refactor: hashing to @noble/hashes

backends/CLNRest.ts

@@ -3,7 +3,7 @@ import TransactionRequest from '../models/TransactionRequest';
 import OpenChannelRequest from '../models/OpenChannelRequest';
 import VersionUtils from '../utils/VersionUtils';
 import Base64Utils from '../utils/Base64Utils';
-import { Hash as sha256Hash } from 'fast-sha256';
+import { sha256 } from '@noble/hashes/sha256';
 import BigNumber from 'bignumber.js';
 import {
     getBalance,
@@ -421,9 +421,7 @@ export default class CLNRest {
     lnurlAuth = async (r_hash: string) => {
         const signed = await this.signMessage(r_hash);
         return {
-            signature: new sha256Hash()
-                .update(Base64Utils.stringToUint8Array(signed.signature))
-                .digest()
+            signature: sha256(Base64Utils.stringToUint8Array(signed.signature))
         };
     };
 

backends/LNC/credentialStore.ts

@@ -1,11 +1,12 @@
 import Storage from '../../storage';
 import { CredentialStore } from '../../zeus_modules/@lightninglabs/lnc-rn';
-import hashjs from 'hash.js';
+import { sha256 } from '@noble/hashes/sha256';
+import { bytesToHex, utf8ToBytes } from '@noble/hashes/utils';
 
 const LNC_STORAGE_KEY = 'lnc-rn';
 
 const hash = (stringToHash: string) =>
-    hashjs.sha256().update(stringToHash).digest('hex');
+    bytesToHex(sha256(utf8ToBytes(stringToHash)));
 
 /**
  * A wrapper around `Storage` used to store sensitive data required

backends/LND.ts

@@ -5,7 +5,7 @@ import OpenChannelRequest from './../models/OpenChannelRequest';
 import Base64Utils from './../utils/Base64Utils';
 import VersionUtils from './../utils/VersionUtils';
 import { localeString } from './../utils/LocaleUtils';
-import { Hash as sha256Hash } from 'fast-sha256';
+import { sha256 } from '@noble/hashes/sha256';
 import BigNumber from 'bignumber.js';
 
 interface Headers {
@@ -700,9 +700,7 @@ export default class LND {
     lnurlAuth = async (r_hash: string) => {
         const signed = await this.signMessage(r_hash);
         return {
-            signature: new sha256Hash()
-                .update(Base64Utils.stringToUint8Array(signed.signature))
-                .digest()
+            signature: sha256(Base64Utils.stringToUint8Array(signed.signature))
         };
     };
     lookupInvoice = (data: any) =>

backends/LdkNode.ts

@@ -6,7 +6,7 @@
 
 import BigNumber from 'bignumber.js';
 import bolt11 from 'bolt11';
-import { Hash as sha256Hash } from 'fast-sha256';
+import { sha256 } from '@noble/hashes/sha256';
 
 import libraryVersions from '../fetch-libraries-versions.json';
 import LdkNodeInjection from '../ldknode/LdkNodeInjection';
@@ -1787,9 +1787,7 @@ export default class LdkNode {
     lnurlAuth = async (r_hash: string) => {
         const signed = await this.signMessage(r_hash);
         return {
-            signature: new sha256Hash()
-                .update(Base64Utils.stringToUint8Array(signed.signature))
-                .digest()
+            signature: sha256(Base64Utils.stringToUint8Array(signed.signature))
         };
     };
 

backends/LightningNodeConnect.ts

@@ -12,7 +12,7 @@ import Base64Utils from '../utils/Base64Utils';
 import { snakeize } from '../utils/DataFormatUtils';
 import VersionUtils from '../utils/VersionUtils';
 
-import { Hash as sha256Hash } from 'fast-sha256';
+import { sha256 } from '@noble/hashes/sha256';
 import BigNumber from 'bignumber.js';
 
 const ADDRESS_TYPES = [
@@ -614,9 +614,7 @@ export default class LightningNodeConnect {
     lnurlAuth = async (r_hash: string) => {
         const signed = await this.signMessage(r_hash);
         return {
-            signature: new sha256Hash()
-                .update(Base64Utils.stringToUint8Array(signed.signature))
-                .digest()
+            signature: sha256(Base64Utils.stringToUint8Array(signed.signature))
         };
     };
     lookupInvoice = async (data: any) =>

backends/LndHub.ts

@@ -5,7 +5,7 @@ import { settingsStore } from '../stores/Stores';
 import LND from './LND';
 import LoginRequest from './../models/LoginRequest';
 import Base64Utils from './../utils/Base64Utils';
-import { Hash as sha256Hash } from 'fast-sha256';
+import { sha256 } from '@noble/hashes/sha256';
 const EC = require('elliptic').ec;
 const ec = new EC('secp256k1');
 
