Security News
MCP Steering Committee Launches Official MCP Registry in Preview
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.
By Sarah Gooding - Sep 09, 2025
@vegaprotocol/crypto
Advanced tools
@vegaprotocol/crypto
⚠️ Under active development ⚠️
Crypto operations for Vega supporting Node.js and Browsers
Usage
This module supports both CommonJS and ES Modules:
const { VegaWallet, HARDENED } = require('@vegaprotocol/crypto')
VegaWallet.fromMnemonic('...').then(async wallet => {
const keys = await wallet.keyPair(HARDENED + 0)
const msg = Buffer.from('Hello world!')
const signature = await keys.sign(msg)
})
import { VegaWallet, HARDENED } from '@vegaprotocol/crypto'
const wallet = await VegaWallet.fromMnemonic('...')
const keys = await wallet.keyPair(HARDENED + 0)
const msg = Buffer.from('Hello world!')
const signature = await keys.sign(msg)
API
Note: All APIs are async. In some cases they will run sync, eg in Node.js where loading WASM is sync, or where crypto routines are sync, but everything is kept async as a lowest common denominator between browser APIs and future hardware wallet support.
const wallet = await VegaWallet.fromMnemonic(mnemonic)
Derive a new SLIP-10 VegaWallet from a BIP-0039 mnemonic. Note that the
mnemonic is not validated before key derivation.
const seed = await VegaWallet.deriveSeed(mnemonic)
Derive a seed from a BIP-0039 mnemonic. In combination with
VegaWallet.fromSeed this is equivalent to VegaWallet.fromMnemonic.
Note that the mnemonic is not validated before key derivation.
const wallet = await VegaWallet.fromSeed(seed)
Derive a new SLIP-10 VegaWallet from a seed.
const kp = await wallet.keyPair(index)
Generate a new key pair at index, under the Vega specific subtree.
const { name, version } = kp.algorithm
This contains name and version detailing the version used by the
instantiated keyPair. Note if this changes in the future other "builder"
methods will be exposed to derive newer versions.
const sig = await kp.sign(msg, [chainId])
Sign msg with key pair kp for optional chainId.
const isValid = await kp.verify(sig, msg, [chainId])
Verify sig is valid for msg under key pair kp for optional chainId.
Spec
See algorithm.md and test-vectors.
License
FAQs
Crypto operations for Vega supporting Node.js and Browsers
We found that @vegaprotocol/crypto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 03 Apr 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Pull Request Stories to Help Security Teams Track Supply Chain Risks
Socket’s new Pull Request Stories give security teams clear visibility into dependency risks and outcomes across scanned pull requests.
By André Staltz - Sep 08, 2025
Research
/Security News
npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
By Sarah Gooding, Olivia Brown, Kush Pandya, Philipp Burckhardt, Peter van der Zee, Douglas Coburn - Sep 08, 2025