npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@c4dt/libcrowdnotifier

v1.4.0-prerelease5

Published

This is the library implementing the cryptographic primitives for the CrowdNotifier system. The white paper explains how a privacy-preserving presence tracking system can be set up without the need of a central authority that keeps all identities stored.

Downloads

242

Readme

LibCrowdNotifier

This is the library implementing the cryptographic primitives for the CrowdNotifier system. The white paper explains how a privacy-preserving presence tracking system can be set up without the need of a central authority that keeps all identities stored. Similar to DP3T, all critical, personally identifiable information is stored on the phone of the user. The central server only stores encrypted data about locations that were visited by a person tested positive to CoVid19.

As there were several versions of the white paper, this library allows the use of any of them. The versions are:

  • v1 - first version where the information of the location needed to be updated after every notification
  • v1_1 - like v1, but with some cryptographic cleanups: no signature anymore, thus only use of curve25519
  • v2
    • using identity based encryption with a pairing based crypto system. This removes the need to re-create the information of the locations after every notification
    • adds the primitives for a managed version where an organizer can manage many rooms at the same time
  • v2_1 - fix for managed mode of v2: now the organizer can drop the random private key for the health organizer to add coercion resistance against an attacker

The app available under https://notify-me.ch as of December 15th 2020 uses v1 of the protocol. Work is under way to update the app to version v2, and we hope that it will be available early January 2021.

A simple implementation of the app can be found in [../app]. This shows how the different parts of the scheme work together.

V2 - Latest Version

This directory holds the reference implementation of the latest version of the white paper:

Use the library

In order to use the library, first install it in your package:

npm i -S libcrowdnotifier

Then you can use it as shown in ../app/v2/system.ts. All methods in libcrowdnotifier are as close as possible to the methods in the white paper. This allows easy verification of the scheme.

Caveats

Initializing mcl and libsodium

Before being able to use the the library, you need to call waitReady:

import {waitReady} from '@c4dt/libcrowdnotifier'

// Somewhere in the initialization code, do this:
await waitReady();

Using mcl or libsodium directly

As the mcl-library is using wasm, care must be taken to use the same wasm-instance! For some reason the same applies to libsodium... So if you need direct access to the mcl or libsodium primitives, use the following:

import {mcl, sodium} from '@c4dt/libcrowdnotifier'

Using webpack

When using webpack and getting strange errors like

Uncaught ReferenceError: process is not defined

or

Uncaught (in promise) ReferenceError: Buffer is not defined

Then be sure to include something like this in your appropriate webpack.js file:

        plugins: [
[...]
            new webpack.DefinePlugin({
[...]
                'process.browser': true,

Documentation

The documentation can be found on https://crowdnotifier.github.io/libcrowdnotifier

Run the tests

To run the tests, type the following:

npm ci
npm start

This will run the tests for the IBE primitives and the CrowdNotifier primitives. To run the benchmarks, type the following:

npm run benchmarks

Older versions

For reference, the older versions are also available:

v1

This directory holds the reference implementation of version 1 from early November 2020. It is based on libsodium and uses ed25519 and curve25519 for the signature and encryption.

  • crowdnotifier.ts implements the primitives of the scheme

v1_1

With regard to v1, this removes the signature using ed25519 and replaces it with a simple hash scheme.

  • crowdnotifier.ts implements the primitives of the scheme

Authors

This code has been written by Linus Gasser for the https://C4DT.org It is based on a white paper written by Wouter Lueks*, Seda Gürses, Michael Veale, Edouard Bugnion, Marcel Salathé, Kenneth G.Paterson, and Carmela Troncoso.

License

The code is licensed under MPLv2.