@dsnp/hash-util
Advanced tools
This package is a TypeScript implementation of hash-related utilities to support DSNP applications and services.
DSNP anchors content to announcements via a URL and hashes. This ensures integrity of resources and also provides for relocatable content, as hashes can be generated and verified regardless of location.
This library provides a simple implementation that checks whether a data "file" matches at least one of the hash values provided.
This library uses hash-wasm, which has fast WASM implementations of hash algorithms and should work in both server-side and browser environments.
Given a Uint8Array and an array of strings representing DSNP hashes, use the following function to verify if there is a matching hash.
import { compareBinaryToMultibaseHashes } from "@dsnp/hash-util";
const result = await compareBinaryToMultibaseHashes(binaryU8A, hashes);
The library will verify the following types of hashes:
base32 multibase encoding (leading 'b' character)sha2-256 or blake3 hash (leading 0x12 or 0x1e byte)0x20 after hash indicator)All comparisons are done in-memory, meaning that there is no attempt to limit the size of the byte array or memory requirements. Callers should therefore perform their own sanity checks.
npm i
npm run build
npm run test
Please use the github issues area to report bugs or suggest enhancements. Pull requests are gratefully welcomed.
FAQs
A library to verify hashes compatible with DSNP
The npm package @dsnp/hash-util receives a total of 0 weekly downloads. As such, @dsnp/hash-util popularity was classified as not popular.
We found that @dsnp/hash-util demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.
Security News
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.