You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@bicycle-codes/message

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@bicycle-codes/message

Create and verify signed messages

0.9.1
latest
Source
npmnpm
Version published
Weekly downloads
56
75%
Maintainers
1
Weekly downloads
 
Created
Source

message

tests Socket Badge types module install size license

Create and verify signed messages with the webcrypto API.

Contents

install

npm i -S @bicycle-codes/message

example

create a message

import { Keys } from '@bicycle-codes/keys'
import { create } from '@bicycle-codes/message'

const alicesKeys = await Keys.create()
const req = await create(alicesKeys, { hello: 'world' })

The returned object has a format like

{
    author: 'did:key:...',
    signature: '123abc',
    ...message
}

[!NOTE]
The message will have the fields author and signature appended to it. author is the DID that was used to sign this message. It is read by verify(message).

import { test } from '@substrate-system/tapzero'
import { Keys } from '@bicycle-codes/keys'
import { create } from '@bicycle-codes/message'

let req:SignedMessage<{ hello: 'world' }>
const alicesKeys = await Keys.create()
test('create a message', async t => {
    req = await create(alicesKeys, { hello: 'world' })

    t.ok(req, 'request was created')
    t.equal(typeof req.signature, 'string', 'should have a signature')
    t.ok(req.author.includes('did:key:'), 'should have an author field')
    t.equal(req.hello, 'world', 'should have the properties we passed in')
})

verify a message

import { test } from '@nichoth/tapzero'
import { verify } from '@bicycle-codes/message'

test('verify a message', async t => {
    // `req` is the message we created above
    const isOk = await verify(req)
    t.equal(isOk, true, 'should return true for a valid message')
})

Keywords

message

FAQs

Package last updated on 17 Mar 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Socket Now Protects the Chrome Extension Ecosystem

Product

Socket Now Protects the Chrome Extension Ecosystem

Socket is launching experimental protection for Chrome extensions, scanning for malware and risky permissions to prevent silent supply chain attacks.

By Mix Irving, Alexandros Kapravelos, Eli Insua  -  Jul 30, 2025
Introducing Socket MCP for Claude Desktop

Product

Introducing Socket MCP for Claude Desktop

Add secure dependency scanning to Claude Desktop with Socket MCP, a one-click extension that keeps your coding conversations safe from malicious packages.

By Alexandros Kapravelos  -  Jul 29, 2025
Introducing Scala and Kotlin Support in Socket

Product

Introducing Scala and Kotlin Support in Socket

Socket now supports Scala and Kotlin, bringing AI-powered threat detection to JVM projects with easy manifest generation and fast, accurate scans.

By Peter van der Zee, Eli Insua  -  Jul 28, 2025