Module crypto
Module crypto
Crypto functions.
Functions
factorize – Integer factorization
modular_power – Modular exponentiation
tvm_crc16 – Calculates CRC16 using TVM algorithm.
generate_random_bytes – Generates random byte array of the specified length and returns it in base64 format
convert_public_key_to_tvm_safe_format – Converts public key to tvm safe_format
generate_random_sign_keys – Generates random ed25519 key pair.
sign – Signs a data using the provided keys.
verify_signature – Verifies signed data using the provided public key. Raises error if verification is failed.
sha256 – Calculates SHA256 hash of the specified data.
sha512 – Calculates SHA512 hash of the specified data.
scrypt – Perform scrypt encryption
nacl_sign_keypair_from_secret_key – Generates a key pair for signing from the secret key
nacl_sign – Signs data using the signer's secret key.
nacl_sign_open – Verifies the signature and returns the unsigned message
nacl_sign_detached – Signs the message using the secret key and returns a signature.
nacl_sign_detached_verify – Verifies the signature with public key and unsigned data.
nacl_box_keypair – Generates a random NaCl key pair
nacl_box_keypair_from_secret_key – Generates key pair from a secret key
nacl_box – Public key authenticated encryption
nacl_box_open – Decrypt and verify the cipher text using the receivers secret key, the senders public key, and the nonce.
nacl_secret_box – Encrypt and authenticate message using nonce and secret key.
nacl_secret_box_open – Decrypts and verifies cipher text using nonce and secret key.
mnemonic_words – Prints the list of words from the specified dictionary
mnemonic_from_random – Generates a random mnemonic
mnemonic_from_entropy – Generates mnemonic from pre-generated entropy
mnemonic_verify – Validates a mnemonic phrase
mnemonic_derive_sign_keys – Derives a key pair for signing from the seed phrase
hdkey_xprv_from_mnemonic – Generates an extended master private key that will be the root for all the derived keys
hdkey_derive_from_xprv – Returns extended private key derived from the specified extended private key and child index
hdkey_derive_from_xprv_path – Derives the extended private key from the specified key and path
hdkey_secret_from_xprv – Extracts the private key from the serialized extended private key
hdkey_public_from_xprv – Extracts the public key from the serialized extended private key
chacha20 – Performs symmetric chacha20 encryption.
create_crypto_box – Creates a Crypto Box instance.
remove_crypto_box – Removes Crypto Box. Clears all secret data.
get_crypto_box_info – Get Crypto Box Info. Used to get encrypted_secret that should be used for all the cryptobox initializations except the first one.
get_crypto_box_seed_phrase – Get Crypto Box Seed Phrase.
get_signing_box_from_crypto_box – Get handle of Signing Box derived from Crypto Box.
get_encryption_box_from_crypto_box – Gets Encryption Box from Crypto Box.
clear_crypto_box_secret_cache – Removes cached secrets (overwrites with zeroes) from all signing and encryption boxes, derived from crypto box.
register_signing_box – Register an application implemented signing box.
get_signing_box – Creates a default signing box implementation.
signing_box_get_public_key – Returns public key of signing key pair.
signing_box_sign – Returns signed user data.
remove_signing_box – Removes signing box from SDK.
register_encryption_box – Register an application implemented encryption box.
remove_encryption_box – Removes encryption box from SDK
encryption_box_get_info – Queries info from the given encryption box
encryption_box_encrypt – Encrypts data using given encryption box Note.
encryption_box_decrypt – Decrypts data using given encryption box Note.
create_encryption_box – Creates encryption box with specified algorithm
Types
EncryptionBoxInfo – Encryption box information.
EncryptionAlgorithmChaCha20Variant
EncryptionAlgorithmNaclBoxVariant
EncryptionAlgorithmNaclSecretBoxVariant
CryptoBoxSecretRandomSeedPhraseVariant – Creates Crypto Box from a random seed phrase. This option can be used if a developer doesn't want the seed phrase to leave the core library's memory, where it is stored encrypted.
CryptoBoxSecretPredefinedSeedPhraseVariant – Restores crypto box instance from an existing seed phrase. This type should be used when Crypto Box is initialized from a seed phrase, entered by a user.
CryptoBoxSecretEncryptedSecretVariant – Use this type for wallet reinitializations, when you already have encrypted_secret on hands. To get encrypted_secret, use get_crypto_box_info function after you initialized your crypto box for the first time.
CryptoBoxSecret – Crypto Box Secret.
BoxEncryptionAlgorithmChaCha20Variant
BoxEncryptionAlgorithmNaclBoxVariant
BoxEncryptionAlgorithmNaclSecretBoxVariant
ParamsOfConvertPublicKeyToTvmSafeFormat
ResultOfConvertPublicKeyToTvmSafeFormat
ParamsOfNaclSignKeyPairFromSecret
ParamsOfNaclSignDetachedVerify
ResultOfNaclSignDetachedVerify
ParamsOfNaclBoxKeyPairFromSecret
ParamsOfMnemonicDeriveSignKeys
ParamsOfHDKeyDeriveFromXPrvPath
ResultOfHDKeyDeriveFromXPrvPath
ParamsOfAppPasswordProviderGetPasswordVariant
ParamsOfAppPasswordProvider – Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption
ResultOfAppPasswordProviderGetPasswordVariant
ResultOfGetCryptoBoxSeedPhrase
ParamsOfGetSigningBoxFromCryptoBox
ParamsOfGetEncryptionBoxFromCryptoBox
ParamsOfAppSigningBoxGetPublicKeyVariant – Get signing box public key
ParamsOfAppSigningBoxSignVariant – Sign data
ParamsOfAppSigningBox – Signing box callbacks.
ResultOfAppSigningBoxGetPublicKeyVariant – Result of getting public key
ResultOfAppSigningBoxSignVariant – Result of signing data
ResultOfAppSigningBox – Returning values from signing box callbacks.
