react-native-securekv
Advanced tools
Light-Weight Secure key-value storage for React Native (AES + SHA Hashing + AES-GCM)
Light-Weight Secure key-value storage for React Native apps
Built on PBKDF2-SHA256 key derivation and AES-256-GCM encryption
Unlike AsyncStorage, all values are encrypted and can only be decrypted with the correct passphrase.
If the passphrase is lost, the data is unrecoverable.
Here’s how it works (encrypt → decrypt → verify) 👇
🔑 Strong PBKDF2-SHA256 key derivation (configurable iterations, salt).
🔒 AES-256-GCM encryption with authentication (detects tampering).
🚫 Passphrase required for both encryption and decryption — no accidental leaks.
🧹 Utilities to remove or clear stored items.
✅ Passphrase verification helper.
⚡ Drop-in for React Native apps (iOS + Android).
Useful for Banking and other Crypto Apps that wanna prioritize security.
# with npm
npm install react-native-securekv
# with yarn
yarn add react-native-securekv
# with npm
# required peer deps
npm install react-native-get-random-values @react-native-async-storage/async-storage react-native-simple-crypto
# with yarn
# required peer deps
yarn add react-native-get-random-values @react-native-async-storage/async-storage react-native-simple-crypto
import SecureKV from "react-native-securekv";
async function demo() {
const passphrase = "myStrongPassword123"; // ideally from secure storage/env
// Save a value securely
await SecureKV.setItem("userToken", "abc123", passphrase);
// Retrieve the value (will decrypt using passphrase)
const value = await SecureKV.getItem("userToken", passphrase);
console.log("Decrypted value:", value);
// Remove a value
await SecureKV.removeItem("userToken");
// Clear all values (⚠️ irreversible)
await SecureKV.clear();
// Verify passphrase correctness
await SecureKV.createVerifyBlob(passphrase); // call once to set verification value
const ok = await SecureKV.verify(passphrase);
console.log("Password match?", ok);
}
setItem(key, value, passphrase, options?)
Encrypts value using passphrase and stores it in SecureKV.
getItem(key, passphrase)
Retrieves and decrypts the value. Returns null if the key does not exist.
removeItem(key)
Removes a stored item.
clear()
Clears all stored secure items.
createVerifyBlob(passphrase)
Stores a hidden encrypted “ok” marker for passphrase validation.
verify(passphrase)
Checks if a stored item can be decrypted with the given passphrase.
1.Always store passphrases securely. If the wrong passphrase is provided, decryption will fail.
2.This library is designed for React Native only.
3.AES-GCM provides both encryption and integrity protection.
4.Supports Typescript
MIT © 2025
FAQs
Light-Weight Secure key-value storage for React Native (AES + SHA Hashing + AES-GCM)
We found that react-native-securekv demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
Security News
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
Security News
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.