Implements X25519 Diffie-Hellman key exchange as an EVM precompile. X25519 is the standard ECDH function over Curve25519 (Montgomery form), used in TLS 1.3, Signal Protocol, age encryption, and WireGuard. Contracts can derive shared secrets on-chain for encrypted communication or key agreement.
0x0000000000000000000000000000000000009203 -- Privacy range.
Operation selector is the first byte of input.
0x01 ScalarMult: scalar(32) + point(32) -> shared_secret(32)
0x02 Basepoint: scalar(32) -> public_key(32)
ScalarMult computes the Diffie-Hellman shared secret from a private scalar and a peer's public key. Basepoint computes a public key from a private scalar using the Curve25519 basepoint.
1. Uses golang.org/x/crypto/curve25519 with constant-time scalar multiplication.
2. The shared secret output must be fed into a KDF (HKDF-SHA256) before use as a symmetric key. Raw DH output is not uniformly distributed.
3. Provides ~128-bit security. Not post-quantum; for PQ key exchange use X-Wing (LP-115) or ML-KEM (LP-072).
4. Low-order point checks are handled by the X25519 function per RFC 7748.
github.com/luxfi/precompile/x25519/Copyright (C) 2024-2026, Lux Partners Limited. All rights reserved.
Licensed under the MIT License.