Overview
The MUFL environment provides a range of pre-defined functions called primitives. The tables in this topic describe all the primitives available in MUFL.
Basic Primitives
| Name | Signature | Description |
|---|---|---|
| _print | arguments: any… -> nil | Prints arguments to the output buffer |
| _e_print | arguments: any… -> nil | Prints arguments to the error output buffer |
| _abort_transaction | error_message: str -> nil | Aborts the transaction execution with the provided error message |
| _assert | condition: bool -> nil | (Test scripts only) Asserts the given value is true, otherwise aborts the evaluation |
| _get_code_id | - -> hash_code | Returns a hash code of the current MUFL application |
| _get_container_id | - -> global_id | Returns the ID of the current MUFL packet |
| _get_state_id | - -> hash_code | Returns a hash code of the current packet state |
| _new_id | salt: str -> global_id | Generates a new random 32-byte global ID |
| _random_integer | max: int -> int | Returns a random integer in the range [0, max). Aborts unless max is positive |
| _typeof | value: any -> str | Returns the underlying domain name of the given value |
| _write | value: any -> bin | Serializes the given value. |
| _root_hash | value: any -> hash_code | Returns the root hash of the given blinded dictionary |
| _value_id | value: any -> hash_code | Returns the hash code of the given value |
| _get_hash_code_metadata | hash: hash_code -> ($hash_type -> <”BL2B”, “S256”, “CNST”>, $hash_shape_version -> ($maj -> int, $min -> int)) | Returns metadata of the given hash code |
| _new_safe_ref | - -> saferef | Generates a new safe reference |
| _reg_match | reg_expr: str, string: str -> (str[] |nil) | Returns list of matches of the regular expression (POSIX extended syntax) in the string. NIL if no matches found. Matching is deterministic across platforms and bounded against catastrophic backtracking — an excessively costly pattern is rejected with an error rather than hanging. A capture group that does not participate in the match yields an empty string |
| _count | value: any -> int | Returns NIL if the value is integral or the size/length of the value of dictionaries, strings, and binaries |
| _has | dict: any, key: any -> bool | Checks whether the given dictionary contains a value with the given key |
| _get_bit | bit_index: int, value: int -> int | Returns the value of the bit at the given index of the given integer value |
| _validate_global_id_string | _validate_global_id_string (_get_container_id()) | Returns whether the given string has a correct length and HEX structure |
| _is_test_mode | - -> bool | Returns whether the environment was initialized in a test mode |
| _get_platform_type_id | - -> int | Returns the type ID of the current platform |
| _get_nitro_platform_type_id | - -> int | Returns the type ID of the AWS Nitro Enclaves platform |
| _get_wasm_platform_type_id | - -> int | Returns the type ID of the WASM platform |
| _get_native_platform_type_id | - -> int | Returns the type ID of the native platform |
Domain Binary Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _binary_slice | binary_value: bin, start: int, length: int -> bin | Extracts a slice of the given length from the given binary starting at the given index | _binary_slice 0xabcd 2 2 |
| _binlen | binary_value: bin -> int | Returns the length of the given binary | _binlen 0xabcd |
| _examine_binary | hex_string: str -> str | Decodes the given hex string and inspects the serialized value it encodes, returning a human-readable string description (useful for debugging serialized data). Rejects input of odd length or containing a non-hex character, and caps the decoded size at 1,048,576 bytes (1 MiB) | _examine_binary (_hex_string_from_binary (_write 10)) |
Conversions Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _byte_to_hex | byte: int -> bin | Converts the given integer byte to binary | _byte_to_hex 56 |
