Key Generators & Crypto Operations

Key Derivation Generator Overrides

All cryptographic keys are derived from the master seed via KMAC256 or Poseidon. Every derivation step is injectable. The following generator types appear as optional deps across the functions that use them.

Master Viewing Key Generators

type MasterViewingKeyGeneratorFunction = () => Promise<MasterViewingKey>;
type MasterViewingKeyBlindingFactorGeneratorFunction = () => Promise<Bn254FieldElement>;

Used by: registration, Stealth Pool Note creation (self-burnable and receiver-burnable), burning.

Poseidon Private Key Generators

type PoseidonPrivateKeyGeneratorFunction = () => Promise<Bn254FieldElement>;
type PoseidonBlindingFactorGeneratorFunction = () => Promise<Bn254FieldElement>;

Used by: registration, Stealth Pool Note creation, burning.

X25519 / Curve25519 Keypair Generators

// User account X25519 key - used for token account encryption
type Curve25519KeypairGeneratorFunction = () => Promise<Curve25519KeypairResult>;

// Per-mint X25519 key - used for Stealth Pool Note ciphertext addressing
type MintX25519KeypairGeneratorFunction = (mint: Address) => Promise<Curve25519KeypairResult>;

Used by: registration, Stealth Pool Note creation. Also exposed via getMintEncryptionKeyRotatorFunction deps (in @umbra-privacy/sdk/account).

Viewing Key Generators (Poseidon sub-hierarchy)

type MintViewingKeyGeneratorFunction = (
  mint: Address,
  options?: ViewingKeyGeneratorOptions,
) => Promise<MintViewingKey>;

type YearlyViewingKeyGeneratorFunction = (
  mint: Address,
  year: Year,
  options?: ViewingKeyGeneratorOptions,
) => Promise<YearlyViewingKey>;

type MonthlyViewingKeyGeneratorFunction = (
  mint: Address,
  year: Year,
  month: Month,
  options?: ViewingKeyGeneratorOptions,
) => Promise<MonthlyViewingKey>;

type DailyViewingKeyGeneratorFunction = (
  mint: Address,
  year: Year,
  month: Month,
  day: Day,
  options?: ViewingKeyGeneratorOptions,
) => Promise<DailyViewingKey>;

type SecondViewingKeyGeneratorFunction = (
  mint: Address,
  year: Year,
  month: Month,
  day: Day,
  hour: Hour,
  minute: Minute,
  second: Second,
  options?: ViewingKeyGeneratorOptions,
) => Promise<SecondViewingKey>;

Used by: Stealth Pool Note creation (the second viewing key scopes the note ciphertext).

Commitment Factor Generators

type RescueEncryptionCommitmentBlindingFactorGeneratorFunction = () => Promise<Bn254FieldElement>;
type RandomFactorForPolynomialCommitmentGeneratorFunction = () => Promise<Curve25519FieldElement>;
type PoseidonKeystreamBlindingFactorGeneratorFunction = () => Promise<Bn254FieldElement>;

Ephemeral Stealth Pool Note key generators

Each note operation uses per-note ephemeral keys parameterised by the on-chain generation index. All are injectable. The TypeScript names retained their V13 spellings (EphemeralUtxo*) and the burn-side interfaces re-export them under V18 aliases:

type EphemeralUtxoMasterViewingKeyDeriverFunction = (offset: U256) => Promise<MasterViewingKey>;
type EphemeralUtxoMasterViewingKeyBlindingFactorDeriverFunction = (offset: U256) => Promise<Bn254FieldElement>;
type EphemeralUtxoPoseidonPrivateKeyDeriverFunction = (offset: U256) => Promise<Bn254FieldElement>;
type EphemeralUtxoPoseidonPrivateKeyBlindingFactorDeriverFunction = (offset: U256) => Promise<Bn254FieldElement>;
type EphemeralUtxoNullifierDeriverFunction = (offset: U256) => Promise<Bn254FieldElement>;
type EphemeralUtxoH2RandomSecretDeriverFunction = (offset: U256) => Promise<Curve25519FieldElement>;

Used by: all Stealth Pool Note creation and burner factories.

