npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

blind-pairing-core

v2.8.0

Published

Core blind pairing module

Downloads

1,057

Readme

blind-pairing-core

Pairing Flow

The pairing flow proceeds as follows:

  1. The member (inviter) creates an invitation (a new signing keypair) and shares { discoveryKey, seed } with a candidate (invitee). publicKey is set aside for later use.
  2. The candidate produces a request with arbitrary userData signed by the invitation keyPair, this is encrypted to a key derived from the invite publicKey.
  3. Upon receiving the request, the member decrypts the payload and verifies the signature against the invitation publicKey, proving that the invitee has secretKey.
  4. The member can evaluate userData and either confirm or deny the request. A response is returned to the candidate which may contain the { key, encryptionKey } needed to join the room.
  5. The candidate verifies that key corresponds to discoveryKey, confirming that the remote peer has read-access to key (is a valid member).

Usage

import { CandidateRequest, MemberRequest, createInvite } from 'blind-pairing-core'

const { invite, publicKey } = createInvite(key) // key is a Hypercore or Autobase key

// candidate

const candidate = new CandidateRequest(invite, { userData: 'hello world' })
candidate.on('accepted', () => console.log('accepted!'))

const transport = candidate.encode() 

// member

const request = MemberRequest.from(transport)

const userData = request.open(publicKey)
console.log(userData) // hello world

request.confirm({ key })

// candidate

candidate.handleResponse(request.response)
// candidate accepted event will fire

console.log(candidate.auth) // { key }

API

exports:

{
  CandidateRequest,
  MemberRequest,
  createInvite,
  decodeInvite,
  verifyReceipt
}

CandidateRequest API

const req = new CandidateRequest(invite, userData, opts = { session })

Instanstiate a new candidate request from a given invite.

const auth = req.handleResponse(payload)

Handle the response received from the peer.

req.destroy()

Destroy the request.

const buf = req.encode()

Encode the request to be sent to the peer.

req.id

Unique id for this request.

req.inviteId

Invite id corresponding to this request.

req.discoveryKey

Discovery key corresponding to this request.

req.on('accepted', key => { ... })

An event that fires when an invite is accepted.

req.on('rejected', err => { ... })

An event that fires when an invite is rejected.

const persisted = req.persist()

Returns a buffer that can be used to restore the request at a later point.

CandidateRequest.from (persisted)

Restore a persisted request.

MemberRequest API

const req = new MemberRequest(inviteId, requestData)

Instantiate a new member request using the request id and the request data

const userData = req.open(invitePublicKey)

Open the request using the corresponding invitation public key.

req.confirm({ key, encryptionKey })

Confirm the request with the requested auth data.

req.deny()

Deny the request.

const req = MemberRequest.from(incomingRequest)

Static method to create a member request directly from a received request.

req.inviteId

The invite id corresponding to the request, this can be used to find the invitation public key.

req.id

The unique id corresponding to the request.

req.response

The response that should be sent back to the candidate. Only populated after the request is either confirmed or denied.

req.receipt

A stand alone receipt of this request that can be verified against the public key.

req.discoveryKey

Discovery key corresponding to this request.

const { invite, discoveryKey, publicKey } = createInvite(key)

Create invites for a given key.

const { discoveryKey, seed } = decodeInvite(invite)

Decode an invite object.

const userData = verifyReceipt(receipt, invitePublicKey)

Verify a previously opened request. Returns userData if receipt is valid and null otherwise.

License

Apache-2.0