Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
menta is a secure, simple and easy to use API token format. It uses XChaCha20-Poly1305 symmetric authenticated encryption to create encrypted tokens and to ensure their integrity. There is no asymmetric option, and there is zero cryptographic agility.
Menta is currently experimental. The first stable version will be v1. When it's released, it'll be frozen and it will never be changed. A completely new version will be released if we ever need to make changes or want to add new features. If you start using this library today, you can be certain that it'll still only accept v1 tokens tomorrow. Support for new versions will never be silently introduced into your existing authentication code path.
Menta was inspired by Branca and is very similar to it. There are a couple of differences:
This repository serves as the reference implementation of Menta (in Python). It can be used as follows:
from menta import Menta, TokenData
# create a new menta instance with an existing key
key = bytes.fromhex("1df408259cdbba9492c2d01ad4dd942de4047f03ff32515fc6f333627f0e22b8")
menta = Menta(key)
# encode the text "hi!" into a new token
token = menta.encode(TokenData("hi!"))
print("encoded:", token)
# decode the token we just generated
data = menta.decode(token)
print("decoded:", data)
# encoded: v1:uhViDSxQNyaSd0BjXPqgmT53N6t2uSwC3KzxhMEsGis00pSgcqmfaLlhkAFJIun8mZCH
# decoded: TokenData(payload=b'hi!', timestamp=1653137637)
There's also a utility for generating a new key:
from menta import Menta
# create a new menta instance with a freshly generated key
menta = Menta.generate()
print(menta.key.hex())
Menta tokens start with a version indicator, followed by a base64url encoding of a concatenation of the nonce, the ciphertext and authentication tag:
"v1:" || nonce (24 bytes) || body ciphertext (? bytes) || tag (16 bytes)
The contents of the body consists of a concatenation of a timestamp and the payload
timestamp (8 bytes) || payload (? bytes)
Menta requires a 256-bit key for use with XChaCha20-Poly1305. These 32 bytes must be randomly generated using the operating system's CSPRNG.
Every Menta token starts with a version indicator: v1:
Every Menta token contains the time at which it was generated: A Unix timestamp (seconds elapsed since 00:00:00 UTC on 1 January 1970).
The payload is a binary blob of arbitrary length. We recommend using a serialization format like MessagePack or Protocol Buffers to encode the payload. If you prefer JSON, use a strict library like Pydantic to validate the payload.
The 196-bit nonce used in encryption and decryption of the ciphertext. It must be randomly generated using the operating system's CSPRNG.
The 128-bit tag used to authenticate the ciphertext.
To generate a new token, given a key and payload:
Take note of the current time for the timestamp field.
Construct the token body.
timestamp (64-bit big-endian unsigned integer) || payload (? bytes)
Generate a random nonce.
Construct the AAD by concatenating the version indicator and the nonce:
"v1:" (ASCII) || nonce (24 bytes)
Calculate the ciphertext and authentication tag by encrypting the token body using XChaCha20-Poly1305. Pass the result of the previous step as AAD.
Concatenate the nonce, ciphertext and authentication tag. Encode the result using base64url as defined in RFC 4648. Strip any padding from the result that may have been added by the base64 encoding.
nonce (24 bytes) || ciphertext (? bytes) || tag (16 bytes)
Construct the token by concatenating the version indicator and the result of the previous step:
"v1:" || base64url(nonce || ciphertext || tag)
To decode a token, given a key:
Split the token on the :
character into two parts called version
and
body
. Verify that the result of the split is exactly 2 parts.
Verify that the version
is equal to exactly "v1"
.
Decode the body
using base64url as defined in RFC
4648. If the base64
library you're using expects padding, artificially add it beforehand.
Split up the decoded body as follows:
nonce (24 bytes) | ciphertext (? bytes) | tag (16 bytes)
Construct the AAD by concatenating the version indicator and the nonce:
"v1:" (ASCII) || nonce (24 bytes)
Decrypt the ciphertext using XChaCha20-Poly1305 with the given key, and the nonce and tag obtained in the previous steps.
Deconstruct the resulting plaintext as follows:
timestamp (64-bit big-endian unsigned integer) | payload (? bytes)
Optionally, if the user has configured a TTL, verify that the token hasn't expired by adding the TTL to the timestamp and compare the result with the current time.
The format and implementation have not undergone a third-party security audit. The goal is to keep Menta so simple that you can confidently say: "I trust menta, because I trust XChaCha20-Poly1305".
Menta depends on libsodium through PyNaCl. It does not implement any cryptographic primitives itself.
FAQs
Secure, simple and easy to use API token format
We found that menta demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.