# Synor Crypto WASM

WASM-compatible cryptography library for the Synor web wallet.

## Current Features

- **Ed25519 Signatures**: Full support via `ed25519-dalek` (pure Rust)
- **BIP-39 Mnemonics**: 12-24 word phrases for key generation
- **Bech32m Addresses**: Synor address encoding/decoding
- **BLAKE3/SHA3 Hashing**: Cryptographic hash functions
- **HKDF Key Derivation**: Secure key derivation

## Building

```bash
# Build for web (requires wasm-pack)
wasm-pack build --target web --out-dir pkg

# Build for Node.js
wasm-pack build --target nodejs --out-dir pkg-node
```

## Usage in JavaScript

```javascript
import init, { Keypair, Mnemonic } from 'synor-crypto-wasm';

await init();

// Generate mnemonic
const mnemonic = new Mnemonic(24);
console.log(mnemonic.phrase());

// Create keypair
const keypair = Keypair.fromMnemonic(mnemonic.phrase(), "");
console.log(keypair.address("mainnet"));

// Sign message
const message = new TextEncoder().encode("Hello Synor!");
const signature = keypair.sign(message);

// Verify
const valid = keypair.verify(message, signature);
```

## Dilithium3 Post-Quantum Support

### Current Status: Pending

The native `synor-crypto` crate uses `pqcrypto-dilithium` which relies on C
bindings and does not compile to WASM. Options for WASM-compatible Dilithium3:

1. **pqc-crystals-dilithium** - Pure Rust, may work with WASM
2. **ML-DSA reference** - FIPS 204 standard (formerly Dilithium)
3. **Emscripten build** - Compile C implementation to WASM

### Roadmap

1. [x] Ed25519 basic support
2. [x] BIP-39 mnemonic generation
3. [x] Address encoding
4. [ ] Dilithium3 signatures (requires WASM-compatible library)
5. [ ] Hybrid Ed25519 + Dilithium verification
6. [ ] Kyber key encapsulation (post-quantum key exchange)

### Workaround

Until native Dilithium3 WASM is available, the web wallet can:

1. Use Ed25519-only addresses for now
2. Submit hybrid-signed transactions to a backend that adds Dilithium signatures
3. Or use a WASM module compiled via Emscripten

## Security Notes

- Keys are zeroized on drop
- Uses `getrandom` with `js` feature for secure randomness in browsers
- No side-channel resistance in signature timing (use constant-time ops for production)

## Testing

```bash
# Run Rust tests
cargo test

# Run WASM tests in browser
wasm-pack test --headless --chrome
```