npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@cubist-labs/cubesigner-snap

v0.2.13

Published

CubeSigner Snap

Downloads

2,220

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

noetzlinoetzlimlfbrown_cubistmlfbrown_cubistamilicevicamilicevicd-cubist-devd-cubist-dev

Keywords

Readme

CubeSigner Snap

This package provides an interface to CubeSigner's remote services via the MetaMasks's JSON-RPC snap API.

CubeSigner is a hardware-backed, non-custodial platform for securely managing cryptographic keys. The CubeSigner Snap uses the CubeSigner TypeScript SDK to let your MetaMask users sign transactions on EVM-based chains like Ethereum, Avalanche, and Polygon, and on non-EVM chains like Bitcoin and Solana.

CubeSigner background

The Cubist team built CubeSigner to address the key security vs key availability tradeoff: right now, many teams are forced to keep keys available in memory and therefore exposed to attackers, or try to keep keys safe—usually only at rest—at serious latency and engineering cost. CubeSigner addresses this problem by giving developers low-latency access to hardware-backed key generation and signing. During each of these operations, CubeSigner safeguards their users' keys in HSM-sealed Nitro Enclaves—combining cold wallet security with hot wallet speed and simplicity.

Right now, the CubeSigner Snap supports signing for EVM chains like Ethereum and Avalanche, and non-EVM chains Bitcoin and Solana. Support for more chains and more features is in the works!

JSON-RPC methods

login

Prompts the user to log into CubeSigner. A dApp or snap can automatically log the user in by providing the user's API session token (which they can get by authenticating the user server-side); alternatively they can ask the user to input their secret API session token.

Warning The API session token is sensitive and can be used to sign with (some of) your keys. Do NOT share it or paste it anywhere except the CubeSigner Snap dialog.

Example (with token)

await window.ethereum.request<boolean>({
  method: "wallet_invokeSnap",
  params: {
    snapId: defaultSnapId,
    request: {
      method: "login",
      params: { token_base64: "ewog...Q===" },
    },
  },
});

Example (without token)

await window.ethereum.request<boolean>({
  method: "wallet_invokeSnap",
  params: { snapId: defaultSnapId, request: { method: "login" } },
});

logout

Asks the user for confirmation, then logs out of CubeSigner. If successful, notifies the user.

Example

await window.ethereum.request({
  method: "wallet_invokeSnap",
  params: { snapId: defaultSnapId, request: { method: "logout" } },
});

get_keys

Returns all keys accessible from the current session.

Returns

An array of objects, each of which containing:

  • id: string - the unique key identifier
  • enabled: boolean - whether the key is enabled
  • type: KeyType - key type (e.g., "SecpEthAddr", "SecpBtc", "BlsPub", etc.)
  • materialId: string - a unique identifier specific to the type of key, such as a public key or an Ethereum address
  • publicKey: string - hex-encoded, serialized public key (the format used depends on the key type)
  • owner: string - the unique identifier of user who owns the key

Example

const keys = (await window.ethereum.request<Key[]>({
  method: "wallet_invokeSnap",
  params: { snapId: defaultSnapId, request: { method: "get_keys" } },
})) as Key[];

keys.forEach((key) => console.log(key.id));

sign_blob

Asks the user for confirmation, then proceeds to sign a raw blob.

Parameters

  • keyId: string - the identifier of the key to use for signing (corresponds to the KeyInfo.key_id property)
  • body: BlobSignRequest - the request object containing:
    • message_base64: string - the blob to sign, encoded as a base64 string

Returns

An object containing the signature:

  • signature: string - the signature, encoded as a hex string

Example

const sig = (await window.ethereum.request<BlobSignResponse>({
  method: "wallet_invokeSnap",
  params: {
    snapId: defaultSnapId,
    request: {
      method: "sign_blob",
      params: {
        keyId: "Key#...",
        body: { message_base64: "L1kE9g59xD3fzYQQSR7340BwU9fGrP6EMfIFcyX/YBc=" },
      },
    },
  },
})) as BlobSignResponse;

console.log(sig.signature);

sign_evm

Asks the user for confirmation, then proceeds to sign an EVM transaction.

Parameters

  • pubkey: string - the material ID of the key to use for signing (corresponds to the KeyInfo.material_id property)
  • body: Eth1SignRequest - the request object containing:

Returns

An object containing the signature:

  • rlp_signed_tx: string - hex-encoded RLP encoding of the transaction and its signature

Example

const sig = (await window.ethereum.request<Eth1SignResponse>({
  method: "wallet_invokeSnap",
  params: {
    snapId: defaultSnapId,
    request: {
      method: "sign_evm",
      params: {
        pubkey: "0x...",
        body: {
          chain_id: 1,
          tx: { ... }
        }
      }
    }
  },
})) as Eth1SignResponse;

console.log(sig.rlp_signed_tx);

sign_solana

Asks the user for confirmation, then proceeds to sign a Solana transaction.

Parameters

  • pubkey: string - the material ID of the key to use for signing (corresponds to the KeyInfo.material_id property)
  • body: SolanaSignRequest - the request object containing

Returns

A SolanaSignResponse object containing the signature:

  • signature: string - hex-encoded signature

Example

const sig = (await window.ethereum.request<SolanaSignResponse>({
  method: "wallet_invokeSnap",
  params: {
    snapId: defaultSnapId,
    request: {
      method: "sign_solana",
      params: {
        pubkey: "Solana_...",
        body: {
          message: { ... }
        }
      }
    }
  },
})) as SolanaSignResponse;

console.log(sig.signature);

sign_btc

Asks the user for confirmation, then proceeds to sign a Bitcoin transaction.

  • pubkey: string - the material ID of the key to use for signing (corresponds to the KeyInfo.material_id property)
  • body: BtcSignRequest - the request object

Returns

A BtcSignResponse object containing the signature:

  • signature: string - the hex-encoded signature in DER format

Example

const sig = (await window.ethereum.request<BtcSignResponse>({
  method: "wallet_invokeSnap",
  params: {
    snapId: defaultSnapId,
    request: {
      method: "sign_btc",
      params: {
        pubkey: "bc1...",
        body: {
          sig_kind: {
            Segwit: {
              input_index: 0,
              script_code: "0x76a91479091972186c449eb1ded22b78e40d009bdf008988ac",
              value: 1_000_000,
              sighash_type: "All",
            },
            tx: {
              version: 1,
              lock_time: 1170,
              input: [
                {
                  previous_output:
                    "77541aeb3c4dac9260b68f74f44c973081a9d4cb2ebe8038b2d70faa201b6bdb:1",
                  script_sig: "",
                  sequence: 4294967294,
                  witness: [],
                },
              ],
              output: [
                {
                  value: 199996600,
                  script_pubkey: "76a914a457b684d7f0d539a46a45bbc043f35b59d0d96388ac",
                },
                {
                  value: 800000000,
                  script_pubkey: "76a914fd270b1ee6abcaea97fea7ad0402e8bd8ad6d77c88ac",
                },
              ],
            },
          },
        },
      },
    },
  },
})) as BtcSignResponse;

console.log(sig.signature);