This LIP defines a standard interface for WebAssembly (WASM) modules that provide public-key cryptography functions. The LEA Public Key Module Interface (LEA-PKMI) specifies a set of required imports and exports that enable seamless integration of cryptographic modules for operations like key generation, signing, and verification within the LEA ecosystem. This standardization promotes interoperability, simplifies development, and allows for modular replacement of cryptographic implementations.
As the LEA ecosystem grows, there is a need for a standardized way to perform public-key cryptography across different applications and environments. Without a defined interface, developers must write custom "glue code" for each specific cryptographic library, leading to duplicated effort, increased complexity, and a higher risk of implementation errors.
The LEA-PKMI provides a clear, minimal, and efficient contract between a host environment and a WASM-based cryptographic module. This allows developers to easily swap different modules (e.g., switching from an Ed25519 module to a different signature scheme) without changing the host application's code, fostering a more flexible and secure development environment.
Any WASM module compliant with LEA-PKMI MUST implement the following interface.
The module MUST import the following functions from the host environment under the env namespace.
__lea_abort(line: i32)
line: A 32-bit integer representing the source code line number where the error occurred.__lea_randombytes(ptr: i32, len: i32)
ptr: A 32-bit integer representing the memory address where the host should write the random data.len: A 32-bit integer specifying the number of bytes to write.ptr with len bytes of secure random data.The module MUST export the following memory and functions.
memory: WebAssembly.Memory
__lea_malloc(size: i32): i32
size bytes.__lea_allocator_reset()
pk_bytes(): i32
sk_bytes(): i32
signature_bytes(): i32
These functions MUST return 0 on success and a non-zero integer on failure.
keygen(pk_ptr: i32, sk_ptr: i32): i32
pk_ptr: Pointer to an allocated block for the public key.sk_ptr: Pointer to an allocated block for the secret key.sign(sig_ptr: i32, msg_ptr: i32, msg_len: i32, sk_ptr: i32): i32
sig_ptr: Pointer to an allocated block for the output signature.msg_ptr: Pointer to the message to be signed.msg_len: The length of the message.sk_ptr: Pointer to the secret key.verify(sig_ptr: i32, msg_ptr: i32, msg_len: i32, pk_ptr: i32): i32
sig_ptr: Pointer to the signature to verify.msg_ptr: Pointer to the original message.msg_len: The length of the message.pk_ptr: Pointer to the public key.The design of the LEA-PKMI prioritizes simplicity, security, and performance.
i32), the interface remains compatible with any host language that can interact with WebAssembly, avoiding complexities of higher-level data types.__lea_malloc and can reset the state with __lea_allocator_reset. This simple model avoids the need for complex memory management or garbage collection schemes across the WASM boundary.__lea_randombytes. This is a critical security decision, as generating secure randomness is a responsibility best handled by the host environment, which has direct access to system-level entropy sources.This LIP introduces a new standard and does not break any existing protocols. It is intended for new cryptographic modules developed for the LEA ecosystem. Existing modules would need to be updated to comply with this interface.
__lea_randombytes import. A weak or predictable source of randomness will compromise all cryptographic operations. The host must also handle the __lea_abort call by safely terminating the process to prevent further execution in a potentially corrupt state.This LIP is licensed under the MIT License.