@@ -79,27 +79,21 @@ export default class LndHub extends LND {
             amount: data.amt
         });
     lnurlAuth = (message: string) => {
-        const messageHash = new sha256Hash()
-            .update(Base64Utils.stringToUint8Array(message))
-            .digest();
+        const messageHash = sha256(Base64Utils.stringToUint8Array(message));
 
         let signed, signature, key, linkingKeyPair;
         switch (settingsStore.settings.lndHubLnAuthMode || 'Alby') {
             case 'Alby':
-                key = new sha256Hash()
-                    .update(
-                        Base64Utils.stringToUint8Array(
-                            `lndhub://${settingsStore.username}:${settingsStore.password}`
-                        )
+                key = sha256(
+                    Base64Utils.stringToUint8Array(
+                        `lndhub://${settingsStore.username}:${settingsStore.password}`
                     )
-                    .digest();
+                );
                 linkingKeyPair = ec.keyFromPrivate(key, true);
                 signed = linkingKeyPair
                     .sign(messageHash, { canonical: true })
                     .toDER('hex');
-                signature = new sha256Hash()
-                    .update(Base64Utils.stringToUint8Array(signed))
-                    .digest();
+                signature = sha256(Base64Utils.stringToUint8Array(signed));
                 break;
             case 'BlueWallet':
                 signature = Base64Utils.stringToUint8Array(

components/NodeIdenticon.tsx

@@ -1,13 +1,13 @@
 import * as React from 'react';
 import { View } from 'react-native';
 import Identicon from 'identicon.js';
+import { sha1 } from '@noble/hashes/legacy';
+import { bytesToHex, utf8ToBytes } from '@noble/hashes/utils';
 import { SvgXml } from 'react-native-svg';
 
 import Base64Utils from './../utils/Base64Utils';
 import PrivacyUtils from './../utils/PrivacyUtils';
 
-const hash = require('object-hash');
-
 export const NodeTitle = (selectedNode: any, overrideSensitivity = false) => {
     const displayName =
         selectedNode && selectedNode.nickname
@@ -63,7 +63,11 @@ export default function NodeIdenticon({
     })();
 
     const data = new Identicon(
-        hash.sha1(stableIdentity),
+        bytesToHex(
+            sha1(
+                utf8ToBytes(`string:${stableIdentity.length}:${stableIdentity}`)
+            )
+        ),
         // @ts-ignore:next-line
         {
             background: [255, 255, 255, 255],

components/QRCodeScanner.tsx

@@ -15,6 +15,8 @@ import {
     useCameraDevice,
     useCodeScanner
 } from 'react-native-vision-camera';
+import { sha256 } from '@noble/hashes/sha256';
+import { bytesToHex, utf8ToBytes } from '@noble/hashes/utils';
 import { launchImageLibrary } from 'react-native-image-picker';
 import { NativeStackNavigationProp } from '@react-navigation/native-stack';
 
@@ -32,8 +34,6 @@ import GalleryIcon from '../assets/images/SVG/Gallery.svg';
 import { Gesture, GestureDetector } from 'react-native-gesture-handler';
 import { runOnJS } from 'react-native-reanimated';
 
-const createHash = require('create-hash');
-
 interface QRProps {
     text?: string;
     handleQRScanned: (data: string) => void;
@@ -81,7 +81,7 @@ export default function QRCodeScanner({
     const device = useCameraDevice('back');
 
     const handleRead = (data: any) => {
-        const hash = createHash('sha256').update(data).digest().toString('hex');
+        const hash = bytesToHex(sha256(utf8ToBytes(String(data))));
         if (scannedCache.current.has(hash)) {
             // this QR was already scanned, let's prevent firing duplicate callbacks
             return;