ResultOfSigningBoxGetPublicKey
ParamsOfAppEncryptionBoxGetInfoVariant – Get encryption box info
ParamsOfAppEncryptionBoxEncryptVariant – Encrypt data
ParamsOfAppEncryptionBoxDecryptVariant – Decrypt data
ParamsOfAppEncryptionBox – Interface for data encryption/decryption
ResultOfAppEncryptionBoxGetInfoVariant – Result of getting encryption box info
ResultOfAppEncryptionBoxEncryptVariant – Result of encrypting data
ResultOfAppEncryptionBoxDecryptVariant – Result of decrypting data
ResultOfAppEncryptionBox – Returning values from signing box callbacks.
AppPasswordProvider – Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption
AppSigningBox – Signing box callbacks.
AppEncryptionBox – Interface for data encryption/decryption
Functions
factorize
Integer factorization
Performs prime factorization – decomposition of a composite number into a product of smaller prime integers (factors). See [https://en.wikipedia.org/wiki/Integer_factorization]
NOTE: Sync version is available only for lib-node binding.
Parameters
composite: string – Hexadecimal representation of u64 composite number.
Result
factors: string[] – Two factors of composite or empty if composite can't be factorized.
modular_power
Modular exponentiation
Performs modular exponentiation for big integers (base^exponent mod modulus). See [https://en.wikipedia.org/wiki/Modular_exponentiation]
NOTE: Sync version is available only for lib-node binding.
Parameters
base: string –baseargument of calculation.exponent: string –exponentargument of calculation.modulus: string –modulusargument of calculation.
Result
modular_power: string – Result of modular exponentiation
tvm_crc16
Calculates CRC16 using TVM algorithm.
NOTE: Sync version is available only for lib-node binding.
Parameters
data: string – Input data for CRC calculation. Encoded withbase64.
Result
crc: number – Calculated CRC for input data.
generate_random_bytes
Generates random byte array of the specified length and returns it in base64 format
NOTE: Sync version is available only for lib-node binding.
Parameters
length: number – Size of random byte array.
Result
bytes: string – Generated bytes encoded inbase64.
convert_public_key_to_tvm_safe_format
Converts public key to tvm safe_format
NOTE: Sync version is available only for lib-node binding.
Parameters
public_key: string – Public key - 64 symbols hex string
Result
tvm_public_key: string – Public key represented in TVM safe format.
generate_random_sign_keys
Generates random ed25519 key pair.
NOTE: Sync version is available only for lib-node binding.
Result
public: string – Public key - 64 symbols hex stringsecret: string – Private key - u64 symbols hex string
sign
Signs a data using the provided keys.
NOTE: Sync version is available only for lib-node binding.
Parameters
unsigned: string – Data that must be signed encoded inbase64.keys: KeyPair – Sign keys.
Result
signed: string – Signed data combined with signature encoded inbase64.signature: string – Signature encoded inhex.
verify_signature
Verifies signed data using the provided public key. Raises error if verification is failed.
NOTE: Sync version is available only for lib-node binding.
Parameters
signed: string – Signed data that must be verified encoded inbase64.public: string – Signer's public key - 64 symbols hex string
Result
unsigned: string – Unsigned data encoded inbase64.
sha256
Calculates SHA256 hash of the specified data.
NOTE: Sync version is available only for lib-node binding.
Parameters
data: string – Input data for hash calculation. Encoded withbase64.
Result
hash: string – Hash of inputdata. Encoded with 'hex'.
sha512
Calculates SHA512 hash of the specified data.
NOTE: Sync version is available only for lib-node binding.
Parameters
data: string – Input data for hash calculation. Encoded withbase64.
Result
hash: string – Hash of inputdata. Encoded with 'hex'.
scrypt
Perform scrypt encryption
Derives key from password and key using scrypt algorithm. See [https://en.wikipedia.org/wiki/Scrypt].
Arguments
log_n- The log2 of the Scrypt parameterNr- The Scrypt parameterrp- The Scrypt parameterp
Conditions
log_nmust be less than64rmust be greater than0and less than or equal to4294967295pmust be greater than0and less than4294967295
Recommended values sufficient for most use-cases
log_n = 15(n = 32768)r = 8p = 1
NOTE: Sync version is available only for lib-node binding.
Parameters
password: string – The password bytes to be hashed. Must be encoded withbase64.salt: string – Salt bytes that modify the hash to protect against Rainbow table attacks. Must be encoded withbase64.log_n: number – CPU/memory cost parameterr: number – The block size parameter, which fine-tunes sequential memory read size and performance.p: number – Parallelization parameter.dk_len: number – Intended output length in octets of the derived key.
Result
key: string – Derived key. Encoded withhex.
nacl_sign_keypair_from_secret_key
Generates a key pair for signing from the secret key
NOTE: In the result the secret key is actually the concatenation of secret and public keys (128 symbols hex string) by design of NaCL. See also the stackexchange question.
NOTE: Sync version is available only for lib-node binding.
Parameters
secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string
Result
public: string – Public key - 64 symbols hex stringsecret: string – Private key - u64 symbols hex string
nacl_sign
Signs data using the signer's secret key.
NOTE: Sync version is available only for lib-node binding.
Parameters
unsigned: string – Data that must be signed encoded inbase64.secret: string – Signer's secret key - unprefixed 0-padded to 128 symbols hex string (concatenation of 64 symbols secret and 64 symbols public keys). Seenacl_sign_keypair_from_secret_key.
Result
signed: string – Signed data, encoded inbase64.
nacl_sign_open
Verifies the signature and returns the unsigned message
Verifies the signature in signed using the signer's public key public and returns the message unsigned.
If the signature fails verification, crypto_sign_open raises an exception.
NOTE: Sync version is available only for lib-node binding.
