- Home
- Skills
- Multiversx
- Mx Ai Skills
- Multiversx Crypto Verification
multiversx-crypto-verification_skill
10
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill multiversx/mx-ai-skills --skill multiversx-crypto-verification- SKILL.md8.1 KB
Overview
This skill provides a concise reference and practical patterns for cryptographic operations inside MultiversX smart contracts using the self.crypto() API. It covers hashing (SHA-256, Keccak-256, RIPEMD-160), signature verification for Ed25519, secp256k1, secp256r1, and BLS, plus DER encoding for secp256k1. Use it to implement secure on-chain gates, cross-chain signature checks, and aggregated validator verification.
How this skill works
Hashing functions accept ManagedBuffer inputs and return fixed-size ManagedByteArray results suitable for on-chain storage and comparisons. Signature verification exposes panic-based methods (Ed25519, BLS, secp256r1) that abort the transaction on failure, and bool-based secp256k1 methods for graceful handling. A custom secp256k1 verifier accepts a MessageHashType enum so you can match how the message was pre-hashed (Keccak, SHA256, double-SHA256, etc.).
When to use it
- Protect critical endpoints where an invalid signature must abort the transaction (use panic-based verifiers).
- Verify Ethereum-style signatures or external ECDSA signatures where you need to handle failure without panicking (use bool-based secp256k1).
- Implement commit-reveal schemes, Merkle proofs, or any logic requiring deterministic hashes (use sha256/keccak256/ripemd160).
- Validate WebAuthn or platform passkey assertions using secp256r1.
- Aggregate validator signatures or threshold schemes using BLS and BLS aggregated verification.
Best practices
- Choose the verifier type to match your error model: panic-based for gate checks, bool-based for conditional flows.
- Always check the boolean return of verify_secp256k1 and verify_custom_secp256k1; never ignore the result.
- Match the MessageHashType to how the message was actually hashed (Ethereum = Keccak256).
- Use encode_secp256k1_der_signature when you only have raw r/s components before calling secp256k1 verifiers.
- Store and compare fixed-size ManagedByteArray hashes for commit-reveal and on-chain comparisons to avoid ambiguity.
Example use cases
- An access-control endpoint that requires an Ed25519 signature from a trusted signer and reverts automatically if invalid.
- A bridge contract that verifies Ethereum user signatures with verify_custom_secp256k1(MessageHashType::ECDSAKeccak256).
- A vote aggregation system that verifies a single BLS aggregated signature from multiple validators.
- A commit-reveal lottery where commitments are stored as sha256 hashes and reveals are validated on-chain.
- A wallet or passkey verifier that validates secp256r1 signatures coming from platform authenticators.
FAQ
Panic-based verifiers are designed for gate checks where invalid signatures should abort execution. Bool-based verifiers let contracts handle failures gracefully or attempt alternatives.
Which hash should I use for Ethereum signatures?
Use Keccak256 and call verify_custom_secp256k1 with MessageHashType::ECDSAKeccak256 to match Ethereum hashing.