Documentation

Ethoryx API

Ethoryx v2.0 is a REST API for cryptographic prime generation across three contexts: RSA key generation, Ethoryx NTT · Field Primes for FHE, and prime gap prediction. Built on formally proved mathematical structure, it generates primes with 33–79% fewer Miller-Rabin primality tests depending on context and bit size.

The API is live at https://api.ethoryx.io and accepts requests over HTTPS. All responses are JSON.

✓

API status: Operational · https://api.ethoryx.io/v1/status

Quick start

Get a prime in 60 seconds. Create a free account to get your API key, then:

cURL

# Generate a 512-bit prime
curl "https://api.ethoryx.io/v1/generate?bits=512" \
  -H "X-API-Key: tg_your_key_here"

Python

import requests

response = requests.get(
    "https://api.ethoryx.io/v1/generate",
    params={"bits": 2048},
    headers={"X-API-Key": "tg_your_key_here"}
)

data = response.json()
prime = int(data["prime"])       # Full integer, ready for RSA
tests = data["miller_rabin_tests"]  # e.g. 282 vs ~836 standard
print(f"Prime: {prime}")
print(f"Tests: {tests}")

JavaScript / Node.js

const res = await fetch(
  "https://api.ethoryx.io/v1/generate?bits=2048",
  { headers: { "X-API-Key": "tg_your_key_here" } }
);
const { prime, miller_rabin_tests } = await res.json();
console.log(`Prime: ${prime}`);
console.log(`Tests used: ${miller_rabin_tests}`);

pip library (open source)

pip install tesfagrid

from tesfagrid import prime_generator
p, tests = prime_generator.generate(bits=2048)
print(p)  # Full prime integer

Authentication

All generation endpoints require an API key passed as the X-API-Key request header.

-H "X-API-Key: tg_your_key_here"

⚠

Keep your API key secret. Do not expose it in client-side JavaScript, public repositories, or logs. If compromised, contact security@ethoryx.io immediately.

The /v1/status and /v1/verify endpoints do not require authentication. The dashboard uses a separate JWT Bearer token for the web interface — this is distinct from your API key.

Get your API key

Create an account to receive your API key by email. Your key starts with tg_ and is valid indefinitely unless you request a rotation.

Error handling

All errors return JSON with an error field and an appropriate HTTP status code.

{
  "error": "Invalid or missing API key",
  "docs": "https://tesfagrid.io/docs",
  "get_key": "https://ethoryx.io/register"
}

Status	Meaning
200	Success
400	Bad request - invalid parameter value
401	Unauthorized - missing or invalid API key
403	Forbidden - endpoint requires a higher tier
409	Conflict - email already registered
429	Rate limit exceeded or monthly quota reached
500	Server error - contact support

Generate a prime

Generates a single cryptographically strong prime number using the Ethoryx Sieve · Wheel-2310 algorithm.

GET /v1/generate 🔑 X-API-Key required

Parameters

Name	Type	Required	Description
bits	integer	optional	Bit length of the prime. One of: 256, 512, 1024, 2048, 4096. Default: 512. Maximum depends on your tier.
method	string	optional	`wheel` (default) or `sequential`. The wheel method uses the full 2310-wheel for maximum reduction. Sequential uses direct mod-6 filtering.

Request

curl "https://api.ethoryx.io/v1/generate?bits=2048&method=wheel" \
  -H "X-API-Key: tg_your_key"

Response

{
  "prime":               "1775225606...",  // Full prime as string (use int() in Python)
  "bits":                2048,
  "method":              "ethoryx_wheel_2310",
  "miller_rabin_tests":  282,              // vs ~836 standard
  "theorem7_verified":   true,             // p ≡ 1 or 5 (mod 6)
  "mod6_residue":        1,
  "generation_ms":       142.3,
  "calls_remaining":     99718,
  "generated_at":        "2026-04-04T20:25:52Z",
  "tier":                "pro",
  "paper":               "https://eprint.iacr.org/tesfadereth",
  "library":             "https://github.com/Teshgty/tesfagrid"
}

ℹ

The prime field is returned as a string because large integers exceed JavaScript's safe integer range. Convert with BigInt(data.prime) in JS or int(data["prime"]) in Python.

RSA prime with gap prediction

Generates an RSA-ready prime using Theorem 7 structural pre-filtering combined with a proved prime gap prediction model. Selects the next candidate based on the direction of the previous gap before testing - reducing the expected number of primality tests.

GET /v1/generate/rsa requires key

Returns a single RSA-safe prime. The method=predicted mode uses the gap prediction model; method=wheel falls back to the Wheel-2310 sieve.

