Navigation
Whitepaper Crypto Library Privacy Policy
Netzwerk
Node Pre-Registration
Links
blackchaintoken.io
BlackChain Development · Technical Reference

BlackChain
Crypto Library

Complete documentation of the hybrid cryptographic library — four signature schemes, quantum-secure, Ethereum-compatible, one unified framework.

4
Signature Schemes
256-bit
PQ Security
4.973 B
Hybrid Signature
~10ms
Sign Time
01 · Overview

What is BlackChain Crypto?

A hybrid cryptographic library combining four different signature schemes into a unified security framework — Defense in Depth for the Post-Quantum era.

🛡

Dilithium5

Post-quantum signature scheme based on Module-LWE lattice problems. NIST Level 5, 256-bit quantum-secure security. Key: 2,592 bytes PK, Signature: 4,595 bytes.

Post-Quantum
🔐

P-521

NIST-standardized elliptic curve with 256-bit classical security. Supports public key recovery for address derivation. Signature: 133 bytes incl. recovery ID.

Classical

Ed448

Edwards curve with 224-bit security, RFC 8032 standardized. Deterministic signatures, constant-time implementation, support for context strings (domain separation).

Classical
🔮

E-521

Twisted Edwards curve with 256-bit security over 521-bit prime field. Implemented via Kyber framework. Maximum security margin through curve size.

Classical
Defense in Depth: An attacker would need to break all four schemes simultaneously — Dilithium5 (lattice problems), P-521 (ECDLP), Ed448 (EdDSA), E-521 (Twisted Edwards). The probability is extremely low even with advancing technology.
🛡 256-bit PQ Dilithium5 P-521 Ed448 E-521
02 · System Architecture

Package Organization

Modular design with clear separation of responsibilities. Each package serves a specific purpose in the overall cryptographic system.

📦
Root Package — blackchain_crypto
Transaction system & hybrid key management
TransactionSignVerify
Contains the main transaction system and BlackChain hybrid key management. Transactions are created, signed and verified here. Implements GenerateKey(), SignMessage(), Verify() and SignNewBlackChainTx().
🔑
sign/ — Unified Interfaces
Scheme, PublicKey, PrivateKey Interfaces
SchemePublicKeyPrivateKey
Defines unified interfaces for all signature schemes. The sign.Scheme abstraction enables consistent work with different algorithms: GenerateKey(), DeriveKey(), Sign(), Verify(), plus metadata like PublicKeySize() and SignatureSize().
🛡
dilithium/ — Post-Quantum
CRYSTALS-Dilithium5 Implementation
Mode5PolynomialLattice
Implements the post-quantum Dilithium5 signature scheme. Contains both high-level interfaces and low-level polynomial arithmetic for lattice-based cryptography. Uses polynomial rings and module lattices for quantum-secure key generation and signing.
📐
mdecc/ — Multi-Dimensionale ECC
P-521, Ed448, E-521 Implementations
P-521Ed448E-521Recovery
Multi-dimensional elliptic curve cryptography. Each curve provides signing and verification following the common sign.Scheme interface. P-521 additionally supports public key recovery. Ed448 offers context support for domain separation.
💼
hdwallet/ — HD Wallet
BIP-39/32/44, Mnemonic, Key Derivation
BIP-39BIP-32BIP-44Hardened
Hierarchical deterministic wallet implementation. Combines all cryptographic schemes into a unified wallet system with mnemonic support (12-24 words), key derivation and account management. Uses exclusively hardened derivation for consistent security across all four schemes.
Package Dependency Graph
Interactive dependency diagram — Root package orchestrates all subsystems. Hover for details.

Data Flow: Sign Transaction

1

Key Derivation

Wallet derives keys for all four signature schemes from the master seed. seed[0:256] → Dilithium5, seed[256:384] → mdECC, seed[384:512] → Chain Code

2

Dilithium5 Signature

The original message is signed directly with Dilithium5: σ_dil = Dilithium5.Sign(sk_dil, message)

3

Entanglement Nonce

Cryptographic entanglement of all keys: nonce = SHAKE256("entangle" ‖ AlgoID ‖ Version ‖ Address), dann H_combined = SHAKE256(PK_all ‖ nonce)

4

ECC Signatures

Each ECC scheme signs message ‖ H_combined ‖ CurveID. By including H_combined, all four signatures are mathematically linked.

