Module crypto

Module crypto

Crypto functions.

Functions

factorize – Integer factorization

modular_power – Modular exponentiation

ton_crc16 – Calculates CRC16 using TON algorithm.

generate_random_bytes – Generates random byte array of the specified length and returns it in base64 format

convert_public_key_to_ton_safe_format – Converts public key to ton safe_format

generate_random_sign_keys – Generates random ed25519 key pair.

sign – Signs a data using the provided keys.

verify_signature – Verifies signed data using the provided public key. Raises error if verification is failed.

sha256 – Calculates SHA256 hash of the specified data.

sha512 – Calculates SHA512 hash of the specified data.

scrypt – Perform scrypt encryption

nacl_sign_keypair_from_secret_key – Generates a key pair for signing from the secret key

nacl_sign – Signs data using the signer's secret key.

nacl_sign_open – Verifies the signature and returns the unsigned message

nacl_sign_detached – Signs the message using the secret key and returns a signature.

nacl_sign_detached_verify – Verifies the signature with public key and unsigned data.

nacl_box_keypair – Generates a random NaCl key pair

nacl_box_keypair_from_secret_key – Generates key pair from a secret key

nacl_box – Public key authenticated encryption

nacl_box_open – Decrypt and verify the cipher text using the receivers secret key, the senders public key, and the nonce.

nacl_secret_box – Encrypt and authenticate message using nonce and secret key.

nacl_secret_box_open – Decrypts and verifies cipher text using nonce and secret key.

mnemonic_words – Prints the list of words from the specified dictionary

mnemonic_from_random – Generates a random mnemonic

mnemonic_from_entropy – Generates mnemonic from pre-generated entropy

mnemonic_verify – Validates a mnemonic phrase

mnemonic_derive_sign_keys – Derives a key pair for signing from the seed phrase

hdkey_xprv_from_mnemonic – Generates an extended master private key that will be the root for all the derived keys

hdkey_derive_from_xprv – Returns extended private key derived from the specified extended private key and child index

hdkey_derive_from_xprv_path – Derives the extended private key from the specified key and path

hdkey_secret_from_xprv – Extracts the private key from the serialized extended private key

hdkey_public_from_xprv – Extracts the public key from the serialized extended private key

chacha20 – Performs symmetric chacha20 encryption.

create_crypto_box – Creates a Crypto Box instance.

remove_crypto_box – Removes Crypto Box. Clears all secret data.

get_crypto_box_info – Get Crypto Box Info. Used to get encrypted_secret that should be used for all the cryptobox initializations except the first one.

get_crypto_box_seed_phrase – Get Crypto Box Seed Phrase.

get_signing_box_from_crypto_box – Get handle of Signing Box derived from Crypto Box.

get_encryption_box_from_crypto_box – Gets Encryption Box from Crypto Box.

clear_crypto_box_secret_cache – Removes cached secrets (overwrites with zeroes) from all signing and encryption boxes, derived from crypto box.

register_signing_box – Register an application implemented signing box.

get_signing_box – Creates a default signing box implementation.

signing_box_get_public_key – Returns public key of signing key pair.

signing_box_sign – Returns signed user data.

remove_signing_box – Removes signing box from SDK.

register_encryption_box – Register an application implemented encryption box.

remove_encryption_box – Removes encryption box from SDK

encryption_box_get_info – Queries info from the given encryption box

encryption_box_encrypt – Encrypts data using given encryption box Note.

encryption_box_decrypt – Decrypts data using given encryption box Note.

create_encryption_box – Creates encryption box with specified algorithm

Types

CryptoErrorCode

SigningBoxHandle

EncryptionBoxHandle

EncryptionBoxInfo – Encryption box information.

EncryptionAlgorithmAESVariant

EncryptionAlgorithmChaCha20Variant

EncryptionAlgorithmNaclBoxVariant

EncryptionAlgorithmNaclSecretBoxVariant

EncryptionAlgorithm

CipherMode

AesParamsEB

AesInfo

ChaCha20ParamsEB

NaclBoxParamsEB

NaclSecretBoxParamsEB

CryptoBoxSecretRandomSeedPhraseVariant – Creates Crypto Box from a random seed phrase. This option can be used if a developer doesn't want the seed phrase to leave the core library's memory, where it is stored encrypted.

CryptoBoxSecretPredefinedSeedPhraseVariant – Restores crypto box instance from an existing seed phrase. This type should be used when Crypto Box is initialized from a seed phrase, entered by a user.

CryptoBoxSecretEncryptedSecretVariant – Use this type for wallet reinitializations, when you already have encrypted_secret on hands. To get encrypted_secret, use get_crypto_box_info function after you initialized your crypto box for the first time.

CryptoBoxSecret – Crypto Box Secret.

CryptoBoxHandle

BoxEncryptionAlgorithmChaCha20Variant

BoxEncryptionAlgorithmNaclBoxVariant

BoxEncryptionAlgorithmNaclSecretBoxVariant

BoxEncryptionAlgorithm

ChaCha20ParamsCB

NaclBoxParamsCB

NaclSecretBoxParamsCB

MnemonicDictionary

ParamsOfFactorize

ResultOfFactorize

ParamsOfModularPower

ResultOfModularPower

ParamsOfTonCrc16

ResultOfTonCrc16

ParamsOfGenerateRandomBytes

ResultOfGenerateRandomBytes

ParamsOfConvertPublicKeyToTonSafeFormat

ResultOfConvertPublicKeyToTonSafeFormat

KeyPair

ParamsOfSign

ResultOfSign

ParamsOfVerifySignature

ResultOfVerifySignature

ParamsOfHash

ResultOfHash

ParamsOfScrypt

ResultOfScrypt

ParamsOfNaclSignKeyPairFromSecret

ParamsOfNaclSign

ResultOfNaclSign

ParamsOfNaclSignOpen

ResultOfNaclSignOpen

ResultOfNaclSignDetached

ParamsOfNaclSignDetachedVerify

ResultOfNaclSignDetachedVerify

ParamsOfNaclBoxKeyPairFromSecret

ParamsOfNaclBox

ResultOfNaclBox

ParamsOfNaclBoxOpen

ResultOfNaclBoxOpen

ParamsOfNaclSecretBox

ParamsOfNaclSecretBoxOpen

ParamsOfMnemonicWords

ResultOfMnemonicWords

ParamsOfMnemonicFromRandom

ResultOfMnemonicFromRandom

ParamsOfMnemonicFromEntropy

ResultOfMnemonicFromEntropy

ParamsOfMnemonicVerify

ResultOfMnemonicVerify

ParamsOfMnemonicDeriveSignKeys

ParamsOfHDKeyXPrvFromMnemonic

ResultOfHDKeyXPrvFromMnemonic

ParamsOfHDKeyDeriveFromXPrv

ResultOfHDKeyDeriveFromXPrv

ParamsOfHDKeyDeriveFromXPrvPath

ResultOfHDKeyDeriveFromXPrvPath

ParamsOfHDKeySecretFromXPrv

ResultOfHDKeySecretFromXPrv

ParamsOfHDKeyPublicFromXPrv

ResultOfHDKeyPublicFromXPrv

ParamsOfChaCha20

ResultOfChaCha20

ParamsOfCreateCryptoBox

RegisteredCryptoBox

ParamsOfAppPasswordProviderGetPasswordVariant

ParamsOfAppPasswordProvider – Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption

ResultOfAppPasswordProviderGetPasswordVariant

ResultOfAppPasswordProvider

ResultOfGetCryptoBoxInfo

ResultOfGetCryptoBoxSeedPhrase

ParamsOfGetSigningBoxFromCryptoBox

RegisteredSigningBox

ParamsOfGetEncryptionBoxFromCryptoBox

RegisteredEncryptionBox

ParamsOfAppSigningBoxGetPublicKeyVariant – Get signing box public key

ParamsOfAppSigningBoxSignVariant – Sign data

ParamsOfAppSigningBox – Signing box callbacks.

ResultOfAppSigningBoxGetPublicKeyVariant – Result of getting public key

ResultOfAppSigningBoxSignVariant – Result of signing data

ResultOfAppSigningBox – Returning values from signing box callbacks.

ResultOfSigningBoxGetPublicKey

ParamsOfSigningBoxSign

ResultOfSigningBoxSign

ParamsOfAppEncryptionBoxGetInfoVariant – Get encryption box info

ParamsOfAppEncryptionBoxEncryptVariant – Encrypt data

ParamsOfAppEncryptionBoxDecryptVariant – Decrypt data

ParamsOfAppEncryptionBox – Interface for data encryption/decryption

ResultOfAppEncryptionBoxGetInfoVariant – Result of getting encryption box info

ResultOfAppEncryptionBoxEncryptVariant – Result of encrypting data

ResultOfAppEncryptionBoxDecryptVariant – Result of decrypting data

ResultOfAppEncryptionBox – Returning values from signing box callbacks.

ParamsOfEncryptionBoxGetInfo

ResultOfEncryptionBoxGetInfo

ParamsOfEncryptionBoxEncrypt

ResultOfEncryptionBoxEncrypt

ParamsOfEncryptionBoxDecrypt

ResultOfEncryptionBoxDecrypt

ParamsOfCreateEncryptionBox

AppPasswordProvider – Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption

AppSigningBox – Signing box callbacks.

AppEncryptionBox – Interface for data encryption/decryption

Functions

factorize

Integer factorization

Performs prime factorization – decomposition of a composite number into a product of smaller prime integers (factors). See [https://en.wikipedia.org/wiki/Integer_factorization]

type ParamsOfFactorize = {
    composite: string
}

type ResultOfFactorize = {
    factors: string[]
}

function factorize(
    params: ParamsOfFactorize,
): Promise<ResultOfFactorize>;

function factorize_sync(
    params: ParamsOfFactorize,
): ResultOfFactorize;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • composite: string – Hexadecimal representation of u64 composite number.

Result

  • factors: string[] – Two factors of composite or empty if composite can't be factorized.

modular_power

Modular exponentiation

Performs modular exponentiation for big integers (base^exponent mod modulus). See [https://en.wikipedia.org/wiki/Modular_exponentiation]

type ParamsOfModularPower = {
    base: string,
    exponent: string,
    modulus: string
}

type ResultOfModularPower = {
    modular_power: string
}

function modular_power(
    params: ParamsOfModularPower,
): Promise<ResultOfModularPower>;

function modular_power_sync(
    params: ParamsOfModularPower,
): ResultOfModularPower;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • base: stringbase argument of calculation.

  • exponent: stringexponent argument of calculation.

  • modulus: stringmodulus argument of calculation.

