New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@notabene/pii-sdk

Package Overview
Dependencies
Maintainers
2
Versions
20
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@notabene/pii-sdk

SDK to manage PII encryption

  • 1.5.1
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
31K
decreased by-48.84%
Maintainers
2
Weekly downloads
 
Created
Source

PII SDK

Description

Encryption / Decryption Library for Personal Identifiable Information

Instalation

This library is hosted on GitLab package repository (instead of NPM). To install packages from there add the following to an .npmrc file:

//gitlab.com/api/v4/packages/npm/:_authToken=${GITLAB_AUTH_TOKEN}
@notabene:registry=https://gitlab.com/api/v4/packages/npm/

yarn

yarn add @notabene/pii-sdk

npm

npm install @notabene/pii-sdk

Usage

Requirements

ParameterDescription
INFURA_PROJECT_IDInfura (https://infura.io) for resolving did:ethr DIDs
KMS_SECRET_KEYSecret box key to encrypt / decrypt private key
NOTABENE_URLNotabene directory URL to get VASP DIDs and keys
NOTABENE_PII_URLDefault Notabene PII escrow service to share encrypted audited data

Example usage

import NotabeneKeyToolset from '@notabene/pii-sdk';

//Init Notabene Key Toolset
const nbKeyToolSet = new NotabeneKeyToolset({
  INFURA_PROJECT_ID: '(infura project id)',
  KMS_SECRET_KEY: '(secret box key)',
  NOTABENE_URL: 'https://api.notabene.id',
  NOTABENE_PII_URL: 'https://pii.notabene.id',
});

//Create key
const myKey = await nbKeyToolSet.createKey();

//Encrypt to VASP with DID did:ethr:0x1234
const encryptedPII = await toolset.encryptPII({
  senderKeyJson: myKey,
  recipientDIDs: ['did:ethr:0x1235'],
  recipientKeys: [],
  body: piiData,
});

//Encrypt to VASP with key did:key:z6MkhaX...
const encryptedPII = await toolset.encryptPII({
  senderKeyJson: myKey,
  recipientDIDs: [],
  recipientKeys: ['did:key:z6MkhaX...'],
  body: piiData,
});

//Decrypt PII for VASP
const decryptedPII = await toolset.decryptPII(myKey, encryptedPII);

Contributing

Contributions are welcome!

Want to file a bug, request a feature or contribute some code?

  • Check out the Code of Conduct
  • Check that there is no existing issue corresponding to your bug or feature
  • Before implementing a new feature, discuss your changes in an issue first!

Development scripts

  • yarn - To install dependencies
  • yarn dlx @yarnpkg/sdks vscode - Sets up VSCode to support ESLint/Prettier/TypeScript using Yarn 3 (make sure to install ZipFS vscode extension too)
  • yarn watch - Hot reloading for development
  • yarn build - Compile the library to the dist/ folder
  • yarn lint - Lints the library using ESLint/Prettier
  • yarn test - Run Jest to test the library
  • yarn release - Release the project using semantic-release (only run in CI)

License

MIT © Notabene

FAQs

Package last updated on 06 Jul 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts

Security News

Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts

Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.

By Sarah Gooding  -  Jan 24, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc