Security News
The Changelog Podcast: Practical Steps to Stay Safe on npm
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
By Sarah Gooding -  Oct 31, 2025
🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
@dfinity/identity-secp256k1
Advanced tools
@dfinity/identity-secp256k1
JavaScript and TypeScript library to manage Secp256k1KeyIdentities for use with the Internet Computer
@icp-sdk/core/identity/secp256k1
The @icp-sdk/core/identity/secp256k1 module provides an implementation of the SignIdentity interface for the secp256k1 elliptic curve. It allows you to create and manage key pairs for signing and verification of messages.
Usage
Here's an example of how to use the Secp256k1KeyIdentity class to generate a new key pair and sign and verify a message:
import { Secp256k1KeyIdentity } from '@icp-sdk/core/identity/secp256k1';
// Generate a new key pair
const identity = Secp256k1KeyIdentity.generate();
// Sign a message
const message = 'Hello, world!';
const signature = identity.sign(message);
// Verify the signature
const isValid = identity.verify(message, signature);
console.log(`Signature is ${isValid ? 'valid' : 'invalid'}`);
You can also use a seed to generate deterministic key pairs:
import { Secp256k1KeyIdentity } from '@icp-sdk/core/identity/secp256k1';
const seed = Buffer.from('my-secret-seed', 'utf8');
const identity = Secp256k1KeyIdentity.generate(seed);
The Secp256k1KeyIdentity class also provides methods for converting the key pair to and from JSON-serializable objects:
import { Secp256k1KeyIdentity } from '@icp-sdk/core/identity/secp256k1';
// Generate a new key pair
const identity = Secp256k1KeyIdentity.generate();
// Convert the key pair to a JSON-serializable object
const json = identity.toJson();
// Convert the JSON-serializable object back to a key pair
const restoredIdentity = Secp256k1KeyIdentity.fromJson(json);
API Reference
Additional API Documentation can be found here.
FAQs
JavaScript and TypeScript library to manage Secp256k1KeyIdentities for use with the Internet Computer
We found that @dfinity/identity-secp256k1 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Package last updated on 24 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
By Sarah Gooding -  Oct 30, 2025
Security News
Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers Offer to Transfer All Rights to Matz
Ruby's creator Matz assumes control of RubyGems and Bundler repositories while former maintainers agree to step back and transfer all rights to end the dispute.
By Sarah Gooding -  Oct 29, 2025