Result

  • modular_power: string – Result of modular exponentiation

ton_crc16

Calculates CRC16 using TON algorithm.

type ParamsOfTonCrc16 = {
    data: string
}

type ResultOfTonCrc16 = {
    crc: number
}

function ton_crc16(
    params: ParamsOfTonCrc16,
): Promise<ResultOfTonCrc16>;

function ton_crc16_sync(
    params: ParamsOfTonCrc16,
): ResultOfTonCrc16;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • data: string – Input data for CRC calculation. Encoded with base64.

Result

  • crc: number – Calculated CRC for input data.

generate_random_bytes

Generates random byte array of the specified length and returns it in base64 format

type ParamsOfGenerateRandomBytes = {
    length: number
}

type ResultOfGenerateRandomBytes = {
    bytes: string
}

function generate_random_bytes(
    params: ParamsOfGenerateRandomBytes,
): Promise<ResultOfGenerateRandomBytes>;

function generate_random_bytes_sync(
    params: ParamsOfGenerateRandomBytes,
): ResultOfGenerateRandomBytes;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • length: number – Size of random byte array.

Result

  • bytes: string – Generated bytes encoded in base64.

convert_public_key_to_ton_safe_format

Converts public key to ton safe_format

type ParamsOfConvertPublicKeyToTonSafeFormat = {
    public_key: string
}

type ResultOfConvertPublicKeyToTonSafeFormat = {
    ton_public_key: string
}

function convert_public_key_to_ton_safe_format(
    params: ParamsOfConvertPublicKeyToTonSafeFormat,
): Promise<ResultOfConvertPublicKeyToTonSafeFormat>;

function convert_public_key_to_ton_safe_format_sync(
    params: ParamsOfConvertPublicKeyToTonSafeFormat,
): ResultOfConvertPublicKeyToTonSafeFormat;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • public_key: string – Public key - 64 symbols hex string

Result

  • ton_public_key: string – Public key represented in TON safe format.

generate_random_sign_keys

Generates random ed25519 key pair.

type KeyPair = {
    public: string,
    secret: string
}

function generate_random_sign_keys(): Promise<KeyPair>;

function generate_random_sign_keys_sync(): KeyPair;

NOTE: Sync version is available only for lib-node binding.

Result

  • public: string – Public key - 64 symbols hex string

  • secret: string – Private key - u64 symbols hex string

sign

Signs a data using the provided keys.

type ParamsOfSign = {
    unsigned: string,
    keys: KeyPair
}

type ResultOfSign = {
    signed: string,
    signature: string
}

function sign(
    params: ParamsOfSign,
): Promise<ResultOfSign>;

function sign_sync(
    params: ParamsOfSign,
): ResultOfSign;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • unsigned: string – Data that must be signed encoded in base64.

  • keys: KeyPair – Sign keys.

Result

  • signed: string – Signed data combined with signature encoded in base64.

  • signature: string – Signature encoded in hex.

verify_signature

Verifies signed data using the provided public key. Raises error if verification is failed.

type ParamsOfVerifySignature = {
    signed: string,
    public: string
}

type ResultOfVerifySignature = {
    unsigned: string
}

function verify_signature(
    params: ParamsOfVerifySignature,
): Promise<ResultOfVerifySignature>;

function verify_signature_sync(
    params: ParamsOfVerifySignature,
): ResultOfVerifySignature;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • signed: string – Signed data that must be verified encoded in base64.

  • public: string – Signer's public key - 64 symbols hex string

Result

  • unsigned: string – Unsigned data encoded in base64.

sha256

Calculates SHA256 hash of the specified data.

type ParamsOfHash = {
    data: string
}

type ResultOfHash = {
    hash: string
}

function sha256(
    params: ParamsOfHash,
): Promise<ResultOfHash>;

function sha256_sync(
    params: ParamsOfHash,
): ResultOfHash;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • data: string – Input data for hash calculation. Encoded with base64.

Result

  • hash: string – Hash of input data. Encoded with 'hex'.

sha512

Calculates SHA512 hash of the specified data.

type ParamsOfHash = {
    data: string
}

type ResultOfHash = {
    hash: string
}

function sha512(
    params: ParamsOfHash,
): Promise<ResultOfHash>;

function sha512_sync(
    params: ParamsOfHash,
): ResultOfHash;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • data: string – Input data for hash calculation. Encoded with base64.

Result

  • hash: string – Hash of input data. Encoded with 'hex'.

scrypt

Perform scrypt encryption

Derives key from password and key using scrypt algorithm. See [https://en.wikipedia.org/wiki/Scrypt].

Arguments

  • log_n - The log2 of the Scrypt parameter N

  • r - The Scrypt parameter r

  • p - The Scrypt parameter p

Conditions

  • log_n must be less than 64

  • r must be greater than 0 and less than or equal to 4294967295

  • p must be greater than 0 and less than 4294967295

  • log_n = 15 (n = 32768)

  • r = 8

  • p = 1

type ParamsOfScrypt = {
    password: string,
    salt: string,
    log_n: number,
    r: number,
    p: number,
    dk_len: number
}

type ResultOfScrypt = {
    key: string
}

function scrypt(
    params: ParamsOfScrypt,
): Promise<ResultOfScrypt>;

function scrypt_sync(
    params: ParamsOfScrypt,
): ResultOfScrypt;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • password: string – The password bytes to be hashed. Must be encoded with base64.

  • salt: string – Salt bytes that modify the hash to protect against Rainbow table attacks. Must be encoded with base64.

  • log_n: number – CPU/memory cost parameter

  • r: number – The block size parameter, which fine-tunes sequential memory read size and performance.

  • p: number – Parallelization parameter.

  • dk_len: number – Intended output length in octets of the derived key.

Result

  • key: string – Derived key. Encoded with hex.

nacl_sign_keypair_from_secret_key

Generates a key pair for signing from the secret key

NOTE: In the result the secret key is actually the concatenation of secret and public keys (128 symbols hex string) by design of NaCL. See also the stackexchange question.

type ParamsOfNaclSignKeyPairFromSecret = {
    secret: string
}

type KeyPair = {
    public: string,
    secret: string
}

function nacl_sign_keypair_from_secret_key(
    params: ParamsOfNaclSignKeyPairFromSecret,
): Promise<KeyPair>;

function nacl_sign_keypair_from_secret_key_sync(
    params: ParamsOfNaclSignKeyPairFromSecret,
): KeyPair;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string

Result

  • public: string – Public key - 64 symbols hex string

  • secret: string – Private key - u64 symbols hex string

nacl_sign

Signs data using the signer's secret key.

type ParamsOfNaclSign = {
    unsigned: string,
    secret: string
}

type ResultOfNaclSign = {
    signed: string
}

function nacl_sign(
    params: ParamsOfNaclSign,
): Promise<ResultOfNaclSign>;

function nacl_sign_sync(
    params: ParamsOfNaclSign,
): ResultOfNaclSign;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • unsigned: string – Data that must be signed encoded in base64.

  • secret: string – Signer's secret key - unprefixed 0-padded to 128 symbols hex string (concatenation of 64 symbols secret and 64 symbols public keys). See nacl_sign_keypair_from_secret_key.

Result

  • signed: string – Signed data, encoded in base64.

nacl_sign_open

Verifies the signature and returns the unsigned message

Verifies the signature in signed using the signer's public key public and returns the message unsigned.

If the signature fails verification, crypto_sign_open raises an exception.

type ParamsOfNaclSignOpen = {
    signed: string,
    public: string
}

type ResultOfNaclSignOpen = {
    unsigned: string
}

function nacl_sign_open(
    params: ParamsOfNaclSignOpen,
): Promise<ResultOfNaclSignOpen>;

function nacl_sign_open_sync(
    params: ParamsOfNaclSignOpen,
): ResultOfNaclSignOpen;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • signed: string – Signed data that must be unsigned. Encoded with base64.

  • public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string

Result

  • unsigned: string – Unsigned data, encoded in base64.

nacl_sign_detached

Signs the message using the secret key and returns a signature.

Signs the message unsigned using the secret key secret and returns a signature signature.

type ParamsOfNaclSign = {
    unsigned: string,
    secret: string
}

type ResultOfNaclSignDetached = {
    signature: string
}

function nacl_sign_detached(
    params: ParamsOfNaclSign,
): Promise<ResultOfNaclSignDetached>;

function nacl_sign_detached_sync(
    params: ParamsOfNaclSign,
): ResultOfNaclSignDetached;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • unsigned: string – Data that must be signed encoded in base64.

  • secret: string – Signer's secret key - unprefixed 0-padded to 128 symbols hex string (concatenation of 64 symbols secret and 64 symbols public keys). See nacl_sign_keypair_from_secret_key.

Result

  • signature: string – Signature encoded in hex.

nacl_sign_detached_verify

Verifies the signature with public key and unsigned data.

type ParamsOfNaclSignDetachedVerify = {
    unsigned: string,
    signature: string,
    public: string
}

type ResultOfNaclSignDetachedVerify = {
    succeeded: boolean
}

function nacl_sign_detached_verify(
    params: ParamsOfNaclSignDetachedVerify,
): Promise<ResultOfNaclSignDetachedVerify>;

function nacl_sign_detached_verify_sync(
    params: ParamsOfNaclSignDetachedVerify,
): ResultOfNaclSignDetachedVerify;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • unsigned: string – Unsigned data that must be verified. Encoded with base64.

  • signature: string – Signature that must be verified. Encoded with hex.

  • public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string.

Result

  • succeeded: booleantrue if verification succeeded or false if it failed

nacl_box_keypair

Generates a random NaCl key pair

type KeyPair = {
    public: string,
    secret: string
}

function nacl_box_keypair(): Promise<KeyPair>;

function nacl_box_keypair_sync(): KeyPair;

NOTE: Sync version is available only for lib-node binding.

Result

  • public: string – Public key - 64 symbols hex string

  • secret: string – Private key - u64 symbols hex string

nacl_box_keypair_from_secret_key

Generates key pair from a secret key

type ParamsOfNaclBoxKeyPairFromSecret = {
    secret: string
}

type KeyPair = {
    public: string,
    secret: string
}

function nacl_box_keypair_from_secret_key(
    params: ParamsOfNaclBoxKeyPairFromSecret,
): Promise<KeyPair>;

function nacl_box_keypair_from_secret_key_sync(
    params: ParamsOfNaclBoxKeyPairFromSecret,
): KeyPair;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string

Result

  • public: string – Public key - 64 symbols hex string

  • secret: string – Private key - u64 symbols hex string

nacl_box

Public key authenticated encryption

Encrypt and authenticate a message using the senders secret key, the receivers public key, and a nonce.

type ParamsOfNaclBox = {
    decrypted: string,
    nonce: string,
    their_public: string,
    secret: string
}

type ResultOfNaclBox = {
    encrypted: string
}

function nacl_box(
    params: ParamsOfNaclBox,
): Promise<ResultOfNaclBox>;

function nacl_box_sync(
    params: ParamsOfNaclBox,
): ResultOfNaclBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • decrypted: string – Data that must be encrypted encoded in base64.