Parameters
signed: string – Signed data that must be unsigned. Encoded withbase64.public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string
Result
unsigned: string – Unsigned data, encoded inbase64.
nacl_sign_detached
Signs the message using the secret key and returns a signature.
Signs the message unsigned using the secret key secret and returns a signature signature.
NOTE: Sync version is available only for lib-node binding.
Parameters
unsigned: string – Data that must be signed encoded inbase64.secret: string – Signer's secret key - unprefixed 0-padded to 128 symbols hex string (concatenation of 64 symbols secret and 64 symbols public keys). Seenacl_sign_keypair_from_secret_key.
Result
signature: string – Signature encoded inhex.
nacl_sign_detached_verify
Verifies the signature with public key and unsigned data.
NOTE: Sync version is available only for lib-node binding.
Parameters
unsigned: string – Unsigned data that must be verified. Encoded withbase64.signature: string – Signature that must be verified. Encoded withhex.public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string.
Result
succeeded: boolean –trueif verification succeeded orfalseif it failed
nacl_box_keypair
Generates a random NaCl key pair
NOTE: Sync version is available only for lib-node binding.
Result
public: string – Public key - 64 symbols hex stringsecret: string – Private key - u64 symbols hex string
nacl_box_keypair_from_secret_key
Generates key pair from a secret key
NOTE: Sync version is available only for lib-node binding.
Parameters
secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string
Result
public: string – Public key - 64 symbols hex stringsecret: string – Private key - u64 symbols hex string
nacl_box
Public key authenticated encryption
Encrypt and authenticate a message using the senders secret key, the receivers public key, and a nonce.
NOTE: Sync version is available only for lib-node binding.
Parameters
decrypted: string – Data that must be encrypted encoded inbase64.nonce: string – Nonce, encoded inhextheir_public: string – Receiver's public key - unprefixed 0-padded to 64 symbols hex stringsecret: string – Sender's private key - unprefixed 0-padded to 64 symbols hex string
Result
encrypted: string – Encrypted data encoded inbase64.
nacl_box_open
Decrypt and verify the cipher text using the receivers secret key, the senders public key, and the nonce.
NOTE: Sync version is available only for lib-node binding.
Parameters
encrypted: string – Data that must be decrypted. Encoded withbase64.nonce: string – Noncetheir_public: string – Sender's public key - unprefixed 0-padded to 64 symbols hex stringsecret: string – Receiver's private key - unprefixed 0-padded to 64 symbols hex string
Result
decrypted: string – Decrypted data encoded inbase64.
nacl_secret_box
Encrypt and authenticate message using nonce and secret key.
NOTE: Sync version is available only for lib-node binding.
Parameters
decrypted: string – Data that must be encrypted. Encoded withbase64.nonce: string – Nonce inhexkey: string – Secret key - unprefixed 0-padded to 64 symbols hex string
Result
encrypted: string – Encrypted data encoded inbase64.
nacl_secret_box_open
Decrypts and verifies cipher text using nonce and secret key.
NOTE: Sync version is available only for lib-node binding.
Parameters
encrypted: string – Data that must be decrypted. Encoded withbase64.nonce: string – Nonce inhexkey: string – Secret key - unprefixed 0-padded to 64 symbols hex string
Result
decrypted: string – Decrypted data encoded inbase64.
mnemonic_words
Prints the list of words from the specified dictionary
NOTE: Sync version is available only for lib-node binding.
Parameters
dictionary?: MnemonicDictionary – Dictionary identifier
Result
words: string – The list of mnemonic words
mnemonic_from_random
Generates a random mnemonic
Generates a random mnemonic from the specified dictionary and word count
NOTE: Sync version is available only for lib-node binding.
Parameters
dictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Mnemonic word count
Result
phrase: string – String of mnemonic words
mnemonic_from_entropy
Generates mnemonic from pre-generated entropy
NOTE: Sync version is available only for lib-node binding.
Parameters
entropy: string – Entropy bytes. Hex encoded.dictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Mnemonic word count
Result
phrase: string – Phrase
mnemonic_verify
Validates a mnemonic phrase
The phrase supplied will be checked for word length and validated according to the checksum specified in BIP0039.
NOTE: Sync version is available only for lib-node binding.
Parameters
phrase: string – Phrasedictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Word count
Result
valid: boolean – Flag indicating if the mnemonic is valid or not
mnemonic_derive_sign_keys
Derives a key pair for signing from the seed phrase
Validates the seed phrase, generates master key and then derives the key pair from the master key and the specified path
NOTE: Sync version is available only for lib-node binding.
Parameters
phrase: string – Phrasepath?: string – Derivation path, for instance "m/44'/396'/0'/0/0"dictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Word count
Result
public: string – Public key - 64 symbols hex stringsecret: string – Private key - u64 symbols hex string
hdkey_xprv_from_mnemonic
Generates an extended master private key that will be the root for all the derived keys
NOTE: Sync version is available only for lib-node binding.
Parameters
phrase: string – String with seed phrasedictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Mnemonic word count
Result
xprv: string – Serialized extended master private key
hdkey_derive_from_xprv
Returns extended private key derived from the specified extended private key and child index
NOTE: Sync version is available only for lib-node binding.
Parameters
xprv: string – Serialized extended private keychild_index: number – Child index (see BIP-0032)hardened: boolean – Indicates the derivation of hardened/not-hardened key (see BIP-0032)
Result
xprv: string – Serialized extended private key
hdkey_derive_from_xprv_path
Derives the extended private key from the specified key and path
NOTE: Sync version is available only for lib-node binding.
Parameters
xprv: string – Serialized extended private keypath: string – Derivation path, for instance "m/44'/396'/0'/0/0"
Result
xprv: string – Derived serialized extended private key
hdkey_secret_from_xprv
Extracts the private key from the serialized extended private key
NOTE: Sync version is available only for lib-node binding.
Parameters
xprv: string – Serialized extended private key
Result
secret: string – Private key - 64 symbols hex string
hdkey_public_from_xprv
Extracts the public key from the serialized extended private key
NOTE: Sync version is available only for lib-node binding.
Parameters
xprv: string – Serialized extended private key
Result
public: string – Public key - 64 symbols hex string
chacha20
Performs symmetric chacha20 encryption.
NOTE: Sync version is available only for lib-node binding.
Parameters
data: string – Source data to be encrypted or decrypted. Must be encoded withbase64.key: string – 256-bit key. Must be encoded withhex.nonce: string – 96-bit nonce. Must be encoded withhex.
Result
data: string – Encrypted/decrypted data. Encoded withbase64.
create_crypto_box
Creates a Crypto Box instance.
Crypto Box is a root crypto object, that encapsulates some secret (seed phrase usually) in encrypted form and acts as a factory for all crypto primitives used in SDK: keys for signing and encryption, derived from this secret.
Crypto Box encrypts original Seed Phrase with salt and password that is retrieved from password_provider callback, implemented on Application side.
When used, decrypted secret shows up in core library's memory for a very short period of time and then is immediately overwritten with zeroes.
NOTE: Sync version is available only for lib-node binding.
Parameters
secret_encryption_salt: string – Salt used for secret encryption. For example, a mobile device can use device ID as salt.secret: CryptoBoxSecret – Cryptobox secretobj: AppPasswordProvider – Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption
Result
handle: CryptoBoxHandle
remove_crypto_box
Removes Crypto Box. Clears all secret data.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: CryptoBoxHandle
get_crypto_box_info
Get Crypto Box Info. Used to get encrypted_secret that should be used for all the cryptobox initializations except the first one.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: CryptoBoxHandle
Result
encrypted_secret: string – Secret (seed phrase) encrypted with salt and password.
get_crypto_box_seed_phrase
Get Crypto Box Seed Phrase.
Attention! Store this data in your application for a very short period of time and overwrite it with zeroes ASAP.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: CryptoBoxHandle
Result
phrase: stringdictionary: MnemonicDictionarywordcount: number
get_signing_box_from_crypto_box
Get handle of Signing Box derived from Crypto Box.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: number – Crypto Box Handle.hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.secret_lifetime?: number – Store derived secret for this lifetime (in ms). The timer starts after each signing box operation. Secrets will be deleted immediately after each signing box operation, if this value is not set.
Result
handle: SigningBoxHandle – Handle of the signing box.
get_encryption_box_from_crypto_box
Gets Encryption Box from Crypto Box.
Derives encryption keypair from cryptobox secret and hdpath and stores it in cache for secret_lifetime or until explicitly cleared by clear_crypto_box_secret_cache method. If secret_lifetime is not specified - overwrites encryption secret with zeroes immediately after encryption operation.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: number – Crypto Box Handle.hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.algorithm: BoxEncryptionAlgorithm – Encryption algorithm.secret_lifetime?: number – Store derived secret for encryption algorithm for this lifetime (in ms). The timer starts after each encryption box operation. Secrets will be deleted (overwritten with zeroes) after each encryption operation, if this value is not set.
Result
handle: EncryptionBoxHandle – Handle of the encryption box.
clear_crypto_box_secret_cache
Removes cached secrets (overwrites with zeroes) from all signing and encryption boxes, derived from crypto box.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: CryptoBoxHandle
register_signing_box
Register an application implemented signing box.
NOTE: Sync version is available only for lib-node binding.
Parameters
obj: AppSigningBox – Signing box callbacks.
Result
handle: SigningBoxHandle – Handle of the signing box.
get_signing_box
Creates a default signing box implementation.
NOTE: Sync version is available only for lib-node binding.
Parameters
public: string – Public key - 64 symbols hex stringsecret: string – Private key - u64 symbols hex string
Result
handle: SigningBoxHandle – Handle of the signing box.
signing_box_get_public_key
Returns public key of signing key pair.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: SigningBoxHandle – Handle of the signing box.
Result
pubkey: string – Public key of signing box. Encoded with hex
signing_box_sign
Returns signed user data.
NOTE: Sync version is available only for lib-node binding.
Parameters
signing_box: SigningBoxHandle – Signing Box handle.unsigned: string – Unsigned user data. Must be encoded withbase64.
Result
signature: string – Data signature. Encoded withhex.
remove_signing_box
Removes signing box from SDK.
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: SigningBoxHandle – Handle of the signing box.
register_encryption_box
Register an application implemented encryption box.
NOTE: Sync version is available only for lib-node binding.
Parameters
obj: AppEncryptionBox – Interface for data encryption/decryption
Result
handle: EncryptionBoxHandle – Handle of the encryption box.
remove_encryption_box
Removes encryption box from SDK
NOTE: Sync version is available only for lib-node binding.
Parameters
handle: EncryptionBoxHandle – Handle of the encryption box.
encryption_box_get_info
Queries info from the given encryption box
NOTE: Sync version is available only for lib-node binding.
Parameters
encryption_box: EncryptionBoxHandle – Encryption box handle
Result
info: EncryptionBoxInfo – Encryption box information
encryption_box_encrypt
Encrypts data using given encryption box Note.
Block cipher algorithms pad data to cipher block size so encrypted data can be longer then original data. Client should store the original data size after encryption and use it after decryption to retrieve the original data from decrypted data.
NOTE: Sync version is available only for lib-node binding.
Parameters
encryption_box: EncryptionBoxHandle – Encryption box handledata: string – Data to be encrypted, encoded in Base64
Result
data: string – Encrypted data, encoded in Base64. Padded to cipher block size
encryption_box_decrypt
Decrypts data using given encryption box Note.
Block cipher algorithms pad data to cipher block size so encrypted data can be longer then original data. Client should store the original data size after encryption and use it after decryption to retrieve the original data from decrypted data.
