The Crypto class is a utility that allows performing cryptographic operations throughout the app.

In particular, the class can be used for AES symmetric encryption and for more complex operations like data encryption/decryption between two EC25519 keypairs using ECDH.

Once the class has been instantiated you can:

• encrypt data with a password;

• decrypt data with a given password;

• hash data using SHA-256 algorithm;

• initialize the encryption engine that performs cryptographic operations between 2 EC25519 keypairs.

Encryption engine

The encryption engine must be initialized using an EC25519 KeyPair. The given private key is then converted into an ED25519 key that is suitable for computing shared secrets using ECDH. The conversion is possible because there is a 1-to-1 correspondence between keys on both elliptic curves.

Once you have initialized the encryption engine, you can:

• compute the ECDH shared secret between the current signing key and the given recipient public key;

• encrypt data with the ECDH shared secret for a specific address;

• decrypt data with the ECDH shared secret for a specific address.

How to encrypt data with a password

To encrypt data with a password, access the Crypto instance and call the encryptWithPassword function with the plaintext and the password you chose:

const encryptedText = await $Crypto.encryptWithPassword(plaintext, password)

This will return the corresponding encryptedText string.

How to decrypt data with a given password

To decrypt data with a given password, access the Crypto instance and call the decryptWithPassword function with the encryptedText and the password you chose for encryption:

const plainText = await $Crypto.decryptWithPassword(encryptedText, password)

This will return the corresponding plainText string.

How to hash data using SHA-256 algorithm

To hash some information, access the Crypto instance and call the hash function with the data you want to hash:

const hash = await $Crypto.hash(data)

This will return the corresponding hex encoding of the computed hash.

How to initialize the encryption engine

To initialize the crypto engine, access the Crypto instance and call the init function with the keyPair you'd like to use:

await $Crypto.init(keyPair)

This will set the ED25519 signinKey in the Crypto instance.

How to compute the ECDH shared secret between the current signing key and the given recipient public key

To compute the ECDH shared secret between the current signing key and the given recipient public key, call the computeSharedSecret function with the recipient public key:

const sharedSecret = this.computeSharedSecret(recipientPublicKey)

This will return the corresponding shared secret.

How to initialize the encryption engine to decrypt messages from a specific recipient

It is possible to pre-compute the ECDH shared secret between the current signing key and the given recipient public key and to store it in memory for further use. To do this you have to call the initializeRecipient function with the recipient public key. This initialization is needed if you want to use the encryptFor and decryptFor functions.

const encryptedtext = await $Crypto.initializeRecipient(recipientAddress)

How to encrypt data with the ECDH shared secret for a specific address

To encrypt data for a specific address, access the Crypto instance and call the encryptFor function with the recipientAddress and the text you'd like to encrypt:

const encryptedtext = await $Crypto.encryptFor(recipientAddress, text)

This will return the corresponding encryptedText string.

The recipient must be previously initialized using the initializeRecipient function described above.

How to decrypt data with the ECDH shared secret for a specific address

To decrypt data for a specific address, access the Crypto instance and call the decryptFrom function with the recipientAddress and the encryptedtext you'd like to decrypt:

const plainText = await $Crypto.decryptFrom(recipientAddress, encryptedtext)

This will return the corresponding plainText string.

The recipient must be previously initialized using the initializeRecipient function described above.