  • nonce: string – Nonce, encoded in hex

  • their_public: string – Receiver's public key - unprefixed 0-padded to 64 symbols hex string

  • secret: string – Sender's private key - unprefixed 0-padded to 64 symbols hex string

Result

  • encrypted: string – Encrypted data encoded in base64.

nacl_box_open

Decrypt and verify the cipher text using the receivers secret key, the senders public key, and the nonce.

type ParamsOfNaclBoxOpen = {
    encrypted: string,
    nonce: string,
    their_public: string,
    secret: string
}

type ResultOfNaclBoxOpen = {
    decrypted: string
}

function nacl_box_open(
    params: ParamsOfNaclBoxOpen,
): Promise<ResultOfNaclBoxOpen>;

function nacl_box_open_sync(
    params: ParamsOfNaclBoxOpen,
): ResultOfNaclBoxOpen;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • encrypted: string – Data that must be decrypted. Encoded with base64.

  • nonce: string – Nonce

  • their_public: string – Sender's public key - unprefixed 0-padded to 64 symbols hex string

  • secret: string – Receiver's private key - unprefixed 0-padded to 64 symbols hex string

Result

  • decrypted: string – Decrypted data encoded in base64.

nacl_secret_box

Encrypt and authenticate message using nonce and secret key.

type ParamsOfNaclSecretBox = {
    decrypted: string,
    nonce: string,
    key: string
}

type ResultOfNaclBox = {
    encrypted: string
}

function nacl_secret_box(
    params: ParamsOfNaclSecretBox,
): Promise<ResultOfNaclBox>;

function nacl_secret_box_sync(
    params: ParamsOfNaclSecretBox,
): ResultOfNaclBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • decrypted: string – Data that must be encrypted. Encoded with base64.

  • nonce: string – Nonce in hex

  • key: string – Secret key - unprefixed 0-padded to 64 symbols hex string

Result

  • encrypted: string – Encrypted data encoded in base64.

nacl_secret_box_open

Decrypts and verifies cipher text using nonce and secret key.

type ParamsOfNaclSecretBoxOpen = {
    encrypted: string,
    nonce: string,
    key: string
}

type ResultOfNaclBoxOpen = {
    decrypted: string
}

function nacl_secret_box_open(
    params: ParamsOfNaclSecretBoxOpen,
): Promise<ResultOfNaclBoxOpen>;

function nacl_secret_box_open_sync(
    params: ParamsOfNaclSecretBoxOpen,
): ResultOfNaclBoxOpen;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • encrypted: string – Data that must be decrypted. Encoded with base64.

  • nonce: string – Nonce in hex

  • key: string – Secret key - unprefixed 0-padded to 64 symbols hex string

Result

  • decrypted: string – Decrypted data encoded in base64.

mnemonic_words

Prints the list of words from the specified dictionary

type ParamsOfMnemonicWords = {
    dictionary?: MnemonicDictionary
}

type ResultOfMnemonicWords = {
    words: string
}

function mnemonic_words(
    params: ParamsOfMnemonicWords,
): Promise<ResultOfMnemonicWords>;

function mnemonic_words_sync(
    params: ParamsOfMnemonicWords,
): ResultOfMnemonicWords;

NOTE: Sync version is available only for lib-node binding.

Parameters

Result

  • words: string – The list of mnemonic words

mnemonic_from_random

Generates a random mnemonic

Generates a random mnemonic from the specified dictionary and word count

type ParamsOfMnemonicFromRandom = {
    dictionary?: MnemonicDictionary,
    word_count?: number
}

type ResultOfMnemonicFromRandom = {
    phrase: string
}

function mnemonic_from_random(
    params: ParamsOfMnemonicFromRandom,
): Promise<ResultOfMnemonicFromRandom>;

function mnemonic_from_random_sync(
    params: ParamsOfMnemonicFromRandom,
): ResultOfMnemonicFromRandom;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Mnemonic word count

Result

  • phrase: string – String of mnemonic words

mnemonic_from_entropy

Generates mnemonic from pre-generated entropy

type ParamsOfMnemonicFromEntropy = {
    entropy: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}

type ResultOfMnemonicFromEntropy = {
    phrase: string
}

function mnemonic_from_entropy(
    params: ParamsOfMnemonicFromEntropy,
): Promise<ResultOfMnemonicFromEntropy>;

function mnemonic_from_entropy_sync(
    params: ParamsOfMnemonicFromEntropy,
): ResultOfMnemonicFromEntropy;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • entropy: string – Entropy bytes. Hex encoded.

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Mnemonic word count

Result

  • phrase: string – Phrase

mnemonic_verify

Validates a mnemonic phrase

The phrase supplied will be checked for word length and validated according to the checksum specified in BIP0039.

type ParamsOfMnemonicVerify = {
    phrase: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}

type ResultOfMnemonicVerify = {
    valid: boolean
}

function mnemonic_verify(
    params: ParamsOfMnemonicVerify,
): Promise<ResultOfMnemonicVerify>;

function mnemonic_verify_sync(
    params: ParamsOfMnemonicVerify,
): ResultOfMnemonicVerify;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • phrase: string – Phrase

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Word count

Result

  • valid: boolean – Flag indicating if the mnemonic is valid or not

mnemonic_derive_sign_keys

Derives a key pair for signing from the seed phrase

Validates the seed phrase, generates master key and then derives the key pair from the master key and the specified path

type ParamsOfMnemonicDeriveSignKeys = {
    phrase: string,
    path?: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}

type KeyPair = {
    public: string,
    secret: string
}

function mnemonic_derive_sign_keys(
    params: ParamsOfMnemonicDeriveSignKeys,
): Promise<KeyPair>;

function mnemonic_derive_sign_keys_sync(
    params: ParamsOfMnemonicDeriveSignKeys,
): KeyPair;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • phrase: string – Phrase

  • path?: string – Derivation path, for instance "m/44'/396'/0'/0/0"

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Word count

Result

  • public: string – Public key - 64 symbols hex string

  • secret: string – Private key - u64 symbols hex string

hdkey_xprv_from_mnemonic

Generates an extended master private key that will be the root for all the derived keys

type ParamsOfHDKeyXPrvFromMnemonic = {
    phrase: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}

type ResultOfHDKeyXPrvFromMnemonic = {
    xprv: string
}

function hdkey_xprv_from_mnemonic(
    params: ParamsOfHDKeyXPrvFromMnemonic,
): Promise<ResultOfHDKeyXPrvFromMnemonic>;

function hdkey_xprv_from_mnemonic_sync(
    params: ParamsOfHDKeyXPrvFromMnemonic,
): ResultOfHDKeyXPrvFromMnemonic;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • phrase: string – String with seed phrase

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Mnemonic word count

Result

  • xprv: string – Serialized extended master private key

hdkey_derive_from_xprv

Returns extended private key derived from the specified extended private key and child index

type ParamsOfHDKeyDeriveFromXPrv = {
    xprv: string,
    child_index: number,
    hardened: boolean
}

type ResultOfHDKeyDeriveFromXPrv = {
    xprv: string
}

function hdkey_derive_from_xprv(
    params: ParamsOfHDKeyDeriveFromXPrv,
): Promise<ResultOfHDKeyDeriveFromXPrv>;

function hdkey_derive_from_xprv_sync(
    params: ParamsOfHDKeyDeriveFromXPrv,
): ResultOfHDKeyDeriveFromXPrv;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • xprv: string – Serialized extended private key

  • child_index: number – Child index (see BIP-0032)

  • hardened: boolean – Indicates the derivation of hardened/not-hardened key (see BIP-0032)

Result

  • xprv: string – Serialized extended private key

hdkey_derive_from_xprv_path

Derives the extended private key from the specified key and path

type ParamsOfHDKeyDeriveFromXPrvPath = {
    xprv: string,
    path: string
}

type ResultOfHDKeyDeriveFromXPrvPath = {
    xprv: string
}

function hdkey_derive_from_xprv_path(
    params: ParamsOfHDKeyDeriveFromXPrvPath,
): Promise<ResultOfHDKeyDeriveFromXPrvPath>;

function hdkey_derive_from_xprv_path_sync(
    params: ParamsOfHDKeyDeriveFromXPrvPath,
): ResultOfHDKeyDeriveFromXPrvPath;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • xprv: string – Serialized extended private key

  • path: string – Derivation path, for instance "m/44'/396'/0'/0/0"

Result

  • xprv: string – Derived serialized extended private key

hdkey_secret_from_xprv

Extracts the private key from the serialized extended private key

type ParamsOfHDKeySecretFromXPrv = {
    xprv: string
}

type ResultOfHDKeySecretFromXPrv = {
    secret: string
}

function hdkey_secret_from_xprv(
    params: ParamsOfHDKeySecretFromXPrv,
): Promise<ResultOfHDKeySecretFromXPrv>;

function hdkey_secret_from_xprv_sync(
    params: ParamsOfHDKeySecretFromXPrv,
): ResultOfHDKeySecretFromXPrv;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • xprv: string – Serialized extended private key

Result

  • secret: string – Private key - 64 symbols hex string

hdkey_public_from_xprv

Extracts the public key from the serialized extended private key

type ParamsOfHDKeyPublicFromXPrv = {
    xprv: string
}

type ResultOfHDKeyPublicFromXPrv = {
    public: string
}

function hdkey_public_from_xprv(
    params: ParamsOfHDKeyPublicFromXPrv,
): Promise<ResultOfHDKeyPublicFromXPrv>;

function hdkey_public_from_xprv_sync(
    params: ParamsOfHDKeyPublicFromXPrv,
): ResultOfHDKeyPublicFromXPrv;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • xprv: string – Serialized extended private key

Result

  • public: string – Public key - 64 symbols hex string

chacha20

Performs symmetric chacha20 encryption.

type ParamsOfChaCha20 = {
    data: string,
    key: string,
    nonce: string
}

type ResultOfChaCha20 = {
    data: string
}

function chacha20(
    params: ParamsOfChaCha20,
): Promise<ResultOfChaCha20>;

function chacha20_sync(
    params: ParamsOfChaCha20,
): ResultOfChaCha20;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • data: string – Source data to be encrypted or decrypted. Must be encoded with base64.

  • key: string – 256-bit key. Must be encoded with hex.

  • nonce: string – 96-bit nonce. Must be encoded with hex.

Result

  • data: string – Encrypted/decrypted data. Encoded with base64.

create_crypto_box

Creates a Crypto Box instance.

