[FEATURE] : Implement Crypto Utilities Package #28
Description
Implement Crypto Utilities Package
Description:
Implement @ancore/crypto with key generation, mnemonic support, encryption/decryption, and transaction signing. This is security-critical — keys must never leave the device.
Context:
The package is currently a stub (CRYPTO_VERSION export only). Dependencies @noble/ed25519 and @noble/hashes are already in package.json. The wallet needs this for onboarding (mnemonic generation), key storage (encryption), and transaction signing.
Requirements:
- Implement
generateMnemonic()— BIP39 12-word mnemonic - Implement
validateMnemonic(mnemonic)— validate BIP39 mnemonic - Implement
deriveKeypairFromMnemonic(mnemonic, index)— derive Stellar keypair from mnemonic - Implement
encryptSecretKey(secretKey, password)— AES-256-GCM encryption with PBKDF2 key derivation - Implement
decryptSecretKey(encrypted, password)— decrypt stored secret key - Implement
signTransaction(tx, keypair)— local transaction signing - Implement
verifySignature(message, signature, publicKey) - Password strength validation
- Secure random salt/IV generation per operation
- Unit tests for all functions (100% coverage target)
Files to Create:
packages/crypto/src/mnemonic.tspackages/crypto/src/encryption.tspackages/crypto/src/signing.tspackages/crypto/src/password.tspackages/crypto/src/index.ts(update)packages/crypto/src/__tests__/mnemonic.test.tspackages/crypto/src/__tests__/encryption.test.tspackages/crypto/src/__tests__/signing.test.ts
Dependencies:
@stellar/stellar-sdk@noble/hashes@noble/ed25519bip39
Definition of Done:
- All crypto functions implemented and exported
- Encryption round-trip works (encrypt → decrypt = original)
- Mnemonic → keypair derivation is deterministic
- Tests pass with 100% coverage
- No secret keys logged or transmitted
Labels: crypto, security, foundation, critical
Estimated Effort: 3–5 days
Priority: Critical — blocks account-abstraction and storage manager