Parameter	Type	Default	Description
bits	integer	2048	Key size: 256, 512, 1024, 2048, 4096
method	string	predicted	`predicted` (gap model) or `wheel` (Wheel-2310)

Response

"prime": "87342...", "layer": "1+3", "miller_rabin_tests": 184, "theorem7_verified": true, "oscillation_law_accuracy": 0.162

Ethoryx NTT · Field Prime

Generates primes satisfying q ≡ 1 (mod ntt_mod), required for Number Theoretic Transform operations in FHE, zk-SNARKs, and custom post-quantum parameter sets. All output is NTT-compatible by construction - no post-filtering needed.

GET /v1/generate/ntt requires key

Parameter	Type	Default	Description
bits	integer	256	Prime size: 256, 512, 1024, 2048, 4096
ntt_mod	integer	512	NTT modulus - must be a power of 2 (2 to 1,048,576). Common: 512, 1024, 4096, 8192, 16384
count	integer	1	How many primes to return (1–10 free/starter, up to 50 pro+)

Response

"prime": "1152921504...", "ntt_mod": 512, "ntt_compatible": true, "layer": "1+2", "miller_rabin_tests": 35

FHE coefficient modulus chain

Generates a chain of Ethoryx NTT · Field Primes for use as the coefficient modulus in Microsoft SEAL, OpenFHE, or HEAAN. All primes satisfy q ≡ 1 (mod 2n) where n is the polynomial degree. The response includes a ready-to-use SEAL CoeffModulus::Create example.

ℹ

This endpoint requires Starter tier or above. Each prime in the chain counts as one API call.

GET /v1/generate/fhe Starter+

Parameter	Type	Default	Description
n	integer	4096	Polynomial degree: 1024, 2048, 4096, 8192, 16384
count	integer	5	Primes in chain (1–7 Starter, up to 20 Pro+)
bits_each	integer	55	Bits per prime: 50–62. Standard SEAL range.

Response

"primes": ["18014403...", "18014405..."], "seal_compatible": true, "ntt_compatible": true, "usage_example": "seal::CoeffModulus::Create(4096, {55,55,55,55,55})"

Prime gap prediction

Returns the predicted location of the next prime given the most recent prime and the gap that preceded it. Based on a proved oscillation property of prime gaps. Public endpoint no API key required.

✓

This endpoint is free and public. No API key required. Rate limited to 60 requests/minute per IP.

GET /v1/predict/gap no auth

Parameter	Type	Required	Description
last_prime	integer	required	The most recently found prime (must be ≥ 3)
last_gap	integer	required	The gap that preceded `last_prime` - must be even (Theorem 7)

Response

"predicted_next": 1000033, "predicted_gap": 30, "mean_gap_pnt": 13.8, "direction": "larger", "confidence": 0.682, "theorem7_predicted": true

RSA key pair

Generates a complete RSA key pair: two independent primes p and q, and the RSA modulus n = p × q. Pro and Enterprise tiers only. Counts as 2 API calls.

GET /v1/generate/rsa-pair 🔑 Pro+ only

Parameters

Name	Type	Required	Description
bits	integer	optional	Bit length of each prime. One of: 512, 1024, 2048. Default: 2048. The resulting RSA modulus will be approximately 2× this size.

Request

curl "https://api.ethoryx.io/v1/generate/rsa-pair?bits=2048" \
  -H "X-API-Key: tg_pro_key"

Response

{
  "p":                        "172...821",
  "q":                        "198...473",
  "n":                        "p × q - 4096-bit RSA modulus",
  "bits_each":                2048,
  "rsa_modulus_bits":         4096,
  "total_miller_rabin_tests": 564,   // vs ~1672 standard
  "theorem7_p":               true,
  "theorem7_q":               true,
  "generation_ms":            298.4,
  "calls_used":               2,
  "calls_remaining":          99716
}

Verify a number

Verifies whether any integer is prime and checks Theorem 7 compliance. Free for all tiers no API key required.

GET /v1/verify No auth required

Parameters

Name	Type	Required	Description
n	integer	required	The integer to test. Must be ≥ 2 and ≤ 4096 bits.

Request

curl "https://api.ethoryx.io/v1/verify?n=999983"

Response

{
  "n":               "999983",
  "is_prime":        true,
  "bits":            20,
  "mod6_residue":    5,
  "theorem7_holds":  true,
  "theorem7_note":   "All primes > 3 are ≡ 1 or 5 (mod 6)"
}

Account status

GET /v1/account 🔑 X-API-Key required

curl "https://api.ethoryx.io/v1/account" \
  -H "X-API-Key: tg_your_key"

{
  "tier":            "pro",
  "calls_remaining": 99718,
  "calls_used":      282,
  "calls_limit":     100000,
  "max_bits":        2048,
  "rate_limit":      "120 calls/minute"
}

Register

Creates a new account and generates an API key. The key is returned in the response and emailed to the provided address.

