Implementation and secure usage of cryptographic primitives including ECDSA, BLS, Schnorr signatures, key derivation, secret sharing, and constant-time operations. Provides guidance for secure cryptographic implementations in blockchain applications.
Implements cryptographic primitives including signatures and key derivation for secure blockchain applications.
npx claudepluginhub a5c-ai/babysitterThis skill is limited to using the following tools:
README.mdExpert implementation and usage of cryptographic primitives for blockchain and security applications.
Standard Ethereum signature scheme:
import { secp256k1 } from '@noble/curves/secp256k1';
import { keccak_256 } from '@noble/hashes/sha3';
// Sign message
const messageHash = keccak_256(message);
const signature = secp256k1.sign(messageHash, privateKey);
// Verify signature
const isValid = secp256k1.verify(signature, messageHash, publicKey);
// Recover public key from signature (Ethereum style)
const recoveredPubKey = signature.recoverPublicKey(messageHash);
Aggregatable signatures for validator sets:
import { bls12_381 } from '@noble/curves/bls12-381';
// Sign with BLS
const signature = bls12_381.sign(message, privateKey);
// Verify
const isValid = bls12_381.verify(signature, message, publicKey);
// Aggregate signatures
const aggregatedSig = bls12_381.aggregateSignatures([sig1, sig2, sig3]);
const aggregatedPubKeys = bls12_381.aggregatePublicKeys([pk1, pk2, pk3]);
const isValidAgg = bls12_381.verify(aggregatedSig, message, aggregatedPubKeys);
BIP-340 compliant Schnorr signatures:
import { schnorr } from '@noble/curves/secp256k1';
// Sign (returns 64-byte signature)
const signature = schnorr.sign(messageHash, privateKey);
// Verify
const isValid = schnorr.verify(signature, messageHash, publicKey);
import { HDKey } from '@scure/bip32';
import { mnemonicToSeedSync } from '@scure/bip39';
// From mnemonic to seed
const seed = mnemonicToSeedSync(mnemonic);
// Create HD wallet
const hdkey = HDKey.fromMasterSeed(seed);
// Derive path (BIP-44 for Ethereum)
// m/44'/60'/0'/0/0
const child = hdkey
.derive("m/44'/60'/0'/0")
.deriveChild(0);
const privateKey = child.privateKey;
const publicKey = child.publicKey;
import { generateMnemonic, validateMnemonic } from '@scure/bip39';
import { wordlist } from '@scure/bip39/wordlists/english';
// Generate new mnemonic (128 bits = 12 words, 256 bits = 24 words)
const mnemonic = generateMnemonic(wordlist, 256);
// Validate mnemonic
const isValid = validateMnemonic(mnemonic, wordlist);
import { split, combine } from 'shamir-secret-sharing';
// Split secret into 5 shares, requiring 3 to reconstruct
const shares = await split(secretBytes, 5, 3);
// Reconstruct with any 3 shares
const reconstructed = await combine([shares[0], shares[2], shares[4]]);
// Commitments allow verification without revealing secret
const { shares, commitments } = feldmanVSS.split(secret, n, t);
// Verify a share
const isValidShare = feldmanVSS.verifyShare(share, commitments);
import { keccak_256 } from '@noble/hashes/sha3';
// Ethereum address from public key
const publicKeyHash = keccak_256(publicKey.slice(1)); // Remove 0x04 prefix
const address = '0x' + publicKeyHash.slice(-20).toString('hex');
// Poseidon hash (used in ZK circuits)
import { poseidon } from '@iden3/js-crypto';
const hash = poseidon([input1, input2, input3]);
// MiMC hash
import { mimcSponge } from 'circomlib';
const hash = mimcSponge.multiHash([input1, input2], key, numOutputs);
// commit(m, r) = g^m * h^r
// Hiding: cannot determine m from commitment
// Binding: cannot find m', r' where commit(m, r) = commit(m', r')
function pedersenCommit(m, r, g, h) {
return g.multiply(m).add(h.multiply(r));
}
// Verify commitment
function verifyCommitment(commitment, m, r, g, h) {
const expected = pedersenCommit(m, r, g, h);
return commitment.equals(expected);
}
// Simple commit-reveal scheme
function commit(value, nonce) {
return keccak256(abi.encodePacked(value, nonce));
}
function reveal(commitment, value, nonce) {
return commitment === keccak256(abi.encodePacked(value, nonce));
}
// BAD: Timing attack vulnerable
function compareInsecure(a, b) {
return a === b; // Short-circuits on first mismatch
}
// GOOD: Constant-time comparison
function compareSecure(a, b) {
if (a.length !== b.length) return false;
let diff = 0;
for (let i = 0; i < a.length; i++) {
diff |= a[i] ^ b[i];
}
return diff === 0;
}
import { timingSafeEqual } from 'crypto';
// Use built-in constant-time comparison
const isEqual = timingSafeEqual(Buffer.from(a), Buffer.from(b));
import { randomBytes } from '@noble/hashes/utils';
// Generate secure random bytes
const privateKey = randomBytes(32);
// For browser environments
const array = new Uint8Array(32);
crypto.getRandomValues(array);
// Request randomness on-chain
function requestRandomness() external returns (uint256 requestId) {
return COORDINATOR.requestRandomWords(
keyHash,
subscriptionId,
requestConfirmations,
callbackGasLimit,
numWords
);
}
function fulfillRandomWords(uint256, uint256[] memory randomWords) internal override {
// Use randomWords[0] for provably fair randomness
}
This skill integrates with:
cryptographic-protocol-implementation.js - Full protocol designhd-wallet-implementation.js - Wallet key managementmulti-signature-wallet.js - Multi-sig schemesthreshold-signature-scheme.js - TSS implementationzk-circuit-development.js - ZK-friendly primitives| Library | Purpose | URL |
|---|---|---|
| @noble/curves | Elliptic curves (secp256k1, ed25519, BLS12-381) | noble-curves |
| @noble/hashes | Hash functions (SHA, Keccak, BLAKE) | noble-hashes |
| @scure/bip32 | HD key derivation | scure-bip32 |
| @scure/bip39 | Mnemonic generation | scure-bip39 |
| libsodium | General-purpose crypto | libsodium.js |
| circomlibjs | ZK-friendly crypto | circomlibjs |
agents/crypto-engineer/AGENT.md - Cryptographic implementation expertskills/zk-circuits/SKILL.md - Zero-knowledge circuitsreferences.md - External cryptographic referencesActivates when the user asks about AI prompts, needs prompt templates, wants to search for prompts, or mentions prompts.chat. Use for discovering, retrieving, and improving prompts.
Search, retrieve, and install Agent Skills from the prompts.chat registry using MCP tools. Use when the user asks to find skills, browse skill catalogs, install a skill for Claude, or extend Claude's capabilities with reusable AI agent components.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.