package.json

@@ -18,7 +18,10 @@
     ],
     "moduleNameMapper": {
       "^@noble/hashes/_assert$": "<rootDir>/node_modules/@noble/hashes/_assert.js",
+      "^@noble/hashes/hmac$": "<rootDir>/node_modules/@noble/hashes/hmac.js",
+      "^@noble/hashes/legacy$": "<rootDir>/node_modules/@noble/hashes/legacy.js",
       "^@noble/hashes/pbkdf2$": "<rootDir>/node_modules/@noble/hashes/pbkdf2.js",
+      "^@noble/hashes/scrypt$": "<rootDir>/node_modules/@noble/hashes/scrypt.js",
       "^@noble/hashes/sha256$": "<rootDir>/node_modules/@noble/hashes/sha256.js",
       "^@noble/hashes/sha512$": "<rootDir>/node_modules/@noble/hashes/sha512.js",
       "^@noble/hashes/utils$": "<rootDir>/node_modules/@noble/hashes/utils.js"
@@ -50,6 +53,7 @@
     "@keystonehq/bc-ur-registry": "0.7.0",
     "@lightninglabs/lnc-core": "file:zeus_modules/@lightninglabs/lnc-core",
     "@ngraveio/bc-ur": "1.1.12",
+    "@noble/hashes": "1.8.0",
     "@noble/secp256k1": "1.6.3",
     "@nostr-dev-kit/ndk": "2.13.0-rc2",
     "@nostr/tools": "npm:@jsr/nostr__tools",
@@ -84,19 +88,15 @@
     "bolt11": "1.4.1",
     "bs58check": "2.1.2",
     "buffer": "5.6.0",
-    "create-hash": "1.2.0",
     "crypto-js": "4.2.0",
     "dateformat": "5.0.3",
     "ecpair": "3.0.1",
     "elliptic": "6.6.1",
     "events": "1.1.1",
     "fast-crc32c": "2.0.0",
-    "fast-sha256": "1.3.0",
-    "hash.js": "1.1.7",
     "humanize-duration": "3.28.0",
     "identicon.js": "2.3.3",
     "js-lnurl": "0.5.1",
-    "js-sha256": "0.9.0",
     "lodash": "4.18.1",
     "long": "5.2.3",
     "lottie-react-native": "7.3.4",
@@ -105,7 +105,6 @@
     "mobx-react": "6.1.4",
     "moment": "2.29.4",
     "nostr-tools": "1.16.0",
-    "object-hash": "1.3.1",
     "pako": "2.1.0",
     "process": "0.11.10",
     "protobufjs": "7.5.5",
@@ -150,8 +149,6 @@
     "react-native-vision-camera": "4.7.3",
     "react-native-worklets": "0.7.4",
     "readable-stream": "1.0.33",
-    "scrypt-js": "3.0.1",
-    "sha.js": "2.4.12",
     "socket.io-client": "4.7.2",
     "stream-browserify": "1.0.0",
     "text-encoding": "0.7.0",
@@ -172,15 +169,12 @@
     "@react-native/eslint-config": "0.84.0",
     "@react-native/metro-config": "0.84.0",
     "@react-native/typescript-config": "0.84.0",
-    "@types/create-hash": "1.2.2",
     "@types/crypto-js": "4.1.1",
     "@types/jest": "29.5.12",
     "@types/lodash": "4.14.198",
-    "@types/object-hash": "1.3.4",
     "@types/pako": "2.0.3",
     "@types/react": "19.1.1",
     "@types/react-test-renderer": "19.1.0",
-    "@types/sha.js": "2.4.1",
     "@types/uuid": "9.0.8",
     "@typescript-eslint/eslint-plugin": "8.36.0",
     "@typescript-eslint/parser": "8.36.0",

stores/LightningAddressStore.ts

@@ -7,15 +7,13 @@ import BigNumber from 'bignumber.js';
 import bolt11 from 'bolt11';
 import { io } from 'socket.io-client';
 import { schnorr } from '@noble/curves/secp256k1';
-import { bytesToHex } from '@noble/hashes/utils';
-import hashjs from 'hash.js';
+import { sha256 } from '@noble/hashes/sha256';
+import { bytesToHex, utf8ToBytes } from '@noble/hashes/utils';
 // @ts-ignore:next-line
 import { getPublicKey, relayInit } from 'nostr-tools';
 
 const bip39 = require('bip39');
 