POST /v1/auth/register No auth required

Request body (JSON)

Field	Type	Required	Description
name	string	required	Your full name
email	string	required	Your email address. Must be unique.
password	string	required	Minimum 8 characters.
plan	string	optional	One of: free, starter, pro, enterprise. Default: free.

curl -X POST "https://api.ethoryx.io/v1/auth/register" \
  -H "Content-Type: application/json" \
  -d '{"name":"Tesfaye","email":"you@example.com","password":"secret123","plan":"free"}'

{
  "message": "Registration successful",
  "token":   "eyJhbGci...",   // JWT for dashboard access
  "api_key": "tg_Abc123...",  // Use this in X-API-Key header
  "user":    { "id": 1, "name": "Tesfaye", "plan": "free" }
}

Login

POST /v1/auth/login No auth required

curl -X POST "https://api.ethoryx.io/v1/auth/login" \
  -H "Content-Type: application/json" \
  -d '{"email":"you@example.com","password":"secret123"}'

{
  "token": "eyJhbGci...",
  "user": {
    "id": 1, "name": "Tesfaye",
    "email": "you@example.com",
    "plan": "free",
    "api_key": "tg_Abc123..."
  }
}

Profile

GET /v1/auth/me 🔑 Bearer token

curl "https://api.ethoryx.io/v1/auth/me" \
  -H "Authorization: Bearer eyJhbGci..."

{
  "user": { "name": "Tesfaye", "email": "...", "plan": "free", "api_key": "tg_..." },
  "account": { "calls_remaining": 98, "calls_limit": 100, "max_bits": 512 }
}

Plans & limits

All plans use the same Ethoryx Sieve · Wheel-2310 algorithm. Higher tiers unlock larger bit sizes, more calls, and faster rate limits.

Plan	Price	Calls/month	Max bits	Rate limit	RSA pair
Free	$0	100	512	5/min	—
Starter	$29/mo	10,000	1,024	30/min	—
Pro	$99/mo	100,000	2,048	120/min	✓
Enterprise	$499/mo	Unlimited	4,096	600/min	✓

HSM and hardware licensing available from $50,000 one-time. Contact us.

Theorem 7

Every prime generated by Ethoryx satisfies p ≡ 1 or 5 (mod 6). This is not a heuristic, it is a mathematical theorem proved from the construction rules of the Tesfa Grid framework.

Why this matters for performance: Standard prime generation picks random odd numbers, which are split equally across residue classes 1, 3, and 5 (mod 6). Numbers in class 3 are divisible by 3 and will always fail the primality test they are wasted work. Ethoryx generates candidates only in classes 1 and 5, eliminating this waste entirely before any test runs.

Why this is secure: By Dirichlet's theorem on primes in arithmetic progressions, primes are equidistributed across valid residue classes. Generating only from {1, 5} mod 6 does not reduce the prime count or make any prime more or less likely. The output is computationally indistinguishable from uniform random prime generation.

✓

Verified: zero violations in 348,511 prime gaps (all primes up to 1,000,000). 100% compliance in all benchmark runs. Every API response includes "theorem7_verified": true.

Full proof: IACR ePrint · tesfadereth

Security

Cryptographic randomness

All candidates are seeded from Python's secrets module (OS-level CSPRNG). The pre-filtering only removes impossible candidates - the random start is never predictable.

No timing side-channel

The Tesfa Sequential generator uses a constant-time step pattern (+4, +2 alternating). Unlike rejection sampling, the number of iterations is independent of the secret candidate value. This eliminates the variable-execution-time timing side-channel present in standard rejection-based generators relevant for HSM and FIPS compliance environments.

Transport security

All API traffic is encrypted over TLS 1.2+. Certificates are managed by Let's Encrypt and auto-renewed. HTTP requests are permanently redirected to HTTPS.

API key security

API keys are stored hashed in the database. They are only shown once at registration and emailed to you. If you believe your key is compromised, email security@ethoryx.io immediately for rotation.

SDKs & libraries

Python library (open source)

pip install tesfagrid

The tesfagrid library includes the complete open-source implementation of the Wheel-2310 algorithm, all nine proved theorems as callable functions, and the prime generator. Source: github.com/Teshgty/tesfagrid

REST API (any language)

The REST API works with any HTTP client. No SDK required. Examples above use cURL, Python requests, and JavaScript fetch. The API returns plain JSON - no special parsing needed.

Future SDKs

Go, Rust, and Java SDKs are planned. Contact us if you need a specific language prioritized.

ℹ

For C integration with OpenSSL's BN_generate_prime_ex() interface, see the implementation notes in Section 6 of the IACR paper.