| _hex_string_to_binary | hex_string: str -> bin | Parses the given HEX string into a binary | _hex_string_to_binary “0xabcd” |
| _hex_string_from_binary | binary_value: bin -> str | Converts the given binary into a hex string | _hex_string_from_binary 0xabcd |
| _number_to_binary | number: int -> bin | Converts the given number into a binary | _number_to_binary 12345678 |
| _binary_to_number | binary_value: bin -> int | Converts the binary to decimal number | _binary_to_number 0xabcd |
| _string_to_binary | string: str -> bin | Converts the given string into a binary byte by byte | _string_to_binary “Hello world!” |
| _binary_as_ascii_string | binary_value: bin -> str | Converts the given binary into an ASCII string | _binary_as_ascii_string 0x48656C6C6F20776F726C642100 |
| _hash_code_to_binary | hash: hash_code -> bin | Converts the given hash code value into a binary | _hash_code_to_binary (_value_id 5) |
| _binary_to_hash_code | binary_value: bin -> hash_code | Converts the binary value into a hash code in case it has the correct length | _binary_to_hash_code (_hash_code_to_binary (_value_id 5)) |
Crypto Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _ecc_c25519_sign | message: str, secret_key: str -> str+ | Calculates the ECC C25519 signature with the given secret key | _ecc_c25519_sign message secret_key |
| _ecc_c25519_verify | signature: str, message: str, public_key: str -> bool | Verifies the ECC C25519 signature | _ecc_c25519_verify signature message public_key |
| _ecc_c25519_create_key | seed_hex: str -> [str, str] | Generates a new ECC C25519 keypair [public_key, secret_key] with the 32 bytes long given seed | _ecc_c25519_create_key (_hex_string_from_binary (_hash_code_to_binary (_value_id NIL))) |
| _generate_totp_key | params: (str -» any) | nil -> (str -» any) | Generates a TOTP secret-key dictionary. Accepts an optional parameters dictionary (or NIL for defaults) with keys digits (code length, 1–16, default 6), period (seconds, default 30), key_length (key size in bits, a multiple of 8 in the range (0, 1024], default 256), and algorithm (one of "SHA1", "SHA256", "SHA512", default "SHA1"). Returns a dictionary with fields $digits, $period, $seckey, and $algorithm. Out-of-range parameters are rejected |
_generate_totp_key NIL |
| _generate_totp_code | totp_key: (str -» any), timestamp: time -> str | Generates the time-based one-time password (TOTP) code for the given TOTP key dictionary (as returned by _generate_totp_key) at the given timestamp. Requires digits in 1–16 and period in 1–2147483647 |
_generate_totp_code totp_key timestamp |
Removed: the RSA primitives (
_rsa_*, including the 1024/2048/4096-bit variants) are no longer available. Code that relied on them must migrate to another scheme.
Dangerous Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _read | serialized_value: bin -> any | Deserializes the given serialized value | _read (_write 10) |
For more information, refer to Handling Dangerous Primitives.
AWS Nitro Enclaves Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _enclave_get_ad | user_data_hash: hash_code, nonce: bin, public_key: bin -> str | Generates an AWS Nitro Enclaves attestation document | _enclave_get_ad (_value_id NIL) NIL NIL |
| _enclave_unseal_ad_json | ad: str, timestamp: time -> str | Parses and validates the given AWS Nitro Enclaves attestation document | _enclave_unseal_ad_json ad timestamp |
Ethereum Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _eth_public_from_private | private_key: bin -> bin | Derives a public key from the given private key | _eth_public_from_private private_key |
| _eth_address_from_public | public_key: bin -> bin | Calculates an Ethereum address from the given public key | _eth_address_from_public public_key |
| _eth_seed_from_mnemonic | mnemonic_phrase: str -> bin | Calculates a seed from the given mnemonic phrase | _eth_seed_from_mnemonic mnemonic_phrase |