5

Final Signature

Concatenation: σ = σ_dil ‖ σ_p521 ‖ σ_ed448 ‖ σ_e521 → 4,973 bytes. Verification requires validity of all four partial signatures.

03 · Hierarchical Deterministic Wallet

HD Wallet System

BIP-39/32/44 compatible wallet with a single mnemonic for all four cryptographic schemes — Hardened-Only Derivation for maximum security.

Key Derivation

Mnemonic
24 Words
PBKDF2
2048 Rounds
512-bit Seed
64 Bytes
Seed Split
3 Parts
Seed SplittingSeed ∈ {0,1}⁵¹² → 3 Segmente:

S[0:255] → Dilithium5 Seed (256 bit → direct key generation)
S[256:383] → mdECC Seed (128 bit → SHAKE256 + HKDF-SHA3-512 per curve)
S[384:511] → Chain Code (128 bit → BIP-32 derivation chain)

ECC key expansion per curve (i ∈ {1,2,3}):
h_i = SHAKE256(mdECC_seed ‖ curve_id_i) // 64 bit
key_i = HKDF-SHA3-512(h_i, target_bits) // P-521: 528 bit, Ed448: 456 bit, E-521: 528 bit

Address:
combined = Marshal(PK_dil ‖ PK_p521 ‖ PK_ed448 ‖ PK_e521)
addr = Keccak-256(combined)[12:32] // Ethereum-compatible, 20 bytes

Derivation Path (BIP-44, Hardened-Only)

m / 44' / 60' / 0' / 0' / 0'
↑ ↑ ↑ ↑ ↑
BIP-44 ETH Account Change Index

All indices automatically hardened (0x80000000 Prefix).
Hardened-Only because Dilithium5, Ed448 and E-521 do not support
public child key derivation.
wallet_example.go
// Create wallet and derive accounts mnemonic, _ := hdwallet.NewMnemonic(256) // 24 Words wallet, _ := hdwallet.NewFromMnemonic(mnemonic) // Primary address address, _ := wallet.DeriveAddress() fmt.Printf("Address: %s\n", address.Hex()) // Derive more accounts path := hdwallet.MustHardenedPathFromString("44/60/0/0/1") account, _ := wallet.Derive(path, true) // pin = true // Sign message sig, _ := wallet.SignMsg([]byte("Hello, BlackChain!")) fmt.Printf("Signature length: %d bytes\n", len(sig)) // 4.973 Bytes
Key Derivation Tree — Mnemonic to 4 Key Pairs
Visualization: 512-bit seed is split into three segments. The mdECC segment is individually expanded via SHAKE256 + HKDF for each curve.
04 · Signature System

Hybrid Signature Linking

The entanglement mechanism prevents signature reuse through cryptographic linking of all four schemes — Address Binding, Public Key Linking, Curve Separation.

EntanglementStep 1: Dilithium5 Signature
σ_dil = Dilithium5.Sign(sk_dil, message)

Step 2: Entanglement Nonce
entglData = "entangle" ‖ AlgoID ‖ Version ‖ Address
entglNonce = SHAKE256(entglData, 16 Bytes)

Step 3: Combined Hash
hCombinedData = PK_dil ‖ PK_p521 ‖ PK_ed448 ‖ PK_e521 ‖ entglNonce
hCombined = SHAKE256(hCombinedData, 32 Bytes)

Step 4: ECC Signatures (per curve i)
msg_i = message ‖ hCombined ‖ CurveID_i
σ_i = ECC_i.Sign(sk_i, msg_i)

Step 5: Final Signature
σ = σ_dil[0:4595] ‖ σ_p521[0:133] ‖ σ_ed448[0:114] ‖ σ_e521[0:131]
|σ| = 4.973 Bytes

Signature Structure

Security Mechanisms

🔗

Address Binding

The entanglement nonce contains the wallet address. Signatures from one address cannot be used for another.

🔐

Public Key Linking

The combined hash links all four public keys. You cannot mix signatures from different key sets.

🧬

Curve Separation

Each ECC signature contains its curve ID. Cross-curve signature reuse is prevented.

