Inspect how Apple implements core cryptographic primitives used across its operating systems.
Study the formal verification work done on post-quantum cryptography algorithms.
Verify security claims for compliance or regulatory review.
| apple/corecrypto | danking6/veltoc | faldyrd/auto-2026 | |
|---|---|---|---|
| Stars | 138 | 152 | 157 |
| Language | C++ | C++ | C++ |
| Setup difficulty | hard | moderate | easy |
| Complexity | 5/5 | 3/5 | 1/5 |
| Audience | researcher | general | general |
Figures from each repo's GitHub metadata at analysis time.
Requires Xcode command-line tools on macOS and is intended for inspection rather than integration into other software.
Corecrypto is Apple's low-level cryptography library, the code that sits underneath the security and encryption features you use on every Apple device. It provides the building blocks for things like encrypted messages, secure boot, and cryptographic verification. Apple's own Security framework, CryptoKit, and CommonCrypto all call into this library, but app developers never use corecrypto directly. Apple published the source code primarily so that security researchers and regulators can inspect it and verify that the implementations are correct. The goal on the engineering side is to provide fast, minimal math and cryptography routines that work in many contexts: the operating system kernel, the bootloader that runs before the OS starts, and regular user-space programs. The library is designed so that each module is self-contained and a user of the library only pulls in the routines they actually need. Building the library on macOS requires Xcode's command-line build tool. The repository includes a subdirectory for formal verification, which means the correctness of certain algorithms has been checked using a mathematical proof assistant rather than just testing. A technical overview document in that folder covers formal verification work done on two post-quantum cryptography standards in 2026. The license is restrictive: the code is available only for internal verification and security review, not for redistribution or use in other products. Apple is not accepting outside code contributions. Security vulnerabilities should be reported through Apple's security disclosure process rather than through GitHub issues.
Apple's low-level cryptography library that underlies iOS and macOS security features, published for research and verification, not for reuse in other products.
Mainly C++. The stack also includes C++, Xcode.
Source is provided only for internal verification and security review, not licensed for redistribution or use in other products.
Setup difficulty is rated hard, with roughly 1day+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.