NOTE: Sync version is available only for lib-node binding.
Parameters
encryption_box: EncryptionBoxHandle – Encryption box handledata: string – Data to be decrypted, encoded in Base64
Result
data: string – Decrypted data, encoded in Base64.
create_encryption_box
Creates encryption box with specified algorithm
NOTE: Sync version is available only for lib-node binding.
Parameters
algorithm: EncryptionAlgorithm – Encryption algorithm specifier including cipher parameters (key, IV, etc)
Result
handle: EncryptionBoxHandle – Handle of the encryption box.
Types
CryptoErrorCode
One of the following value:
InvalidPublicKey = 100InvalidSecretKey = 101InvalidKey = 102InvalidFactorizeChallenge = 106InvalidBigInt = 107ScryptFailed = 108InvalidKeySize = 109NaclSecretBoxFailed = 110NaclBoxFailed = 111NaclSignFailed = 112Bip39InvalidEntropy = 113Bip39InvalidPhrase = 114Bip32InvalidKey = 115Bip32InvalidDerivePath = 116Bip39InvalidDictionary = 117Bip39InvalidWordCount = 118MnemonicGenerationFailed = 119MnemonicFromEntropyFailed = 120SigningBoxNotRegistered = 121InvalidSignature = 122EncryptionBoxNotRegistered = 123InvalidIvSize = 124UnsupportedCipherMode = 125CannotCreateCipher = 126EncryptDataError = 127DecryptDataError = 128IvRequired = 129CryptoBoxNotRegistered = 130InvalidCryptoBoxType = 131CryptoBoxSecretSerializationError = 132CryptoBoxSecretDeserializationError = 133InvalidNonceSize = 134
SigningBoxHandle
EncryptionBoxHandle
EncryptionBoxInfo
Encryption box information.
hdpath?: string – Derivation path, for instance "m/44'/396'/0'/0/0"algorithm?: string – Cryptographic algorithm, used by this encryption boxoptions?: any – Options, depends on algorithm and specific encryption box implementationpublic?: any – Public information, depends on algorithm
EncryptionAlgorithmAESVariant
value: AesParamsEB
EncryptionAlgorithmChaCha20Variant
value: ChaCha20ParamsEB
EncryptionAlgorithmNaclBoxVariant
value: NaclBoxParamsEB
EncryptionAlgorithmNaclSecretBoxVariant
value: NaclSecretBoxParamsEB
EncryptionAlgorithm
Depends on value of the type field.
When type is 'AES'
value: AesParamsEB
When type is 'ChaCha20'
value: ChaCha20ParamsEB
When type is 'NaclBox'
value: NaclBoxParamsEB
When type is 'NaclSecretBox'
value: NaclSecretBoxParamsEB
Variant constructors:
CipherMode
One of the following value:
CBC = "CBC"CFB = "CFB"CTR = "CTR"ECB = "ECB"OFB = "OFB"
AesParamsEB
mode: CipherModekey: stringiv?: string
AesInfo
mode: CipherModeiv?: string
ChaCha20ParamsEB
key: string – 256-bit key. Must be encoded withhex.nonce: string – 96-bit nonce. Must be encoded withhex.
NaclBoxParamsEB
their_public: string – 256-bit key. Must be encoded withhex.secret: string – 256-bit key. Must be encoded withhex.nonce: string – 96-bit nonce. Must be encoded withhex.
NaclSecretBoxParamsEB
key: string – Secret key - unprefixed 0-padded to 64 symbols hex stringnonce: string – Nonce inhex
CryptoBoxSecretRandomSeedPhraseVariant
Creates Crypto Box from a random seed phrase. This option can be used if a developer doesn't want the seed phrase to leave the core library's memory, where it is stored encrypted.
This type should be used upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.
Get encrypted_secret with get_crypto_box_info function and store it on your side.
dictionary: MnemonicDictionarywordcount: number
CryptoBoxSecretPredefinedSeedPhraseVariant
Restores crypto box instance from an existing seed phrase. This type should be used when Crypto Box is initialized from a seed phrase, entered by a user.
This type should be used only upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.
Get encrypted_secret with get_crypto_box_info function and store it on your side.
phrase: stringdictionary: MnemonicDictionarywordcount: number
CryptoBoxSecretEncryptedSecretVariant
Use this type for wallet reinitializations, when you already have encrypted_secret on hands. To get encrypted_secret, use get_crypto_box_info function after you initialized your crypto box for the first time.
It is an object, containing seed phrase or private key, encrypted with secret_encryption_salt and password from password_provider.
Note that if you want to change salt or password provider, then you need to reinitialize the wallet with PredefinedSeedPhrase, then get EncryptedSecret via get_crypto_box_info, store it somewhere, and only after that initialize the wallet with EncryptedSecret type.
encrypted_secret: string – It is an object, containing encrypted seed phrase or private key (now we support only seed phrase).
CryptoBoxSecret
Crypto Box Secret.
Depends on value of the type field.
When type is 'RandomSeedPhrase'
Creates Crypto Box from a random seed phrase. This option can be used if a developer doesn't want the seed phrase to leave the core library's memory, where it is stored encrypted.
This type should be used upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.
Get encrypted_secret with get_crypto_box_info function and store it on your side.
dictionary: MnemonicDictionarywordcount: number
When type is 'PredefinedSeedPhrase'
Restores crypto box instance from an existing seed phrase. This type should be used when Crypto Box is initialized from a seed phrase, entered by a user.
This type should be used only upon the first wallet initialization, all further initializations should use EncryptedSecret type instead.
Get encrypted_secret with get_crypto_box_info function and store it on your side.
phrase: stringdictionary: MnemonicDictionarywordcount: number
When type is 'EncryptedSecret'
Use this type for wallet reinitializations, when you already have encrypted_secret on hands. To get encrypted_secret, use get_crypto_box_info function after you initialized your crypto box for the first time.
