npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@enteocode/secure-key

v1.1.1

Published

A memory-hardened key container built with Rust & WASM for tamper-resistant crypto in Node.js

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

enteocodeenteocode

Keywords

memory securitysecure key storagecryptocryptographyhmacnodewasmwebassemblyzeroizetypescripttamper detectionxor maskingsecret managementsecure memorysecure bufferin-memory encryptionkey protection

Readme

Secure In-Memory Key

Build Status License WASM Security Badge

A memory-hardened key container built with Rust & WASM for tamper-resistant crypto in Node.js.

Features

Military-Grade Protection
XOR masking, memory segmentation and automatic zeroization

Developer Friendly
WebAssembly speed, TypeScript API and seamless Crypto module integration

Cryptographic Integrity
HMAC tamper detection, runtime verification, timing attack resistance

Installation

npm i @enteocode/secure-key

Usage

import { SecureKey } from '@enteocode/secure-key';
import { readFileSync } from 'node:fs';
import { createCipheriv } from 'node:crypto';

// Securely store API keys, tokens, or certificates

const secret = SecureKey.from(Buffer.from('sk_live_...'));

// Directly use with Node.js Crypto
// Unwrap gives direct memory reference.
// 
// Never clone it!

const cipher = createCipheriv('aes-256-gcm', secret.unwrap(), iv);

// Time Safe Comparison

if (secret.equals(readFileSync('backup.key'))) {
    console.log('MATCH');
}

Note: All outputs will always return Uint8Array, even if the input was a Buffer.

Security

Safe JSON Representation

Use JSON.stringify to obtain a non-sensitive fingerprint:

{
    "type": "SecureKey",
    "hash": "532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25"
}
  • The hash is a cryptographic SHA-256 digest
  • You can use it to compare keys without ever revealing the underlying secret

Architecture

| Technique | Implementation Details | Protection Against | |----------------------|---------------------------------------|----------------------| | Random Splitting | Data divided at unpredictable offsets | Memory scanning | | XOR Obfuscation | Masked with CSPRNG-generated vectors | Memory dump analysis | | WASM Sandboxing | Isolated memory space | Process inspection |

Development

Prerequisites

  • Rust 1.87 (rustup install stable)
  • Node.js 20+
  • wasm-pack (cargo install wasm-pack)

WASM

Rust must be installed and run globally (once):

# Add WASM build target
rustup target add wasm32-unknown-unknown

# Install optimizer
cargo install wasm-pack

Once this is done, run the following to generate WASM and its additional JS/TS wrappers:

npm run build:wasm

This will generate its output to wasm/, needed for further TypeScript development.

TypeScript Wrapper

Tests must run against the distributed (tree-shaken) package. The raw WASM output includes broad compatibility code that breaks outside bundlers. Tree-shaking is essential to eliminate these conflicts before testing.

npm run build
npm test

Considerations

  • Always combine with transport security (HTTPS/TLS)
  • Never log unwrapped key material
  • Environment variables should only contain fingerprints

Benchmarks

Tested on AWS t4g.micro (Node.js 20)

| Operation | Time (ms) | Memory Overhead | |-----------------------|-----------|-----------------| | Key Creation | 0.12 | 2.1x original | | HMAC Verification | 0.08 | <1% | | Unwrapping | 0.05 | 0% |

Compliance

License

MIT © 2025, Ádám Székely