diff --git a/src/crypto.c b/src/crypto.c
index 3beeffef6..3892d2c94 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -385,7 +385,7 @@ void crypto_tr_tapleaf_hash_init(cx_sha256_t *hash_context) {
     crypto_tr_tagged_hash_init(hash_context, BIP0341_tapleaf_tag, sizeof(BIP0341_tapleaf_tag));
 }
 
-static int crypto_tr_lift_x(const uint8_t x[static 32], uint8_t out[static 65]) {
+int crypto_tr_lift_x(const uint8_t x[static 32], uint8_t out[static 65]) {
     // save memory by reusing output buffer for intermediate results
     uint8_t *y = out + 1 + 32;
     // we use the memory for the x-coordinate of the output as a temporary variable
@@ -424,13 +424,13 @@ static int crypto_tr_lift_x(const uint8_t x[static 32], uint8_t out[static 65])
 
 // Computes a tagged hash according to BIP-340.
 // If data2_len > 0, then data2 must be non-NULL and the `data` and `data2` arrays are concatenated.
-static void crypto_tr_tagged_hash(const uint8_t *tag,
-                                  uint16_t tag_len,
-                                  const uint8_t *data,
-                                  uint16_t data_len,
-                                  const uint8_t *data2,
-                                  uint16_t data2_len,
-                                  uint8_t out[static CX_SHA256_SIZE]) {
+void crypto_tr_tagged_hash(const uint8_t *tag,
+                           uint16_t tag_len,
+                           const uint8_t *data,
+                           uint16_t data_len,
+                           const uint8_t *data2,
+                           uint16_t data2_len,
+                           uint8_t out[static CX_SHA256_SIZE]) {
     // First compute hashtag, reuse out buffer for that
     cx_sha256_hash(tag, tag_len, out);
 
diff --git a/src/crypto.h b/src/crypto.h
index 4765ca180..20bcbb381 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -343,6 +343,43 @@ int crypto_ecdsa_sign_sha256_hash_with_key(const uint32_t bip32_path[],
  */
 void crypto_tr_tagged_hash_init(cx_sha256_t *hash_context, const uint8_t *tag, uint16_t tag_len);
 
+/**
+ * Implementation of the lift_x procedure as defined by BIP-0340.
+ *
+ * @param[in]  x
+ *   Pointer to a 32-byte array.
+ * @param[out]  out
+ *   Pointer to an array that will received the output as an uncompressed 65-bytes pubkey.
+ */
+int crypto_tr_lift_x(const uint8_t x[static 32], uint8_t out[static 65]);
+
+/**
+ * A tagged hash as defined in BIP-0340.
+ *
+ * @param[in]  tag
+ *   Pointer to an array containing the tag of the tagged hash.
+ * @param[in]  tag_len
+ *   Length of the tag.
+ * @param[in]  data
+ *   Pointer to an array of data.
+ * @param[in]  data_len
+ *   Length of the array pointed by `data`.
+ * @param[in]  data2
+ *   If NULL, ignored. If not null, a pointer to an array of data; the tagged hash for the
+ * concatenation of `data` and `data2` is computed.
+ * @param[in]  data2_len
+ *   If `data2` is NULL, ignored. Otherwise, the length the array pointed by `data2`.
+ * @param[out]  out
+ *   Pointer to a 32-byte array that will receive the result.
+ */
+void crypto_tr_tagged_hash(const uint8_t *tag,
+                           uint16_t tag_len,
+                           const uint8_t *data,
+                           uint16_t data_len,
+                           const uint8_t *data2,
+                           uint16_t data2_len,
+                           uint8_t out[static CX_SHA256_SIZE]);
+
 /**
  * Initializes the "tagged" SHA256 hash with tag "TapLeaf", used for tapscript leaves.
  *