Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
multihashing
Advanced tools
Use all the functions in multihash.
crypto
?This module just makes working with multihashes a bit nicer.
js-multihash is only for
encoding/decoding multihashes, and does not depend on other libs.
This module will depend on various implementations for each hash.
For now, it just uses crypto
, but will use sha3
and blake2
, etc.
$ npm install --save multihashing
var multihashing = require('multihashing')
The code published to npm that gets loaded on require is in fact a ES5 transpiled version with the right shims added. This means that you can require it and use with your favourite bundler without having to adjust asset management process.
var multihashing = require('multihashing')
Loading this module through a script tag will make the multihashing
obj available in the global namespace.
<script src="https://unpkg.com/multihashing/dist/index.min.js"></script>
<!-- OR -->
<script src="https://unpkg.com/multihashing/dist/index.js"></script>
You will need to use Node.js Buffer
API compatible, if you are running inside the browser, you can access it by multihashing.Buffer
or you can install Feross's Buffer.
var multihashing = require('multihashing')
var buf = Buffer.from('beep boop')
// by default returns a multihash.
multihashing(buf, 'sha1')
// Use `.digest(...)` if you want only the hash digest (drops the prefix indicating the hash type).
multihashing.digest(buf, 'sha1')
// Use `.createHash(...)` for a `crypto.createHash` interface.
var h = multihashing.createHash('sha1')
h.update(buf)
h.digest()
> var multihashing = require('multihashing')
> var buf = Buffer.from('beep boop')
> console.log(multihashing(buf, 'sha1'))
// => <Buffer 11 14 7c 83 57 57 7f 51 d4 f0 a8 d3 93 aa 1a aa fb 28 86 3d 94 21>
> console.log(multihashing(buf, 'sha2-256'))
// => <Buffer 12 20 90 ea 68 8e 27 5d 58 05 67 32 50 32 49 2b 59 7b c7 72 21 c6 24 93 e7 63 30 b8 5d dd a1 91 ef 7c>
> console.log(multihashing(buf, 'sha2-512'))
// => <Buffer 13 40 14 f3 01 f3 1b e2 43 f3 4c 56 68 93 78 83 77 1f a3 81 00 2f 1a aa 5f 31 b3 f7 8e 50 0b 66 ff 2f 4f 8e a5 e3 c9 f5 a6 1b d0 73 e2 45 2c 48 04 84 b0 ...>
> var multihashing = require('multihashing')
> var buf = Buffer.from('beep boop')
> console.log(multihashing.digest(buf, 'sha1'))
// => <SlowBuffer 7c 83 57 57 7f 51 d4 f0 a8 d3 93 aa 1a aa fb 28 86 3d 94 21>
> console.log(multihashing.digest(buf, 'sha2-256'))
// => <SlowBuffer 90 ea 68 8e 27 5d 58 05 67 32 50 32 49 2b 59 7b c7 72 21 c6 24 93 e7 63 30 b8 5d dd a1 91 ef 7c>
> console.log(multihashing.digest(buf, 'sha2-512'))
// => <SlowBuffer 14 f3 01 f3 1b e2 43 f3 4c 56 68 93 78 83 77 1f a3 81 00 2f 1a aa 5f 31 b3 f7 8e 50 0b 66 ff 2f 4f 8e a5 e3 c9 f5 a6 1b d0 73 e2 45 2c 48 04 84 b0 2e 03 ...>
> const right = new Buffer('beep boop')
> const wrong = new Buffer('oops')
> const hash = multihashing(right, 'sha1')
> console.log(multihashing.verify(hash, right))
// => true
> console.log(multihashing.verify(hash, wrong))
// => false
multihashing(buf, func, length)
digest(buf, func, length)
createHash(func, length)
verify(hash, buf)
functions
An object mapping hexcodes to their hash functions.
Contributions welcome. Please check out the issues.
Check out our contributing document for more information on how we work, and about contributing in general. Please be aware that all interactions related to multiformats are subject to the IPFS Code of Conduct.
Small note: If editing the README, please conform to the standard-readme specification.
MIT © 2016 Protocol Labs Inc.
FAQs
multiple hash functions
The npm package multihashing receives a total of 1,567 weekly downloads. As such, multihashing popularity was classified as popular.
We found that multihashing demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.