Module crypto_helpers 

Note-specific crypto: packing, encryption, nullifier derivation. Re-exports pure primitives from darkpool_crypto.

Structs

DleqResult

MemoEncryptionResult

Enums

CryptoError

Functions

address_to_field

Convert an Ethereum address to a field element.

aes128_decrypt

Decrypt 208-byte AES-128-CBC ciphertext, returning 192 bytes on success.

aes128_encrypt

Encrypt 192-byte plaintext using AES-128-CBC with PKCS#7 padding. Returns 208 bytes.

bjj_is_on_curve

Check a*x^2 + y^2 == 1 + d*x^2*y^2

bjj_scalar_mul

scalar * point with full validation (on-curve + subgroup check).

calculate_public_memo_id

decrypt_note_from_fields

derive_nullifier_path_a

NullifierHash = Poseidon(noteNullifier)

derive_nullifier_path_b

NullifierHash = Poseidon(sharedSecret, commitment, leafIndex)

derive_public_key_from_sk

PK = sk * Base8

derive_shared_secret_bjj

ECDH shared secret derivation. Returns X coordinate of sk * pk.

encrypt_memo_note_3party

3-party ECDH memo encryption: S = a * b * c * G shared between sender (a), recipient (b/ivk), and compliance (c).

encrypt_note_for_deposit_aes

Encrypt a note for deposit. Returns (packed_fields, ephemeral_pk).

field_to_address

Convert a field element back to an Ethereum address (last 20 bytes).

fr_to_u256

Convert ark_bn254::Fr to ethers U256.

from_noir_hex

Parse a Noir hex string (0x-prefixed or raw) back to U256.

generate_dleq_proof

kdf_to_aes_key_iv

Derive AES key (last 16 bytes of Poseidon) and IV from shared secret.

pack_ciphertext_to_fields

Pack 208-byte ciphertext into 7 field elements (LE, 31+31+31+31+31+31+22).

pack_note_plaintext

Pack a NotePlaintext into 192 bytes (6 × 32-byte BE fields).

poseidon_hash

Poseidon2 hash over U256 values. Output matches std::hash::poseidon2 in Noir.

random_bjj_scalar

Random BJJ scalar (mod subgroup order L, ~2^251). Required for Noir circuits where ScalarField::<63> needs values < 2^252; random_field() would fail ~67% of the time.

random_field

Generate a random BN254 scalar field element.

recipient_decrypt_3party

Returns (note, shared_secret) – shared_secret is needed for Path B nullifier derivation.

string_to_fr

Convert string to field element: left-pad to 32 bytes, interpret as Fr, then Poseidon hash.

to_noir_decimal

Convert U256 to Noir decimal string.

to_noir_hex

Convert U256 to Noir-compatible hex string (0x-prefixed, 64 chars, lowercase).

u256_to_fr

Convert ethers U256 to ark_bn254::Fr. Values >= modulus are silently reduced.

unpack_ciphertext_from_fields

unpack_note_plaintext