Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@stacks/encryption
Advanced tools
@stacks/encryption
Encryption functions used by Stacks.js packages.
Installation
npm install @stacks/encryption
Encrypt and decrypt string
import { encryptECIES, decryptECIES } from '@stacks/encryption';
import { utf8ToBytes } from '@stacks/common';
const privateKey = 'a5c61c6ca7b3e7e55edee68566aeab22e4da26baa285c7bd10e8d2218aa3b229';
const publicKey = '027d28f9951ce46538951e3697c62588a87f1f1f295de4a14fdd4c780fc52cfe69';
const testString = 'all work and no play makes jack a dull boy';
// Encrypt string with public key
const cipherObj = await encryptECIES(publicKey, utf8ToBytes(testString), true);
// Decrypt the cipher with private key to get the message
const deciphered = await decryptECIES(privateKey, cipherObj);
console.log(deciphered);
Sign content using ECDSA
import { signECDSA, verifyECDSA } from '@stacks/encryption';
const privateKey = 'a5c61c6ca7b3e7e55edee68566aeab22e4da26baa285c7bd10e8d2218aa3b229';
const testString = 'all work and no play makes jack a dull boy';
const sigObj = signECDSA(privateKey, testString);
// Verify content using ECDSA
const result = verifyECDSA(testString, sigObj.publicKey, sigObj.signature);
console.log(result); // true
encryptMnemonic and decryptMnemonic
import { bytesToHex, hexToBytes } from '@stacks/common';
import { encryptMnemonic, decryptMnemonic } from '@stacks/encryption';
const rawPhrase = 'march eager husband pilot waste rely exclude taste twist donkey actress scene';
const rawPassword = 'rawPassword';
const mockSalt = hexToBytes('ff'.repeat(16));
// Encrypt a raw mnemonic phrase to be password protected
const encoded = await encryptMnemonic(rawPhrase, rawPassword, { getRandomBytes: () => mockSalt });
// Decrypt an encrypted mnemonic phrase with a password
const decoded = await decryptMnemonic(bytesToHex(encoded), rawPassword);
console.log(decoded);
Private key to address
import { getPublicKeyFromPrivate, publicKeyToBtcAddress } from '@stacks/encryption';
const privateKey = '00cdce6b5f87d38f2a830cae0da82162e1b487f07c5affa8130f01fe1a2a25fb01';
const expectedAddress = '1WykMawQRnLh7SWmmoRL4qTDNCgAsVRF1';
const publicKey = getPublicKeyFromPrivate(privateKey);
const address = publicKeyToBtcAddress(publicKey);
console.log(address === expectedAddress); // true
Make private key
import { makeECPrivateKey, publicKeyToBtcAddress } from '@stacks/encryption';
import { SECP256K1Client } from 'jsontokens';
const privateKey = makeECPrivateKey();
// Private key is also usable with the jsontokens package
const publicKey = SECP256K1Client.derivePublicKey(privateKey);
const address = publicKeyToBtcAddress(publicKey);
console.log(address);
FAQs
Encryption utilities for Stacks
The npm package @stacks/encryption receives a total of 6,490 weekly downloads. As such, @stacks/encryption popularity was classified as popular.
We found that @stacks/encryption demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 18 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025