@scure/base
Advanced tools
Comparing version 1.1.0 to 1.1.1
{ | ||
"name": "@scure/base", | ||
"version": "1.1.0", | ||
"version": "1.1.1", | ||
"description": "Secure, audited & 0-dep implementation of bech32, base64, base58, base32 & base16", | ||
@@ -8,2 +8,3 @@ "files": [ | ||
"lib/esm/index.js", | ||
"lib/esm/package.json", | ||
"lib/index.d.ts" | ||
@@ -10,0 +11,0 @@ ], |
# scure-base | ||
Secure, audited and 0-dep implementation of bech32, base64, base58, base32 & base16. | ||
Secure, [audited](#security) and 0-dep implementation of bech32, base64, base58, base32 & base16. | ||
@@ -13,4 +13,2 @@ Written in [functional style](#design-rationale), uses chaining, has unique tests which ensure correctness. | ||
The library has been audited by Cure53 on Jan 5, 2022. Check out the audit [PDF](./audit/2022-01-05-cure53-audit-nbl2.pdf), [URL](https://cure53.de/pentest-report_hashing-libs.pdf) & [changes since audit](https://github.com/paulmillr/scure-base/compare/1.0.0..main). Before the audit, it was called `micro-base`. | ||
### This library belongs to *scure* | ||
@@ -49,6 +47,6 @@ | ||
// bech32 | ||
const {bech32, bech32m} = require('@scure/base'); | ||
const { bech32, bech32m } = require('@scure/base'); | ||
const words = bech32.toWords(data); | ||
const be = bech32.encode('prefix', words); | ||
const {prefix, words} = bech32.decode(be); | ||
const { prefix, words } = bech32.decode(be); | ||
bech32m.encode('prefix', words); | ||
@@ -58,7 +56,7 @@ | ||
// you need to pass sha256() function that returns Uint8Array | ||
const {base58check} = require('@scure/base'); | ||
const { base58check } = require('@scure/base'); | ||
base58check(sha256).encode(data); | ||
// Alternative API | ||
const {str, bytes} = require('@scure/base'); | ||
const { str, bytes } = require('@scure/base'); | ||
const encoded = str('base64', data); | ||
@@ -141,4 +139,13 @@ const data = bytes('base64', encoded); | ||
## Security | ||
The library has been audited by Cure53 on Jan 5, 2022. Check out the audit [PDF](./audit/2022-01-05-cure53-audit-nbl2.pdf) & [URL](https://cure53.de/pentest-report_hashing-libs.pdf). See [changes since audit](https://github.com/paulmillr/scure-base/compare/1.0.0..main). | ||
1. The library was initially developed for [js-ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) | ||
2. At commit [ae00e6d7](https://github.com/ethereum/js-ethereum-cryptography/commit/ae00e6d7d24fb3c76a1c7fe10039f6ecd120b77e), it | ||
was extracted to a separate package called `micro-base` | ||
3. After the audit we've decided to use NPM namespace for security. Since `@micro` namespace was taken, we've renamed the package to `@scure/base` | ||
## License | ||
MIT (c) Paul Miller [(https://paulmillr.com)](https://paulmillr.com), see LICENSE file. |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
46440
7
148
0