Crypto Box is a root crypto object, that encapsulates some secret (seed phrase usually) in encrypted form and acts as a factory for all crypto primitives used in SDK: keys for signing and encryption, derived from this secret.

Crypto Box encrypts original Seed Phrase with salt and password that is retrieved from password_provider callback, implemented on Application side.

When used, decrypted secret shows up in core library's memory for a very short period of time and then is immediately overwritten with zeroes.

type ParamsOfCreateCryptoBox = {
    secret_encryption_salt: string,
    secret: CryptoBoxSecret
}

type RegisteredCryptoBox = {
    handle: CryptoBoxHandle
}

function create_crypto_box(
    params: ParamsOfCreateCryptoBox,
    obj: AppPasswordProvider,
): Promise<RegisteredCryptoBox>;

function create_crypto_box_sync(
    params: ParamsOfCreateCryptoBox,
): RegisteredCryptoBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • secret_encryption_salt: string – Salt used for secret encryption. For example, a mobile device can use device ID as salt.

  • secret: CryptoBoxSecret – Cryptobox secret

  • obj: AppPasswordProvider – Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption

Result

remove_crypto_box

Removes Crypto Box. Clears all secret data.

type RegisteredCryptoBox = {
    handle: CryptoBoxHandle
}

function remove_crypto_box(
    params: RegisteredCryptoBox,
): Promise<void>;

function remove_crypto_box_sync(
    params: RegisteredCryptoBox,
): void;

NOTE: Sync version is available only for lib-node binding.

Parameters

get_crypto_box_info

Get Crypto Box Info. Used to get encrypted_secret that should be used for all the cryptobox initializations except the first one.

type RegisteredCryptoBox = {
    handle: CryptoBoxHandle
}

type ResultOfGetCryptoBoxInfo = {
    encrypted_secret: string
}

function get_crypto_box_info(
    params: RegisteredCryptoBox,
): Promise<ResultOfGetCryptoBoxInfo>;

function get_crypto_box_info_sync(
    params: RegisteredCryptoBox,
): ResultOfGetCryptoBoxInfo;

NOTE: Sync version is available only for lib-node binding.

Parameters

Result

  • encrypted_secret: string – Secret (seed phrase) encrypted with salt and password.

get_crypto_box_seed_phrase

Get Crypto Box Seed Phrase.

Attention! Store this data in your application for a very short period of time and overwrite it with zeroes ASAP.

type RegisteredCryptoBox = {
    handle: CryptoBoxHandle
}

type ResultOfGetCryptoBoxSeedPhrase = {
    phrase: string,
    dictionary: MnemonicDictionary,
    wordcount: number
}

function get_crypto_box_seed_phrase(
    params: RegisteredCryptoBox,
): Promise<ResultOfGetCryptoBoxSeedPhrase>;

function get_crypto_box_seed_phrase_sync(
    params: RegisteredCryptoBox,
): ResultOfGetCryptoBoxSeedPhrase;

NOTE: Sync version is available only for lib-node binding.

Parameters

Result

get_signing_box_from_crypto_box

Get handle of Signing Box derived from Crypto Box.

type ParamsOfGetSigningBoxFromCryptoBox = {
    handle: number,
    hdpath?: string,
    secret_lifetime?: number
}

type RegisteredSigningBox = {
    handle: SigningBoxHandle
}

function get_signing_box_from_crypto_box(
    params: ParamsOfGetSigningBoxFromCryptoBox,
): Promise<RegisteredSigningBox>;

function get_signing_box_from_crypto_box_sync(
    params: ParamsOfGetSigningBoxFromCryptoBox,
): RegisteredSigningBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • handle: number – Crypto Box Handle.

  • hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.

  • secret_lifetime?: number – Store derived secret for this lifetime (in ms). The timer starts after each signing box operation. Secrets will be deleted immediately after each signing box operation, if this value is not set.

Result

get_encryption_box_from_crypto_box

Gets Encryption Box from Crypto Box.

Derives encryption keypair from cryptobox secret and hdpath and stores it in cache for secret_lifetime or until explicitly cleared by clear_crypto_box_secret_cache method. If secret_lifetime is not specified - overwrites encryption secret with zeroes immediately after encryption operation.

type ParamsOfGetEncryptionBoxFromCryptoBox = {
    handle: number,
    hdpath?: string,
    algorithm: BoxEncryptionAlgorithm,
    secret_lifetime?: number
}

type RegisteredEncryptionBox = {
    handle: EncryptionBoxHandle
}

function get_encryption_box_from_crypto_box(
    params: ParamsOfGetEncryptionBoxFromCryptoBox,
): Promise<RegisteredEncryptionBox>;

function get_encryption_box_from_crypto_box_sync(
    params: ParamsOfGetEncryptionBoxFromCryptoBox,
): RegisteredEncryptionBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • handle: number – Crypto Box Handle.

  • hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.

  • algorithm: BoxEncryptionAlgorithm – Encryption algorithm.

  • secret_lifetime?: number – Store derived secret for encryption algorithm for this lifetime (in ms). The timer starts after each encryption box operation. Secrets will be deleted (overwritten with zeroes) after each encryption operation, if this value is not set.

Result

clear_crypto_box_secret_cache

Removes cached secrets (overwrites with zeroes) from all signing and encryption boxes, derived from crypto box.

type RegisteredCryptoBox = {
    handle: CryptoBoxHandle
}

function clear_crypto_box_secret_cache(
    params: RegisteredCryptoBox,
): Promise<void>;

function clear_crypto_box_secret_cache_sync(
    params: RegisteredCryptoBox,
): void;

NOTE: Sync version is available only for lib-node binding.

Parameters

register_signing_box

Register an application implemented signing box.

type RegisteredSigningBox = {
    handle: SigningBoxHandle
}

function register_signing_box(
    obj: AppSigningBox,
): Promise<RegisteredSigningBox>;

function register_signing_box_sync(): RegisteredSigningBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

Result

get_signing_box

Creates a default signing box implementation.

type KeyPair = {
    public: string,
    secret: string
}

type RegisteredSigningBox = {
    handle: SigningBoxHandle
}

function get_signing_box(
    params: KeyPair,
): Promise<RegisteredSigningBox>;

function get_signing_box_sync(
    params: KeyPair,
): RegisteredSigningBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • public: string – Public key - 64 symbols hex string

  • secret: string – Private key - u64 symbols hex string

Result

signing_box_get_public_key

Returns public key of signing key pair.

type RegisteredSigningBox = {
    handle: SigningBoxHandle
}

type ResultOfSigningBoxGetPublicKey = {
    pubkey: string
}

function signing_box_get_public_key(
    params: RegisteredSigningBox,
): Promise<ResultOfSigningBoxGetPublicKey>;

function signing_box_get_public_key_sync(
    params: RegisteredSigningBox,
): ResultOfSigningBoxGetPublicKey;

NOTE: Sync version is available only for lib-node binding.

Parameters

Result

  • pubkey: string – Public key of signing box. Encoded with hex

signing_box_sign

Returns signed user data.

type ParamsOfSigningBoxSign = {
    signing_box: SigningBoxHandle,
    unsigned: string
}

type ResultOfSigningBoxSign = {
    signature: string
}

function signing_box_sign(
    params: ParamsOfSigningBoxSign,
): Promise<ResultOfSigningBoxSign>;

function signing_box_sign_sync(
    params: ParamsOfSigningBoxSign,
): ResultOfSigningBoxSign;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • signing_box: SigningBoxHandle – Signing Box handle.

  • unsigned: string – Unsigned user data. Must be encoded with base64.

Result

  • signature: string – Data signature. Encoded with hex.

remove_signing_box

Removes signing box from SDK.

type RegisteredSigningBox = {
    handle: SigningBoxHandle
}

function remove_signing_box(
    params: RegisteredSigningBox,
): Promise<void>;

function remove_signing_box_sync(
    params: RegisteredSigningBox,
): void;

NOTE: Sync version is available only for lib-node binding.

Parameters

register_encryption_box

Register an application implemented encryption box.

type RegisteredEncryptionBox = {
    handle: EncryptionBoxHandle
}

function register_encryption_box(
    obj: AppEncryptionBox,
): Promise<RegisteredEncryptionBox>;

function register_encryption_box_sync(): RegisteredEncryptionBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

Result

remove_encryption_box

Removes encryption box from SDK

type RegisteredEncryptionBox = {
    handle: EncryptionBoxHandle
}

function remove_encryption_box(
    params: RegisteredEncryptionBox,
): Promise<void>;

function remove_encryption_box_sync(
    params: RegisteredEncryptionBox,
): void;

NOTE: Sync version is available only for lib-node binding.

Parameters

encryption_box_get_info

Queries info from the given encryption box

type ParamsOfEncryptionBoxGetInfo = {
    encryption_box: EncryptionBoxHandle
}

type ResultOfEncryptionBoxGetInfo = {
    info: EncryptionBoxInfo
}

function encryption_box_get_info(
    params: ParamsOfEncryptionBoxGetInfo,
): Promise<ResultOfEncryptionBoxGetInfo>;

function encryption_box_get_info_sync(
    params: ParamsOfEncryptionBoxGetInfo,
): ResultOfEncryptionBoxGetInfo;

NOTE: Sync version is available only for lib-node binding.

Parameters

Result

encryption_box_encrypt

Encrypts data using given encryption box Note.

Block cipher algorithms pad data to cipher block size so encrypted data can be longer then original data. Client should store the original data size after encryption and use it after decryption to retrieve the original data from decrypted data.

type ParamsOfEncryptionBoxEncrypt = {
    encryption_box: EncryptionBoxHandle,
    data: string
}

type ResultOfEncryptionBoxEncrypt = {
    data: string
}

function encryption_box_encrypt(
    params: ParamsOfEncryptionBoxEncrypt,
): Promise<ResultOfEncryptionBoxEncrypt>;

function encryption_box_encrypt_sync(
    params: ParamsOfEncryptionBoxEncrypt,
): ResultOfEncryptionBoxEncrypt;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • encryption_box: EncryptionBoxHandle – Encryption box handle

  • data: string – Data to be encrypted, encoded in Base64

Result

  • data: string – Encrypted data, encoded in Base64. Padded to cipher block size

encryption_box_decrypt

Decrypts data using given encryption box Note.

