Cryptographic Primitives
Algorand Smart Contracts support the set of cryptographic primitives described in the table below. Each of these cryptographic primitives is associated with a cost, which is a number indicating its relative performance overhead compared with simple TEAL operations such as addition and substraction. Simple TEAL opcodes have cost 1, and more advanced cryptographic operations have a larger cost. Below is how you express cryptographic primitives in PyTeal:
Operator 
Cost 
Description 


35 
SHA256 hash function, produces 32 bytes 

130 
SHA3256 hash function, produces 32 bytes 

130 
Keccak256 hash funciton, produces 32 bytes 

45 
SHA512/256 hash function, produces 32 bytes 

1900* 
1 if 

1900 
1 if 

1700 
1 if 

650 
produces the decompressed public key associated with the compressed public key 

2000 
produces the public key associated with the signature 
* Ed25519Verify
is only available in signature mode up to version 4 of AVM. From version 5 upwards, Ed25519Verify can be used in any mode.
Note the cost amount is accurate for version 2 of AVM and higher. The parameter c
in the ECDSA expressions defined above represents the elliptic curve
specification to be used (for example, Secp256k1
).
These cryptographic primitives cover the most used ones in blockchains and cryptocurrencies. For example, Bitcoin uses SHA256 for creating Bitcoin addresses; Algorand uses ed25519 signature scheme for authorization and uses SHA512/256 hash function for creating contract account addresses from TEAL bytecode.