes = str(data).encode('utf-8')
+        # Convert signature from hex
+        try:
+            signature = bytes.fromhex(signature_hex)
+        except ValueError:
+            return False
+        # Load public key
+        try:
+            public_key = serialization.load_pem_public_key(
+                public_key_pem.encode('utf-8'),
+                backend=default_backend()
+            )
+        except Exception:
+            return False
+        # Verify signature
+        try:
+            if algorithm == 'ECDSA':
+                public_key.verify(
+                    signature,
+                    data_bytes,
+                    ec.ECDSA(hashes.SHA256())
+                )
+            elif algorithm == 'RSA':
+                public_key.verify(
+                    signature,
+                    data_bytes,
+                    padding.PSS(
+                        mgf=padding.MGF1(hashes.SHA256()),
+                        salt_length=padding.PSS.MAX_LENGTH
+                    ),
+                    hashes.SHA256()
+                )
+            else:
+                return False
+            return True
+        except InvalidSignature:
+            return False
+        except Exception:
+            return False
+    @staticmethod
+    def keccak256(data: Any) -> str:
+        """
+        Ethereum-style Keccak-256 hash
+        Args:
+            data: Data to hash
+        Returns:
+            Hex-encoded hash (with '0x' prefix)
+        """
+        result = CryptoPlugin.hash_data(data, 'KECCAK256')
+        return '0x' + result
+    @staticmethod
+    def generate_random_bytes(length: int = 32) -> str:
+        """
+        Generate cryptographically secure random bytes
+        Args:
+            length: Number of bytes to generate
+        Returns:
+            Hex-encoded random bytes
+        """
+        return secrets.token_hex(length)
+    @staticmethod
+    def derive_address(public_key_pem: str) -> str:
+        """
+        Derive an Ethereum-style address from a public key
+        Args:
+            public_key_pem: Public key in PEM format
+        Returns:
+            Address (hex with '0x' prefix)
+        """
+        if not CRYPTO_AVAILABLE:
+            raise RuntimeError("cryptography library not installed. Install with: pip install cryptography")
+        # Load public key
+        public_key = serialization.load_pem_public_key(
+            public_key_pem.encode('utf-8'),
+            backend=default_backend()
+        )
+        # Get public key bytes (uncompressed)
+        public_bytes = public_key.public_bytes(
+            encoding=serialization.Encoding.X962,
+            format=serialization.PublicFormat.UncompressedPoint
+        )
+        # Keccak256 hash
+        hash_result = hashlib.sha3_256(public_bytes[1:]).digest()
+        # Take last 20 bytes as address
+        address = hash_result[-20:].hex()
+        return '0x' + address
+def register_crypto_builtins(env):
+    """
+    Register cryptographic built-in functions in the Zexus environment
+    Functions registered:
+    - hash(data, algorithm) -> string
+    - sign(data, private_key, algorithm?) -> string
+    - verify_sig(data, signature, public_key, algorithm?) -> boolean
+    - keccak256(data) -> string
+    - generate_keypair(algorithm?) -> {private_key, public_key}
+    - random_bytes(length?) -> string
+    - derive_address(public_key) -> string
+    """
+    from zexus.object import Function, String, Boolean, Hash, Integer, Error
+    # hash(data, algorithm)
+    def builtin_hash(args):
+        if len(args) < 1:
+            return Error("hash expects at least 1 argument: data, [algorithm]")
+        data = args[0].value if hasattr(args[0], 'value') else str(args[0])
+        algorithm = args[1].value if len(args) > 1 and hasattr(args[1], 'value') else 'SHA256'
+        try:
+            result = CryptoPlugin.hash_data(data, algorithm)
+            return String(result)
+        except Exception as e:
+            return Error(f"Hash error: {str(e)}")
+    # sign(data, private_key, algorithm?)
+    def builtin_sign(args):
+        if len(args) < 2:
+            return Error("sign expects at least 2 arguments: data, private_key, [algorithm]")
+        data = args[0].value if hasattr(args[0], 'value') else str(args[0])
+        private_key = args[1].value if hasattr(args[1], 'value') else str(args[1])
+        algorithm = args[2].value if len(args) > 2 and hasattr(args[2], 'value') else 'ECDSA'
+        try:
+            result = CryptoPlugin.sign_data(data, private_key, algorithm)
+            return String(result)
+        except Exception as e:
+            return Error(f"Signature error: {str(e)}")
+    # verify_sig(data, signature, public_key, algorithm?)
+    def builtin_verify_sig(args):
+        if len(args) < 3:
+            return Error("verify_sig expects at least 3 arguments: data, signature, public_key, [algorithm]")
+        data = args[0].value if hasattr(args[0], 'value') else str(args[0])
+        signature = args[1].value if hasattr(args[1], 'value') else str(args[1])
+        public_key = args[2].value if hasattr(args[2], 'value') else str(args[2])
+        algorithm = args[3].value if len(args) > 3 and hasattr(args[3], 'value') else 'ECDSA'
+        try:
+            result = CryptoPlugin.verify_signature(data, signature, public_key, algorithm)
+            return Boolean(result)
+        except Exception as e:
+            return Error(f"Verification error: {str(e)}")
+    # keccak256(data)
+    def builtin_keccak256(args):
+        if len(args) != 1:
+            return Error("keccak256 expects 1 argument: data")
+        data = args[0].value if hasattr(args[0], 'value') else str(args[0])
+        try:
+            result = CryptoPlugin.keccak256(data)
+            return String(result)
+        except Exception as e:
+            return Error(f"Keccak256 error: {str(e)}")
+    # generate_keypair(algorithm?)
+    def builtin_generate_keypair(args):
+        algorithm = args[0].value if len(args) > 0 and hasattr(args[0], 'value') else 'ECDSA'
+        try:
+            private_key, public_key = CryptoPlugin.generate_keypair(algorithm)
+            return Hash({
+                String('private_key'): String(private_key),
+                String('public_key'): String(public_key)
+            })
+        except Exception as e:
+            return Error(f"Keypair generation error: {str(e)}")
+    # random_bytes(length?)
+    def builtin_random_bytes(args):
+        length = args[0].value if len(args) > 0 and hasattr(args[0], 'value') else 32
+        try:
+            result = CryptoPlugin.generate_random_bytes(length)
+            return String(result)
+        except Exception as e:
+            return Error(f"Random bytes error: {str(e)}")
+    # derive_address(public_key)
+    def builtin_derive_address(args):
+        if len(args) != 1:
+            return Error("derive_address expects 1 argument: public_key")
+        public_key = args[0].value if hasattr(args[0], 'value') else str(args[0])
+        try:
+            result = CryptoPlugin.derive_address(public_key)
+            return String(result)
+        except Exception as e:
+            return Error(f"Address derivation error: {str(e)}")
+    # Register all functions
+    env.set("hash", Function(builtin_hash))
+    env.set("sign", Function(builtin_sign))
+    env.set("signature", Function(builtin_sign))  # Alias for sign
+    env.set("verify_sig", Function(builtin_verify_sig))
+    env.set("keccak256", Function(builtin_keccak256))
+    env.set("generateKeypair", Function(builtin_generate_keypair))
+    env.set("randomBytes", Function(builtin_random_bytes))
+    env.set("deriveAddress", Function(builtin_derive_address))