Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
posqcore-lib
Advanced tools
POSQcore Library
A pure and powerful JavaScript POSQ library.
POSQ is a powerful new peer-to-peer platform for the next generation of financial technology. The decentralized nature of the POSQ network allows for highly resilient POSQ infrastructure, and the developer community needs reliable, open-source tools to implement POSQ apps and services.
Table of Contents
Install
NodeJS
npm install @posqevo/posqcore-lib
Browser
See the section below to generate your own bundle, or download the pre-generated minified file
Building the Browser Bundle
To build a posqcore-lib full bundle for the browser:
npm run build
This will generate files named posqcore-lib.js and posqcore-lib.min.js in the dist/ folder.
Usage
Browser
<script src='./dist/posqcore-lib.min.js' type="text/javascript"></script>
<script>
const PrivateKey = posqcore.PrivateKey;
const privateKey = new PrivateKey();
const address = privateKey.toAddress().toString();
</script>
Modules
Some functionality is implemented as a module that can be installed separately:
- Payment Protocol Support
- Peer to Peer Networking
- POSQ Core JSON-RPC
- Payment Channels
- Mnemonics
- Elliptical Curve Integrated Encryption Scheme
- Signed Messages
Development & Tests
git clone https://github.com/posqevo/posqcore-lib
cd posqcore-lib
npm install
Run all the tests:
npm test
You can also run just the Node.js tests with npm run test:node, just the browser tests with npm run test:browser or run a test coverage report with npm run coverage.
Documentation
- Addresses
- Block
- Crypto
- Encoding
- Hierarchically-derived Private and Public Keys
- Mnemonic
- Networks
- PrivateKey
- PublicKey
- Script
- Transaction
- Using Different Units
- Unspent Output
- URI
- Governance Object / Proposal
Examples
Some examples can be found here, below is a list of direct links for some of them.
- Generate a random address
- Generate an address from a SHA256 hash
- Import an address via WIF
- Create a Transaction
- Sign a POSQ message
- Verify a POSQ message
- Create an OP RETURN transaction
- Create a 2-of-3 multisig P2SH address
- Spend from a 2-of-2 multisig P2SH address
Contributing
Please send pull requests for bug fixes, code optimization, and ideas for improvement. For more information on how to contribute, please refer to our CONTRIBUTING file.
License
Code released under the MIT license.
Copyright 2013-2017 BitPay, Inc. Bitcore is a trademark maintained by BitPay, Inc.
Copyright 2016-2017 The POSQ Foundation, Inc.
Copyright 2017-2018 POSQ Core Group, Inc.
FAQs
A pure and powerful JavaScript POSQ library.
We found that posqcore-lib demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 15 Jun 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026