Nodejs Keccak256
Stop silent Ethereum hash mismatches by using Keccak-256 (ethers/viem) instead of Node crypto sha3-256 for selectors, topics, and packed hashes.
Overview
Nodejs-keccak256 is an agent skill for the Build phase that prevents Ethereum hashing bugs by using Keccak-256 via ethers or viem instead of Node crypto sha3-256.
Install
npx skills add https://github.com/affaan-m/everything-claude-code --skill nodejs-keccak256What is this skill?
- Explains Node sha3-256 is NIST SHA3—not Ethereum Keccak—with no runtime warning
- Side-by-side hex mismatch demo for the same UTF-8 input
- ethers v6: keccak256, id for event topics, solidityPackedKeccak256
- viem keccak256 patterns for modern TS stacks
- Explicit when-to-use list: selectors, EIP-712, Merkle, storage slots, address derivation
- Demonstrates nistSha3 === keccak is false for the same hello input in Node versus ethers
Adoption & trust: 3k installs on skills.sh; 210k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
Your TypeScript passes local tests but on-chain selectors, topics, or derived addresses are wrong because Node SHA3-256 was used where Ethereum expects Keccak-256.
Who is it for?
Indie builders shipping JS/TS wallets, indexers, or agent tools that hash ABI strings, EIP-712 payloads, or storage keys.
Skip if: Pure off-chain apps with no Ethereum hashing, or Rust/Solidity-only pipelines that never touch Node crypto for chain digests.
When should I use this skill?
Computing Ethereum function selectors, event topics, EIP-712, Merkle, storage slots, or reviewing JS/TS that hashes chain data with Node crypto.
What do I get? / Deliverables
Hashing code uses ethers or viem Keccak for selectors, topics, packed structs, and related helpers so signatures and contract calls match chain semantics.
- Correct Keccak-256 calls for selectors, topics, and packed hashing
- Review notes flagging any crypto.createHash('sha3-256') in Web3 paths
Recommended Skills
Journey fit
Build is where JS/TS backends and wallet flows compute hashes; wrong primitives break contracts before ship. Backend subphase covers Node crypto misuse in servers, scripts, and agent-generated Web3 helpers.
How it compares
Chain-correct crypto cookbook—not a general security audit or test runner skill.
Common Questions / FAQ
Who is nodejs-keccak256 for?
Solo developers building Ethereum-related Node, Bun, or agent-generated TS/JS who might default to crypto.createHash without knowing the Keccak vs SHA3 split.
When should I use nodejs-keccak256?
During Build/backend while implementing selectors, event topics, EIP-712, Merkle roots, storage slots, or address derivation; during Ship/review when auditing any createHash('sha3-256') in Web3 code.
Is nodejs-keccak256 safe to install?
It is reference and code-pattern guidance; review the Security Audits panel on this Prism page and pin trusted ethers/viem versions in your repo.
SKILL.md
READMESKILL.md - Nodejs Keccak256
# Node.js Keccak-256 Ethereum uses Keccak-256, not the NIST-standardized SHA3 variant exposed by Node's `crypto.createHash('sha3-256')`. ## When to Use - Computing Ethereum function selectors or event topics - Building EIP-712, signature, Merkle, or storage-slot helpers in JS/TS - Reviewing any code that hashes Ethereum data with Node crypto directly ## How It Works The two algorithms produce different outputs for the same input, and Node will not warn you. ```javascript import crypto from 'crypto'; import { keccak256, toUtf8Bytes } from 'ethers'; const data = 'hello'; const nistSha3 = crypto.createHash('sha3-256').update(data).digest('hex'); const keccak = keccak256(toUtf8Bytes(data)).slice(2); console.log(nistSha3 === keccak); // false ``` ## Examples ### ethers v6 ```typescript import { keccak256, toUtf8Bytes, solidityPackedKeccak256, id } from 'ethers'; const hash = keccak256(new Uint8Array([0x01, 0x02])); const hash2 = keccak256(toUtf8Bytes('hello')); const topic = id('Transfer(address,address,uint256)'); const packed = solidityPackedKeccak256( ['address', 'uint256'], ['0x742d35Cc6634C0532925a3b8D4C9B569890FaC1c', 100n], ); ``` ### viem ```typescript import { keccak256, toBytes } from 'viem'; const hash = keccak256(toBytes('hello')); ``` ### web3.js ```javascript const hash = web3.utils.keccak256('hello'); const packed = web3.utils.soliditySha3( { type: 'address', value: '0x742d35Cc6634C0532925a3b8D4C9B569890FaC1c' }, { type: 'uint256', value: '100' }, ); ``` ### Common patterns ```typescript import { id, keccak256, AbiCoder } from 'ethers'; const selector = id('transfer(address,uint256)').slice(0, 10); const typeHash = keccak256(toUtf8Bytes('Transfer(address from,address to,uint256 value)')); function getMappingSlot(key: string, mappingSlot: number): string { return keccak256( AbiCoder.defaultAbiCoder().encode(['address', 'uint256'], [key, mappingSlot]), ); } ``` ### Address from public key ```typescript import { keccak256 } from 'ethers'; function pubkeyToAddress(pubkeyBytes: Uint8Array): string { const hash = keccak256(pubkeyBytes.slice(1)); return '0x' + hash.slice(-40); } ``` ### Audit your codebase ```bash grep -rn "createHash.*sha3" --include="*.ts" --include="*.js" --exclude-dir=node_modules . grep -rn "keccak256" --include="*.ts" --include="*.js" . | grep -v node_modules ``` ## Rule For Ethereum contexts, never use `crypto.createHash('sha3-256')`. Use Keccak-aware helpers from `ethers`, `viem`, `web3`, or another explicit Keccak implementation.