It is an object, containing seed phrase or private key, encrypted with secret_encryption_salt and password from password_provider.
Note that if you want to change salt or password provider, then you need to reinitialize the wallet with PredefinedSeedPhrase, then get EncryptedSecret via get_crypto_box_info, store it somewhere, and only after that initialize the wallet with EncryptedSecret type.
encrypted_secret: string – It is an object, containing encrypted seed phrase or private key (now we support only seed phrase).
Variant constructors:
CryptoBoxHandle
BoxEncryptionAlgorithmChaCha20Variant
value: ChaCha20ParamsCB
BoxEncryptionAlgorithmNaclBoxVariant
value: NaclBoxParamsCB
BoxEncryptionAlgorithmNaclSecretBoxVariant
value: NaclSecretBoxParamsCB
BoxEncryptionAlgorithm
Depends on value of the type field.
When type is 'ChaCha20'
value: ChaCha20ParamsCB
When type is 'NaclBox'
value: NaclBoxParamsCB
When type is 'NaclSecretBox'
value: NaclSecretBoxParamsCB
Variant constructors:
ChaCha20ParamsCB
nonce: string – 96-bit nonce. Must be encoded withhex.
NaclBoxParamsCB
their_public: string – 256-bit key. Must be encoded withhex.nonce: string – 96-bit nonce. Must be encoded withhex.
NaclSecretBoxParamsCB
nonce: string – Nonce inhex
MnemonicDictionary
One of the following value:
Ton = 0– TON compatible dictionaryEnglish = 1– English BIP-39 dictionaryChineseSimplified = 2– Chinese simplified BIP-39 dictionaryChineseTraditional = 3– Chinese traditional BIP-39 dictionaryFrench = 4– French BIP-39 dictionaryItalian = 5– Italian BIP-39 dictionaryJapanese = 6– Japanese BIP-39 dictionaryKorean = 7– Korean BIP-39 dictionarySpanish = 8– Spanish BIP-39 dictionary
ParamsOfFactorize
composite: string – Hexadecimal representation of u64 composite number.
ResultOfFactorize
factors: string[] – Two factors of composite or empty if composite can't be factorized.
ParamsOfModularPower
base: string –baseargument of calculation.exponent: string –exponentargument of calculation.modulus: string –modulusargument of calculation.
ResultOfModularPower
modular_power: string – Result of modular exponentiation
ParamsOfTonCrc16
data: string – Input data for CRC calculation. Encoded withbase64.
ResultOfTonCrc16
crc: number – Calculated CRC for input data.
ParamsOfGenerateRandomBytes
length: number – Size of random byte array.
ResultOfGenerateRandomBytes
bytes: string – Generated bytes encoded inbase64.
ParamsOfConvertPublicKeyToTonSafeFormat
public_key: string – Public key - 64 symbols hex string
ResultOfConvertPublicKeyToTonSafeFormat
ton_public_key: string – Public key represented in TON safe format.
KeyPair
public: string – Public key - 64 symbols hex stringsecret: string – Private key - u64 symbols hex string
ParamsOfSign
unsigned: string – Data that must be signed encoded inbase64.keys: KeyPair – Sign keys.
ResultOfSign
signed: string – Signed data combined with signature encoded inbase64.signature: string – Signature encoded inhex.
ParamsOfVerifySignature
signed: string – Signed data that must be verified encoded inbase64.public: string – Signer's public key - 64 symbols hex string
ResultOfVerifySignature
unsigned: string – Unsigned data encoded inbase64.
ParamsOfHash
data: string – Input data for hash calculation. Encoded withbase64.
ResultOfHash
hash: string – Hash of inputdata. Encoded with 'hex'.
ParamsOfScrypt
password: string – The password bytes to be hashed. Must be encoded withbase64.salt: string – Salt bytes that modify the hash to protect against Rainbow table attacks. Must be encoded withbase64.log_n: number – CPU/memory cost parameterr: number – The block size parameter, which fine-tunes sequential memory read size and performance.p: number – Parallelization parameter.dk_len: number – Intended output length in octets of the derived key.
ResultOfScrypt
key: string – Derived key. Encoded withhex.
ParamsOfNaclSignKeyPairFromSecret
secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string
ParamsOfNaclSign
unsigned: string – Data that must be signed encoded inbase64.secret: string – Signer's secret key - unprefixed 0-padded to 128 symbols hex string (concatenation of 64 symbols secret and 64 symbols public keys). Seenacl_sign_keypair_from_secret_key.
ResultOfNaclSign
signed: string – Signed data, encoded inbase64.
ParamsOfNaclSignOpen
signed: string – Signed data that must be unsigned. Encoded withbase64.public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string
ResultOfNaclSignOpen
unsigned: string – Unsigned data, encoded inbase64.
ResultOfNaclSignDetached
signature: string – Signature encoded inhex.
ParamsOfNaclSignDetachedVerify
unsigned: string – Unsigned data that must be verified. Encoded withbase64.signature: string – Signature that must be verified. Encoded withhex.public: string – Signer's public key - unprefixed 0-padded to 64 symbols hex string.
ResultOfNaclSignDetachedVerify
succeeded: boolean –trueif verification succeeded orfalseif it failed
ParamsOfNaclBoxKeyPairFromSecret
secret: string – Secret key - unprefixed 0-padded to 64 symbols hex string
ParamsOfNaclBox
decrypted: string – Data that must be encrypted encoded inbase64.nonce: string – Nonce, encoded inhextheir_public: string – Receiver's public key - unprefixed 0-padded to 64 symbols hex stringsecret: string – Sender's private key - unprefixed 0-padded to 64 symbols hex string
ResultOfNaclBox
encrypted: string – Encrypted data encoded inbase64.
