Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
github.com/elnosh/lightning-onion-routing
My lame attempt at trying to understand the Lightning Network's onion routing.
It roughly follows BOLT#4 but focused mostly on how to construct and decrypt the onion.
It does the following route:
Alice (origin node) -> Bob -> Charlie -> Dave (final node)
go build -o lnonion main.go
./lnonion onion
This will start a prompt to specify a payload for each hop (i.e bob, charlie, dave).
Something like this:
start building the onion. What payload do you want to put for Bob:
hi bob
What payload do you want to put for Charlie (2nd hop):
hi charlie
What payload do you want to put for Dave (last hop):
hi dave
onion to pass to first hop (bob): <onion>
After specifying the payload, it will return an onion that can be sent to the first hop in the route (bob).
To start peeling the onion, pass it to the first hop.
./lnonion parse --hop "bob" "<onion here>"
This will print the payload that was intended for this hop (bob) and then the onion to pass to the next hop (charlie).
Continue peeling the onion until it gets to the final hop (dave).
./lnonion parse --hop "charlie" "<onion from previous parse>"
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.