npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

hyper-multisig-cli

v1.3.0

Published

CLI of hyper-multisig

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mafintoshmafintoshhdegrootehdegroote

Keywords

Readme

CI

Hyper Multisig CLI

CLI to safely create, verify and commit multisig signing requests for hypercores and hyperdrives.

Includes sanity checks to avoid common mistakes and risky releases, like detecting conflicts and ensuring all cores are fully seeded by other peers before committing.

Uses hyper-multisig under the hood.

Supports both Node.js and Bare.

Installation

npm i -g hyper-multisig-cli

Usage

hyper-multisig --help
hyper-multisig-bare --help

Example

This example sets up a multisig hypercore with 1 signer and a quorum of 1, so it can be run by a single person. A more standard setup is 3 signers with a quorum of 2.

Create Signing Key

First use hypercore-sign to create your signing key:

npm i -g hypercore-sign
hypercore-sign-generate-keys

Take note of your public key.

Create Source Core

We just create a dummy source core for this example:

import Corestore from 'corestore'
import Hyperswarm from 'hyperswarm'

const desiredLength = 3

const store = new Corestore('temp-example-store')
const core = store.get({ name: 'source-core' })
await core.ready()

for (let i = core.length; i < desiredLength; i++) await core.append(`Block-${i}`)

const swarm = new Hyperswarm()
swarm.on('connection', (conn) => {
  store.replicate(conn)
})
swarm.join(core.discoveryKey)
console.log(`Swarming key ${core.id} (length ${core.length})`)

Keep this process running, because we will need to download this hypercore to be able to create and commit the signing request.

Create Config

Create multisig.json in your current directory

{
  "type": "core", // core or drive
  "publicKeys": ["paste-here-the-key-generated-by-hypercore-sign-generate-keys"],
  "quorum": 1,
  "namespace": "dummy-test-core",
  "srcKey": "paste-here-the-key-of-your-source-core"
}

Note that the key of the multisig hypercore is fully determined by the public keys and namespace. This means you can never use the same namespace with the same signers.

It is possible to switch to a different srcKey.

The config supports an optional multisigKey field. Set this to the multisig key corresponding to your config (the key returned by the linkcommand). This can be useful for searching configs based on their multisigKey.

Create Signing Request

hyper-multisig request 3

You should see an error that the source core is not well seeded. It errors because committing any requests in this situation is dangerous.

Fix it by running this script in another terminal window, filling in the correct source key:

import Corestore from 'corestore'
import Hyperswarm from 'hyperswarm'
import IdEnc from 'hypercore-id-encoding'

const stringKey = '' // use the key of your source core

const store = new Corestore(`temp-example-seeder-store-${Math.round(Math.random() * 100000)}`)
const key = IdEnc.decode(stringKey)
const core = store.get({ key })
await core.ready()

const swarm = new Hyperswarm()
swarm.on('connection', (conn) => { store.replicate(conn) })
swarm.join(core.discoveryKey)
console.log(`Swarming key ${core.id}`)

core.download({ start: 0, end: -1 })

Note: in practice you would use a seeder service, like a blind-peer, to ensure your source core is well seeded. Having two seeder processes running locally is not safe (if your computer is turned off, the core is no longer available).

Now rerun the command:

hyper-multisig request 3

Take note of the signing request. It looks like this:

hypercore-sign yebob...

Sign Request

Run the hypercore-sign command, and take note of the result. It looks like

Reply with:

yeqmm...

Verify Request

Replace yebob... with your own signing request, and yeqmm with your own response. Then run:

hyper-multisig verify --first-commit yebob... yeqmm...

You should see the confirmation that the core is safe to commit.

Commit Request

Run the same command as above, but replace 'verify' with 'commit'.

hyper-multisig commit --first-commit <the signing request> <your signing response>

You should see logs like

Verifying the core is safe to commit (source <source key> to multisig target <target key>)
Opened connection
Opened connection
Committing the core...
Committed the core (key <target key>)
Waiting for remote seeders to pick up the changes...
Please add this key to the seeders now. The logs here will notify you when it is picked up by them. Do not shut down until that happens.

Do as the logs instruct, and add your target key to 2 or more seeders. For this example, simply run 2 more seeder scripts like above, but this time for the target key.

Once the program detects at least 2 seeders have fully downloaded the multisig drive, it will inform you it is done. Shut down with ctrl-c.

Note: for any future updates to your multisig core, remove the first-commit flag.