npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@stless/cif

v1.0.2

Published

Deterministic format-agnostic identity framework

Downloads

23

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

stlessstless

Keywords

cryptographypost-quantumml-kemidentityprivacysecurityframeworkcrypto

Readme

Cripta Identity Framework (CIF)

Post-Quantum: ML-KEM Security: Stateless Status: Experimental

Node Version NPM Version NPM Downloads

Instead of managing multiple apps or writing down passwords in paper and then someone would probably find that out and peek a little 👀, you generate everything you need in just one tap. (Apologies... we don’t have an app yet 😓)

CIF extends beyond stateless generator to provide KeyLess Authenticated Encryption Mode (KLAEM) and multi-chain wallet generation.

Possibly, the first ever “Unified Identity Framework” that is format-agnostic, enabling deterministic derivation of any cryptographic primitive from a single entropy source.

✨ The Derivation Engine

Raw & Encoded Data

Binary Hex Base64 Base58

Human-Readable Secrets

Letters Numeric Passwords Mnemonics

Sovereign Assets (Web3)

BIP39 Bitcoin EVM Solana Tron Monero Polkadot Cardano Algorand Stellar Near Aptos Sui

Privacy Communication

Session

🚀 Key Features

  • Deterministic Derivation: Derive BTC, ETH, XMR, and 10+ other chains from one CID.
  • Authenticated Encryption: KeyLess Mode (KLAEM) using AES-256-GCM and ChaCha20-Poly1305.
  • Post-Quantum Security: Shared Root of Trust established via ML-KEM-512, ML-KEM-768, and ML-KEM-1024.
  • Optimization: Supports CIF-lite, a tactical profile designed for resource-constrained environments.

📊 RESOURCE ALLOCATION MATRIX

STANDARD & SOVEREIGN TIERS

(Full Mode: t=3, p=4)

| CID Type (Bits) | m (KiB) | m (MiB) | Total Bytes | Security Profile | | :--- | :--- | :--- | :--- | :--- | | 256 (17 words) | 65,536 | 64 | 32,768 | Standard Sovereign | | 384 (25 words) | 98,304 | 96 | 49,152 | High-Value Cold | | 512 (33 words) | 131,072 | 128 | 65,536 | Institutional/Paranoid | | obfuscateCID | 262,144 | 256 | 131,072 | The "Heavy" Shield |

TACTICAL & MOBILE TIER

(Lite Mode: t=2, p=1)

| CID Type (Bits) | m (KiB) | m (MiB) | Total Bytes | Security Profile | | :--- | :--- | :--- | :--- | :--- | | Lite (256-bit) | 32,768 | 32 | 4,096 | Tactical/Mobile |

Note on Formulas:

  • Memory (KiB): (Bytes * 2) * 1024
  • Tag Length: Memory * 0.5

Installation

npm install @stless/cif

Usage

1. The Foundation: Identity & Derivation

Generate a unique Cryptographic ID (CID) and derive deterministic secrets using a Nonce ID (NID) and your PIN.

const Cripta = require('@stless/cif');

// Enable AirGap Mode (Stateless, no-network profile)
await Cripta.toggleAirGap(true);

// Generate a 256-bit Identity (Mnemonic + TV Code)
const { tvCode, mnemonic: cid } = await Cripta.generateCID(256);

// Create a Nonce ID (The 'Map' to your specific secret/wallet)
const nid = await Cripta.generateNID('My-xmr-wallet#01', 'X', 32);

// Recover the deterministic secret (e.g., 25-word Monero seed)
const secretXmr = await Cripta.recoverPass(cid, nid, '837492057164');

// Optional bait PIN that derives decoy wallet seed with small funds
const decoyXmr = await Cripta.recoverPass(cid, nid, '2026');

2. KLAEM Mode (KeyLess Authenticated Encryption)

Perform encryption without storing traditional keys. Use obscureMode to encrypt the nonces and authentication tags themselves.

