Cryptography
Below is a list of all of the cryptographic algorithms that Firedancer implements:
AES-128-GCM
An authenticated encryption scheme. Used for securing traffic send through TLS.
Implementation copied out of Linux and OpenSSL.
BLAKE3
Tree-based hashing function, used for computing the LtHash.
Implementation written by hand from scratch.
BLS12-381
A pairing-friendly elliptic curve that allows for efficient batching of signature verifications.
Used in the following syscalls:
sol_curve_group_opsol_curve_validate_pointsol_curve_pairing_mapsol_curve_decompress
Used in V4 vote accounts, and will be used in Alpenglow for voting and certificate signatures.
Implementation wraps the blst library.
BN-254
Also known as alt_bn128. A pairing-friendly elliptic curve, generally considered to be superseded by BLS12-381.
Used in the following syscalls:
sol_alt_bn128_group_opsol_alt_bn128_compression
Implementation written by hand, with the core field operations provided by fiat-crypto.
ChaCha
Used for computing the turbine tree and the leader schedule.
Turbine uses 8 rounds of ChaCha, following the activation of switch_to_chacha8_turbine. The leader schedule uses 20 rounds.
Implementation written by hand, providing both scalar and SIMD optimized variants.
Ed25519
An EdDSA signature scheme that operates on the Edwards25519 curve.
Used for verifying ownership of transactions, accounts, shreds, repair requests, and gossip messages.
Reference implementation is implemented through the formally verified s2n-bignum implementation.
An AVX-512 optimized implementation is implemented by hand.
Secp256k1
An elliptic curve used in ECDSA and ecrecover, chosen for its endomorphic properties that allow for faster signature verification and recovery.
Used for the KeccakSecp256k11111111111111111111111111111 precompile as well as the sol_secp256k1_recover syscall.
Implementation wraps the formally verified s2n-bignum implementation.
Secp256r1
Used for the Secp256r1SigVerify1111111111111111111111111 precompile.
Implementation wraps the formally verified s2n-bignum implementation.
SHA-256
A cryptographic hashing function.
Used for computing PoH, computing PDAs, and generally any hashing requirements.
Implementation written by hand, providing both scalar and SIMD/SHA-NI optimized variants.
SHA-512
A cryptographic hashing function.
Used for verifying and signing Ed25519 signatures along with Ed25519.
Implementation written by hand, providing both scalar and SIMD optimized variants.
Keccak256
A cryptographic hashing function.
Used in the sol_keccak256 syscall and the Secp256k1 precompile.
Implementation wraps the formally verified s2n-bignum implementation.
Strobe128
A sponge construction used to build non-interactive protocols.
Used for Merlin in the Zk El-Gamal native program. Follows the spec.
Implementation written by hand, using the core Keccak256 provided by s2n-bignum.
X25519
An elliptic curve used for ECDH. Used for TLS key exchange.
Implementation wraps the formally verified s2n-bignum implementation.