utils: switch deps from stablelib to noble

WalletConnect · Aug 4, 2024 · 39a1225 · 39a1225
1 parent c279a30
commit 39a1225
Show file tree

Hide file tree

Showing 3 changed files with 79 additions and 171 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/utils/package.json b/packages/utils/package.json
@@ -31,11 +31,9 @@
     "prettier": "prettier --check '{src,test}/**/*.{js,ts,jsx,tsx}'"
   },
   "dependencies": {
-    "@stablelib/chacha20poly1305": "1.0.1",
-    "@stablelib/hkdf": "1.0.1",
-    "@stablelib/random": "1.0.2",
-    "@stablelib/sha256": "1.0.1",
-    "@stablelib/x25519": "1.0.3",
+    "@noble/ciphers": "0.5.3",
+    "@noble/curves": "1.4.2",
+    "@noble/hashes": "1.4.0",
     "@walletconnect/relay-api": "1.0.10",
     "@walletconnect/safe-json": "1.0.2",
     "@walletconnect/time": "1.0.2",

diff --git a/packages/utils/src/crypto.ts b/packages/utils/src/crypto.ts
@@ -1,8 +1,8 @@
-import { ChaCha20Poly1305 } from "@stablelib/chacha20poly1305";
-import { HKDF } from "@stablelib/hkdf";
-import { randomBytes } from "@stablelib/random";
-import { hash, SHA256 } from "@stablelib/sha256";
-import * as x25519 from "@stablelib/x25519";
+import { chacha20poly1305 } from "@noble/ciphers/chacha";
+import { hkdf } from "@noble/hashes/hkdf";
+import { randomBytes } from "@noble/hashes/utils";
+import { sha256 } from "@noble/hashes/sha256";
+import { x25519 } from "@noble/curves/ed25519";
 import { CryptoTypes } from "@walletconnect/types";
 import { concat, fromString, toString } from "uint8arrays";
 
@@ -20,10 +20,11 @@ const IV_LENGTH = 12;
 const KEY_LENGTH = 32;
 
 export function generateKeyPair(): CryptoTypes.KeyPair {
-  const keyPair = x25519.generateKeyPair();
+  const privateKey = x25519.utils.randomPrivateKey();
+  const publicKey = x25519.getPublicKey(privateKey);
   return {
-    privateKey: toString(keyPair.secretKey, BASE16),
-    publicKey: toString(keyPair.publicKey, BASE16),
+    privateKey: toString(privateKey, BASE16),
+    publicKey: toString(publicKey, BASE16),
   };
 }
 
@@ -33,23 +34,21 @@ export function generateRandomBytes32(): string {
 }
 
 export function deriveSymKey(privateKeyA: string, publicKeyB: string): string {
-  const sharedKey = x25519.sharedKey(
+  const sharedKey = x25519.getSharedSecret(
     fromString(privateKeyA, BASE16),
     fromString(publicKeyB, BASE16),
-    true,
   );
-  const hkdf = new HKDF(SHA256, sharedKey);
-  const symKey = hkdf.expand(KEY_LENGTH);
+  const symKey = hkdf(sha256, sharedKey, undefined, undefined, KEY_LENGTH);
   return toString(symKey, BASE16);
 }
 
 export function hashKey(key: string): string {
-  const result = hash(fromString(key, BASE16));
+  const result = sha256(fromString(key, BASE16));
   return toString(result, BASE16);
 }
 
 export function hashMessage(message: string): string {
-  const result = hash(fromString(message, UTF8));
+  const result = sha256(fromString(message, UTF8));
   return toString(result, BASE16);
 }
 
@@ -73,15 +72,17 @@ export function encrypt(params: CryptoTypes.EncryptParams): string {
 
   const iv =
     typeof params.iv !== "undefined" ? fromString(params.iv, BASE16) : randomBytes(IV_LENGTH);
-  const box = new ChaCha20Poly1305(fromString(params.symKey, BASE16));
-  const sealed = box.seal(iv, fromString(params.message, UTF8));
+  const key = fromString(params.symKey, BASE16);
+  const box = chacha20poly1305(key, iv)
+  const sealed = box.encrypt(fromString(params.message, UTF8));
   return serialize({ type, sealed, iv, senderPublicKey });
 }
 
 export function decrypt(params: CryptoTypes.DecryptParams): string {
-  const box = new ChaCha20Poly1305(fromString(params.symKey, BASE16));
+  const key = fromString(params.symKey, BASE16);
   const { sealed, iv } = deserialize(params.encoded);
-  const message = box.open(iv, sealed);
+  const box = chacha20poly1305(key, iv);
+  const message = box.decrypt(sealed);
   if (message === null) throw new Error("Failed to decrypt");
   return toString(message, UTF8);
 }