shell-chain v0.23.0 — 32-byte BLAKE3 Address & PQ Precompile Suite
What's New
🔑 32-Byte BLAKE3 Address Type
Shell addresses are now 32 bytes, derived as BLAKE3(algo_id || public_key). This gives post-quantum addresses a distinct, non-truncatable identity — PQ public keys (Dilithium3, ML-DSA-65) produce addresses with non-zero upper 12 bytes that can never collide with legacy 20-byte EVM addresses.
🔐 6-Precompile PQ Suite
Six new EVM precompiles for post-quantum cryptography:
| Address | Name | Function |
|---|---|---|
0x0b |
verify_dilithium3 |
Dilithium3 single-signature verify |
0x0c |
verify_dilithium3_batch |
Dilithium3 batch verify |
0x0d |
blake3_256 |
BLAKE3-256 hash |
0x0e |
blake3_512 |
BLAKE3-512 (512-bit output) |
0x0f |
verify_mldsa65 |
ML-DSA-65 single verify |
0x10 |
verify_mldsa65_batch |
ML-DSA-65 batch verify |
🔄 PQTx sig_type Field
PQTransaction now carries an explicit sig_type byte (0 = Dilithium3, 1 = ML-DSA-65). Signing hash preimage includes sig_type to prevent cross-algorithm replay attacks.
🗺️ EVM/PQ Address Bridge
ShellStateDbcarries apq_hintsmap to recover full 32-byte PQ addresses from the 20-byte EVM truncationTxExecutionResultpropagatespq_addr_mapsocommit_evm_statewrites nonce/balance to the correct 32-byte slotsystem_contracts::decode_addressnow reads full 32-byte ABI words (was 20-byte)
Breaking Changes
Address/ShellAddressis now 32 bytes everywhere — update anyAddress::from([u8; 20])calls to[u8; 32]Transaction::signing_hash(sig_type)replaces keccak256/RLP signing — ensure wallets and test fixtures use BLAKE3 preimage- EVM receiver addresses with non-zero upper 12 bytes (PQ addresses) are not round-trippable through the EVM layer without pq_hints