misaradmin/synor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
synor/crates/synor-crypto-wasm/README.md
Gulshan Yadav b22c1b89f0 feat: Phase 7 production readiness improvements 
- Add SYNOR_BOOTSTRAP_PEERS env var for runtime seed node configuration
- Implement secrets provider abstraction for faucet wallet key security
  (supports file-based secrets in /run/secrets for production)
- Create WASM crypto crate foundation for web wallet (Ed25519, BIP-39)
- Add DEPLOYMENT.md guide for testnet deployment
- Add SECURITY_AUDIT_SCOPE.md for external security audit preparation
- Document seed node deployment process in synor-network

Security improvements:
- Faucet now auto-detects /run/secrets for secure key storage
- CORS already defaults to specific origins (https://faucet.synor.cc)
- Bootstrap peers now configurable at runtime without recompilation
2026-01-08 07:21:14 +05:30

2.3 KiB
Raw Blame History

Synor Crypto WASM

WASM-compatible cryptography library for the Synor web wallet.

Current Features

  • Ed25519 Signatures: Full support via ed25519-dalek (pure Rust)
  • BIP-39 Mnemonics: 12-24 word phrases for key generation
  • Bech32m Addresses: Synor address encoding/decoding
  • BLAKE3/SHA3 Hashing: Cryptographic hash functions
  • HKDF Key Derivation: Secure key derivation

Building

# Build for web (requires wasm-pack)
wasm-pack build --target web --out-dir pkg

# Build for Node.js
wasm-pack build --target nodejs --out-dir pkg-node

Usage in JavaScript

import init, { Keypair, Mnemonic } from 'synor-crypto-wasm';

await init();

// Generate mnemonic
const mnemonic = new Mnemonic(24);
console.log(mnemonic.phrase());

// Create keypair
const keypair = Keypair.fromMnemonic(mnemonic.phrase(), "");
console.log(keypair.address("mainnet"));

// Sign message
const message = new TextEncoder().encode("Hello Synor!");
const signature = keypair.sign(message);

// Verify
const valid = keypair.verify(message, signature);

Dilithium3 Post-Quantum Support

Current Status: Pending

The native synor-crypto crate uses pqcrypto-dilithium which relies on C bindings and does not compile to WASM. Options for WASM-compatible Dilithium3:

  1. pqc-crystals-dilithium - Pure Rust, may work with WASM
  2. ML-DSA reference - FIPS 204 standard (formerly Dilithium)
  3. Emscripten build - Compile C implementation to WASM

Roadmap

  1. Ed25519 basic support
  2. BIP-39 mnemonic generation
  3. Address encoding
  4. Dilithium3 signatures (requires WASM-compatible library)
  5. Hybrid Ed25519 + Dilithium verification
  6. Kyber key encapsulation (post-quantum key exchange)

Workaround

Until native Dilithium3 WASM is available, the web wallet can:

  1. Use Ed25519-only addresses for now
  2. Submit hybrid-signed transactions to a backend that adds Dilithium signatures
  3. Or use a WASM module compiled via Emscripten

Security Notes

  • Keys are zeroized on drop
  • Uses getrandom with js feature for secure randomness in browsers
  • No side-channel resistance in signature timing (use constant-time ops for production)

Testing

# Run Rust tests
cargo test

# Run WASM tests in browser
wasm-pack test --headless --chrome