# WebAssembly Cryptography Module Scripts

This directory contains example scripts and documentation for the WebAssembly Cryptography Module's scripting and messaging capabilities.

## Directory Structure

- `rhai/`: Example Rhai scripts that demonstrate the cryptographic operations
- `examples/`: Documentation and code examples for messaging system integration

## Rhai Scripts

The `rhai/` directory contains example Rhai scripts that can be executed using the CLI:

```bash
hero-vault scripts/rhai/example.rhai
```

These scripts demonstrate how to use the cryptographic functions exposed to the Rhai scripting engine, including:

- Key space management
- Keypair operations
- Signing and verification
- Symmetric encryption and decryption
- Ethereum wallet operations

## Messaging Examples

The `examples/` directory contains documentation and code examples for integrating the WebAssembly Cryptography Module with messaging systems:

- `mycelium_example.md`: Example of using Mycelium for peer-to-peer, end-to-end encrypted messaging
- `nats_example.md`: Example of using NATS for high-performance, client-server messaging

These examples demonstrate how to:

1. Start a listener for remote script execution
2. Send scripts from remote systems
3. Process the results of script execution
4. Implement security measures for remote execution

## Creating Your Own Scripts

You can create your own Rhai scripts to automate cryptographic operations. The following functions are available in the scripting API:

### Key Space Management

- `create_key_space(name, password)`: Create a new key space with password
- `encrypt_key_space(password)`: Encrypt the current key space
- `decrypt_key_space(encrypted, password)`: Decrypt and load a key space

### Keypair Operations

- `create_keypair(name, password)`: Create a new keypair
- `select_keypair(name)`: Select a keypair for use
- `list_keypairs()`: List all keypairs in the current space

### Cryptographic Operations

- `sign(message)`: Sign a message with the selected keypair
- `verify(message, signature)`: Verify a signature
- `generate_key()`: Generate a symmetric key
- `encrypt(key, message)`: Encrypt a message with a symmetric key
- `decrypt(key, ciphertext)`: Decrypt a message with a symmetric key

### Ethereum Operations

- `create_ethereum_wallet()`: Create an Ethereum wallet
- `get_ethereum_address()`: Get the Ethereum address of the current wallet

## Security Considerations

When using scripts, especially with remote execution via messaging systems, consider the following security measures:

1. **Script Validation**: Validate scripts before execution to prevent malicious code
2. **Resource Limits**: Set appropriate limits on script execution to prevent denial of service
3. **Authentication**: Ensure that only authorized users or systems can execute scripts
4. **Sensitive Data**: Be careful about what data is returned in script results
5. **Encryption**: Use encrypted communication channels for remote script execution