ECIES Encryption PoC

This repo demonstrates ECIES encryption using secp256k1 + AES-GCM, with fully working Rust ↔ JavaScript/TypeScript interoperability.

🔐 Crypto Stack

• EC key exchange via secp256k1 (ECDH)
• AES-256-GCM for authenticated encryption
• HKDF for key derivation

📂 Project Structure

• rust/ — Full keygen + ECIES encrypt/decrypt in Rust (with clap-based CLI)
• js/ — TypeScript ECIES using @noble/secp256k1 + WebCrypto + commander CLI

---

🚀 Getting Started

git clone https://github.com/Cardinal-Cryptography/ecies-encryption-poc.git
cd ecies-encryption-poc

Run the rust example

cd rust
cargo build
./target/debug/ecies-rust-poc example

Or run subcommands like:

./target/debug/ecies-rust-poc generate-keypair
./target/debug/ecies-rust-poc encrypt --pubkey <hex> --message "hello"
./target/debug/ecies-rust-poc decrypt --privkey <hex> --ciphertext <hex>

Run the TypeScript example

cd js
npm install

Then

npx ts-node index.ts example
npx ts-node index.ts generate-keypair
npx ts-node index.ts encrypt --pubkey <hex> --message "hello"
npx ts-node index.ts decrypt --privkey <hex> --ciphertext <hex>

Integration test

We include an integration test for JS <--> Rust compatibility.

./ecies-integration-test.sh

WARNING

Using encrypt or decrypt directly does not hide plaintext length which might be a problem in some cases. One needs do further work in order to fix that (add padding carefully).