{"id":29583859,"url":"https://github.com/paulmillr/scure-sr25519","last_synced_at":"2025-07-19T23:39:13.745Z","repository":{"id":264254222,"uuid":"890886545","full_name":"paulmillr/scure-sr25519","owner":"paulmillr","description":"Audited \u0026 minimal JS implementation of sr25519 cryptography for Polkadot.","archived":false,"fork":false,"pushed_at":"2025-06-17T19:54:29.000Z","size":735,"stargazers_count":27,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-08T02:39:47.289Z","etag":null,"topics":["ed25519","hdkd","merlin","schnorr","schnorrkel","sr25519","strobe","strobe128","vrf"],"latest_commit_sha":null,"homepage":"https://paulmillr.com/noble/#scure","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/paulmillr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/funding.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":"audit/2025-06-12-oak-security-audit.pdf","citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"paulmillr"}},"created_at":"2024-11-19T11:00:03.000Z","updated_at":"2025-06-20T07:41:03.000Z","dependencies_parsed_at":"2025-01-18T05:24:12.611Z","dependency_job_id":"9df406ca-072e-4389-84f1-7ccbf41bfd03","html_url":"https://github.com/paulmillr/scure-sr25519","commit_stats":null,"previous_names":["paulmillr/micro-sr25519","paulmillr/scure-sr25519"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/paulmillr/scure-sr25519","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulmillr%2Fscure-sr25519","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulmillr%2Fscure-sr25519/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulmillr%2Fscure-sr25519/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulmillr%2Fscure-sr25519/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/paulmillr","download_url":"https://codeload.github.com/paulmillr/scure-sr25519/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulmillr%2Fscure-sr25519/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266042550,"owners_count":23867965,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ed25519","hdkd","merlin","schnorr","schnorrkel","sr25519","strobe","strobe128","vrf"],"created_at":"2025-07-19T23:39:13.334Z","updated_at":"2025-07-19T23:39:13.736Z","avatar_url":"https://github.com/paulmillr.png","language":"JavaScript","funding_links":["https://github.com/sponsors/paulmillr"],"categories":[],"sub_categories":[],"readme":"# scure-sr25519\n\nAudited \u0026 minimal JS implementation of sr25519 cryptography for Polkadot.\n\n- 🧜‍♂️ [sr25519 curve](https://wiki.polkadot.network/docs/learn-cryptography)\n- Schnorr signature on Ristretto compressed Ed25519\n- Hierarchical Deterministic Key Derivation (HDKD)\n- Verifiable random function (VRF)\n- Uses [Merlin](https://merlin.cool/index.html), which is based on [Strobe128](https://strobe.sourceforge.io).\n  - **_NOTE_**: We implement only parts of these protocols which required for sr25519.\n- ➰ Uses [noble-curves](https://github.com/paulmillr/noble-curves) for underlying arithmetics\n\n### This library belongs to _scure_\n\n\u003e **scure** — audited micro-libraries.\n\n- Zero or minimal dependencies\n- Highly readable TypeScript / JS code\n- PGP-signed releases and transparent NPM builds\n- Check out [homepage](https://paulmillr.com/noble/#scure) \u0026 all libraries:\n  [base](https://github.com/paulmillr/scure-base),\n  [bip32](https://github.com/paulmillr/scure-bip32),\n  [bip39](https://github.com/paulmillr/scure-bip39),\n  [btc-signer](https://github.com/paulmillr/scure-btc-signer),\n  [sr25519](https://github.com/paulmillr/scure-sr25519),\n  [starknet](https://github.com/paulmillr/scure-starknet)\n\n## Usage\n\n\u003e `npm install @scure/sr25519`\n\n\u003e `deno add jsr:@scure/sr25519`\n\n\u003e `deno doc jsr:@scure/sr25519` # command-line documentation\n\n\n```ts\nimport * as sr25519 from '@scure/sr25519';\n```\n\nWe support all major platforms and runtimes.