Distance Comparison Preserving Encryption for secure searchable vector embeddings
Distance Comparison Preserving Encryption (DCPE) for JavaScript. A framework that enables secure, end-to-end encryption of vector embeddings while preserving the ability to perform similarity search on the encrypted data.
# Using npm
npm install dcpe-js
# Using yarn
yarn add dcpe-js
# Using pnpm
pnpm add dcpe-js
import { DCPE } from 'dcpe-js';
// Create a DCPE instance
const dcpe = new DCPE();
// Generate encryption keys
const keys = await dcpe.generateKeys();
dcpe.setKeys(keys);
// Encrypt a vector embedding
const vector = [0.1, 0.2, 0.3, 0.4];
const encryptedVector = dcpe.encryptVector(vector);
// Encrypt document text
const text = "This is a secret document.";
const encryptedText = dcpe.encryptText(text);
// Encrypt metadata for filtering
const category = "finance";
const encryptedCategory = dcpe.encryptMetadata(category);
// Store in your vector database
// { vector: encryptedVector, metadata: { text: encryptedText, category: encryptedCategory } }
// Later, decrypt the results
const decryptedText = dcpe.decryptText(encryptedText);
const decryptedCategory = dcpe.decryptMetadata(encryptedCategory);
DCPE-JS can work with any vector database through its adapter interface:
import { DCPE, BaseAdapter } from 'dcpe-js';
// Create a custom adapter for your vector database
class MyDatabaseAdapter extends BaseAdapter {
constructor(config) {
super(config);
// Initialize your database client
}
async connect() {
// Connect to your database
return true;
}
async insert(vectors) {
// Insert vectors into your database
return ["id1", "id2"]; // Return inserted IDs
}
async search(queryVector, options) {
// Search for similar vectors
return [{ id: "id1", score: 0.95 }];
}
async disconnect() {
// Clean up resources
}
}
// Use your adapter
const adapter = new MyDatabaseAdapter({
host: "https://your-db-host.com",
apiKey: "your-api-key"
});
await adapter.connect();
DCPE-JS is designed to work seamlessly with Next.js applications:
// In your Next.js client component
'use client';
import { useState } from 'react';
import { DCPE } from 'dcpe-js';
export default function EncryptionComponent() {
const [result, setResult] = useState('');
const encryptData = async () => {
// Create DCPE instance
const dcpe = new DCPE();
// Generate or load keys
const keys = await dcpe.generateKeys();
dcpe.setKeys(keys);
// Encrypt data
const vector = [0.1, 0.2, 0.3, 0.4];
const encrypted = dcpe.encryptVector(vector);
setResult(`Encrypted: ${JSON.stringify(encrypted)}`);
};
return (
<div>
<button onClick={encryptData}>Encrypt Data</button>
<pre>{result}</pre>
</div>
);
}
DCPE-JS offers various configuration options:
const dcpe = new DCPE({
// Key provider configuration
keyProvider: 'local', // 'local' is the default
keyProviderConfig: {
// Provider-specific options
},
// Vector configuration
vectorConfig: {
approximationFactor: 0.95 // Trade-off between security and performance
}
});
For detailed API documentation, see the API Reference.
For more advanced usage scenarios, please refer to:
This project is inspired by IronCore Labs' Cloaked AI library, which provides searchable encryption for vector embeddings. The original implementation can be found here.
This project is licensed under the MIT License - see the LICENSE file for details.
FAQs
Distance Comparison Preserving Encryption for secure searchable vector embeddings
The npm package dcpe-js receives a total of 29 weekly downloads. As such, dcpe-js popularity was classified as not popular.
We found that dcpe-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.
Security News
New CNA status enables OpenJS Foundation to assign CVEs for security vulnerabilities in projects like ESLint, Fastify, Electron, and others, while leaving disclosure responsibility with individual maintainers.
Product
Socket MCP brings real-time security checks to AI-generated code, helping developers catch risky dependencies before they enter the codebase.