Precompiles
Overview
Seismic adds six precompiled contracts to the EVM, giving smart contracts access to cryptographic primitives that would be prohibitively expensive to implement in Solidity. All standard Ethereum precompiles (ecRecover, SHA-256, RIPEMD-160, identity, modexp, ecAdd, ecMul, ecPairing, blake2f) remain available at their usual addresses.
Precompiles are called like regular contracts using staticcall or call to their fixed addresses. They execute native code rather than EVM bytecode, making them significantly cheaper and faster than equivalent Solidity implementations.
0x64
RNG
Securely generate random bytes inside the TEE
0x65
ECDH
Derive an AES key from a private key and a public key
0x66
AES-GCM Encrypt
Encrypt data with AES-256-GCM authenticated encryption
0x67
AES-GCM Decrypt
Decrypt data with AES-256-GCM authenticated encryption
0x68
HKDF
Derive a 32-byte key from input key material
0x69
secp256k1 Sign
Sign a message hash with a secp256k1 private key
All precompiles expect raw concatenated bytes as input, not ABI-encoded data. Use abi.encodePacked (not abi.encode) when constructing input in Solidity.
RNG (0x64)
0x64)Securely generate random bytes inside the TEE. The randomness is derived from TEE-internal entropy combined with optional personalization data, ensuring that the output is unpredictable to all parties -- including the node operator.
Input
Raw bytes in the following layout:
[0:4]
output length
uint32
Number of random bytes to generate (big-endian)
[4:]
personalization
bytes
Optional personalization data to influence the RNG output
Output
random bytes
bytes
Securely generated random bytes of the requested length
Use cases
Fair randomness in games, lotteries, and raffles
Shuffling hidden card decks or secret orderings
Generating nonces for on-chain cryptographic operations
Solidity example
ECDH (0x65)
0x65)Elliptic Curve Diffie-Hellman key agreement on the secp256k1 curve, followed by HKDF key derivation. Given a private key and a public key, produces a derived AES-256 key that both parties can independently compute. This is the foundation for encrypted communication between a contract and a user.
The output is a derived AES key, not the raw ECDH shared secret. The precompile internally runs ECDH followed by HKDF-SHA256 to produce a key suitable for AES-256-GCM encryption.
Input
Raw bytes in the following layout (65 bytes total):
[0:32]
private key
bytes32
secp256k1 private key (32 bytes)
[32:65]
public key
bytes33
Compressed secp256k1 public key (33 bytes)
Output
derived key
bytes32
A 32-byte AES key derived via ECDH + HKDF
Use cases
Key agreement between a contract and a user for encrypting event data
Establishing shared encryption keys for private communication channels
Enabling per-recipient encryption of on-chain data
Solidity example
AES-GCM Encrypt (0x66)
0x66)Encrypt data using AES-256-GCM (Galois/Counter Mode) authenticated encryption. Produces ciphertext with an appended authentication tag that guarantees integrity and authenticity.
Only AES-256 is supported. The key must be exactly 32 bytes.
Input
Raw bytes in the following layout:
[0:32]
key
bytes32
AES-256 key (32 bytes)
[32:44]
nonce
bytes12
Initialization vector (12 bytes)
[44:]
plaintext
bytes
The data to encrypt
Output
ciphertext + auth tag
bytes
Encrypted data concatenated with authentication tag
Use cases
Encrypting sensitive event parameters before emission
Building encrypted storage helpers
Encrypting messages or data for specific recipients
Solidity example
See CryptoUtils.sol for the production implementation.
AES-GCM Decrypt (0x67)
0x67)Decrypt data that was encrypted with AES-256-GCM. Verifies the authentication tag before returning the plaintext. If the tag does not match (indicating tampering or wrong key), the call fails.
Input
Raw bytes in the following layout:
[0:32]
key
bytes32
AES-256 key (must match the key used for encryption)
[32:44]
nonce
bytes12
Initialization vector (12 bytes)
[44:]
ciphertext + auth tag
bytes
Encrypted data concatenated with authentication tag
Output
plaintext
bytes
Decrypted data
Use cases
On-chain decryption of previously encrypted data
Decrypting messages from other contracts or users
Verifying and reading encrypted event data within a contract
Solidity example
HKDF (0x68)
0x68)HMAC-based Key Derivation Function (RFC 5869). Derives a 32-byte cryptographic key from input key material. Commonly used to turn a shared secret (from ECDH) into an encryption key suitable for AES-GCM.
The Seismic HKDF precompile uses hardcoded parameters: salt is None, info is a fixed internal string, and the output is always 32 bytes. The only user-supplied input is the raw key material.
Input
input key material
bytes
The source key material (e.g., raw ECDH shared point)
Output
derived key
bytes32
The derived 32-byte key
Use cases
Deriving AES encryption keys from shared secrets
Key derivation with domain separation
Solidity example
secp256k1 Sign (0x69)
0x69)Sign a 32-byte message hash using a secp256k1 private key. Produces a 65-byte signature in the (r, s, v) format. This allows contracts to generate signatures on-chain -- something that is normally only possible off-chain with a user's wallet.
This precompile gives the contract the ability to sign arbitrary messages. The private key used must be one the contract has access to (e.g., derived from a seed stored in shielded storage). It does not use the caller's private key.
Input
Raw bytes in the following layout (64 bytes total):
[0:32]
private key
bytes32
The secp256k1 private key (32 bytes)
[32:64]
message hash
bytes32
The 32-byte hash of the message to sign
Output
signature
bytes65
The signature in (r, s, v) format
Use cases
Generating on-chain attestations or proofs
Building contracts that can act as signers (e.g., smart-contract wallets)
Creating signed messages for cross-chain verification
Solidity example
Common pattern: Encrypted events
A frequent use of the precompiles is encrypting event data so that only the intended recipient can read it. The typical flow chains ECDH and AES-GCM Encrypt together:
For a complete walkthrough of this pattern, see Events.
Last updated