# cnfy
A suite of pure Rust libraries implementing Bitcoin's cryptographic stack without external dependencies. Every primitive -- from 256-bit arithmetic to elliptic curve operations -- is built in-house to eliminate supply chain risk.
- **No external dependencies** -- eliminates supply chain attacks
- **No unsafe code** -- memory safety without compromise
- **No heap allocations** -- stack-only, fixed-size arrays
- **Algorithm-first optimization** -- sparse prime reduction, Lehmer's GCD, scaled comb multiplication
- **Struct-per-directory** -- every type in its own module, every method in its own file with its own tests
- **CT/VT dual paths** -- compile-time feature flags switch between constant-time and variable-time implementations
## Crates
| [cnfy-uint](cnfy-uint) | Active | 256-bit modular arithmetic (U256, extended types) |
| [cnfy-secp256k1](cnfy-secp256k1) | Active | secp256k1 elliptic curve operations |
| [cnfy-bench](cnfy-bench) | Active | Criterion benchmarks against third-party libraries |
| cnfy-hash | Planned | SHA-256 and RIPEMD-160 hashing |
| cnfy-bs58 | Planned | Base58 encoding and decoding |
| cnfy-btcaddr | Planned | Bitcoin address generation |
## Performance
<pre>
Scalar Multiplication (k * G)
<b>cnfy VT: 5.50 us</b> ██████████
secp256k1 C FFI: 12.80 us ████████████████████████
<b>cnfy CT: 15.90 us</b> █████████████████████████████
k256: 15.90 us █████████████████████████████
libsecp256k1: 34.20 us ██████████████████████████████████████████████████████████████████
Modular Multiplication (a * b mod P)
<b>cnfy VT: 11.89 ns</b> ██
<b>cnfy CT: 15.42 ns</b> ███
ruint: 73.50 ns █████████████
num-bigint: 160.58 ns █████████████████████████████
Mining Loop (batch P = P + G, per point)
<b>cnfy affine batch: 100 ns</b> ██
<b>cnfy jacobian: 242 ns</b> █████
individual: 1,082 ns ██████████████████████
</pre>
## Benchmarks
See [cnfy-bench/RESULTS.md](cnfy-bench/RESULTS.md) for the full benchmark data, including:
- Cross-library comparisons against k256, secp256k1 (C FFI), libsecp256k1, crypto-bigint, ruint, and others
- CT vs VT overhead for every operation
- Batch operation scaling (Montgomery's trick)
- Mining loop simulation at various batch sizes
## Security
See [SECURITY.md](SECURITY.md) for the complete side-channel security reference, including:
- Timing behavior of every algorithm
- Known attack vectors against ECC implementations (CVEs)
- CT alternatives for each operation
- Feature flag mapping (`ct-field`, `ct-inv`, `ct-pow`, `ct-scalar`)
## Usage
The umbrella crate re-exports sub-crates as `cnfy::uint` and `cnfy::secp256k1`:
```rust
use cnfy::uint::u256::U256;
use cnfy::secp256k1::secret_key::SecretKey;
// secp256k1 field prime
let p = U256::from_be_limbs([
0xFFFFFFFF_FFFFFFFF, 0xFFFFFFFF_FFFFFFFF,
0xFFFFFFFF_FFFFFFFF, 0xFFFFFFFE_FFFFFC2F,
]);
let a = U256::from_be_limbs([0, 0, 0, 42]);
let b = U256::from_be_limbs([0, 0, 0, 17]);
let product = a.mul_mod(&b, &p);
// Secret key to public key (scaled comb method)
let sk = SecretKey::from_be_bytes([
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
]).unwrap();
let pk = sk.to_public_key();
let compressed: [u8; 33] = pk.serialize();
```
## Testing
```bash
cargo test --workspace
```
## Built With
This suite of libraries was built with the accompaniment of [Claude Code](https://claude.ai/code) (Claude Opus 4.6, Max plan).
## Links
- [cnfy.org](https://www.cnfy.org) -- project website
- [Source](https://codeberg.org/cnfy/cnfy-lib) -- Codeberg repository
## License
Licensed under either of
- [Apache License, Version 2.0](LICENSE-APACHE)
- [MIT License](LICENSE-MIT)
at your option.