Trait CryptoAPI 

pub trait CryptoAPI {
    // Required methods
    fn keccak256_permute(state: &mut [u64; 25]);
    fn sha256_extend(w: &mut [u32; 64]);
    fn sha256_compress(state: &mut [u32; 8], w: &[u32; 64]);
    fn ed25519_decompress(y: [u8; 32], sign: u32) -> [u8; 64];
    fn ed25519_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64];
    fn tower_fp1_bn254_add(x: [u8; 32], y: [u8; 32]) -> [u8; 32];
    fn tower_fp1_bn254_sub(x: [u8; 32], y: [u8; 32]) -> [u8; 32];
    fn tower_fp1_bn254_mul(x: [u8; 32], y: [u8; 32]) -> [u8; 32];
    fn tower_fp1_bls12381_add(x: [u8; 48], y: [u8; 48]) -> [u8; 48];
    fn tower_fp1_bls12381_sub(x: [u8; 48], y: [u8; 48]) -> [u8; 48];
    fn tower_fp1_bls12381_mul(x: [u8; 48], y: [u8; 48]) -> [u8; 48];
    fn tower_fp2_bn254_add(
        a_c0: [u8; 32],
        a_c1: [u8; 32],
        b_c0: [u8; 32],
        b_c1: [u8; 32],
    ) -> ([u8; 32], [u8; 32]);
    fn tower_fp2_bn254_sub(
        a_c0: [u8; 32],
        a_c1: [u8; 32],
        b_c0: [u8; 32],
        b_c1: [u8; 32],
    ) -> ([u8; 32], [u8; 32]);
    fn tower_fp2_bn254_mul(
        a_c0: [u8; 32],
        a_c1: [u8; 32],
        b_c0: [u8; 32],
        b_c1: [u8; 32],
    ) -> ([u8; 32], [u8; 32]);
    fn tower_fp2_bls12381_add(
        a_c0: [u8; 48],
        a_c1: [u8; 48],
        b_c0: [u8; 48],
        b_c1: [u8; 48],
    ) -> ([u8; 48], [u8; 48]);
    fn tower_fp2_bls12381_sub(
        a_c0: [u8; 48],
        a_c1: [u8; 48],
        b_c0: [u8; 48],
        b_c1: [u8; 48],
    ) -> ([u8; 48], [u8; 48]);
    fn tower_fp2_bls12381_mul(
        a_c0: [u8; 48],
        a_c1: [u8; 48],
        b_c0: [u8; 48],
        b_c1: [u8; 48],
    ) -> ([u8; 48], [u8; 48]);
    fn secp256k1_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64];
    fn secp256k1_decompress(x: [u8; 32], sign: u32) -> [u8; 64];
    fn secp256k1_double(p: [u8; 64]) -> [u8; 64];
    fn secp256r1_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64];
    fn secp256r1_decompress(x: [u8; 32], sign: u32) -> [u8; 64];
    fn secp256r1_double(p: [u8; 64]) -> [u8; 64];
    fn bls12381_add(p: [u8; 96], q: [u8; 96]) -> [u8; 96];
    fn bls12381_decompress(x: [u8; 48], sign: u32) -> [u8; 96];
    fn bls12381_double(p: [u8; 96]) -> [u8; 96];
    fn bn254_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64];
    fn bn254_double(p: [u8; 64]) -> [u8; 64];
    fn uint256_mul_mod(x: &[u8; 32], y: &[u8; 32], m: &[u8; 32]) -> [u8; 32];
    fn uint256_x2048_mul(a: &[u8; 32], b: &[u8; 256]) -> ([u8; 256], [u8; 32]);
}

A low-level API for cryptographic primitives used across the runtime.

Required Methods

fn keccak256_permute(state: &mut [u64; 25])

In-place Keccak-f[1600] permutation over 25 lanes of 64-bit.

Input/Output: state is the 5x5x64-bit state flattened to 25 u64 words (little-endian lanes).

fn sha256_extend(w: &mut [u32; 64])

Expand/prepare the SHA-256 message schedule in-place.

Input/Output: w holds 64 32-bit words; indices 16..63 are filled using the σ0/σ1 recurrences.

fn sha256_compress(state: &mut [u32; 8], w: &[u32; 64])

One SHA-256 compression round.

Inputs: state is the current 8-word state; w is the 64-word message schedule. Output: state is updated in-place with the standard SHA-256 round function.

fn ed25519_decompress(y: [u8; 32], sign: u32) -> [u8; 64]

Decompress an Ed25519 point from compressed y and a sign bit.

Inputs: y is 32-byte compressed y-coordinate; sign selects the x parity. Output: 64-byte raw affine point encoded as x||y (little-endian per coordinate).

fn ed25519_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64]

Add two Ed25519 points in raw affine form.

Inputs: p, q are 64-byte x||y encodings. Output: 64-byte x||y result in the prime-order subgroup.

fn tower_fp1_bn254_add(x: [u8; 32], y: [u8; 32]) -> [u8; 32]

BN254 base field (Fp) addition: (x + y) mod p. Inputs/Output: 32-byte little-endian field elements.

fn tower_fp1_bn254_sub(x: [u8; 32], y: [u8; 32]) -> [u8; 32]

BN254 base field (Fp) subtraction: (x - y) mod p. Inputs/Output: 32-byte little-endian field elements.

fn tower_fp1_bn254_mul(x: [u8; 32], y: [u8; 32]) -> [u8; 32]

BN254 base field (Fp) multiplication: (x * y) mod p. Inputs/Output: 32-byte little-endian field elements.