\n\n### Basic\n\n```ts\nconst signature = sr25519.sign(pair.secretKey, msg);\nconst isValid = sr25519.verify(msg, polkaSig, pair.publicKey);\nconst secretKey = sr25519.secretFromSeed(seed);\nconst publicKey = sr25519.getPublicKey(secretKey);\nconst sharedSecret = sr25519.getSharedSecret(secretKey, publicKey);\n```\n\n### HDKD\n\n```ts\n// hard\nconst secretKey = sr25519.HDKD.secretHard(pair.secretKey, cc);\nconst publicKey = sr25519.getPublicKey(secretKey);\n\n// soft\nconst secretKey = sr25519.HDKD.secretSoft(pair.secretKey, cc);\nconst publicKey = sr25519.getPublicKey(secretKey);\n\n// public\nconst publicKey = sr25519.HDKD.publicSoft(pubSelf, cc);\n```\n\n### VRF\n\n```ts\nconst signature = sr25519.vrf.sign(msg, pair.secretKey);\nconst isValid = sr25519.vrf.verify(msg, sig, pair.publicKey);\n```\n\n### Migration from `@polkadot/utils-crypto`\n\n- most derive methods in original return `{publicKey, privateKey}`, we always return only privateKey,\n  you can get publicKey via `getPublicKey`\n- privateKey is 64 byte (instead of 32 byte in ed25519), this is because we need nonce and privateKey can be\n  derived from others (HDKD), and there would be no seed for that.\n\n## Security\n\nThe library has been independently audited:\n\n- at version 1.0.0, in Jun 2025, by [Oak Security](https://www.oaksecurity.io)\n  - PDFs: [website](https://github.com/oak-security/audit-reports/tree/6c41310a67bf892aad99504faa5dbfd74e3ca408/Edgeware), [in-repo 1](./audit/2025-06-12-oak-security-audit.pdf), [in-repo 2](./audit/2025-06-12-oak-security-fuzzing.pdf)\n  - [Changes since audit](https://github.com/paulmillr/scure-sr25519/compare/1.0.0..main)\n  - Scope: everything\n  - The audit has been funded by [Edgeware](https://www.edgeware.io)\n\nIf you see anything unusual: investigate and report.\n\nLow-level operations are done using noble-curves and noble-hashes.\nConsult their README for more information about constant-timeness, memory dumping and supply chain security.\nA few notes:\n\n- Bigints are used, which are not const-time, but our elliptic curve cryptography\n  implementation ensures algorithmic const-time for high-level items, which is more important\n- Secrets are zeroized, but this is pointless, since at some point they are converted to bigints,\n  and bigints cannot be zeroized in JS. Even zeroization of uint8arrays provides no guarantees.\n\n## Speed\n\nBenchmark results on Apple M4:\n\n```\nsecretFromSeed x 493,827 ops/sec @ 2μs/op\ngetSharedSecret x 1,135 ops/sec @ 880μs/op\nHDKD.secretHard x 54,121 ops/sec @ 18μs/op\nHDKD.secretSoft x 4,108 ops/sec @ 243μs/op\nHDKD.publicSoft x 4,499 ops/sec @ 222μs/op\nsign x 2,475 ops/sec @ 403μs/op\nverify x 955 ops/sec @ 1ms/op\nvrfSign x 442 ops/sec @ 2ms/op\nvrfVerify x 344 ops/sec @ 2ms/op\n```\n\nComparison with wasm:\n\n```\nsecretFromSeed wasm x 21,615 ops/sec @ 46μs/op\ngetSharedSecret wasm x 6,681 ops/sec @ 149μs/op\nHDKD.secretHard wasm x 16,958 ops/sec @ 58μs/op\nHDKD.secretSoft wasm x 16,075 ops/sec @ 62μs/op\nHDKD.publicSoft wasm x 16,981 ops/sec @ 58μs/op\nsign wasm x 16,559 ops/sec @ 60μs/op\nverify wasm x 6,741 ops/sec @ 148μs/op\nvrfSign wasm x 2,470 ops/sec @ 404μs/op\nvrfVerify wasm x 2,917 ops/sec @ 342μs/op\n```\n\n## Contributing \u0026 testing\n\n1. Clone the repository\n2. `npm install` to install build dependencies like TypeScript\n3. `npm run build` to compile TypeScript code\n4. `npm run test` will execute all main tests\n\n## License\n\nThe MIT License (MIT)\n\nCopyright (c) 2024 Paul Miller [(https://paulmillr.com)](https://paulmillr.com)\n\nSee LICENSE file.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaulmillr%2Fscure-sr25519","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpaulmillr%2Fscure-sr25519","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaulmillr%2Fscure-sr25519/lists"}