Loading...
Loading...
Cryptographic operations in MultiversX smart contracts. Use when hashing data (SHA256, Keccak256, RIPEMD160), verifying signatures (Ed25519, secp256k1, secp256r1, BLS), or encoding signatures in on-chain logic.
npx skill4agent add multiversx/mx-ai-skills multiversx-crypto-verificationself.crypto()&ManagedBufferManagedBufferManagedByteArray| Method | Return Type | Output Size | Use Case |
|---|---|---|---|
| | 32 bytes | General purpose hashing, Merkle trees |
| | 32 bytes | Ethereum compatibility, EIP-712 |
| | 20 bytes | Bitcoin address derivation (rare) |
// Hash a message
let message = ManagedBuffer::from("data to hash");
let hash: ManagedByteArray<Self::Api, 32> = self.crypto().sha256(&message);
// Hash for Ethereum compatibility
let eth_hash = self.crypto().keccak256(&abi_encoded_data);truefalse| Method | Returns | On Invalid Signature |
|---|---|---|
| | Panics — tx fails with "invalid signature" |
| | Panics |
| | Panics |
| | Panics |
| | Panics |
| | Returns false |
| | Returns false |
// Panic-based (no return value)
fn verify_ed25519(
&self,
key: &ManagedBuffer<A>, // 32-byte public key
message: &ManagedBuffer<A>, // arbitrary message
signature: &ManagedBuffer<A>, // 64-byte signature
)
fn verify_bls(
&self,
key: &ManagedBuffer<A>, // 96-byte BLS public key
message: &ManagedBuffer<A>,
signature: &ManagedBuffer<A>, // 48-byte BLS signature
)
fn verify_secp256r1(
&self,
key: &ManagedBuffer<A>, // 33 or 65-byte public key
message: &ManagedBuffer<A>,
signature: &ManagedBuffer<A>,
)
fn verify_bls_signature_share(
&self,
key: &ManagedBuffer<A>,
message: &ManagedBuffer<A>,
signature: &ManagedBuffer<A>,
)
fn verify_bls_aggregated_signature(
&self,
keys: &ManagedVec<A, ManagedBuffer<A>>, // list of BLS public keys
message: &ManagedBuffer<A>,
signature: &ManagedBuffer<A>, // aggregated signature
)
// Bool-based
fn verify_secp256k1(
&self,
key: &ManagedBuffer<A>,
message: &ManagedBuffer<A>,
signature: &ManagedBuffer<A>, // DER-encoded or raw (min 2 bytes)
) -> bool
fn verify_custom_secp256k1(
&self,
key: &ManagedBuffer<A>,
message: &ManagedBuffer<A>,
signature: &ManagedBuffer<A>,
hash_type: MessageHashType, // how the message was hashed
) -> boolverify_custom_secp256k1pub enum MessageHashType {
ECDSAPlainMsg, // Message is not hashed (raw)
ECDSASha256, // Message was SHA-256 hashed
ECDSADoubleSha256, // Message was double SHA-256 hashed (Bitcoin)
ECDSAKeccak256, // Message was Keccak-256 hashed (Ethereum)
ECDSARipemd160, // Message was RIPEMD-160 hashed
ECDSABlake2b, // Message was Blake2b hashed
}fn encode_secp256k1_der_signature(
&self,
r: &ManagedBuffer<A>, // 32-byte r component
s: &ManagedBuffer<A>, // 32-byte s component
) -> ManagedBuffer<A> // DER-encoded signature| Algorithm | When to Use |
|---|---|
| Ed25519 | MultiversX native signatures. Verify user/SC signatures from the chain. Default choice. |
| secp256k1 | Ethereum/Bitcoin compatibility. Bridge contracts, cross-chain verification. |
| secp256r1 | NIST P-256 / WebAuthn / Apple Secure Enclave. Passkey-based auth. |
| BLS | Validator signatures, multi-sig aggregation, threshold schemes. |
| BLS aggregated | Verify a single aggregated signature from multiple validators. |
#[endpoint(executeWithSignature)]
fn execute_with_signature(
&self,
data: ManagedBuffer,
signature: ManagedBuffer,
) {
let signer = self.trusted_signer().get();
// Panics if invalid — tx reverts automatically
self.crypto().verify_ed25519(
&signer,
&data,
&signature,
);
// Only reached if signature is valid
self.process_data(&data);
}#[endpoint(verifyEthSignature)]
fn verify_eth_signature(
&self,
key: ManagedBuffer,
message: ManagedBuffer,
signature: ManagedBuffer,
) -> bool {
// Returns bool — handle failure gracefully
let valid = self.crypto().verify_custom_secp256k1(
&key,
&message,
&signature,
MessageHashType::ECDSAKeccak256,
);
require!(valid, "Invalid Ethereum signature");
valid
}#[endpoint(verifyValidators)]
fn verify_validators(
&self,
validator_keys: ManagedVec<ManagedBuffer>,
message: ManagedBuffer,
aggregated_sig: ManagedBuffer,
) {
// Panics if aggregated signature is invalid
self.crypto().verify_bls_aggregated_signature(
&validator_keys,
&message,
&aggregated_sig,
);
}#[endpoint(commit)]
fn commit(&self, hash: ManagedByteArray<Self::Api, 32>) {
let caller = self.blockchain().get_caller();
self.commitments(&caller).set(hash);
}
#[endpoint(reveal)]
fn reveal(&self, value: ManagedBuffer) {
let caller = self.blockchain().get_caller();
let stored_hash = self.commitments(&caller).get();
let computed_hash = self.crypto().sha256(&value);
require!(stored_hash == computed_hash, "Hash mismatch");
self.commitments(&caller).clear();
self.process_reveal(&caller, &value);
}// When you have raw r,s components (e.g., from an oracle)
let r = ManagedBuffer::from(&r_bytes[..]);
let s = ManagedBuffer::from(&s_bytes[..]);
let der_sig = self.crypto().encode_secp256k1_der_signature(&r, &s);
let valid = self.crypto().verify_secp256k1(&pubkey, &message, &der_sig);// BAD: Trying to catch Ed25519 failure — it panics, there's nothing to catch
let result = self.crypto().verify_ed25519(&key, &msg, &sig);
// ← verify_ed25519 returns (), not Result. If invalid, tx is already dead.
// GOOD: Use Ed25519 as a gate (panic is the intended behavior)
self.crypto().verify_ed25519(&key, &msg, &sig);
// Execution continues only if valid
// BAD: Using verify_secp256k1 without checking the bool
self.crypto().verify_secp256k1(&key, &msg, &sig);
// ← Compiles fine but ignores the result! Signature not actually checked.
// GOOD: Always check the bool return
let valid = self.crypto().verify_secp256k1(&key, &msg, &sig);
require!(valid, "Invalid signature");
// BAD: Using wrong hash type for Ethereum signatures
self.crypto().verify_custom_secp256k1(&key, &msg, &sig, MessageHashType::ECDSASha256);
// ← Ethereum uses Keccak256, not SHA256
// GOOD: Match the hash type to the chain
self.crypto().verify_custom_secp256k1(&key, &msg, &sig, MessageHashType::ECDSAKeccak256);