Message Mode (Buffer/String)

Ideal for small data, short notes, or cryptographic fragments.

const message = "> Sensitive Data";

// AES-256-GCM
const aesCipher = await Cripta.aesEncrypt(cid, nid1, pin, { data: message });
const aesPlain  = await Cripta.aesDecrypt(cid, nid1, pin, { data: aesCipher });

// ChaCha20-Poly1305 with Stealth Obfuscation
const chaCipher = await Cripta.chachaEncrypt(cid, nid2, pin, { 
  data: message, 
  obscureMode: true // Stealth metadata
});
const chaPlain  = await Cripta.chachaDecrypt(cid, nid2, pin, { 
  data: chaCipher, 
  obscureMode: true 
});

Stream Mode (Large Files)

Process GB-scale files efficiently using Node.js streams. Source and destination paths are handled automatically.

const options = { 
  inputPath: './secret.iso', 
  outputPath: './secret.cif', 
  obscureMode: true 
};

// AES-256-GCM Streaming
await Cripta.aesStreamEncrypt(cid, nid1, pin, options);
await Cripta.aesStreamDecrypt(cid, nid1, pin, { ...options, inputPath: './secret.cif', outputPath: './recovered.iso' });

// ChaCha20-Poly1305 Streaming
await Cripta.chachaStreamEncrypt(cid, nid2, pin, options);
await Cripta.chachaStreamDecrypt(cid, nid2, pin, { ...options, inputPath: './secret.cif', outputPath: './recovered.iso' });

3. Post-Quantum Handshake (ML-KEM)

Native support for NIST FIPS 203 (Kyber) for P2P key encapsulation.

// Generate Kyber-768 Keypair
const bobKeys = await Cripta.kyber.generate(768);

// Alice Encapsulates CID for Bob (Format-agnostic)
const aliceEncapped = await Cripta.encapsulateCID(768, bobKeys.pub.hex, true);

// Bob Decapsulates to reach the Shared Root of Trust
const bobDecapped = await Cripta.decapsulateCID(768, bobKeys.priv.base64, aliceEncapped.ciphertext.base58);

4. Identity Obfuscation (The Mental Key)

Scramble your Master CID into a 9-word mnemonic plus two fragments. This requires a 128-bit "Mental Key" and an optional salt to derive.

// Generate an 8-word Mental Key (128-bit)
const mentalKey = await Cripta.generateMentalKey();

// [OPTIONAL] A unique, long passphrase (salt) to prevent rainbow table attacks.
// This should be a lowercased sentence or string known only to you.
const saltObf = 'your-secret-personal-passphrase-here';

// (For Physical Storage)
// Obfuscate CID: Returns 9-word mnemonic + two scrambled fragments
const { mnemonic9, scrambled1, scrambled2 } = await Cripta.obfuscateCID(cid, mentalKey, saltObf);

// Recovery: Reconstruct the original CID
const recovered = await Cripta.deobfuscateCID(mnemonic9, scrambled1, scrambled2, saltObf);

// (For Cloud Storage)
// Scramble real CID among 20 decoys
const { mnemonic9: vaultMn, splitCIDs } = await Cripta.vaultMixCIDs(cid, mentalKey, 20);

// Unscramble to recover the legitimate Identity
const realIdentity = await Cripta.vaultUnmixCIDs(vaultMn, splitCIDs);

5. Format Interoperability & QR Delivery

Seamlessly switch between TV-Codes and Mnemonics, or export Nonce IDs for physical air-gap scanning.

// Format Recovery: Returns full format regardless of TV-Code and Mnemonic formats
const fromTV = await Cripta.recoverOtherCID(tvCode);
const fromMn = await Cripta.recoverOtherCID(cid);

// Physical Handover: Render a Nonce ID as a terminal-ready QR Code
const terminalQR = await Cripta.generateNidQR(nid, { format: 'terminal' });
console.log(terminalQR);

⚠️ CRITICAL: Implementation Risk

Using private internal functions carries a high risk due to automatic buffer-zeroing. Always wrap reused input buffers in Buffer.from() to prevent data loss.

💚 Support the Future of Security

If this framework helps mitigate your professional liability or secures your digital life, consider supporting its continued development.

Support CIF

(Clicking the button above redirects you to our verified Crypto addresses on GitHub)

📜 Credits & Legal

  • Wordlist: 216 density English corpus curated by the Yahoo End-to-End security team.
  • License: Licensed under BUSL-1.1 until 2030-03-21, converting to Apache-2.0 thereafter.