fn tower_fp1_bls12381_add(x: [u8; 48], y: [u8; 48]) -> [u8; 48]

BLS12-381 base field (Fp) addition: (x + y) mod p. Inputs/Output: 48-byte little-endian field elements.

fn tower_fp1_bls12381_sub(x: [u8; 48], y: [u8; 48]) -> [u8; 48]

BLS12-381 base field (Fp) subtraction: (x - y) mod p. Inputs/Output: 48-byte little-endian field elements.

fn tower_fp1_bls12381_mul(x: [u8; 48], y: [u8; 48]) -> [u8; 48]

BLS12-381 base field (Fp) multiplication: (x * y) mod p. Inputs/Output: 48-byte little-endian field elements.

fn tower_fp2_bn254_add( a_c0: [u8; 32], a_c1: [u8; 32], b_c0: [u8; 32], b_c1: [u8; 32], ) -> ([u8; 32], [u8; 32])

BN254 quadratic extension field (Fp2) addition.

Each Fp2 element is (c0, c1) over BN254 Fp, each limb 32-byte little-endian. Returns (sum_c0, sum_c1).

fn tower_fp2_bn254_sub( a_c0: [u8; 32], a_c1: [u8; 32], b_c0: [u8; 32], b_c1: [u8; 32], ) -> ([u8; 32], [u8; 32])

BN254 quadratic extension field (Fp2) subtraction. Returns (diff_c0, diff_c1).

fn tower_fp2_bn254_mul( a_c0: [u8; 32], a_c1: [u8; 32], b_c0: [u8; 32], b_c1: [u8; 32], ) -> ([u8; 32], [u8; 32])

BN254 quadratic extension field (Fp2) multiplication. Returns (prod_c0, prod_c1) reduced modulo p.

fn tower_fp2_bls12381_add( a_c0: [u8; 48], a_c1: [u8; 48], b_c0: [u8; 48], b_c1: [u8; 48], ) -> ([u8; 48], [u8; 48])

BLS12-381 quadratic extension field (Fp2) addition. Each limb is 48-byte little-endian; returns (sum_c0, sum_c1).

fn tower_fp2_bls12381_sub( a_c0: [u8; 48], a_c1: [u8; 48], b_c0: [u8; 48], b_c1: [u8; 48], ) -> ([u8; 48], [u8; 48])

BLS12-381 quadratic extension field (Fp2) subtraction. Returns (diff_c0, diff_c1).

fn tower_fp2_bls12381_mul( a_c0: [u8; 48], a_c1: [u8; 48], b_c0: [u8; 48], b_c1: [u8; 48], ) -> ([u8; 48], [u8; 48])

BLS12-381 quadratic extension field (Fp2) multiplication. Returns (prod_c0, prod_c1) reduced modulo p.

fn secp256k1_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64]

Add two secp256k1 G1 points (affine x||y, 64 bytes total). Returns the affine sum encoded as x||y (little-endian coordinates).

fn secp256k1_decompress(x: [u8; 32], sign: u32) -> [u8; 64]

Decompress a secp256k1 point from x and sign bit. Inputs: x is 32-byte x (big-endian); sign selects the y root. Output: 64-byte x||y (big-endian per coordinate).

fn secp256k1_double(p: [u8; 64]) -> [u8; 64]

Point doubling on secp256k1. Input: affine x||y; Output: affine x||y.

fn secp256r1_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64]

Add two secp256r1 (P-256) G1 points (affine x||y, 64 bytes total). Returns the affine sum encoded as x||y (little-endian coordinates).

fn secp256r1_decompress(x: [u8; 32], sign: u32) -> [u8; 64]

Decompress a secp256r1 point from x and sign bit. Inputs: x is 32-byte x (big-endian); sign selects the y root. Output: 64-byte x||y (big-endian per coordinate).

fn secp256r1_double(p: [u8; 64]) -> [u8; 64]

Point doubling on secp256r1. Input: affine x||y; Output: affine x||y.

fn bls12381_add(p: [u8; 96], q: [u8; 96]) -> [u8; 96]

Add two BLS12-381 G1 points (affine x||y, 96 bytes total). Returns the affine sum encoded as x||y (little-endian coordinates).

fn bls12381_decompress(x: [u8; 48], sign: u32) -> [u8; 96]

Decompress a BLS12-381 G1 point from x and sign bit. Inputs: x is Fp-sized x (big-endian); sign selects the y root. Output: affine x||y encoding.

fn bls12381_double(p: [u8; 96]) -> [u8; 96]

Point doubling on BLS12-381 G1. Input: affine x||y; Output: affine x||y.

fn bn254_add(p: [u8; 64], q: [u8; 64]) -> [u8; 64]

Add two BN254 G1 points (affine x||y, 64 bytes total). Returns the affine sum encoded as x||y.

fn bn254_double(p: [u8; 64]) -> [u8; 64]

Point doubling on BN254 G1. Input: affine x||y; Output: affine x||y.

fn uint256_mul_mod(x: &[u8; 32], y: &[u8; 32], m: &[u8; 32]) -> [u8; 32]

Compute (x * y) mod m for 256-bit integers. Inputs: x, y, m are 32-byte little-endian; Output: 32-byte little-endian result in [0, m).

fn uint256_x2048_mul(a: &[u8; 32], b: &[u8; 256]) -> ([u8; 256], [u8; 32])

Multiply a 256-bit integer by a 2048-bit integer.

Inputs: a is 32-byte little-endian; b is 256-byte little-endian. Output: (lo, hi) where lo is the least-significant 2048-bit limb (256 bytes), and hi is the top 256-bit carry (32 bytes), both little-endian.

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors