Latest Socket ResearchMalicious Chrome Extension Performs Hidden Affiliate Hijacking.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

secure-key

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

secure-key

Password protected ed25519 key pairs

Source
npmnpm
Version
1.0.0
Version published
Weekly downloads
0
Maintainers
1
Weekly downloads
 
Created
Source

secure-key

Password protected ed25519 key pairs.

Usage

await SecureKey.generate('/path/to/keyfile')

// interactive prompt for password

const keyPair = await SecureKey.open('/path/to/keyfile')

// interactive prompt for password

// key pair is locked initially  
keyPair.unlock()

// use key pair  
const signature = crypto.sign(message, keyPair)

// lock key pair in between usage
keyPair.lock()

// ... do some more

// clear key pair finally
keyPair.clear()

API

await SecureKey.generate(path, opts)

Generate a new key pair and store to path.

Public key will be written to path.public

opts can be passed:

  • password: specify password for non-interactive mode

const keyPair = await SecureKey.open(path, opts)

Open a key pair stored at path.

opts can be passed:

  • password: specify password for non-interactive mode

keyPair.unlock()

Unlock the key pair.

keyPair.lock()

Lock the key pair.

Any attmept to access keyPair.secretKey will trigger a segfault.

keyPair.clear()

Clear the secret key from memory.

keyPair.secretKey

The secret key.

keyPair.publicKey

The public key.

keyPair.locked

Boolean indicating if the key pair is locked.

License

Apache-2.0

FAQs

Package last updated on 26 Feb 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Federal Government Rescinds Software Supply Chain Mandates, Makes SBOMs Optional

Security News

Federal Government Rescinds Software Supply Chain Mandates, Makes SBOMs Optional

The U.S. government is rolling back software supply chain mandates, shifting from mandatory SBOMs and attestations to a risk-based approach.

By Sarah Gooding  -  Jan 28, 2026
Malicious Chrome Extension Performs Hidden Affiliate Hijacking

Research

/

Security News

Malicious Chrome Extension Performs Hidden Affiliate Hijacking

A Chrome extension claiming to hide Amazon ads was found secretly hijacking affiliate links, replacing creators’ tags with its own without user consent.

By Kush Pandya  -  Jan 27, 2026