Security News
Django Joins curl in Pushing Back on AI Slop Security Reports
Django has updated its security policies to reject AI-generated vulnerability reports that include fabricated or unverifiable content.
By Sarah Gooding - Jun 30, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
cardano-web3-utils
Advanced tools
Cardano web3 utils
Cardano web3 is a javascript library that allows interaction with COSE Sign1 and CBOR encoded data and implements some helper methods for CIP-0093 Authenticated HTTP Web3 Requests.
API
Web3Authentication
The Web3Authentication class provides authentication functionality. It has the following constructor and methods:
Constructor
Web3Authentication(expirationTimeSpan: number, hostname: string): Creates a new instance of the Web3Authentication class. It takes the expiration time span in seconds and the hostname as parameters.
Methods
authenticate<T>(uri: string, action: string, key: string, signature: string, options?: Web3AuthenticationOptions): { payload: Web3AuthenticationPayload & T; walletAddress: string }: Performs authentication using the provided parameters. It returns an object with the authenticated payload and wallet address.
Web3AuthenticationError
The Web3AuthenticationError class is an error subclass that represents authentication errors. It extends the built-in Error class and includes an additional property httpErrorCode to store the associated HTTP error code.
Web3AuthenticationPayload
The Web3AuthenticationPayload type defines the structure of the payload used in the authentication process. It includes properties such as uri, action, timestamp, and optional properties for additional secured data.
Utils
Auth-utils
-
checkExpiration(payload: Web3AuthenticationPayload, expirationTimeSpan: number): Checks if a payload has expired based on its timestamp and expiration time span. -
getCoseSign1Bech32Address(signature: string): Extracts the bech32 address from a COSE_Sign1 signature. -
getPayload(signature: string): Retrieves the payload from a COSE_Sign1 signature. -
verifyCoseSign1Address(key: string, signature: string): Verifies if a COSE_Sign1 address matches the provided key. -
verifyCoseSign1Signature(key: string, signature: string)Verifies the integrity of a COSE_Sign1 signature using the provided key.
Test-utils
-
createCOSEKey(privateKey: CSL.PrivateKey): Creates a COSE Key structure from a private key. -
createCOSESign1Signature(payload: object, address: CSL.RewardAddress, privateKey: CSL.PrivateKey): Creates a COSE_Sign1 signature using the provided payload, address, and private key. -
createFakePrivateKey(accountNumber: number): Creates a fake private key for mocking purposes. -
createRewardAddress(privateKey: CSL.PrivateKey, networkId: CSL.NetworkId): Creates a reward address from a private key and network ID.
Support
If you find it useful, please consider inviting me a coffee :)
FAQs
Cardano utils for web3 apps
We found that cardano-web3-utils demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 08 Jun 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and More
ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.
By Sarah Gooding - Jun 26, 2025
Security News
Node.js Homepage Adds Paid Support Link, Prompting Contributor Pushback
A new Node.js homepage button linking to paid support for EOL versions has sparked a heated discussion among contributors and the wider community.
By Sarah Gooding - Jun 25, 2025