noble cryptography is a high-security, easily auditable set of contained cryptographic libraries with following features:

  • Zero or minimal dependencies
  • Highly readable TypeScript / JS code
  • PGP-signed releases and transparent NPM builds

The idea was to: 1) improve knowledge of cryptography 2) improve supply chain security of JS ecosystem 3) provide libraries that could be used for learning, because other libs are too low-level / unfriendly to beginners.

Active projects:

  • ciphers (github, npm): cryptographic ciphers, including Salsa20, ChaCha, AES and FF1.
  • curves (github, npm): elliptic curve cryptography, including Weierstrass, Edwards, Montgomery curves, pairings, hash-to-curve, poseidon hash, schnorr, secp256k1, ed25519, ed448, p521, bn254, bls12-381 and others.
    • 4kb versions of curves with even better auditability and rarer update schedule: secp256k1 (github, npm) and ed25519 (github, npm)
  • hashes (github, npm): hash functions, MACs & KDFs, including SHA, RIPEMD, BLAKE, HMAC, HKDF, PBKDF & Scrypt
  • post-quantum (github, npm): post-quantum public key algorithms: ML-KEM, ML-DSA, SLH-DSA aka Kyber, Dilithium and SPHINCS+

The code is also available on gitlab and codeberg

Audits

At this point (Oct 2024), various parts of noble had 6 audits. I’m looking for:

  1. Auditors, with good knowledge of cryptography and/or JS
    • Paid: whenever there is enough funding
    • Unpaid: whoever is willing to donate their time for the public good
  2. Funding, of paid auditors

Contact me if you want to help with the effort.

History

Currently active large sponsors include vault12. You can fund the project using github.

scure

Noble’s non-cryptographic sister project. Audited micro-libraries:

  • Jan 2022: base base64, bech32…, bip32 hdkey, bip39 mnemonics
  • Feb 2023: btc-signer transactions, segwit, taproot, psbt, multisig
  • Sep 2023: starknet stark curve, pedersen and poseidon hash

Apps built with noble

Here is some software which uses Noble. You can add new entry on github.

Resources, articles, documentation

Demo

You can try out noble in the browser JS console of the webpage. There are 3 global variables: nobleCiphers, nobleCurves, nobleHashes. The webpage also has two demo apps:

  • App I: Elliptic curve calculator, calculate public keys and signatures
  • App II: Add, subtract, multiply points on the chosen elliptic curve