StealthCryptoProvider

Defined in: ootle/src/stealth/crypto-provider.ts:24

The single seam that hides all @tari-project/ootle-wasm crypto behind a typed, byte/bigint interface returning the SDK’s domain types.

Every higher layer depends on this interface, never on raw WASM, so tests can inject a FakeStealthCrypto fake. The only real implementation is WasmStealthCrypto.

All methods are async even though the WASM is synchronous to leave room for a future off-thread / worker-backed provider without churning call sites.

Methods

aggregateInputMasks()

aggregateInputMasks(masks): Promise<Mask>

Defined in: ootle/src/stealth/crypto-provider.ts:106

Aggregate input commitment masks into a single scalar. masks must be non-empty; the revealed-only case (no stealth inputs) must short-circuit to Mask.zero() at the caller instead of calling this method.

Parameters

masks

Mask[]

Returns

Promise<Mask>

---

buildInputsStatement()

buildInputsStatement(inputs, revealedAmount): Promise<StealthInputsStatement>

Defined in: ootle/src/stealth/crypto-provider.ts:46

Build the inputs (spend) side of a transfer as canonical WASM wire JSON.

Parameters

inputs

StealthInput[]

The stealth inputs being spent (empty for a revealed-only spend).

revealedAmount

bigint

The un-confidential (revealed) µTari input amount.

Returns

Promise<StealthInputsStatement>

A StealthInputsStatement carrying the WASM-produced statementJson.

---

deriveAeadKey()

deriveAeadKey(privateKey, publicKey): Promise<Uint8Array<ArrayBufferLike>>

Defined in: ootle/src/stealth/crypto-provider.ts:81

Derive the 32-byte AEAD encryption key for an output’s encrypted data via DH+KDF.

• Receivers: (viewSecret, sender_public_nonce).
• Senders: (sender_secret_nonce, recipient_view_pub).

Split from unblindOutput to mirror the WASM (encryptedDataDhKdfAead then unblindOutput).

Parameters

privateKey

Uint8Array

publicKey

Uint8Array

Returns

Promise<Uint8Array<ArrayBufferLike>>

---

generateBalanceProofSignature()

generateBalanceProofSignature(inputMask, outputMask, inputsStatementJson, outputsStatementJson): Promise<BalanceProofSignature>

Defined in: ootle/src/stealth/crypto-provider.ts:55

Sign the balance proof over the two statements’ canonical wire JSONs.

A transfer with no stealth inputs passes inputMask = Mask.zero().

Parameters

inputMask

Mask

outputMask

Mask

inputsStatementJson

string

outputsStatementJson

string

Returns

Promise<BalanceProofSignature>

The (public_nonce, signature) balance-proof signature.

---

generateOutputsStatement()

generateOutputsStatement(specs, revealedOutputAmount): Promise<{ outputMask: Mask; statement: StealthOutputsStatement; }>

Defined in: ootle/src/stealth/crypto-provider.ts:34

Build the outputs (sender) side of a transfer: one witness per spec, aggregated into a canonical WASM outputs-statement plus the summed output mask.

Parameters

specs

Output[]

The outputs to create (incl. change).

revealedOutputAmount

bigint

The un-confidential (revealed) µTari output amount.

Returns

Promise<{ outputMask: Mask; statement: StealthOutputsStatement; }>

The WASM-produced StealthOutputsStatement and the aggregated outputMask for the balance proof.

---

stealthDhSecret()

stealthDhSecret(networkByte, ownerSecret, publicNonce): Promise<Uint8Array<ArrayBufferLike>>

Defined in: ootle/src/stealth/crypto-provider.ts:116

Derive the one-time stealth spend scalar (c + k) via DH for an owned stealth UTXO.

Parameters

networkByte

number

The network byte (see Network).

ownerSecret

Uint8Array

The owner’s secret key.

publicNonce

Uint8Array

The output’s sender public nonce.

Returns

Promise<Uint8Array<ArrayBufferLike>>

The 32-byte spend scalar.

---

unblindOutput()

unblindOutput(commitment, encryptedData, aeadKey, skipMemo): Promise<DecryptedData>

Defined in: ootle/src/stealth/crypto-provider.ts:94

Decrypt an owned output using a precomputed AEAD key (from deriveAeadKey).

Throws on AEAD failure / commitment mismatch — i.e. the output is not owned. The receive helper catches this to mean “skip this UTXO”.

Parameters

commitment

Uint8Array

The output’s 32-byte Pedersen commitment (from its substate id).

encryptedData

Uint8Array

The raw ciphertext bytes.

aeadKey

Uint8Array

The 32-byte AEAD key from deriveAeadKey.

skipMemo

boolean

When true, the memo is not decrypted.

Returns

Promise<DecryptedData>

---

validateBalanceProofSignature()?

optional validateBalanceProofSignature(proof, inputsStatementJson, outputsStatementJson): Promise<boolean>

Defined in: ootle/src/stealth/crypto-provider.ts:66

Optional client-side pre-flight check of a balance-proof signature. The engine is authoritative at submission — implement as a cheap debug aid only.

Parameters

proof

BalanceProofSignature

inputsStatementJson

string

outputsStatementJson

string

Returns

Promise<boolean>

---

validateTransfer()

validateTransfer(statement): Promise<void>

Defined in: ootle/src/stealth/crypto-provider.ts:123

Structurally validate a complete transfer envelope (balance proof filled). Throws on invalid. This is a client pre-flight (view_key = null); the engine is authoritative for viewable-resource validation at submission.

Parameters

statement

StealthTransferStatement

Returns

Promise<void>