| _eth_seed_from_mnemonic_with_passphrase | mnemonic_phrase: str, passphrase: str -> bin | Calculates a seed from the given mnemonic phrase and an additional passphrase | _eth_seed_from_mnemonic_with_passphrase mnemonic_phrase passphrase |
| _eth_generate_mnemonic | length: int -> str | Generates a random mnemonic phrase of the given length | _eth_generate_mnemonic 12 |
| _eth_generate_mnemonic_from_entropy | entropy: bin -> str | Generates a mnemonic phrase from the given entropy in a deterministic way | _eth_generate_mnemonic_from_entropy (_hash_code_to_binary (_value_id NIL)) |
| _eth_extended_root_key_from_seed | seed: bin, chain_id: int+ -> str | Generates a Base-58 encoded extended root private key from the given seed | _eth_extended_root_key_from_seed seed |
| _eth_extract_private_from_extended | extended_key_base_58: str -> bin | Extracts an Ethereum private key from the given extended root key | _eth_extract_public_from_extended extended_key |
| _eth_extract_public_from_extended | extended_key_base_58: str -> bin | Extracts an Ethereum public key from the given extended root key | _eth_extract_public_from_extended extended_key |
| _eth_extended_public_from_extended_private | extended_private_base_58: str -> bin | Calculates an extended public key from the given extended private key | _eth_extended_public_from_extended_private extended_private_key |
| _eth_derive_private_key | extended_private_base_58: str, array: int[], depth: int -> str | Derives a new extended private key from the given extended private key | _eth_derive_private_key extended_private [0,0,0,1] 0 |
| _eth_derive_public_key | extended_key_base_58: str, array: int[], depth: int -> str | Derives a new extended public key from the given extended private/public key | _eth_derive_public_key extended_key [0,0,1] 0 |
| _eth_hardened | index: int -> int | Calculates a hardened Ethereum index from the given index | _eth_hardened 0 |
| _eth_sign | private_key: bin, transaction: eth_transaction, chain_id: int+ -> bin | Calculates a signature of the given Ethereum transaction with the given private key | _eth_sign private_key transaction NIL |
| _rlp_decode | rlp_encoded_binary: bin -> any | Decodes the given RLP decoded value | _rlp_decode rlp_encoded_binary |
| _eth_parse_signature | signature: bin -> eth_transaction_signed | Parses the given Ethereum signature. This primitives does not validate the signature | _eth_parse_signature eth_signature |
| _eth_validate_and_parse_signature | signature: bin, public_key: bin -> eth_transaction_signed | Parses the given signature and validates it against the given public key | _eth_validate_and_parse_signature eth_signature public_key |
| _eth_compress_public | decompressed_public_key: bin -> bin | Calculates a compressed public key from the given public key | _eth_compress_public decompressed_public_key |
| _eth_decompress_public | public_key: bin -> bin | Calculates a decompressed public key from the given public key | _eth_decompress_public public_key |
Chain IDs. Wherever a
chain_idargument appears (_eth_extended_root_key_from_seed,_eth_sign, and related functions), it accepts any positive integer, giving full EIP-155 support for arbitrary EVM networks (for example Sepolia11155111, Optimism10, BSC56, Polygon137, Base8453, Arbitrum42161). PassingNILselects legacy, pre-EIP-155 signing (where the signaturevvalue is27/28). Achain_idof0is not valid — useNILfor the legacy case.
Deterministic signing.
_eth_signproduces signatures with deterministic nonces (RFC-6979): signing the same transaction with the same private key and chain ID always yields the identical signature, with no dependence on external randomness. Signatures are canonical low-S (EIP-2), and signature validation (_eth_validate_and_parse_signature) rejects non-canonical high-S signatures, so signatures are non-malleable.
