History

Gulshan Yadav 6094319ddf feat(crypto-wasm): add Dilithium3 post-quantum signatures Implements WASM-compatible Dilithium3 (ML-DSA-65) signatures using the pure Rust pqc_dilithium crate. This provides NIST Security Category 3 post-quantum signature support for the web wallet. Changes: - Add pqc_dilithium dependency with WASM feature - Create DilithiumSigningKey wrapper for WASM bindings - Add dilithiumVerify and dilithiumSizes helper functions - Update tests to work on both native and WASM targets - Update README to reflect completed Dilithium3 support Key sizes (Dilithium3 / ML-DSA-65): - Public Key: 1,952 bytes - Signature: 3,293 bytes		2026-01-08 07:31:36 +05:30
..
src	feat(crypto-wasm): add Dilithium3 post-quantum signatures	2026-01-08 07:31:36 +05:30
Cargo.toml	feat(crypto-wasm): add Dilithium3 post-quantum signatures	2026-01-08 07:31:36 +05:30
README.md	feat(crypto-wasm): add Dilithium3 post-quantum signatures	2026-01-08 07:31:36 +05:30

README.md

Synor Crypto WASM

WASM-compatible cryptography library for the Synor web wallet.

Current Features

Ed25519 Signatures: Full support via ed25519-dalek (pure Rust)
Dilithium3 (ML-DSA-65): Post-quantum signatures via pqc_dilithium (pure Rust)
BIP-39 Mnemonics: 12-24 word phrases for key generation
Bech32m Addresses: Synor address encoding/decoding
BLAKE3/SHA3 Hashing: Cryptographic hash functions
HKDF Key Derivation: Secure key derivation

Building

# Build for web (requires wasm-pack)
wasm-pack build --target web --out-dir pkg

# Build for Node.js
wasm-pack build --target nodejs --out-dir pkg-node

Usage in JavaScript

import init, { Keypair, Mnemonic, DilithiumSigningKey } from 'synor-crypto-wasm';

await init();

// Generate mnemonic
const mnemonic = new Mnemonic(24);
console.log(mnemonic.phrase());

// Create Ed25519 keypair
const keypair = Keypair.fromMnemonic(mnemonic.phrase(), "");
console.log(keypair.address("mainnet"));

// Sign message with Ed25519
const message = new TextEncoder().encode("Hello Synor!");
const signature = keypair.sign(message);
const valid = keypair.verify(message, signature);

// Post-quantum signatures with Dilithium3
const pqKey = new DilithiumSigningKey();
const pqSig = pqKey.sign(message);
const pqValid = pqKey.verify(message, pqSig);
console.log("Post-quantum signature valid:", pqValid);

Dilithium3 Post-Quantum Support

Current Status: Implemented

Post-quantum signatures are now available via the pqc_dilithium crate, a pure Rust implementation that compiles to WASM. This provides Dilithium3 (equivalent to NIST's ML-DSA-65 at Security Category 3).

Key Sizes (Dilithium3 / ML-DSA-65):

Public Key: 1,952 bytes
Secret Key: ~4,000 bytes
Signature: 3,293 bytes

Roadmap

Ed25519 basic support
BIP-39 mnemonic generation
Address encoding
Dilithium3 signatures (WASM-compatible)
Hybrid Ed25519 + Dilithium verification
Kyber key encapsulation (post-quantum key exchange)

Hybrid Signatures (Recommended)

For maximum security, use both Ed25519 and Dilithium3:

// Sign with both algorithms
const ed25519Sig = keypair.sign(message);
const dilithiumSig = pqKey.sign(message);

// Verify both must pass
const valid = keypair.verify(message, ed25519Sig) &&
              pqKey.verify(message, dilithiumSig);

This provides classical security now and quantum resistance for the future.

Security Notes

Keys are zeroized on drop
Uses getrandom with js feature for secure randomness in browsers
No side-channel resistance in signature timing (use constant-time ops for production)

Testing

# Run Rust tests
cargo test

# Run WASM tests in browser
wasm-pack test --headless --chrome