Block cipher algorithms pad data to cipher block size so encrypted data can be longer then original data. Client should store the original data size after encryption and use it after decryption to retrieve the original data from decrypted data.

type ParamsOfEncryptionBoxDecrypt = {
    encryption_box: EncryptionBoxHandle,
    data: string
}

type ResultOfEncryptionBoxDecrypt = {
    data: string
}

function encryption_box_decrypt(
    params: ParamsOfEncryptionBoxDecrypt,
): Promise<ResultOfEncryptionBoxDecrypt>;

function encryption_box_decrypt_sync(
    params: ParamsOfEncryptionBoxDecrypt,
): ResultOfEncryptionBoxDecrypt;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • encryption_box: EncryptionBoxHandle – Encryption box handle

  • data: string – Data to be decrypted, encoded in Base64

Result

  • data: string – Decrypted data, encoded in Base64.

create_encryption_box

Creates encryption box with specified algorithm

type ParamsOfCreateEncryptionBox = {
    algorithm: EncryptionAlgorithm
}

type RegisteredEncryptionBox = {
    handle: EncryptionBoxHandle
}

function create_encryption_box(
    params: ParamsOfCreateEncryptionBox,
): Promise<RegisteredEncryptionBox>;

function create_encryption_box_sync(
    params: ParamsOfCreateEncryptionBox,
): RegisteredEncryptionBox;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • algorithm: EncryptionAlgorithm – Encryption algorithm specifier including cipher parameters (key, IV, etc)

Result

Types

CryptoErrorCode

enum CryptoErrorCode {
    InvalidPublicKey = 100,
    InvalidSecretKey = 101,
    InvalidKey = 102,
    InvalidFactorizeChallenge = 106,
    InvalidBigInt = 107,
    ScryptFailed = 108,
    InvalidKeySize = 109,
    NaclSecretBoxFailed = 110,
    NaclBoxFailed = 111,
    NaclSignFailed = 112,
    Bip39InvalidEntropy = 113,
    Bip39InvalidPhrase = 114,
    Bip32InvalidKey = 115,
    Bip32InvalidDerivePath = 116,
    Bip39InvalidDictionary = 117,
    Bip39InvalidWordCount = 118,
    MnemonicGenerationFailed = 119,
    MnemonicFromEntropyFailed = 120,
    SigningBoxNotRegistered = 121,
    InvalidSignature = 122,
    EncryptionBoxNotRegistered = 123,
    InvalidIvSize = 124,
    UnsupportedCipherMode = 125,
    CannotCreateCipher = 126,
    EncryptDataError = 127,
    DecryptDataError = 128,
    IvRequired = 129,
    CryptoBoxNotRegistered = 130,
    InvalidCryptoBoxType = 131,
    CryptoBoxSecretSerializationError = 132,
    CryptoBoxSecretDeserializationError = 133,
    InvalidNonceSize = 134
}

One of the following value:

  • InvalidPublicKey = 100

  • InvalidSecretKey = 101

  • InvalidKey = 102

  • InvalidFactorizeChallenge = 106

  • InvalidBigInt = 107

  • ScryptFailed = 108

  • InvalidKeySize = 109

  • NaclSecretBoxFailed = 110

  • NaclBoxFailed = 111

  • NaclSignFailed = 112

  • Bip39InvalidEntropy = 113

  • Bip39InvalidPhrase = 114

  • Bip32InvalidKey = 115

  • Bip32InvalidDerivePath = 116

  • Bip39InvalidDictionary = 117

  • Bip39InvalidWordCount = 118

  • MnemonicGenerationFailed = 119

  • MnemonicFromEntropyFailed = 120

  • SigningBoxNotRegistered = 121

  • InvalidSignature = 122

  • EncryptionBoxNotRegistered = 123

  • InvalidIvSize = 124

  • UnsupportedCipherMode = 125

  • CannotCreateCipher = 126

  • EncryptDataError = 127

  • DecryptDataError = 128

  • IvRequired = 129

  • CryptoBoxNotRegistered = 130

  • InvalidCryptoBoxType = 131

  • CryptoBoxSecretSerializationError = 132

  • CryptoBoxSecretDeserializationError = 133

  • InvalidNonceSize = 134

SigningBoxHandle

type SigningBoxHandle = number

EncryptionBoxHandle

type EncryptionBoxHandle = number

EncryptionBoxInfo

Encryption box information.

type EncryptionBoxInfo = {
    hdpath?: string,
    algorithm?: string,
    options?: any,
    public?: any
}
  • hdpath?: string – Derivation path, for instance "m/44'/396'/0'/0/0"

  • algorithm?: string – Cryptographic algorithm, used by this encryption box

  • options?: any – Options, depends on algorithm and specific encryption box implementation

  • public?: any – Public information, depends on algorithm

EncryptionAlgorithmAESVariant

type EncryptionAlgorithmAESVariant = {
    value: AesParamsEB
}

EncryptionAlgorithmChaCha20Variant

type EncryptionAlgorithmChaCha20Variant = {
    value: ChaCha20ParamsEB
}

EncryptionAlgorithmNaclBoxVariant

type EncryptionAlgorithmNaclBoxVariant = {
    value: NaclBoxParamsEB
}

EncryptionAlgorithmNaclSecretBoxVariant

type EncryptionAlgorithmNaclSecretBoxVariant = {
    value: NaclSecretBoxParamsEB
}

EncryptionAlgorithm

type EncryptionAlgorithm = ({
    type: 'AES'
} & EncryptionAlgorithmAESVariant) | ({
    type: 'ChaCha20'
} & EncryptionAlgorithmChaCha20Variant) | ({
    type: 'NaclBox'
} & EncryptionAlgorithmNaclBoxVariant) | ({
    type: 'NaclSecretBox'
} & EncryptionAlgorithmNaclSecretBoxVariant)

Depends on value of the type field.

When type is 'AES'

When type is 'ChaCha20'

When type is 'NaclBox'

When type is 'NaclSecretBox'

Variant constructors:

function encryptionAlgorithmAES(value: AesParamsEB): EncryptionAlgorithm;
function encryptionAlgorithmChaCha20(value: ChaCha20ParamsEB): EncryptionAlgorithm;
function encryptionAlgorithmNaclBox(value: NaclBoxParamsEB): EncryptionAlgorithm;
function encryptionAlgorithmNaclSecretBox(value: NaclSecretBoxParamsEB): EncryptionAlgorithm;

CipherMode

enum CipherMode {
    CBC = "CBC",
    CFB = "CFB",
    CTR = "CTR",
    ECB = "ECB",
    OFB = "OFB"
}

One of the following value:

  • CBC = "CBC"

  • CFB = "CFB"

  • CTR = "CTR"

  • ECB = "ECB"

  • OFB = "OFB"

AesParamsEB

type AesParamsEB = {
    mode: CipherMode,
    key: string,
    iv?: string
}

AesInfo

type AesInfo = {
    mode: CipherMode,
    iv?: string
}

ChaCha20ParamsEB

type ChaCha20ParamsEB = {
    key: string,
    nonce: string
}
  • key: string – 256-bit key. Must be encoded with hex.

  • nonce: string – 96-bit nonce. Must be encoded with hex.

NaclBoxParamsEB

type NaclBoxParamsEB = {
    their_public: string,
    secret: string,
    nonce: string
}
  • their_public: string – 256-bit key. Must be encoded with hex.

  • secret: string – 256-bit key. Must be encoded with hex.

  • nonce: string – 96-bit nonce. Must be encoded with hex.

NaclSecretBoxParamsEB

type NaclSecretBoxParamsEB = {
    key: string,
    nonce: string
}
  • key: string – Secret key - unprefixed 0-padded to 64 symbols hex string

  • nonce: string – Nonce in hex

CryptoBoxSecretRandomSeedPhraseVariant

Creates Crypto Box from a random seed phrase. This option can be used if a developer doesn't want the seed phrase to leave the core library's memory, where it is stored encrypted.

This type should be used upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.

Get encrypted_secret with get_crypto_box_info function and store it on your side.

type CryptoBoxSecretRandomSeedPhraseVariant = {
    dictionary: MnemonicDictionary,
    wordcount: number
}

CryptoBoxSecretPredefinedSeedPhraseVariant

Restores crypto box instance from an existing seed phrase. This type should be used when Crypto Box is initialized from a seed phrase, entered by a user.

This type should be used only upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.

Get encrypted_secret with get_crypto_box_info function and store it on your side.

type CryptoBoxSecretPredefinedSeedPhraseVariant = {
    phrase: string,
    dictionary: MnemonicDictionary,
    wordcount: number
}

CryptoBoxSecretEncryptedSecretVariant

Use this type for wallet reinitializations, when you already have encrypted_secret on hands. To get encrypted_secret, use get_crypto_box_info function after you initialized your crypto box for the first time.

It is an object, containing seed phrase or private key, encrypted with secret_encryption_salt and password from password_provider.

Note that if you want to change salt or password provider, then you need to reinitialize the wallet with PredefinedSeedPhrase, then get EncryptedSecret via get_crypto_box_info, store it somewhere, and only after that initialize the wallet with EncryptedSecret type.

type CryptoBoxSecretEncryptedSecretVariant = {
    encrypted_secret: string
}
  • encrypted_secret: string – It is an object, containing encrypted seed phrase or private key (now we support only seed phrase).

CryptoBoxSecret

Crypto Box Secret.

type CryptoBoxSecret = ({
    type: 'RandomSeedPhrase'
} & CryptoBoxSecretRandomSeedPhraseVariant) | ({
    type: 'PredefinedSeedPhrase'
} & CryptoBoxSecretPredefinedSeedPhraseVariant) | ({
    type: 'EncryptedSecret'
} & CryptoBoxSecretEncryptedSecretVariant)

Depends on value of the type field.

When type is 'RandomSeedPhrase'

Creates Crypto Box from a random seed phrase. This option can be used if a developer doesn't want the seed phrase to leave the core library's memory, where it is stored encrypted.

This type should be used upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.

Get encrypted_secret with get_crypto_box_info function and store it on your side.

When type is 'PredefinedSeedPhrase'

Restores crypto box instance from an existing seed phrase. This type should be used when Crypto Box is initialized from a seed phrase, entered by a user.

This type should be used only upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.

Get encrypted_secret with get_crypto_box_info function and store it on your side.

When type is 'EncryptedSecret'

Use this type for wallet reinitializations, when you already have encrypted_secret on hands. To get encrypted_secret, use get_crypto_box_info function after you initialized your crypto box for the first time.

It is an object, containing seed phrase or private key, encrypted with secret_encryption_salt and password from password_provider.

Note that if you want to change salt or password provider, then you need to reinitialize the wallet with PredefinedSeedPhrase, then get EncryptedSecret via get_crypto_box_info, store it somewhere, and only after that initialize the wallet with EncryptedSecret type.

  • encrypted_secret: string – It is an object, containing encrypted seed phrase or private key (now we support only seed phrase).