Cryptographic Operation Overrides

Beyond key generation, the low-level cryptographic operations themselves are injectable.

Rescue Cipher (RC) - Encryption and Decryption

The Rescue cipher is used to encrypt Stealth Pool Note payloads and EncryptedTokenAccount balances.

type RcEncryptorFunction = (
  plaintext: readonly RcPlaintext[],
) => Promise<{ ciphertexts: RcCiphertext[]; nonce: RcEncryptionNonce }>;

type RcEncryptorWithNonceFunction = (
  plaintext: readonly RcPlaintext[],
  nonce: RcEncryptionNonce,
) => Promise<RcCiphertext[]>;

type RcDecryptorFunction = (
  ciphertext: readonly RcCiphertext[],
  nonce: RcEncryptionNonce,
) => Promise<RcPlaintext[]>;

type RcKeyGeneratorFunction = (
  counters: readonly RcCounter[],
  nonce: RcEncryptionNonce,
) => Promise<RcKey[]>;

getRcEncryptor and getRcKeyGenerator appear in: registration, Stealth Pool Note creation deps.
rcDecryptor appears in: getEncryptedBalanceQuerierFunction deps — override to provide a custom decryption backend.

AES Encryption

AES-GCM is used for symmetric encryption of Stealth Pool Note commitment payloads.

type AesEncryptorFunction = (
  key: AesKey,
  plaintext: AesPlaintext,
) => Promise<AesCiphertextWithMetadata>;

type AesDecryptorFunction = (
  key: AesKey,
  ciphertext: AesCiphertextWithMetadata,
) => Promise<AesPlaintext>;

Used by: Stealth Pool Note creator factories.

Poseidon Hash, Encryption, and Keystream

See Poseidon for the hash construction and security properties.

type PoseidonHashFunction = (
  dataPoints: readonly Bn254FieldElement[],
) => Promise<Bn254FieldElement>;

type PoseidonAggregatorHashFunction = (
  dataPoints: readonly Bn254FieldElement[],
) => Promise<PoseidonHash>;

type PoseidonEncryptorFunction = (
  plaintext: readonly PoseidonPlaintext[],
  key: PoseidonKey,
) => Promise<PoseidonCiphertext[]>;

type PoseidonKeystreamGeneratorFunction = (
  counters: readonly PoseidonCounter[],
  key: PoseidonKey,
) => Promise<Map<PoseidonCounter, PoseidonKeystream>>;

type KeystreamCommitmentFunction = (
  keystream: Bn254FieldElement,
  blindingFactor: Bn254FieldElement,
) => Promise<Bn254FieldElement>;

Used by: registration, Stealth Pool Note creation, burning.

Fiat-Shamir Challenge and Polynomial Evaluation

type FiatShamirChallengeGeneratorFunction = (
  input: Uint8Array,
) => Curve25519FieldElement;

type ChallengePowersFunction = (
  challenge: Curve25519FieldElement,
  maxPower: number,
) => Curve25519FieldElement[];

type PolynomialEvaluatorFunction = (
  coefficients: Curve25519FieldElement[],
  point: Curve25519FieldElement,
) => Curve25519FieldElement;

Used by: registration, Stealth Pool Note creation. Override to run evaluation in a Web Worker or swap in a WASM implementation.

User Commitment Generator

type UserCommitmentGeneratorFunction = (
  masterViewingKey: Bn254FieldElement,
  masterViewingKeyBlindingFactor: Bn254FieldElement,
  poseidonPrivateKey: Bn254FieldElement,
  poseidonBlindingFactor: Bn254FieldElement,
) => Promise<Bn254FieldElement>;

Used by: registration, Stealth Pool Note creation.

​Key Derivation Generator Overrides

​Master Viewing Key Generators

​Poseidon Private Key Generators

​X25519 / Curve25519 Keypair Generators

​Viewing Key Generators (Poseidon sub-hierarchy)

​Commitment Factor Generators

​Ephemeral Stealth Pool Note key generators

​Cryptographic Operation Overrides

​Rescue Cipher (RC) - Encryption and Decryption

​AES Encryption

​Poseidon Hash, Encryption, and Keystream

​Fiat-Shamir Challenge and Polynomial Evaluation

​User Commitment Generator