Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
🚀 DAY 5 OF LAUNCH WEEK:Introducing Webhook Events for Alert Changes.Learn more →
ssb-blobs
protocol for gossiping "blobs", in no particular order.
protocol
when two peers connect, they request the blobs the other peer "wants"
they do this by sending a JSON object that is a map of
{<blob_id>: -hop_count} (note, the hop count is negative)
if they have a blob wanted by the peer, they respond
with the size they have for that blob: {<blob_id>: size} (note,
size is positive - this is how sizes and blobs are distinguished)
Peers can only request blobs they know about. In the legacy scuttlebot/plugins/blobs peers would request blobs that where mentioned in an ssb-feed but this approach means they cannot know about (encrypted) blobs shared in private messages, or about blobs recursively linked from other blobs.
This protocol addresses that by implementing sympathetic wants,
if a peer requests a blob that you do not have, you start to want it too.
so that wants to not flood the entire network, you signal how much
you want it with a hop count. If you want it for your self,
you use a hop_count of -1, if you want it for a friend,
you use a hop_count of -2 (and so on..)
This allows you to publish a secret blob, without creating a permanent cryptographic record of that blob.
However, this alone would mean that to upload a blob, someone else needs to request it from you, which requries both peers to be online at the same time.
To address this, we have a push method. "pushing" a blob,
just makes a peer "pretend" that they want a blob,
triggering sympathetic wants from intermediate nodes,
ensuring that there are at least some peers that will have the blob.
(currently, your peer will continue to pretend they want the
blob until at least 3 peers report having it)
License
MIT
FAQs
blobs and blob replication for ssb
The npm package ssb-blobs receives a total of 174 weekly downloads. As such, ssb-blobs popularity was classified as not popular.
We found that ssb-blobs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 19 open source maintainers collaborating on the project.
Package last updated on 10 Apr 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025
Product
Introducing Socket Scanning for OpenVSX Extensions
Socket now scans OpenVSX extensions, giving teams early detection of risky behaviors, hidden capabilities, and supply chain threats in developer tools.
By Mix Irving, Ryan Eberhardt -  Nov 20, 2025