Minimal Iot platform


I’m looking into Algorand and the uses in Iot.

The platform that I have is quite limited and can only compile code for C/C++.

In this case, what is the best approach to realise a transaction on a test node?

What are the minimal API’s that I shall need to port?


There are many c++ libraries that support REST calls. You could just use one of those and call the Algorand specific REST APIs - Algorand Developer Docs

You may also want to look at AlgoDuino:

It’s in C++ for ESP8266 and ESP32, so it may or may not be useful for you.


I had a look at these, thanks.

REST API are ok but what about the lower level stuff such as signing a wallet, generating a mnemonic etc.?

For that, you would first need to find a crypto library that supports the required operations (essentially SHA512/256 - not just SHA256 -, and ED25519 signatures).

The official code (GitHub - algorand/go-algorand: Algorand's official implementation in Go.) uses libsodium.
To see how accounts are generated, you can pick the SDK of your choice and look at the code.

If libsodium is too large, you may consider using TweetNACL (TweetNaCl: Software) / uNACL (μNaCl – FAQ) for ED25519 operations.
I don’t know a good very small library for SHA512/256 however.

Ok, great.

I have used this one in the past:

Looks like it covers them.

I have also ported duktape - Javascript Engine so I could make a port for JavaScript. Hopefully I can contribute it to the community.

I’m not sure they support SHA-512/256.
SHA-512/256 is SHA-512 with a difference initialization vector and truncated to 256 bits.
It might not be too difficult to tweak the code of SHA-512 to get SHA-512/256

You don’t need SHA-512/256 for normal signing/key generation.
But you need it to:

  • compute the transaction ID
  • compute multikey addresses
  • compute smart contract account addresses from TEAL bytecode
  • in general, any time a hash is used (except the hashed used by ED25519)

Ok, thanks for the clarification.

I will search a bit more on the SHA-512/256 and try and find something suitable.


So far I have created a llibrary for TweetNacl and used parts of the sodium lib for sha512/256.

From sodium: crypto_hash,crypto_auth, crypto_verify and created a customised random.

That should be enough for now right?


If you want to be able to send transaction, you’ll also need crypto_sign.

Regarding randomness generation, this is usually a vert complex operation especially on IoT.
One issue is that it’s almost impossible to test it is done properly and errors can be catastrophic (see e.g., Debian -- Security Information -- DSA-1571-1 openssl).
What source of randomness and algorithms for randomness generation are you using?

Just for the purpose of people stumbling on this post, I want to stress that rand from stdlib.h is completely insecure and should never be used for randomness generation for crypto-related operations.

Thanks for following up.

I was planning to use a hardware random generator but it seem that it’s not exposed on the ARMv7 platform (need to ask R&D that work with Qualcomm).

I’m thinking of using other physical sources such as RF front end etc. to create random generation as a source. Need to look into it a bit further.

I’m using the randombytes_internal_random_buf that uses chacha20.

The code is the same I use I just need to provide a hardware source of randmom generation by randombytes_getentropy

Ok, so there is an API that exposes the hardware random number generator.

I’m good to go :slight_smile:

This is a first cut at a c++ sdk that does signing and such. Still very untested.


I shall have a look at it.

I’m starting to look into this now as the crypto stuff has been sorted.

What platform is this for - Linux?

Developed on a Mac and periodically confirm compatibility with Linux.

I haven’t done multisig yet, and only a few indexer apis. But everything else should work.