Signature Entanglement — Cryptographic Linking
The four signature schemes are cryptographically linked via the Combined Hash (SHAKE256). Each signature is bound to the wallet address and all public keys.
05 · Transaction System

Ethereum-compatible Transactions

EIP-1559 fee model, EIP-2718 Typed Envelopes, RLP encoding for consensus and JSON-RPC for APIs — extended with hybrid post-quantum signatures.

Transaction Lifecycle

📝
Create
Fill TX data
🔑
Keys
Load 4 SKs
✍️
Sign
4× Sign ~10ms
🔗
Entangle
SHAKE256 Link
📦
Encode
RLP / JSON
📡
Broadcast
~8 KB TX
Verify
4× Check ~15ms
Finalized
On-Chain
FieldTypeDescription
Versionuint8Protocol version (currently 1)
AlgoIDuint8Algorithm identifier (currently 1)
ChainID*big.IntEIP-155 Chain Identifier
Nonceuint64Account transaction sequence number
To*AddressRecipient address (nil for contract creation)
Value*big.IntTransfer amount in Wei
GasTipCap*big.IntPriority fee per gas unit
GasFeeCap*big.IntMaximum fee per gas unit
Gasuint64Gas-Limit
Data[]byteContract call data / bytecode
AccessListAccessListEIP-2930 Access List (optional)
Sig[]byteHybrid signature (4,973 bytes)
Pks[]bytePublic keys (2,782 bytes)
transaction_example.go
// Create and sign transaction txData := &blackchain_crypto.BlackChainTxType{ Version: blackchain_crypto.Version, AlgoID: blackchain_crypto.AlgoId, ChainID: big.NewInt(1337), Nonce: 0, To: &recipient, Value: big.NewInt(1_000_000_000_000_000_000), // 1 ETH GasTipCap: big.NewInt(2_000_000_000), // 2 Gwei GasFeeCap: big.NewInt(30_000_000_000), // 30 Gwei Gas: 21_000, } signer := blackchain_crypto.NewBlackChainSignerV1(chainID) signedTx, _ := blackchain_crypto.SignNewBlackChainTx(*privKey, signer, txData) // Transaction Hash fmt.Printf("TX Hash: %s\n", signedTx.Hash().Hex()) // Sender Recovery sender, _ := signer.Sender(signedTx) fmt.Printf("Sender: %s\n", sender.Hex())
06 · Technical Specifications

Key & Signature Sizes

Overview of all cryptographic sizes — hybrid keys are larger than traditional crypto keys, but provide post-quantum protection.

Public Key: 2,782 Bytes

Dilithium5
2.592 B
P-521
67 B
Ed448
57 B
E-521
66 B

Signature: 4,973 Bytes

Dilithium5
4.595 B
P-521
133 B
Ed448
114 B
E-521
131 B
2.782
Public Key (Bytes)
5.109
Private Key (Bytes)
4.973
Signature (Bytes)
20
Address (Bytes)
~8 KB
TX Size (Transfer)
64
Seed (Bytes)
AlgorithmSecurity LevelQuantum ResistantBasis
Dilithium5256-bit✓ YesModule-LWE Lattice
P-521256-bit✗ NoECDLP (Weierstraß)
Ed448224-bit✗ NoEdDSA (Edwards)
E-521256-bit✗ NoTwisted Edwards
Combined256-bit PQ + 256-bit classical✓ YesHybrid Defense-in-Depth

Size Comparison: BlackChain vs. Bitcoin vs. Ethereum

BlackChain
Public Key2.782 B
Signatur4.973 B
TX Size~8 KB
PQ Secure✓ 256-bit
Schemes4 hybrid
Bitcoin
Public Key33 B
Signatur64 B
TX Size~250 B
PQ Secure✗ No
Schemes1 (secp256k1)
Ethereum
Public Key33 B
Signatur65 B
TX Size~110 B
PQ Secure✗ No
Schemes1 (secp256k1)
Trade-off: BlackChain transactions are ~32× larger than Ethereum. This overhead is the price for post-quantum security and quadruple cryptographic protection — increasingly negligible with growing bandwidth.
07 · Performance

Operation Times

Benchmarks on modern hardware. Despite four signature schemes, hybrid operations are performant enough for real-time applications.

