npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@ethernauta/crypto

v0.0.48

Published

Cross-spec signature + SIWE verification + HD key derivation for Ethernauta.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

niconiahiniconiahi

Keywords

ethereumcryptosiwehd-walletbip39signature

Readme

bundlejs

Philosophy

This module ships the cross-spec signature primitives that compose EIPs that don't individually cover the full verification pipeline. EIP-191 defines a digest format, EIP-712 defines a typed-data digest, EIP-1271 defines an on-chain verifier, EIP-6492 defines a wrapper for counterfactual signatures — none of these on their own answers "is this signature valid for that signer?". This package provides the routers that do.

Single-EIP primitives still live in their numbered folders (@ethernauta/eip/191, @ethernauta/eip/712, @ethernauta/eip/1271, @ethernauta/eip/6492). This package is the only place that combines them — and the only entry point dapps and the wallet need for crypto.

Modules

API

Verifying a personal message — verify_message

Auto-detects whether the signature is a plain EOA ECDSA, an EIP-1271 contract signature, or an EIP-6492 wrapped counterfactual signature, and verifies accordingly.

import { verify_message } from "@ethernauta/crypto"
import { reader, SEPOLIA_CHAIN_ID } from "./reader"

const valid = await verify_message({
  address: "0xabc…",
  message: "hello",
  signature: "0x…",
})(reader({ chain_id: SEPOLIA_CHAIN_ID }))

Two narrower variants are also exported when the caller knows which path to take:

  • verify_message_deployed — EIP-191 + EIP-1271 (deployed signer, EOA or contract)
  • verify_message_universal — EIP-191 + EIP-6492 (also accepts counterfactual contract signers)

Verifying typed data — verify_typed_data

Same shape as verify_message, applied to EIP-712 typed data.

import { verify_typed_data } from "@ethernauta/crypto"

const valid = await verify_typed_data({
  address: "0xabc…",
  typed_data: { domain, types, primaryType, message },
  signature: "0x…",
})(reader({ chain_id: SEPOLIA_CHAIN_ID }))

Narrow variants: verify_typed_data_deployed, verify_typed_data_universal.

Verifying a SIWE message — verify_siwe_message

Parses an EIP-4361 message, then delegates to verify_message. Returns a tagged result that names the failure reason on rejection.

import { verify_siwe_message } from "@ethernauta/crypto"

const result = await verify_siwe_message({
  message: siwe_payload,
  signature: "0x…",
})(reader({ chain_id: SEPOLIA_CHAIN_ID }))

if (!result.valid) {
  // result.reason: "parse_failed" | "address_mismatch" | "signature_invalid" | …
}

Pure crypto

import {
  recover_address,   // ECDSA recover (Yellow Paper Appendix F)
  sign_digest,       // ECDSA sign (RFC 6979, secp256k1)
  signature_to_hex,  // 65-byte canonical wire form r||s||v
} from "@ethernauta/crypto"

BIP-39 / BIP-32 / BIP-44 — key derivation

import {
  mnemonic_to_seed,        // BIP-39 PBKDF2 (mnemonic → 64-byte seed)
  seed_to_master_key,      // BIP-32 root HDKey
  derive_private_key,      // BIP-44 path on an HDKey
  private_key_to_address,  // curve → keccak → last 20 bytes
} from "@ethernauta/crypto"

const seed = await mnemonic_to_seed("test test test test test test test test test test test junk")
const root = seed_to_master_key(seed)
const private_key = derive_private_key(root, "m/44'/60'/0'/0/0")
const address = private_key_to_address(private_key)

High-level signers

import {
  personal_sign_message, // EIP-191 digest + sign + serialize
  sign_typed_data,       // EIP-712 digest + sign + serialize
} from "@ethernauta/crypto"

const signature = await personal_sign_message({
  private_key,
  message: "hello",
})

Re-exports

The package re-exports the underlying primitives so consumers (the wallet, dapps) can stay on a single crypto entry point — no direct @noble/* or @scure/* imports required.

import { HDKey, keccak_256 } from "@ethernauta/crypto"
import type { RecoveredSignature } from "@ethernauta/crypto"