noble cryptography is a high-security, easily auditable set of contained cryptographic libraries with following features:
- Zero or minimal dependencies
- Highly readable TypeScript / JS code
- PGP-signed releases and transparent NPM builds
The idea was to: 1) improve knowledge of cryptography 2) improve supply chain security of JS ecosystem 3) provide libraries that could be used for learning, because other libs are too low-level / unfriendly to beginners. Active projects:
- ciphers (github, npm): cryptographic ciphers, including Salsa20, ChaCha, AES and FF1.
- curves (github, npm): elliptic curve cryptography, including Weierstrass, Edwards, Montgomery curves, pairings, hash-to-curve, poseidon hash, schnorr, secp256k1, ed25519, ed448, p521, bn254, bls12-381 and others.
- hashes (github, npm): hash functions, MACs & KDFs, including SHA, RIPEMD, BLAKE, HMAC, HKDF, PBKDF & Scrypt
- post-quantum (github, npm): post-quantum public key algorithms: ML-KEM, ML-DSA, SLH-DSA aka Kyber, Dilithium and SPHINCS+
History
- Jun 2019: initial release of secp256k1, ed25519 and bls12-381
- Apr 2020: the blog post about ecc went live
- Apr 2021: secp256k1 has been audited by Cure53, crowdfunded with help of Umbra.cash
- Oct 2021: hashes have been released, funded by Ethereum Foundation
- Nov 2021: received a grant from Optimism
- Jan 2022: hashes have been audited by Cure53, funded by Ethereum Foundation with help of Nomic Labs
- Feb 2022: ed25519 has been audited by Cure53
- Dec 2022: curves have been released, consolidating three previous packages in one
- Feb 2023: curves have been audited by Trail of Bits, funded by Ryan Shea
- Mar 2023: secp256k1 and ed25519 have been rewritten and became 4KB single-feature versions of curves
- Jun 2023: ciphers have been released
- Sep 2023: curves have been audited by Kudelski Security, funded by starknet
- Feb 2024: post-quantum have been released
scure
Noble’s non-cryptographic sister project. Audited micro-libraries:
- Jan 2022: base base64, bech32…, bip32 hdkey, bip39 mnemonics
- Feb 2023: btc-signer transactions, segwit, taproot, psbt, multisig
- Sep 2023: starknet stark curve, pedersen and poseidon hash
Apps built with noble
GitHub exposes a graph of dependents that use noble. Check it out: ciphers, curves, hashes. Below are selected apps and libraries. To add your own, leave a comment.
- Web apps: Protonmail, Bluesky
- Wallets: Metamask, Rainbow, Rabby, Phantom
- Blockchain libraries:
- Bitcoin: scure-btc-signer, tapscript
- Ethereum: ethereum-cryptography, micro-eth-signer, ethers, viem, @ethereumjs, gridplus-lattice-sdk,
- Solana: micro-sol-signer, solana-web3.js
- Avalanche: avalanchejs
- NEAR: near-api-js
- Polkadot: polkadot.js
- Monero: moneroj, cs-monero
- Trezor: trezor-suite
- aztec, drand, celo
- HDkey (scure-bip32, bip32)
- CoinSpace wallet with support for many different networks:
- btc - build with
@noble/curves
,@noble/hashes
,@scure/base
,@scure/bip32
, and@scure/btc-signer
- evm -
@noble/hashes
,@scure/bip32
, andmicro-eth-signer
- sol -
@noble/curves
,@scure/base
,ed25519-keygen
, andmicro-sol-signer
- eos - implemented on top of
@noble/curves
,@noble/hashes
, and@scure/base
only - tron -
@noble/hashes
,@scure/base
,@scure/bip32
, and@noble/curves
throughtronlib
- xmr -
@scure/bip32
,@noble/hashes
,@scure/base
- ada -
@noble/hashes
and@scure/base
- btc - build with
- did-jwt, hpke-js, js-libp2p-noise
- ed25519-keygen SSH, PGP, TOR key generation and cli tool on top of it
- secp256k1 compatibility layer for users who want to switch from secp256k1-node or tiny-secp256k1. Allows to see which methods map to corresponding noble code.
- BLS BBS signatures, KZG trusted setup ceremony, genthresh.com online demo of BLS aggregation
Resources, articles, documentation
- Learning fast elliptic-curve cryptography
- EdDSA
- A Deep dive into Ed25519 Signatures
- Ed25519 Deep Dive Addendum
- It’s 255:19AM. Do you know what your validation criteria are?
- Taming the many EdDSAs that describes concepts of Strong UnForgeability under Chosen Message Attacks and Strongly Binding Signatures
- Cofactor Explained: Clearing Elliptic Curves’ dirty little secret
- Surrounded by Elligators
- Pairings and BLS
- Ciphers
- Multi-user / multi-key attacks
Demo
You can try out noble in the browser JS console of the webpage. There are 3 global variables: nobleCiphers
, nobleCurves
, nobleHashes
. The webpage also has two demo apps:
- App I: Elliptic curve calculator, calculate public keys and signatures
- App II: Add, subtract, multiply points on the chosen elliptic curve