Skip to content
Switch branches/tags

npm version GitHub Actions CI


A WebAssembly (via AssemblyScript) set of cryptographic primitives for building authentication and key exchange protocols.

Currently provides:

  • RFC 8032/libsodium-compatible detached EdDSA signatures
  • Ed25519 deterministic and non-deterministic signatures with cofactored verification.
  • Deterministic and non-deterministic signatures over the Ristretto group.
  • Hashing (simple + multi-parts)
  • Authentication (HMAC-SHA-512, HMAC-SHA-256)
  • Point validation, point addition, scalar multiplication with and without clamping over Edwards25519 using the standard Ed25519 point encoding.
  • Fast encoded element validation, hash-to-group, addition, scalar multiplication over the Ristretto prime-order group.
  • Scalar reduction, scalar multiplication, scalar inversion mod the order of the prime-order groups for multiparty computation and oblivious pseudorandom functions.
  • Constant-time comparison and encoding.

Example use case.