Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@evervault/sdk
Advanced tools
The evervault SDK allows developers to integrate with evervault auth and encrypt/decrypt data within their web app. Built on the Web Crypto API.
evervault.checkAuth(appId): void
Check a user's auth status in the system, and redirect them if they are unauthenticated.
Param | Type | Description |
---|---|---|
appId | String | The unique identifier for your app in the evervault system |
evervault.encrypt(data[, encryptOptions]): Promise<String>
Encrypt data using a user's secret key. The encrypt function will handle any data excluding undefined
and Symbol
.
Param | Type | Description |
---|---|---|
data | any | the data to be encrypted |
encryptOptions | object | control how your data is encrypted |
Key | Value | Description |
---|---|---|
preserveObjectShape | boolean | if true, javascript objects will only have their values encrypted, if false objects will be stringified |
fieldsToEncrypt | Array<String> | a list of fields in an object to encrypt |
privateKey | String | a base64 representation of a user's evervault secret key |
evervault.decrypt(data[, privateKey]): Promise<String>
Decrypt evervault encrypted data. Decrypt will preserve the shape of any object it's given (e.g. Array or Object). Any stringified data that enters decrypt will be parsable when it has been decrypted.
Param | Type | Description |
---|---|---|
data | any | the data to be decrypted, be it an object, array or a string |
privateKey | String | a base64 representation of a user's evervault secret key |
evervault.set(toSet): Promise<Object>
Save data on behalf of the user in evervault storage.
Param | Type | Description |
---|---|---|
toSave | Object | the data to be saved. Must be an object in { "key": "value" } form |
evervault.get([toGet]): Promise<Object>
Retrieve data on behalf of the user in evervault storage.
Param | Type | Description |
---|---|---|
toGet | String | Optional. the data to be retrieved. Must resolve to a previously stored piece of data |
logout(): void
Remove a user's credentials and redirect them to evervault auth.
refreshAccessToken([accessToken, refreshToken]): Promise<Object>
Refresh a user's access token in the evervault system.
Param | Type | Description |
---|---|---|
accessToken | String | a user's evervault access token to authenticate them in your system |
refreshToken | String | a user's evervault refresh token to keep them authenticated |
FAQs
Node.js SDK for Evervault
We found that @evervault/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.