HKDF

HMAC-based Key Derivation Function (RFC 5869). Derives a 32-byte cryptographic key from input key material. Commonly used to turn a shared secret (from ECDH) into an encryption key suitable for AES-GCM.

The Seismic HKDF precompile uses hardcoded parameters: salt is None, info is a fixed internal string, and the output is always 32 bytes. The only user-supplied input is the raw key material.

Input

Field

Type

Description

input key material

bytes

Source key material (e.g., raw ECDH shared point)

Output

Bytes

Type

Description

derived key

32 bytes

Derived key material

Use cases

Deriving AES encryption keys from shared secrets
Key derivation with domain separation

Examples

Built-in helper

function hkdf(bytes memory input) view returns (bytes32);

bytes32 derivedKey = hkdf(inputKeyMaterial);

Manual usage

function deriveKey(bytes memory ikm) internal view returns (bytes32) {
    (bool success, bytes memory result) = address(0x68).staticcall(ikm);
    require(success, "HKDF precompile failed");
    require(result.length == 32, "Invalid HKDF output length");
    return bytes32(result);
}

PreviousAES-GCM Decrypt Nextsecp256k1 Sign

Last updated 4 hours ago

hashtagInput

hashtagOutput

hashtagUse cases

hashtagExamples

hashtagBuilt-in helper

hashtagManual usage