Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
What is multibase?
The 'multibase' npm package provides a way to encode and decode data using various base encoding schemes. It supports a wide range of base encodings, making it useful for applications that need to handle data in different formats.
What are multibase's main functionalities?
Encoding Data
This feature allows you to encode data using a specified base encoding. In this example, the data 'hello world' is encoded using base32.
const multibase = require('multibase');
const data = Buffer.from('hello world');
const encoded = multibase.encode('base32', data);
console.log(encoded.toString());Decoding Data
This feature allows you to decode data that has been encoded with a base encoding. In this example, the base32 encoded string 'bnbswy3dpeb3w64tmmq' is decoded back to 'hello world'.
const multibase = require('multibase');
const encoded = 'bnbswy3dpeb3w64tmmq';
const decoded = multibase.decode(encoded);
console.log(decoded.toString());Listing Supported Encodings
This feature provides a list of all supported base encodings. It can be useful to know which encodings are available for use.
const multibase = require('multibase');
const encodings = multibase.names;
console.log(encodings);Other packages similar to multibase
base-x
The 'base-x' package provides a way to encode and decode data using custom base encodings. It is similar to 'multibase' but focuses on custom base encodings rather than a predefined set of encodings.
base64-js
The 'base64-js' package is specifically designed for base64 encoding and decoding. It is more specialized compared to 'multibase', which supports a wider range of encodings.
bs58
The 'bs58' package provides base58 encoding and decoding. It is similar to 'multibase' in that it handles base encodings, but it is specialized for base58.
⛔️ DEPRECATED: This module has been superseded by the multiformats module
js-multibase
JavaScript implementation of the multibase specification
Lead Maintainer
Table of Contents
Install
NPM
$ npm install --save multibase
Browser through <script> tag
Loading this module through a script tag will make the Multibase obj available in the global namespace.
<script src="https://unpkg.com/multibase/dist/index.min.js"></script>
Usage
Example
const multibase = require('multibase')
const bytes = multibase.encode('base58btc', new TextEncoder().encode('hey, how is it going'))
const decodedBytes = multibase.decode(bytes)
console.log(decodedBytes.toString())
// hey, how is it going
API
https://multiformats.github.io/js-multibase/
Contribute
Contributions welcome. Please check out the issues.
Check out our contributing document for more information on how we work, and about contributing in general. Please be aware that all interactions related to multiformats are subject to the IPFS Code of Conduct.
Small note: If editing the README, please conform to the standard-readme specification.
License
MIT © Protocol Labs Inc.
4.0.6 (2021-08-24)
<a name="4.0.5"></a>
FAQs
JavaScript implementation of the multibase specification
The npm package multibase receives a total of 749,223 weekly downloads. As such, multibase popularity was classified as popular.
We found that multibase demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Package last updated on 24 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025
Security News
AI Slop Is Polluting Bug Bounty Platforms with Fake Vulnerability Reports
AI-generated slop reports are making bug bounty triage harder, wasting maintainer time, and straining trust in vulnerability disclosure programs.
By Sarah Gooding - May 06, 2025