ParamsOfNaclBoxOpen
encrypted: string – Data that must be decrypted. Encoded withbase64.nonce: string – Noncetheir_public: string – Sender's public key - unprefixed 0-padded to 64 symbols hex stringsecret: string – Receiver's private key - unprefixed 0-padded to 64 symbols hex string
ResultOfNaclBoxOpen
decrypted: string – Decrypted data encoded inbase64.
ParamsOfNaclSecretBox
decrypted: string – Data that must be encrypted. Encoded withbase64.nonce: string – Nonce inhexkey: string – Secret key - unprefixed 0-padded to 64 symbols hex string
ParamsOfNaclSecretBoxOpen
encrypted: string – Data that must be decrypted. Encoded withbase64.nonce: string – Nonce inhexkey: string – Secret key - unprefixed 0-padded to 64 symbols hex string
ParamsOfMnemonicWords
dictionary?: MnemonicDictionary – Dictionary identifier
ResultOfMnemonicWords
words: string – The list of mnemonic words
ParamsOfMnemonicFromRandom
dictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Mnemonic word count
ResultOfMnemonicFromRandom
phrase: string – String of mnemonic words
ParamsOfMnemonicFromEntropy
entropy: string – Entropy bytes. Hex encoded.dictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Mnemonic word count
ResultOfMnemonicFromEntropy
phrase: string – Phrase
ParamsOfMnemonicVerify
phrase: string – Phrasedictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Word count
ResultOfMnemonicVerify
valid: boolean – Flag indicating if the mnemonic is valid or not
ParamsOfMnemonicDeriveSignKeys
phrase: string – Phrasepath?: string – Derivation path, for instance "m/44'/396'/0'/0/0"dictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Word count
ParamsOfHDKeyXPrvFromMnemonic
phrase: string – String with seed phrasedictionary?: MnemonicDictionary – Dictionary identifierword_count?: number – Mnemonic word count
ResultOfHDKeyXPrvFromMnemonic
xprv: string – Serialized extended master private key
ParamsOfHDKeyDeriveFromXPrv
xprv: string – Serialized extended private keychild_index: number – Child index (see BIP-0032)hardened: boolean – Indicates the derivation of hardened/not-hardened key (see BIP-0032)
ResultOfHDKeyDeriveFromXPrv
xprv: string – Serialized extended private key
ParamsOfHDKeyDeriveFromXPrvPath
xprv: string – Serialized extended private keypath: string – Derivation path, for instance "m/44'/396'/0'/0/0"
ResultOfHDKeyDeriveFromXPrvPath
xprv: string – Derived serialized extended private key
ParamsOfHDKeySecretFromXPrv
xprv: string – Serialized extended private key
ResultOfHDKeySecretFromXPrv
secret: string – Private key - 64 symbols hex string
ParamsOfHDKeyPublicFromXPrv
xprv: string – Serialized extended private key
ResultOfHDKeyPublicFromXPrv
public: string – Public key - 64 symbols hex string
ParamsOfChaCha20
data: string – Source data to be encrypted or decrypted. Must be encoded withbase64.key: string – 256-bit key. Must be encoded withhex.nonce: string – 96-bit nonce. Must be encoded withhex.
ResultOfChaCha20
data: string – Encrypted/decrypted data. Encoded withbase64.
ParamsOfCreateCryptoBox
secret_encryption_salt: string – Salt used for secret encryption. For example, a mobile device can use device ID as salt.secret: CryptoBoxSecret – Cryptobox secret
RegisteredCryptoBox
handle: CryptoBoxHandle
ParamsOfAppPasswordProviderGetPasswordVariant
encryption_public_key: string – Temporary library pubkey, that is used on application side for password encryption, along with application temporary private key and nonce. Used for password decryption on library side.
ParamsOfAppPasswordProvider
Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption
To secure the password while passing it from application to the library, the library generates a temporary key pair, passes the pubkey to the passwordProvider, decrypts the received password with private key, and deletes the key pair right away.
Application should generate a temporary nacl_box_keypair and encrypt the password with naclbox function using nacl_box_keypair.secret and encryption_public_key keys + nonce = 24-byte prefix of encryption_public_key.
Depends on value of the type field.
When type is 'GetPassword'
encryption_public_key: string – Temporary library pubkey, that is used on application side for password encryption, along with application temporary private key and nonce. Used for password decryption on library side.
Variant constructors:
ResultOfAppPasswordProviderGetPasswordVariant
encrypted_password: string – Password, encrypted and encoded to base64. Crypto box uses this password to decrypt its secret (seed phrase).app_encryption_pubkey: string – Hex encoded public key of a temporary key pair, used for password encryption on application side. Used together withencryption_public_keyto decodeencrypted_password.
ResultOfAppPasswordProvider
Depends on value of the type field.
When type is 'GetPassword'
encrypted_password: string – Password, encrypted and encoded to base64. Crypto box uses this password to decrypt its secret (seed phrase).app_encryption_pubkey: string – Hex encoded public key of a temporary key pair, used for password encryption on application side. Used together withencryption_public_keyto decodeencrypted_password.
Variant constructors:
ResultOfGetCryptoBoxInfo
encrypted_secret: string – Secret (seed phrase) encrypted with salt and password.
ResultOfGetCryptoBoxSeedPhrase
phrase: stringdictionary: MnemonicDictionarywordcount: number
ParamsOfGetSigningBoxFromCryptoBox
handle: number – Crypto Box Handle.hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.secret_lifetime?: number – Store derived secret for this lifetime (in ms). The timer starts after each signing box operation. Secrets will be deleted immediately after each signing box operation, if this value is not set.
RegisteredSigningBox
handle: SigningBoxHandle – Handle of the signing box.
ParamsOfGetEncryptionBoxFromCryptoBox
handle: number – Crypto Box Handle.hdpath?: string – HD key derivation path. By default, Acki Nacki HD path is used.algorithm: BoxEncryptionAlgorithm – Encryption algorithm.secret_lifetime?: number – Store derived secret for encryption algorithm for this lifetime (in ms). The timer starts after each encryption box operation. Secrets will be deleted (overwritten with zeroes) after each encryption operation, if this value is not set.