JSON Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _to_json | value: any -> str+ | Converts the given value to JSON string or returns NIL on failure |
_to_json ($hello -> 1, $world -> TRUE) |
| _to_json_with_limits | limits_dict: (str -» int), value: any -> str+ | Converts the given value to JSON string with imposed limits or returns NIL on failure |
_to_json_with_limits ($ws -> 1000, $depth -> 1000, $strlen -> 1000, $keylen -> 1000, $items -> 1000) |
| _to_json_or_abort | value: any -> str | Converts the given value to JSON string or aborts on failure | _to_json_or_abort value |
| _from_json | json_string: str -> any | Parses the given JSON string into a MUFL value or returns NIL on failure |
_from_json “{"hello": 1}” |
| _from_json_with_limits | limits_dict: (str -» int), json_string: str -> any | Parses the given JSON string into a MUFL value with imposed limits or returns NIL on failure |
_from_json_with_limits limits value |
| _from_json_or_abort | json_string: str -> any | Parses the given JSON string into a MUFL value or aborts on failure | _from_json_or_abort json_string |
String Operation Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _str | value: any -> str | Converts the given value to its string representation | _str ($hello -> 1, $world -> ($nested -> TRUE)) |
| _str_is_number | string: str -> bool | Checks whether the given string represents an integer in the signed 64-bit range. Returns FALSE for non-numeric strings and for values outside that range |
_str_is_number “1000” |
| _str_to_number | string: str -> int | Converts the given string to the corresponding integer. Aborts if the string is not a valid number or lies outside the signed 64-bit range | _str_to_number “1000” |
| _str_from_number | number: int -> str | Converts the given number to its string representation | _str_from_number 1000 |
| _substr | string: str, start: int, length: int -> str | Returns a substring of the given string starting at the given index with the given length | _substr “Hello world!” 0 5 |
| _str_find | string: str, substring: str, start_pos: int -> int | Searches for the given substring in the given string starting from the given position | _str_find “Hello world!” “world” 2 |
| _str_left | string: str, count: int -> str | Returns a substring of the given string consisting of the first |
_str_left “Hello world” 5 |
| _str_right | string: str, count int -> str | Returns a substring of the given string consisting of the last |
_str_right “Hello world” 5 |
| _str_trim_left | string: str -> str | Trims all the whitespaces from the given string from the left | _str_trim_left “ Hello world” |
| _str_trim_right | string: str -> str | Trims all the whitespaces from the given string from the right | _str_trim_right “Hello world “ |
| _str_trim | string: str -> str | Trims all the whitespaces from the given string from both left and right | _str_trim “ Hello world “ |
| _str_cut | string: str, len: int -> str[] | Cuts the given string into a pieces of the given length | _str_cut “Hello world” 6 |
| _str_to_lower | string: str -> str | Converts all the characters in the given string to lowercase | _str_to_lower “Hello WORLD” |
| _str_split | separator: str, string: str -> str[] | Splits the given string into a list of two strings - the first with characters up to the first occurrence of the given separator in one string and the remainder of the given string in the second. The separator must be a single character. | _str_split “ “ “Hello world” |
| _strlen | string: str -> int | Returns the length of the given string | _strlen “Hello world” |
Time Primitives
| Name | Signature | Description | Example |
|---|---|---|---|
| _parse_time | time_str: str -> time | Parses the time string into a value of domain TIME | _parse_time “2022-01-01 00:00:00.123456789 (UTC+2)” |
| _time_from_seconds_and_nanoseconds_since_epoch | seconds: int, nanoseconds: int -> time | Constructs a value of domain TIME from the given values of seconds and nanoseconds since epoch | _time_from_seconds_and_nanoseconds_since_epoch 1234 112233 |
| _substract_seconds | lhs: time, rhs: time -> int | Returns the result in seconds of subtracting of the right-hand side time point from the left-hand side time point | _substract_seconds time1 time2 |
| _substract_additional_nanoseconds | lhs: time, rhs: time -> int | Returns an additional difference in nanoseconds after executing the _substract_seconds lhs rhs |
_substract_additional_nanoseconds time1 time2 |
| _get_year | time_point: time -> int | Extracts the four-digit year from the given time point | _get_year t |
| _get_month | time_point: time -> int | Extracts the month (1-12) from the given time point | _get_month t |
| _get_day_of_year | time_point: time -> int | Extracts the day of year (1-365) from the given time point | _get_day_of_year t |
| _get_day_of_month | time_point: time -> int | Extracts the day of the month (1-31) from the given time point | _get_day_of_month t |
| _get_day_of_week | time_point: time -> int | Extracts the day of the week (0-6) from the given time point | _get_day_of_week t |
| _get_hours | time_point: time -> int | Extracts hours (0-23) from the given time point | _get_hours t |
| _get_minutes | time_point: time -> int | Extracts minutes (0-59) from the given time point | _get_minutes t |
| _get_seconds | time_point: time -> int | Extracts seconds (0-59) from the given time point | _get_minutes t |
| _get_nanoseconds | time_point: time -> int | Extracts nanoseconds from the given time point | _get_nanoseconds t |
| _get_seconds_since_epoch | time_point: time -> int | Converts the given time point to the number of seconds since epoch | _get_seconds_since_epoch |