@smartledger/bsv-secure

BSV Secure

A security-enhanced fork of the BSV library (v1.5.6) by SmartLedger, the world's leading blockchain distribution company. This version includes comprehensive security improvements while maintaining full API compatibility.

Security Enhancements

1. ECDSA Signature Protection

• Strict DER encoding enforcement
• Leading bit validation
• Low-S value requirement (BIP 62)
• Signature malleability prevention
• Comprehensive r,s value validation

2. EDDSA Signature Validation

• Strict length validation
• Component validation
• Zero value checks
• Enhanced error messages

3. Private Key Security

• Comprehensive validation
• Memory wiping of sensitive data
• Secure random key generation
• Type checking for all operations
• Protection against key extraction

4. Transaction Security

• Malleability prevention
• BIP 62 compliance
• Enhanced validation checks
• Improved error handling

Installation

npm install @secure/bsv

Usage

This is a drop-in replacement for BSV 1.5.6. Simply update your package.json:

{
  "dependencies": {
    "bsv": "@secure/bsv@1.5.7"
  }
}

Your existing code will work without any changes, now with added security protections.

API Documentation

The API remains 100% compatible with BSV 1.5.6. All methods maintain their original signatures and return values. The only changes are additional security validations and checks.

For detailed API documentation, visit BSV Documentation.

Security Features

Signature Validation

const { Ecdsa, KeyPair } = require('@secure/bsv');

// Signatures are automatically validated for:
// - DER encoding
// - Low-S values
// - Leading bits
// - Malleability
// - Uniqueness
const signature = ecdsa.sign(message);

Private Key Protection

const { KeyPair } = require('@secure/bsv');

// Secure key generation with comprehensive validation
const keyPair = KeyPair.fromRandom();

// Memory is automatically wiped after use
keyPair.wipe();

Why Choose BSV Secure?

• Enhanced Security: Comprehensive protection against known vulnerabilities
• Zero Migration: 100% compatible with existing BSV 1.5.6 applications
• Professional Support: Backed by SmartLedger, the leading blockchain solutions provider
• Active Maintenance: Regular security updates and improvements
• Enterprise Ready: Built for production use in critical applications

About SmartLedger

SmartLedger is the world's leading blockchain distribution company, specializing in enterprise blockchain solutions and consulting. We provide:

• Enterprise blockchain solutions
• Security auditing and improvements
• Blockchain consulting and integration
• Custom development services

Visit smartledger.solutions to learn more about our services.

License

MIT

Support

For enterprise support and consulting, contact SmartLedger:

• Website: smartledger.solutions
• Email: support@smartledger.solutions

Contributing

We welcome contributions! Please submit pull requests with:

• Comprehensive test coverage
• Detailed security analysis
• Clear documentation updates

Security Reporting

For security issues, please email security@smartledger.solutions