Security News
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
By Sarah Gooding - Jan 28, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@arcblock/mcrypto
Advanced tools
Forge mcrypto implementation for javascript, just a wrapper around existing javascript crypto libraries.
Usage
npm i @arcblock/mcrypto -S
# OR
yarn add @arcblock/mcrypto
Sign/Verify
const { Signer } = require('@arcblock/mcrypto');
const keyPair = Signer.Ed25519.genKeyPair();
const message = 'some message to sign';
const signature = Signer.Ed25519.sign(message, keyPair.secretKey);
const result = Signer.Ed25519.verify(message, signature, keyPair.publicKey);
assert.ok(result);
Hashing
const { Hasher } = require('@arcblock/mcrypto');
const message = 'message to hash';
const hash = Hasher.SHA2.hash256(message);
Documentation
For full documentation, checkout https://forge-js.netlify.com
Implementation
Hasher
- keccakf1600: js-sha3
- sha2: hash.js
- sha3: js-sha3
Signer
ed25519: tweetnacl- secp256k1: elliptic
Crypter
- aes-cbc-256: crypto-js
1.7.1 (September 08, 2022)
- chore: use 2.x nedb
- chore: update readme
Keywords
FAQs
Crypto lib that provides signer,crypter,hasher interface
The npm package @arcblock/mcrypto receives a total of 82 weekly downloads. As such, @arcblock/mcrypto popularity was classified as not popular.
We found that @arcblock/mcrypto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 07 Sep 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
By Sarah Gooding - Jan 24, 2025
Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
By Sarah Gooding - Jan 24, 2025