-import { sha256 } from 'js-sha256';
-
 import CashuStore from './CashuStore';
 import NodeInfoStore from './NodeInfoStore';
 import SettingsStore from './SettingsStore';
@@ -217,10 +215,9 @@ export default class LightningAddressStore {
                 this.settingsStore?.settings?.lightningAddress?.nostrPrivateKey;
             for (let i = 0; i < preimages.length; i++) {
                 const preimage = preimages[i];
-                const hash = sha256
-                    .create()
-                    .update(Base64Utils.hexToBytes(preimage))
-                    .hex();
+                const hash = bytesToHex(
+                    sha256(Base64Utils.hexToBytes(preimage))
+                );
                 if (nostrPrivateKey) {
                     const pmthash_sig = bytesToHex(
                         schnorr.sign(hash, nostrPrivateKey)
@@ -302,10 +299,7 @@ export default class LightningAddressStore {
 
             const relays_sig = bytesToHex(
                 schnorr.sign(
-                    hashjs
-                        .sha256()
-                        .update(JSON.stringify(relays))
-                        .digest('hex'),
+                    bytesToHex(sha256(utf8ToBytes(JSON.stringify(relays)))),
                     nostrPrivateKey
                 )
             );

stores/LnurlPayStore.ts

@@ -1,8 +1,8 @@
 import { action, runInAction } from 'mobx';
 import { LNURLPaySuccessAction } from 'js-lnurl';
 import { schnorr } from '@noble/curves/secp256k1';
-import { hexToBytes } from '@noble/hashes/utils';
-import hashjs from 'hash.js';
+import { sha256 } from '@noble/hashes/sha256';
+import { bytesToHex, hexToBytes, utf8ToBytes } from '@noble/hashes/utils';
 import {
     nip19,
     // @ts-ignore:next-line
@@ -151,10 +151,7 @@ export default class LnurlPayStore {
                     const relaysBytes = hexToBytes(relays_sig);
                     this.isRelaysSigValid = schnorr.verify(
                         relaysBytes,
-                        hashjs
-                            .sha256()
-                            .update(JSON.stringify(relays))
-                            .digest('hex'),
+                        bytesToHex(sha256(utf8ToBytes(JSON.stringify(relays)))),
                         user_pubkey
                     );
                 }

stores/TransactionsStore.ts

@@ -2,7 +2,8 @@ const bitcoin = require('bitcoinjs-lib');
 
 import { action, observable, runInAction } from 'mobx';
 import { randomBytes } from 'react-native-randombytes';
-import { sha256 } from 'js-sha256';
+import { sha256 } from '@noble/hashes/sha256';
+import { bytesToHex } from '@noble/hashes/utils';
 import ReactNativeBlobUtil from 'react-native-blob-util';
 
 import FundedPsbt from '../models/FundedPsbt';
@@ -592,7 +593,9 @@ export default class TransactionsStore {
         if (pubkey) {
             const preimage = randomBytes(preimageByteLength);
             const secret = preimage.toString('base64');
-            const payment_hash = Base64Utils.hexToBase64(sha256(preimage));
+            const payment_hash = Base64Utils.hexToBase64(
+                bytesToHex(sha256(preimage))
+            );
 
             data.dest = Base64Utils.hexToBase64(pubkey);
             data.dest_custom_records = { [keySendPreimageType]: secret };

utils/VssAuthUtils.ts

@@ -11,7 +11,7 @@
 
 import * as necc from '@noble/secp256k1';
 import { HDKey } from '@scure/bip32';
-import createHash from 'create-hash';
+import { sha256 } from '@noble/hashes/sha256';
 
 // Import noble_ecc to ensure hmacSha256Sync / sha256Sync are configured
 // (required by necc.signSync)
@@ -82,11 +82,13 @@ export function generateVssAuthHeaders(
     const timestampBytes = Buffer.from(timestamp, 'ascii');
 
     // Message: SHA256(SIGNING_CONSTANT || pubkey_bytes || timestamp_ascii)
-    const hash = createHash('sha256');
-    hash.update(SIGNING_CONSTANT);
-    hash.update(Buffer.from(publicKey));
-    hash.update(timestampBytes);
-    const msgHash = new Uint8Array(hash.digest());
+    const msgHash = sha256(
+        Buffer.concat([
+            SIGNING_CONSTANT,
+            Buffer.from(publicKey),
+            timestampBytes
+        ])
+    );
 
     // ECDSA sign (compact 64-byte r||s format)
     const sig = necc.signSync(msgHash, privateKey, { der: false });