Variant constructors:

function cryptoBoxSecretRandomSeedPhrase(dictionary: MnemonicDictionary, wordcount: number): CryptoBoxSecret;
function cryptoBoxSecretPredefinedSeedPhrase(phrase: string, dictionary: MnemonicDictionary, wordcount: number): CryptoBoxSecret;
function cryptoBoxSecretEncryptedSecret(encrypted_secret: string): CryptoBoxSecret;

CryptoBoxHandle

type CryptoBoxHandle = number

BoxEncryptionAlgorithmChaCha20Variant

type BoxEncryptionAlgorithmChaCha20Variant = {
    value: ChaCha20ParamsCB
}

BoxEncryptionAlgorithmNaclBoxVariant

type BoxEncryptionAlgorithmNaclBoxVariant = {
    value: NaclBoxParamsCB
}

BoxEncryptionAlgorithmNaclSecretBoxVariant

type BoxEncryptionAlgorithmNaclSecretBoxVariant = {
    value: NaclSecretBoxParamsCB
}

BoxEncryptionAlgorithm

type BoxEncryptionAlgorithm = ({
    type: 'ChaCha20'
} & BoxEncryptionAlgorithmChaCha20Variant) | ({
    type: 'NaclBox'
} & BoxEncryptionAlgorithmNaclBoxVariant) | ({
    type: 'NaclSecretBox'
} & BoxEncryptionAlgorithmNaclSecretBoxVariant)

Depends on value of the type field.

When type is 'ChaCha20'

When type is 'NaclBox'

When type is 'NaclSecretBox'

Variant constructors:

function boxEncryptionAlgorithmChaCha20(value: ChaCha20ParamsCB): BoxEncryptionAlgorithm;
function boxEncryptionAlgorithmNaclBox(value: NaclBoxParamsCB): BoxEncryptionAlgorithm;
function boxEncryptionAlgorithmNaclSecretBox(value: NaclSecretBoxParamsCB): BoxEncryptionAlgorithm;

ChaCha20ParamsCB

type ChaCha20ParamsCB = {
    nonce: string
}
  • nonce: string – 96-bit nonce. Must be encoded with hex.

NaclBoxParamsCB

type NaclBoxParamsCB = {
    their_public: string,
    nonce: string
}
  • their_public: string – 256-bit key. Must be encoded with hex.

  • nonce: string – 96-bit nonce. Must be encoded with hex.

NaclSecretBoxParamsCB

type NaclSecretBoxParamsCB = {
    nonce: string
}
  • nonce: string – Nonce in hex

MnemonicDictionary

enum MnemonicDictionary {
    Ton = 0,
    English = 1,
    ChineseSimplified = 2,
    ChineseTraditional = 3,
    French = 4,
    Italian = 5,
    Japanese = 6,
    Korean = 7,
    Spanish = 8
}

One of the following value:

  • Ton = 0 – TON compatible dictionary

  • English = 1 – English BIP-39 dictionary

  • ChineseSimplified = 2 – Chinese simplified BIP-39 dictionary

  • ChineseTraditional = 3 – Chinese traditional BIP-39 dictionary

  • French = 4 – French BIP-39 dictionary

  • Italian = 5 – Italian BIP-39 dictionary

  • Japanese = 6 – Japanese BIP-39 dictionary

  • Korean = 7 – Korean BIP-39 dictionary

  • Spanish = 8 – Spanish BIP-39 dictionary

ParamsOfFactorize

type ParamsOfFactorize = {
    composite: string
}
  • composite: string – Hexadecimal representation of u64 composite number.

ResultOfFactorize

type ResultOfFactorize = {
    factors: string[]
}
  • factors: string[] – Two factors of composite or empty if composite can't be factorized.

ParamsOfModularPower

type ParamsOfModularPower = {
    base: string,
    exponent: string,
    modulus: string
}
  • base: stringbase argument of calculation.

  • exponent: stringexponent argument of calculation.

  • modulus: stringmodulus argument of calculation.

ResultOfModularPower

type ResultOfModularPower = {
    modular_power: string
}
  • modular_power: string – Result of modular exponentiation

ParamsOfTonCrc16

type ParamsOfTonCrc16 = {
    data: string
}
  • data: string – Input data for CRC calculation. Encoded with base64.

ResultOfTonCrc16

type ResultOfTonCrc16 = {
    crc: number
}
  • crc: number – Calculated CRC for input data.

ParamsOfGenerateRandomBytes

type ParamsOfGenerateRandomBytes = {
    length: number
}
  • length: number – Size of random byte array.

ResultOfGenerateRandomBytes

type ResultOfGenerateRandomBytes = {
    bytes: string
}
  • bytes: string – Generated bytes encoded in base64.

ParamsOfConvertPublicKeyToTonSafeFormat

type ParamsOfConvertPublicKeyToTonSafeFormat = {
    public_key: string
}
  • public_key: string – Public key - 64 symbols hex string

ResultOfConvertPublicKeyToTonSafeFormat

type ResultOfConvertPublicKeyToTonSafeFormat = {
    ton_public_key: string
}
  • ton_public_key: string – Public key represented in TON safe format.

KeyPair

type KeyPair = {
    public: string,
    secret: string
}
  • public: string – Public key - 64 symbols hex string

  • secret: string – Private key - u64 symbols hex string

ParamsOfSign

type ParamsOfSign = {
    unsigned: string,
    keys: KeyPair
}
  • unsigned: string – Data that must be signed encoded in base64.

  • keys: KeyPair – Sign keys.

ResultOfSign

type ResultOfSign = {
    signed: string,
    signature: string
}
  • signed: string – Signed data combined with signature encoded in base64.

  • signature: string – Signature encoded in hex.

ParamsOfVerifySignature

type ParamsOfVerifySignature = {
    signed: string,
    public: string
}
  • signed: string – Signed data that must be verified encoded in base64.

  • public: string – Signer's public key - 64 symbols hex string

ResultOfVerifySignature

type ResultOfVerifySignature = {
    unsigned: string
}
  • unsigned: string – Unsigned data encoded in base64.

ParamsOfHash

type ParamsOfHash = {
    data: string
}
  • data: string – Input data for hash calculation. Encoded with base64.

ResultOfHash

type ResultOfHash = {
    hash: string
}
  • hash: string – Hash of input data. Encoded with 'hex'.

ParamsOfScrypt

type ParamsOfScrypt = {
    password: string,
    salt: string,
    log_n: number,
    r: number,
    p: number,
    dk_len: number
}
  • password: string – The password bytes to be hashed. Must be encoded with base64.

  • salt: string – Salt bytes that modify the hash to protect against Rainbow table attacks. Must be encoded with base64.

  • log_n: number – CPU/memory cost parameter

  • r: number – The block size parameter, which fine-tunes sequential memory read size and performance.

  • p: number – Parallelization parameter.

  • dk_len: number – Intended output length in octets of the derived key.

ResultOfScrypt

type ResultOfScrypt = {
    key: string
}
  • key: string – Derived key. Encoded with hex.

ParamsOfNaclSignKeyPairFromSecret

type ParamsOfNaclSignKeyPairFromSecret = {
    secret: string
}
  • secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string

ParamsOfNaclSign

type ParamsOfNaclSign = {
    unsigned: string,
    secret: string
}
  • unsigned: string – Data that must be signed encoded in base64.

  • secret: string – Signer's secret key - unprefixed 0-padded to 128 symbols hex string (concatenation of 64 symbols secret and 64 symbols public keys). See nacl_sign_keypair_from_secret_key.

ResultOfNaclSign

type ResultOfNaclSign = {
    signed: string
}
  • signed: string – Signed data, encoded in base64.

ParamsOfNaclSignOpen

type ParamsOfNaclSignOpen = {
    signed: string,
    public: string
}
  • signed: string – Signed data that must be unsigned. Encoded with base64.

  • public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string

ResultOfNaclSignOpen

type ResultOfNaclSignOpen = {
    unsigned: string
}
  • unsigned: string – Unsigned data, encoded in base64.

ResultOfNaclSignDetached

type ResultOfNaclSignDetached = {
    signature: string
}
  • signature: string – Signature encoded in hex.

ParamsOfNaclSignDetachedVerify

type ParamsOfNaclSignDetachedVerify = {
    unsigned: string,
    signature: string,
    public: string
}
  • unsigned: string – Unsigned data that must be verified. Encoded with base64.

  • signature: string – Signature that must be verified. Encoded with hex.

  • public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string.

ResultOfNaclSignDetachedVerify

type ResultOfNaclSignDetachedVerify = {
    succeeded: boolean
}
  • succeeded: booleantrue if verification succeeded or false if it failed

ParamsOfNaclBoxKeyPairFromSecret

type ParamsOfNaclBoxKeyPairFromSecret = {
    secret: string
}
  • secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string

ParamsOfNaclBox

type ParamsOfNaclBox = {
    decrypted: string,
    nonce: string,
    their_public: string,
    secret: string
}
  • decrypted: string – Data that must be encrypted encoded in base64.

  • nonce: string – Nonce, encoded in hex

  • their_public: string – Receiver's public key - unprefixed 0-padded to 64 symbols hex string

  • secret: string – Sender's private key - unprefixed 0-padded to 64 symbols hex string

ResultOfNaclBox

type ResultOfNaclBox = {
    encrypted: string
}
  • encrypted: string – Encrypted data encoded in base64.

ParamsOfNaclBoxOpen

type ParamsOfNaclBoxOpen = {
    encrypted: string,
    nonce: string,
    their_public: string,
    secret: string
}
  • encrypted: string – Data that must be decrypted. Encoded with base64.

  • nonce: string – Nonce

  • their_public: string – Sender's public key - unprefixed 0-padded to 64 symbols hex string

  • secret: string – Receiver's private key - unprefixed 0-padded to 64 symbols hex string

ResultOfNaclBoxOpen

type ResultOfNaclBoxOpen = {
    decrypted: string
}
  • decrypted: string – Decrypted data encoded in base64.

ParamsOfNaclSecretBox

type ParamsOfNaclSecretBox = {
    decrypted: string,
    nonce: string,
    key: string
}
  • decrypted: string – Data that must be encrypted. Encoded with base64.

  • nonce: string – Nonce in hex

  • key: string – Secret key - unprefixed 0-padded to 64 symbols hex string

ParamsOfNaclSecretBoxOpen

type ParamsOfNaclSecretBoxOpen = {
    encrypted: string,
    nonce: string,
    key: string
}
  • encrypted: string – Data that must be decrypted. Encoded with base64.

