Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
isomorphic-secp256k1-js
Advanced tools
isomorphic-secp256k1-js
An ultra lightweight (2 kbyte) pure JavaScript implimentation for the secp256k1 curve for node and browsers.
Isomorphic SEPC256K1 JS
An ultra lightweight Universal (Browser and Node) JavaScript Elliptic Curve Digital Signature Algorithm (ECDSA) for secp256k1 curve that is used for many blockchains.
Exports
The npm package doesn’t have a main index module, so use deep imports from the ECMAScript modules that are exported via the package.json field exports:
Three main functions for recovering public key from a secp256k1 signature, signing and recovering public key from private key.
And Some utility functions.
Features
We have no sideEffects so the package can be tree shaken.
Installation
For Node.js, to install isomorphic-secp256k1-js run:
npm i isomorphic-secp256k1-js
Then import:
Examples
Recover public key from private key.
const private_key = new Uint8Array([
210, 101, 63, 247, 203, 178, 216, 255, 18, 154, 194, 126, 245, 120, 28, 230,
139, 37, 88, 196, 26, 116, 175, 31, 45, 220, 166, 53, 203, 238, 240, 125,
]);
// Compressed public key.
console.log(get_public_key(private_key));
Generate a secp25k1 digital signature.
const private_key = new Uint8Array([
210, 101, 63, 247, 203, 178, 216, 255, 18, 154, 194, 126, 245, 120, 28, 230,
139, 37, 88, 196, 26, 116, 175, 31, 45, 220, 166, 53, 203, 238, 240, 125,
]);
const data = Uint8Array.from([
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
]);
sign({ hash: data, private_key }).then(console.log);
The logged output is { r: [23, …, 89], s: [111, …, 142], v: 1 }
const { number_to_array } = await import("isomorphic-secp256k1-js/utils");
const key_pair = await recover_public_key({
data,
signature: {
r: number_to_array(
50172533143525448505731076092836454339589141171079665638497512992118311974590n
),
s: number_to_array(
3372897403575535231543296615264124933490702058654620386530787287980439847001n
),
v: 0,
},
});
console.log(key_pair);
Logged output was Uint8Array(33) [2,192,222,210,188,31,19,5,…
Requirements
Supported runtime environments:
- Node.js versions
>=16.0.0. - Browsers matching the Browserslist query
> 0.5%, not OperaMini all, not dead.
FAQs
An ultra lightweight (2 kbyte) pure JavaScript implimentation for the secp256k1 curve for node and browsers.
The npm package isomorphic-secp256k1-js receives a total of 8 weekly downloads. As such, isomorphic-secp256k1-js popularity was classified as not popular.
We found that isomorphic-secp256k1-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 05 Feb 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025