RegisteredEncryptionBox
handle: EncryptionBoxHandle – Handle of the encryption box.
ParamsOfAppSigningBoxGetPublicKeyVariant
Get signing box public key
ParamsOfAppSigningBoxSignVariant
Sign data
unsigned: string – Data to sign encoded as base64
ParamsOfAppSigningBox
Signing box callbacks.
Depends on value of the type field.
When type is 'GetPublicKey'
Get signing box public key
When type is 'Sign'
Sign data
unsigned: string – Data to sign encoded as base64
Variant constructors:
ResultOfAppSigningBoxGetPublicKeyVariant
Result of getting public key
public_key: string – Signing box public key
ResultOfAppSigningBoxSignVariant
Result of signing data
signature: string – Data signature encoded as hex
ResultOfAppSigningBox
Returning values from signing box callbacks.
Depends on value of the type field.
When type is 'GetPublicKey'
Result of getting public key
public_key: string – Signing box public key
When type is 'Sign'
Result of signing data
signature: string – Data signature encoded as hex
Variant constructors:
ResultOfSigningBoxGetPublicKey
pubkey: string – Public key of signing box. Encoded with hex
ParamsOfSigningBoxSign
signing_box: SigningBoxHandle – Signing Box handle.unsigned: string – Unsigned user data. Must be encoded withbase64.
ResultOfSigningBoxSign
signature: string – Data signature. Encoded withhex.
ParamsOfAppEncryptionBoxGetInfoVariant
Get encryption box info
ParamsOfAppEncryptionBoxEncryptVariant
Encrypt data
data: string – Data, encoded in Base64
ParamsOfAppEncryptionBoxDecryptVariant
Decrypt data
data: string – Data, encoded in Base64
ParamsOfAppEncryptionBox
Interface for data encryption/decryption
Depends on value of the type field.
When type is 'GetInfo'
Get encryption box info
When type is 'Encrypt'
Encrypt data
data: string – Data, encoded in Base64
When type is 'Decrypt'
Decrypt data
data: string – Data, encoded in Base64
Variant constructors:
ResultOfAppEncryptionBoxGetInfoVariant
Result of getting encryption box info
info: EncryptionBoxInfo
ResultOfAppEncryptionBoxEncryptVariant
Result of encrypting data
data: string – Encrypted data, encoded in Base64
ResultOfAppEncryptionBoxDecryptVariant
Result of decrypting data
data: string – Decrypted data, encoded in Base64
ResultOfAppEncryptionBox
Returning values from signing box callbacks.
Depends on value of the type field.
When type is 'GetInfo'
Result of getting encryption box info
info: EncryptionBoxInfo
When type is 'Encrypt'
Result of encrypting data
data: string – Encrypted data, encoded in Base64
When type is 'Decrypt'
Result of decrypting data
data: string – Decrypted data, encoded in Base64
Variant constructors:
ParamsOfEncryptionBoxGetInfo
encryption_box: EncryptionBoxHandle – Encryption box handle
ResultOfEncryptionBoxGetInfo
info: EncryptionBoxInfo – Encryption box information
ParamsOfEncryptionBoxEncrypt
encryption_box: EncryptionBoxHandle – Encryption box handledata: string – Data to be encrypted, encoded in Base64
ResultOfEncryptionBoxEncrypt
data: string – Encrypted data, encoded in Base64. Padded to cipher block size
ParamsOfEncryptionBoxDecrypt
encryption_box: EncryptionBoxHandle – Encryption box handledata: string – Data to be decrypted, encoded in Base64
ResultOfEncryptionBoxDecrypt
data: string – Decrypted data, encoded in Base64.
ParamsOfCreateEncryptionBox
algorithm: EncryptionAlgorithm – Encryption algorithm specifier including cipher parameters (key, IV, etc)
AppPasswordProvider
Interface that provides a callback that returns an encrypted password, used for cryptobox secret encryption
To secure the password while passing it from application to the library, the library generates a temporary key pair, passes the pubkey to the passwordProvider, decrypts the received password with private key, and deletes the key pair right away.
Application should generate a temporary nacl_box_keypair and encrypt the password with naclbox function using nacl_box_keypair.secret and encryption_public_key keys + nonce = 24-byte prefix of encryption_public_key.
get_password
NOTE: Sync version is available only for lib-node binding.
Parameters
encryption_public_key: string – Temporary library pubkey, that is used on application side for password encryption, along with application temporary private key and nonce. Used for password decryption on library side.
Result
encrypted_password: string – Password, encrypted and encoded to base64. Crypto box uses this password to decrypt its secret (seed phrase).app_encryption_pubkey: string – Hex encoded public key of a temporary key pair, used for password encryption on application side. Used together withencryption_public_keyto decodeencrypted_password.
AppSigningBox
Signing box callbacks.
get_public_key
Get signing box public key
NOTE: Sync version is available only for lib-node binding.
Result
public_key: string – Signing box public key
sign
Sign data
NOTE: Sync version is available only for lib-node binding.
Parameters
unsigned: string – Data to sign encoded as base64
Result
signature: string – Data signature encoded as hex
AppEncryptionBox
Interface for data encryption/decryption
get_info
Get encryption box info
NOTE: Sync version is available only for lib-node binding.
Result
info: EncryptionBoxInfo
encrypt
Encrypt data
NOTE: Sync version is available only for lib-node binding.
Parameters
data: string – Data, encoded in Base64
Result
data: string – Encrypted data, encoded in Base64
decrypt
Decrypt data
NOTE: Sync version is available only for lib-node binding.
Parameters
data: string – Data, encoded in Base64
Result
data: string – Decrypted data, encoded in Base64
Last updated