Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@nomicfoundation/ethereumjs-util
Advanced tools
@nomicfoundation/ethereumjs-util is a utility library for Ethereum-related functions. It provides a variety of tools for handling Ethereum addresses, private keys, public keys, signatures, and other cryptographic operations.
Address Generation
This feature allows you to generate an Ethereum address from a private key and convert it to a checksummed address.
const { privateToAddress, toChecksumAddress } = require('@nomicfoundation/ethereumjs-util');
const privateKey = Buffer.from('c87509a1c067bbde78beb793e6fa5e8b8d2a9f1d7b2a9b2a2b2a2b2a2b2a2b2a', 'hex');
const addressBuffer = privateToAddress(privateKey);
const address = toChecksumAddress(addressBuffer.toString('hex'));
console.log(address);
Signature Verification
This feature allows you to sign a message and verify the signature, recovering the public key and address from the signature.
const { ecsign, ecrecover, pubToAddress, toBuffer } = require('@nomicfoundation/ethereumjs-util');
const msg = 'Hello, Ethereum!';
const msgHash = toBuffer('0x' + require('crypto').createHash('sha256').update(msg).digest('hex'));
const privateKey = Buffer.from('c87509a1c067bbde78beb793e6fa5e8b8d2a9f1d7b2a9b2a2b2a2b2a2b2a2b2a', 'hex');
const sig = ecsign(msgHash, privateKey);
const publicKey = ecrecover(msgHash, sig.v, sig.r, sig.s);
const address = pubToAddress(publicKey).toString('hex');
console.log(address);
Hashing
This feature allows you to hash data using the Keccak-256 algorithm, which is used in Ethereum for various purposes.
const { keccak256 } = require('@nomicfoundation/ethereumjs-util');
const data = 'Hello, Ethereum!';
const hash = keccak256(Buffer.from(data));
console.log(hash.toString('hex'));
The ethers.js library is a complete and compact library for interacting with the Ethereum blockchain and its ecosystem. It provides similar functionalities for handling addresses, keys, and signatures, but also includes features for interacting with smart contracts and the Ethereum network.
The web3.js library is a comprehensive library for interacting with the Ethereum blockchain. It provides similar utilities for cryptographic operations and address handling, but also includes extensive features for interacting with smart contracts, nodes, and the Ethereum network.
The eth-sig-util library provides utilities for signing and verifying Ethereum messages and transactions. It focuses more on signature-related functionalities compared to @nomicfoundation/ethereumjs-util.
A collection of utility functions for Ethereum. It can be used in Node.js and in the browser with browserify.
To obtain the latest version, simply require the project using npm
:
npm install @ethereumjs/util
import assert from 'assert'
import { isValidChecksumAddress, unpadBuffer } from '@ethereumjs/util'
assert.ok(isValidChecksumAddress('0x2F015C60E0be116B1f0CD534704Db9c92118FB6A'))
assert.ok(unpadBuffer(Buffer.from('000000006600', 'hex')).equals(Buffer.from('6600', 'hex')))
Read the API docs.
KECCAK256_NULL_S
for string representation of Keccak-256 hash of nullv8
, please use ethereum-cryptography directly insteadStarting with v8 the usage of BN.js for big numbers has been removed from the library and replaced with the usage of the native JS BigInt data type (introduced in ES2020
).
Please note that number-related API signatures have changed along with this version update and the minimal build target has been updated to ES2020
.
The following methods are available by an internalized version of the ethjs-util package (MIT
license), see internal.ts. The original package is not maintained any more and the original functionality will be replaced by own implementations over time (starting with the v7.1.3
release, October 2021).
They can be imported by name:
import { stripHexPrefix } from '@ethereumjs/util'
See our organizational documentation for an introduction to EthereumJS
as well as information on current standards and best practices. If you want to join for work or carry out improvements on the libraries, please review our contribution guidelines first.
FAQs
A collection of utility functions for Ethereum
We found that @nomicfoundation/ethereumjs-util demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.