Generate mnemonic
< 1ms
Create wallet
~100ms
Derive account
~50ms
Sign message
~10ms
Verify signature
~15ms
Generate TX
~10ms
Sign TX
~10ms
System Requirements: Go 1.21+, Linux/macOS/Windows, amd64 or arm64. Minimum 100 MB RAM. ~8 KB storage per transaction.
08 · API Reference

Interface Documentation

Core functions of the key packages — hdwallet, blackchain_crypto, dilithium/mode5 and mdecc.

hdwallet NewMnemonic / NewFromMnemonic / NewFromSeed

func NewMnemonic(bits int) (string, error)
// bits: 128, 160, 192, 224, 256 → 12-24 Words

func NewFromMnemonic(mnemonic string, passOpt ...string) (*Wallet, error)
// Optional passphrase as 25th word

func NewFromSeed(seed []byte) (*Wallet, error)
// seed: 64 Bytes (512 bit)

hdwallet Wallet.SignMsg / Wallet.Derive / Verify

func (w *Wallet) SignMsg(hash []byte) ([]byte, error)
// Returns 4,973-byte hybrid signature

func (w *Wallet) Derive(path DerivationPath, pin bool) (Account, error)
// path: BIP-32 path (automatically hardened)
// pin: Account merken für späteren Zugriff

func Verify(msg, sig []byte, dil PublicKey, p521, ed448, e521 sign.PublicKey) (bool, error)
// All 4 partial signatures must be valid

crypto GenerateKey / SignMessage / Verify

func GenerateKey(seed []byte) (*BlackChainPublicKey, *BlackChainPrivateKey, error)
// seed: 64 bytes → 4 key pairs

func SignMessage(sk *BlackChainPrivateKey, msg []byte) ([]byte, error)
// Hybrid signature across all 4 schemes

func Verify(msg, sig []byte, pk *BlackChainPublicKey) (bool, error)
// Full hybrid verification

mdecc sign.Scheme Interface

type Scheme interface {
GenerateKey() (PublicKey, PrivateKey, error)
DeriveKey(seed []byte) (PublicKey, PrivateKey)
Sign(sk PrivateKey, msg []byte, opts *SignatureOpts) []byte
Verify(pk PublicKey, msg, sig []byte, opts *SignatureOpts) bool
Name() string
PublicKeySize() int
PrivateKeySize() int
SignatureSize() int
SeedSize() int
}

// Implementations:
NewP521Scheme() → P-521 (ECDSA with Recovery)
NewCurve448Scheme() → Ed448 (with context support)
NewE521Scheme() → E-521 (Twisted Edwards)

mode5 Dilithium5 Low-Level API

func GenerateKey(rand io.Reader) (*PublicKey, *PrivateKey, error)
func NewKeyFromSeed(seed *[SeedSize]byte) (*PublicKey, *PrivateKey)
func SignTo(sk *PrivateKey, msg, sig []byte)
func Verify(pk *PublicKey, msg, sig []byte) bool

const PublicKeySize = 2592
const PrivateKeySize = 4864
const SignatureSize = 4595
const SeedSize = 32
09 · Dependencies & Testing

Dependencies & Quality Assurance

Built on established cryptographic libraries with comprehensive test coverage.

📦

Kyber v4

E-521 Edwards-Kurve. Abstraktes Interface für elliptische Kurven. MIT-Lizenz.

☁️

Cloudflare circl

Ed448 Edwards-Kurve. High-performance implementation. BSD-3-Clause.

🔐

dustinxie/ecc

P-521 ECDSA mit Public-Key-Recovery-Support. MIT-Lizenz.

go-ethereum

Ethereum-Adressformat, Utilities, RLP-Encoding. LGPL-3.0.

🌱

go-bip39 / btcd

BIP-39 Mnemonic-Generierung und BIP-32 HD-Key-Derivation. MIT/ISC.

🔒

golang.org/x/crypto

SHA-3, SHAKE, HKDF implementations. BSD-3-Clause.

testing
# Run all tests go test ./... # Verbose with coverage go test -v -cover ./... # Benchmarks go test -bench=. -benchmem ./... # Specific packages go test ./hdwallet/... go test ./dilithium/... go test ./mdecc/...
Conclusion

Quantum-secure Cryptography
for the Blockchain Era

BlackChain Crypto combines the best of both worlds: the proven security of classical elliptic curve cryptography with the future protection of lattice-based post-quantum schemes. Four signature schemes, one unified interface, full Ethereum compatibility.

BlackChain Development · Crypto Library v1.0 · 2025