  • nonce: string – Nonce in hex

  • key: string – Secret key - unprefixed 0-padded to 64 symbols hex string

ParamsOfMnemonicWords

type ParamsOfMnemonicWords = {
    dictionary?: MnemonicDictionary
}

ResultOfMnemonicWords

type ResultOfMnemonicWords = {
    words: string
}
  • words: string – The list of mnemonic words

ParamsOfMnemonicFromRandom

type ParamsOfMnemonicFromRandom = {
    dictionary?: MnemonicDictionary,
    word_count?: number
}
  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Mnemonic word count

ResultOfMnemonicFromRandom

type ResultOfMnemonicFromRandom = {
    phrase: string
}
  • phrase: string – String of mnemonic words

ParamsOfMnemonicFromEntropy

type ParamsOfMnemonicFromEntropy = {
    entropy: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}
  • entropy: string – Entropy bytes. Hex encoded.

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Mnemonic word count

ResultOfMnemonicFromEntropy

type ResultOfMnemonicFromEntropy = {
    phrase: string
}
  • phrase: string – Phrase

ParamsOfMnemonicVerify

type ParamsOfMnemonicVerify = {
    phrase: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}
  • phrase: string – Phrase

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Word count

ResultOfMnemonicVerify

type ResultOfMnemonicVerify = {
    valid: boolean
}
  • valid: boolean – Flag indicating if the mnemonic is valid or not

ParamsOfMnemonicDeriveSignKeys

type ParamsOfMnemonicDeriveSignKeys = {
    phrase: string,
    path?: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}
  • phrase: string – Phrase

  • path?: string – Derivation path, for instance "m/44'/396'/0'/0/0"

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Word count

ParamsOfHDKeyXPrvFromMnemonic

type ParamsOfHDKeyXPrvFromMnemonic = {
    phrase: string,
    dictionary?: MnemonicDictionary,
    word_count?: number
}
  • phrase: string – String with seed phrase

  • dictionary?: MnemonicDictionary – Dictionary identifier

  • word_count?: number – Mnemonic word count

ResultOfHDKeyXPrvFromMnemonic

type ResultOfHDKeyXPrvFromMnemonic = {
    xprv: string
}
  • xprv: string – Serialized extended master private key

ParamsOfHDKeyDeriveFromXPrv

type ParamsOfHDKeyDeriveFromXPrv = {
    xprv: string,
    child_index: number,
    hardened: boolean
}
  • xprv: string – Serialized extended private key

  • child_index: number – Child index (see BIP-0032)

  • hardened: boolean – Indicates the derivation of hardened/not-hardened key (see BIP-0032)

ResultOfHDKeyDeriveFromXPrv

type ResultOfHDKeyDeriveFromXPrv = {
    xprv: string
}
  • xprv: string – Serialized extended private key

ParamsOfHDKeyDeriveFromXPrvPath

type ParamsOfHDKeyDeriveFromXPrvPath = {
    xprv: string,
    path: string
}
  • xprv: string – Serialized extended private key

  • path: string – Derivation path, for instance "m/44'/396'/0'/0/0"

ResultOfHDKeyDeriveFromXPrvPath

type ResultOfHDKeyDeriveFromXPrvPath = {
    xprv: string
}
  • xprv: string – Derived serialized extended private key

ParamsOfHDKeySecretFromXPrv

type ParamsOfHDKeySecretFromXPrv = {
    xprv: string
}
  • xprv: string – Serialized extended private key

ResultOfHDKeySecretFromXPrv

type ResultOfHDKeySecretFromXPrv = {
    secret: string
}
  • secret: string – Private key - 64 symbols hex string

ParamsOfHDKeyPublicFromXPrv

type ParamsOfHDKeyPublicFromXPrv = {
    xprv: string
}
  • xprv: string – Serialized extended private key

ResultOfHDKeyPublicFromXPrv

type ResultOfHDKeyPublicFromXPrv = {
    public: string
}
  • public: string – Public key - 64 symbols hex string

ParamsOfChaCha20

type ParamsOfChaCha20 = {
    data: string,
    key: string,
    nonce: string
}
  • data: string – Source data to be encrypted or decrypted. Must be encoded with base64.

  • key: string – 256-bit key. Must be encoded with hex.

  • nonce: string – 96-bit nonce. Must be encoded with hex.

ResultOfChaCha20

type ResultOfChaCha20 = {
    data: string
}
  • data: string – Encrypted/decrypted data. Encoded with base64.

ParamsOfCreateCryptoBox

type ParamsOfCreateCryptoBox = {
    secret_encryption_salt: string,
    secret: CryptoBoxSecret
}
  • secret_encryption_salt: string – Salt used for secret encryption. For example, a mobile device can use device ID as salt.

  • secret: CryptoBoxSecret – Cryptobox secret

RegisteredCryptoBox

type RegisteredCryptoBox = {
    handle: CryptoBoxHandle
}

ParamsOfAppPasswordProviderGetPasswordVariant

type ParamsOfAppPasswordProviderGetPasswordVariant = {
    encryption_public_key: string
}
  • encryption_public_key: string – Temporary library pubkey, that is used on application side for password encryption, along with application temporary private key and nonce. Used for password decryption on library side.

ParamsOfAppPasswordProvider

Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption

To secure the password while passing it from application to the library, the library generates a temporary key pair, passes the pubkey to the passwordProvider, decrypts the received password with private key, and deletes the key pair right away.

Application should generate a temporary nacl_box_keypair and encrypt the password with naclbox function using nacl_box_keypair.secret and encryption_public_key keys + nonce = 24-byte prefix of encryption_public_key.

type ParamsOfAppPasswordProvider = ({
    type: 'GetPassword'
} & ParamsOfAppPasswordProviderGetPasswordVariant)

Depends on value of the type field.

When type is 'GetPassword'

  • encryption_public_key: string – Temporary library pubkey, that is used on application side for password encryption, along with application temporary private key and nonce. Used for password decryption on library side.

Variant constructors:

function paramsOfAppPasswordProviderGetPassword(encryption_public_key: string): ParamsOfAppPasswordProvider;

ResultOfAppPasswordProviderGetPasswordVariant

type ResultOfAppPasswordProviderGetPasswordVariant = {
    encrypted_password: string,
    app_encryption_pubkey: string
}
  • encrypted_password: string – Password, encrypted and encoded to base64. Crypto box uses this password to decrypt its secret (seed phrase).

  • app_encryption_pubkey: string – Hex encoded public key of a temporary key pair, used for password encryption on application side. Used together with encryption_public_key to decode encrypted_password.

ResultOfAppPasswordProvider

type ResultOfAppPasswordProvider = ({
    type: 'GetPassword'
} & ResultOfAppPasswordProviderGetPasswordVariant)

Depends on value of the type field.

When type is 'GetPassword'

  • encrypted_password: string – Password, encrypted and encoded to base64. Crypto box uses this password to decrypt its secret (seed phrase).

  • app_encryption_pubkey: string – Hex encoded public key of a temporary key pair, used for password encryption on application side. Used together with encryption_public_key to decode encrypted_password.

Variant constructors:

function resultOfAppPasswordProviderGetPassword(encrypted_password: string, app_encryption_pubkey: string): ResultOfAppPasswordProvider;

ResultOfGetCryptoBoxInfo

type ResultOfGetCryptoBoxInfo = {
    encrypted_secret: string
}
  • encrypted_secret: string – Secret (seed phrase) encrypted with salt and password.

ResultOfGetCryptoBoxSeedPhrase

type ResultOfGetCryptoBoxSeedPhrase = {
    phrase: string,
    dictionary: MnemonicDictionary,
    wordcount: number
}

ParamsOfGetSigningBoxFromCryptoBox

type ParamsOfGetSigningBoxFromCryptoBox = {
    handle: number,
    hdpath?: string,
    secret_lifetime?: number
}
  • handle: number – Crypto Box Handle.

  • hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.

  • secret_lifetime?: number – Store derived secret for this lifetime (in ms). The timer starts after each signing box operation. Secrets will be deleted immediately after each signing box operation, if this value is not set.

RegisteredSigningBox

type RegisteredSigningBox = {
    handle: SigningBoxHandle
}

ParamsOfGetEncryptionBoxFromCryptoBox

type ParamsOfGetEncryptionBoxFromCryptoBox = {
    handle: number,
    hdpath?: string,
    algorithm: BoxEncryptionAlgorithm,
    secret_lifetime?: number
}
  • handle: number – Crypto Box Handle.

  • hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.

  • algorithm: BoxEncryptionAlgorithm – Encryption algorithm.

  • secret_lifetime?: number – Store derived secret for encryption algorithm for this lifetime (in ms). The timer starts after each encryption box operation. Secrets will be deleted (overwritten with zeroes) after each encryption operation, if this value is not set.

RegisteredEncryptionBox

type RegisteredEncryptionBox = {
    handle: EncryptionBoxHandle
}

ParamsOfAppSigningBoxGetPublicKeyVariant

Get signing box public key

type ParamsOfAppSigningBoxGetPublicKeyVariant = {

}

ParamsOfAppSigningBoxSignVariant

Sign data

type ParamsOfAppSigningBoxSignVariant = {
    unsigned: string
}
  • unsigned: string – Data to sign encoded as base64

ParamsOfAppSigningBox

Signing box callbacks.

type ParamsOfAppSigningBox = ({
    type: 'GetPublicKey'
} & ParamsOfAppSigningBoxGetPublicKeyVariant) | ({
    type: 'Sign'
} & ParamsOfAppSigningBoxSignVariant)

Depends on value of the type field.

When type is 'GetPublicKey'

Get signing box public key

When type is 'Sign'

Sign data

  • unsigned: string – Data to sign encoded as base64

Variant constructors:

function paramsOfAppSigningBoxGetPublicKey(): ParamsOfAppSigningBox;
function paramsOfAppSigningBoxSign(unsigned: string): ParamsOfAppSigningBox;

ResultOfAppSigningBoxGetPublicKeyVariant

Result of getting public key

type ResultOfAppSigningBoxGetPublicKeyVariant = {
    public_key: string
}
  • public_key: string – Signing box public key

ResultOfAppSigningBoxSignVariant

Result of signing data

type ResultOfAppSigningBoxSignVariant = {
    signature: string
}
  • signature: string – Data signature encoded as hex

ResultOfAppSigningBox

Returning values from signing box callbacks.

type ResultOfAppSigningBox = ({
    type: 'GetPublicKey'
} & ResultOfAppSigningBoxGetPublicKeyVariant) | ({
    type: 'Sign'
} & ResultOfAppSigningBoxSignVariant)

Depends on value of the type field.

