Completed: DFINITY Bounty #4: Keccak-256 and SHA3 Motoko Library - $2'000 in ICP


Status: Open
Project Type: Traditional: One applicant is selected to work on the task.
Time Commitment: Days
Experience Level: Intermediate
Size: USD 2’000 in ICP


Since the Internet Computer allows canisters to sign Ethereum transactions, there’s a need to hash those transactions. This is currently not directly possible in canisters written in Motoko. and a workaround like calling the EVM utility canister has to be used.

In this bounty, you will implement two cryptographic hashing algorithms in Motoko. Keccak-256 is the hashing algorithm used for signing Ethereum transactions. It is similar to the standardized SHA-3 but uses a different padding. Hence, it makes sense to include both variations, although the official SHA-3 is not used in Ethereum.

Acceptance Criteria

How to apply?

  • Include links to previous relevant work.
  • Include a brief overview of how you will complete the task.
  • Give an estimated timeline for completing the task.
  • Post your application text in this thread


SHA-3 and Keccak implementations

Examples of cryptographic hashing libraries in Motoko


We’ve been unable to get much traction for this at $4k. Open: - Bounty #14 - Big SHA-KECCAK - $4,000 - #15 by timo.

I’ve been trying to follow up with gitcoin about their pro account and to see if ICDevs can’t get a discount due to our non-profit status, but I haven’t heard back in a timely manner from them. This would get a lot more transactions over in the ETH realm, so hopefully, the latest contact they’ve given me can get back to me.

1 Like

Hello! I am interested in working on this bounty. I can implement the necessary hashing algorithm. I have done something similar for hashing search data. I am unable to include links here. My github profile is ginanisque.
I will be able complete and delive project in aproximately 10 working days.

Hi I am interested in this project and want to implement those hashing algorithms. Just let me know when I can get started. This should be a straightforward task,

Hey @EricLI123,

can you share relevant background, prior work, and your Github account?

@domwoe - thanks for ur reply.
My github account: WenheLI
And I have built a couple of hackathon project about web3 development and got some rewards.
Besides, I am contributors of some well-known open source community like Chromium and TensorFlow.
Let me know if you want to have more info from me.

Hi. I’m interested in working on this bounty. Please see github: timk11 for examples of my work. I’m new to both Motoko and the finer details of hashing algorithms (familiar with the concept) but I plan to put some basic examples of both on my GitHub by the end of the week. I would anticipate completing the task within 30 days of assignment.
(I’ve also posted this on the Gitcoin bounty site - hope the doubling up is OK)

Hey everybody,

based on prior experience, as can be evaluated from the public Gihub profile, we decided to assign this bounty to @EricLI123.

Thank you @ginanisque and @timk11 for your interest.

Thanks for letting us know, and all the best with the project!

1 Like

Btw, I’m not sure you have seen it, but there are more bounties available that haven’t been published on Gitcoin: Bounties - Internet Computer Developer Forum

Thanks. I’ll have a look through that.

I don’t suppose this bounty is still open? I noticed it got cancelled and reopened on Gitcoin. If it is still open, we’d love to sign up. We started a couple days ago to learn Motoko and related tech to see if we’d like it. We managed to get most of the code written in about 3 days (13 hrs). We’re a team of two with not much open source work to show (working on that with this) but we do have 30+ years in software dev and information security behind us. Happy to post our code sooner rather than later if interested.

Also happy to collaborate with @EricLI123 too as we’re more interested in the exercise than the bounty at this point.

Our code is posted on Github at react0r-com/ if it’s useful to someone. Comments and feedback always welcome.

Hey @ray-react0r,

Sorry for the late response. I was on vacation and then on sick leave. The bounty had been assigned and canceled on Gitcoin (and has not been reopened). But both submissions we have now are not from the assigned initial party :slight_smile:

For your contribution, I’m not sure if both, the official SHA3 and Keccak are supported.

Since you forked @quint’s, do you plan to provide a Pull Request to this?

No problem at all on the delay. Hah, interesting situation with the bounty then. It’s a fun exercise so I’m not surprised there are more submissions.

Are you referring to the missing bit modes for SHA3? They’re easy enough to add. Given this was already assigned, I didn’t look at the Keccak variant. I’ll take a look if it’ll be more useful that way.

Yea, I was planning on reaching out to see if they’d want a pull request but haven’t got around to it yet.

So I added the missing 224- and 384-bit hash sizes for SHA3 and Keccak-256. Turns out the padding difference is pretty minor. You only need to use the old 0x01 value for Keccak. NIST updated that to 0x06 for SHA3.

The updates along with all the modes are in the react0r-com/ directory of the Github repo.

1 Like

Hey @hanbu97,

thank you for your contribution as well!

For everyone else, the contribution is here: GitHub - hanbu97/motoko-sha3: Keccak/Sha3 implementation in Motoko.

One thing I noticed is that it would be nice to have a more straightforward example in the readme, e.g.

var sha = SHA3.Keccak(256);
let val = Blob.toArray(Text.encodeUtf8("hello world!"));
let result = sha.finalize();

instead of using a byte array directly.

That would be great. Otherwise, this was only a nice exercise without much impact.

With this and http outcalls would this make doing PoW mining of blockchains using these encryption schemes possible in a canister?

1 Like

Great suggestion, I have made the necessary modifications and pushed the updated version. Thank you!