noble cryptography is a high-security, easily auditable set of contained cryptographic libraries with following features:
- Zero or minimal dependencies
- Highly readable TypeScript / JS code
- PGP-signed releases and transparent NPM builds
The idea was to: 1) improve knowledge of cryptography 2) improve supply chain security of JS ecosystem 3) provide libraries that could be used for learning, because other libs are too low-level / unfriendly to beginners. Active projects:
- ciphers (github, npm): cryptographic ciphers, including Salsa20, ChaCha, AES and FF1.
- curves (github, npm): elliptic curve cryptography, including Weierstrass, Edwards, Montgomery curves, pairings, hash-to-curve, poseidon hash, schnorr, secp256k1, ed25519, ed448, p521, bn254, bls12-381 and others.
- hashes (github, npm): hash functions, MACs & KDFs, including SHA, RIPEMD, BLAKE, HMAC, HKDF, PBKDF & Scrypt
History
- Jun 2019: initial release of secp256k1, ed25519 and bls12-381
- Apr 2020: The blog post went live
- Apr 2021: secp256k1 has been audited by Cure53, crowdfunded with help of Umbra.cash
- Oct 2021: hashes have been released, funded by Ethereum Foundation
- Nov 2021: received a grant from Optimism
- Jan 2022: hashes have been audited by Cure53, funded by Ethereum Foundation with help of Nomic Labs
- Feb 2022: ed25519 has been audited by Cure53
- Dec 2022: curves have been released, consolidating three previous packages in one
- Feb 2023: curves have been audited by Trail of Bits, funded by Ryan Shea
- Mar 2023: secp256k1 and ed25519 have been rewritten and became 4KB single-feature versions of curves
- Jun 2023: ciphers have been released
- Sep 2023: curves have been audited by Kudelski Security, funded by starknet
scure
Noble's non-cryptographic sister project. Audited micro-libraries:
- Jan 2022: base base64, bech32..., bip32 hdkey, bip39 mnemonics
- Feb 2023: btc-signer transactions, segwit, taproot, psbt, multisig
- Sep 2023: starknet stark curve, pedersen and poseidon hash
Resources, articles, documentation
- Learning fast elliptic-curve cryptography
-
EdDSA
- A Deep dive into Ed25519 Signatures
- Ed25519 Deep Dive Addendum
- It’s 255:19AM. Do you know what your validation criteria are?
- Taming the many EdDSAs that describes concepts of Strong UnForgeability under Chosen Message Attacks and Strongly Binding Signatures
- Cofactor Explained: Clearing Elliptic Curves’ dirty little secret
- Surrounded by Elligators
- Pairings and BLS
- Ciphers
- Multi-user / multi-key attacks
Apps built with noble
GitHub exposes a graph of dependents that use noble. Check it out: ciphers, curves, hashes. Below are selected apps and libraries. To add your own, leave a comment.
- protonmail, metamask, nostr, bluesky
- Bitcoin libraries: scure-btc-signer, tapscript
- Ethereum libraries: ethereum-cryptography, micro-eth-signer, ethers, viem, @ethereumjs, metamask's eth-sig-util, gridplus-lattice-sdk
- Solana libraries: micro-sol-signer, solana-web3.js
- Other web3 stuff: HDkey libraries (scure-bip32, bip32), aztec, polkadot.js, drand, moneroj, tronlib
- Wallets: rainbow
- did-jwt, hpke-js, js-libp2p-noise
- ed25519-keygen SSH, PGP, TOR key generation
- secp256k1 compatibility layer for users who want to switch from secp256k1-node or tiny-secp256k1. Allows to see which methods map to corresponding noble code.
- BLS BBS signatures, KZG trusted setup ceremony, genthresh.com online demo of BLS aggregation
Playground
You can try out noble in the browser JS console of the webpage. There are 3 global variables:nobleCiphers, nobleCurves, nobleHashes.
The webpage also has two demo apps:
- App I: Elliptic curve calculator, calculate public keys and signatures
- App II: Add, subtract, multiply points on the chosen elliptic curve