When type is 'GetPublicKey'

Result of getting public key

  • public_key: string – Signing box public key

When type is 'Sign'

Result of signing data

  • signature: string – Data signature encoded as hex

Variant constructors:

function resultOfAppSigningBoxGetPublicKey(public_key: string): ResultOfAppSigningBox;
function resultOfAppSigningBoxSign(signature: string): ResultOfAppSigningBox;

ResultOfSigningBoxGetPublicKey

type ResultOfSigningBoxGetPublicKey = {
    pubkey: string
}
  • pubkey: string – Public key of signing box. Encoded with hex

ParamsOfSigningBoxSign

type ParamsOfSigningBoxSign = {
    signing_box: SigningBoxHandle,
    unsigned: string
}
  • signing_box: SigningBoxHandle – Signing Box handle.

  • unsigned: string – Unsigned user data. Must be encoded with base64.

ResultOfSigningBoxSign

type ResultOfSigningBoxSign = {
    signature: string
}
  • signature: string – Data signature. Encoded with hex.

ParamsOfAppEncryptionBoxGetInfoVariant

Get encryption box info

type ParamsOfAppEncryptionBoxGetInfoVariant = {

}

ParamsOfAppEncryptionBoxEncryptVariant

Encrypt data

type ParamsOfAppEncryptionBoxEncryptVariant = {
    data: string
}
  • data: string – Data, encoded in Base64

ParamsOfAppEncryptionBoxDecryptVariant

Decrypt data

type ParamsOfAppEncryptionBoxDecryptVariant = {
    data: string
}
  • data: string – Data, encoded in Base64

ParamsOfAppEncryptionBox

Interface for data encryption/decryption

type ParamsOfAppEncryptionBox = ({
    type: 'GetInfo'
} & ParamsOfAppEncryptionBoxGetInfoVariant) | ({
    type: 'Encrypt'
} & ParamsOfAppEncryptionBoxEncryptVariant) | ({
    type: 'Decrypt'
} & ParamsOfAppEncryptionBoxDecryptVariant)

Depends on value of the type field.

When type is 'GetInfo'

Get encryption box info

When type is 'Encrypt'

Encrypt data

  • data: string – Data, encoded in Base64

When type is 'Decrypt'

Decrypt data

  • data: string – Data, encoded in Base64

Variant constructors:

function paramsOfAppEncryptionBoxGetInfo(): ParamsOfAppEncryptionBox;
function paramsOfAppEncryptionBoxEncrypt(data: string): ParamsOfAppEncryptionBox;
function paramsOfAppEncryptionBoxDecrypt(data: string): ParamsOfAppEncryptionBox;

ResultOfAppEncryptionBoxGetInfoVariant

Result of getting encryption box info

type ResultOfAppEncryptionBoxGetInfoVariant = {
    info: EncryptionBoxInfo
}

ResultOfAppEncryptionBoxEncryptVariant

Result of encrypting data

type ResultOfAppEncryptionBoxEncryptVariant = {
    data: string
}
  • data: string – Encrypted data, encoded in Base64

ResultOfAppEncryptionBoxDecryptVariant

Result of decrypting data

type ResultOfAppEncryptionBoxDecryptVariant = {
    data: string
}
  • data: string – Decrypted data, encoded in Base64

ResultOfAppEncryptionBox

Returning values from signing box callbacks.

type ResultOfAppEncryptionBox = ({
    type: 'GetInfo'
} & ResultOfAppEncryptionBoxGetInfoVariant) | ({
    type: 'Encrypt'
} & ResultOfAppEncryptionBoxEncryptVariant) | ({
    type: 'Decrypt'
} & ResultOfAppEncryptionBoxDecryptVariant)

Depends on value of the type field.

When type is 'GetInfo'

Result of getting encryption box info

When type is 'Encrypt'

Result of encrypting data

  • data: string – Encrypted data, encoded in Base64

When type is 'Decrypt'

Result of decrypting data

  • data: string – Decrypted data, encoded in Base64

Variant constructors:

function resultOfAppEncryptionBoxGetInfo(info: EncryptionBoxInfo): ResultOfAppEncryptionBox;
function resultOfAppEncryptionBoxEncrypt(data: string): ResultOfAppEncryptionBox;
function resultOfAppEncryptionBoxDecrypt(data: string): ResultOfAppEncryptionBox;

ParamsOfEncryptionBoxGetInfo

type ParamsOfEncryptionBoxGetInfo = {
    encryption_box: EncryptionBoxHandle
}

ResultOfEncryptionBoxGetInfo

type ResultOfEncryptionBoxGetInfo = {
    info: EncryptionBoxInfo
}

ParamsOfEncryptionBoxEncrypt

type ParamsOfEncryptionBoxEncrypt = {
    encryption_box: EncryptionBoxHandle,
    data: string
}
  • encryption_box: EncryptionBoxHandle – Encryption box handle

  • data: string – Data to be encrypted, encoded in Base64

ResultOfEncryptionBoxEncrypt

type ResultOfEncryptionBoxEncrypt = {
    data: string
}
  • data: string – Encrypted data, encoded in Base64. Padded to cipher block size

ParamsOfEncryptionBoxDecrypt

type ParamsOfEncryptionBoxDecrypt = {
    encryption_box: EncryptionBoxHandle,
    data: string
}
  • encryption_box: EncryptionBoxHandle – Encryption box handle

  • data: string – Data to be decrypted, encoded in Base64

ResultOfEncryptionBoxDecrypt

type ResultOfEncryptionBoxDecrypt = {
    data: string
}
  • data: string – Decrypted data, encoded in Base64.

ParamsOfCreateEncryptionBox

type ParamsOfCreateEncryptionBox = {
    algorithm: EncryptionAlgorithm
}
  • algorithm: EncryptionAlgorithm – Encryption algorithm specifier including cipher parameters (key, IV, etc)

AppPasswordProvider

Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption

To secure the password while passing it from application to the library, the library generates a temporary key pair, passes the pubkey to the passwordProvider, decrypts the received password with private key, and deletes the key pair right away.

Application should generate a temporary nacl_box_keypair and encrypt the password with naclbox function using nacl_box_keypair.secret and encryption_public_key keys + nonce = 24-byte prefix of encryption_public_key.


export interface AppPasswordProvider {
    get_password(params: ParamsOfAppPasswordProviderGetPasswordVariant): Promise<ResultOfAppPasswordProviderGetPasswordVariant>,
}

get_password

type ParamsOfAppPasswordProviderGetPasswordVariant = ParamsOfAppPasswordProviderGetPasswordVariant

type ResultOfAppPasswordProviderGetPasswordVariant = ResultOfAppPasswordProviderGetPasswordVariant

function get_password(
    params: ParamsOfAppPasswordProviderGetPasswordVariant,
): Promise<ResultOfAppPasswordProviderGetPasswordVariant>;

function get_password_sync(
    params: ParamsOfAppPasswordProviderGetPasswordVariant,
): ResultOfAppPasswordProviderGetPasswordVariant;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • encryption_public_key: string – Temporary library pubkey, that is used on application side for password encryption, along with application temporary private key and nonce. Used for password decryption on library side.

Result

  • encrypted_password: string – Password, encrypted and encoded to base64. Crypto box uses this password to decrypt its secret (seed phrase).

  • app_encryption_pubkey: string – Hex encoded public key of a temporary key pair, used for password encryption on application side. Used together with encryption_public_key to decode encrypted_password.

AppSigningBox

Signing box callbacks.


export interface AppSigningBox {
    get_public_key(): Promise<ResultOfAppSigningBoxGetPublicKeyVariant>,
    sign(params: ParamsOfAppSigningBoxSignVariant): Promise<ResultOfAppSigningBoxSignVariant>,
}

get_public_key

Get signing box public key

type ResultOfAppSigningBoxGetPublicKeyVariant = ResultOfAppSigningBoxGetPublicKeyVariant

function get_public_key(): Promise<ResultOfAppSigningBoxGetPublicKeyVariant>;

function get_public_key_sync(): ResultOfAppSigningBoxGetPublicKeyVariant;

NOTE: Sync version is available only for lib-node binding.

Result

  • public_key: string – Signing box public key

sign

Sign data

type ParamsOfAppSigningBoxSignVariant = ParamsOfAppSigningBoxSignVariant

type ResultOfAppSigningBoxSignVariant = ResultOfAppSigningBoxSignVariant

function sign(
    params: ParamsOfAppSigningBoxSignVariant,
): Promise<ResultOfAppSigningBoxSignVariant>;

function sign_sync(
    params: ParamsOfAppSigningBoxSignVariant,
): ResultOfAppSigningBoxSignVariant;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • unsigned: string – Data to sign encoded as base64

Result

  • signature: string – Data signature encoded as hex

AppEncryptionBox

Interface for data encryption/decryption


export interface AppEncryptionBox {
    get_info(): Promise<ResultOfAppEncryptionBoxGetInfoVariant>,
    encrypt(params: ParamsOfAppEncryptionBoxEncryptVariant): Promise<ResultOfAppEncryptionBoxEncryptVariant>,
    decrypt(params: ParamsOfAppEncryptionBoxDecryptVariant): Promise<ResultOfAppEncryptionBoxDecryptVariant>,
}

get_info

Get encryption box info

type ResultOfAppEncryptionBoxGetInfoVariant = ResultOfAppEncryptionBoxGetInfoVariant

function get_info(): Promise<ResultOfAppEncryptionBoxGetInfoVariant>;

function get_info_sync(): ResultOfAppEncryptionBoxGetInfoVariant;

NOTE: Sync version is available only for lib-node binding.

Result

encrypt

Encrypt data

type ParamsOfAppEncryptionBoxEncryptVariant = ParamsOfAppEncryptionBoxEncryptVariant

type ResultOfAppEncryptionBoxEncryptVariant = ResultOfAppEncryptionBoxEncryptVariant

function encrypt(
    params: ParamsOfAppEncryptionBoxEncryptVariant,
): Promise<ResultOfAppEncryptionBoxEncryptVariant>;

function encrypt_sync(
    params: ParamsOfAppEncryptionBoxEncryptVariant,
): ResultOfAppEncryptionBoxEncryptVariant;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • data: string – Data, encoded in Base64

Result

  • data: string – Encrypted data, encoded in Base64

decrypt

Decrypt data

type ParamsOfAppEncryptionBoxDecryptVariant = ParamsOfAppEncryptionBoxDecryptVariant

type ResultOfAppEncryptionBoxDecryptVariant = ResultOfAppEncryptionBoxDecryptVariant

function decrypt(
    params: ParamsOfAppEncryptionBoxDecryptVariant,
): Promise<ResultOfAppEncryptionBoxDecryptVariant>;

function decrypt_sync(
    params: ParamsOfAppEncryptionBoxDecryptVariant,
): ResultOfAppEncryptionBoxDecryptVariant;

NOTE: Sync version is available only for lib-node binding.

Parameters

  • data: string – Data, encoded in Base64

Result

  • data: string – Decrypted data, encoded in Base64

Last updated