npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

urchin-vault

v0.2.6

Published

Quantum-encrypted file vault — encrypt with CIFER (ML-KEM-768 + AES-256-GCM), store on Filecoin/IPFS or locally

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mickalmickal

Keywords

encryptionquantum-resistantpost-quantumML-KEM-768CIFERfilecoinipfsstorachavaultcliweb3decentralized-storage

Readme

Why Urchin?

Current encryption standards (RSA, ECC) will be broken by quantum computers. Urchin uses ML-KEM-768 — a NIST-standardized post-quantum key encapsulation mechanism — combined with AES-256-GCM symmetric encryption, delivered through the CIFER SDK.

Your files are encrypted locally before they ever leave your machine, then stored on decentralized storage (Filecoin/IPFS via Storacha) or kept locally. Nobody — not the storage provider, not CIFER, not us — can read your files.

Installation

# Install globally
npm install -g urchin-vault

# Or clone and link
git clone https://github.com/natural-eaglets/urchin.git
cd urchin
npm install
npm run build
npm link

Requirements: Node.js >= 20

Optional: For decentralized storage, install the Storacha CLI:

npm install -g @storacha/cli
storacha login [email protected]
storacha space create my-vault
storacha space provision --customer [email protected]

Quick Start

# 1. Create a CIFER account
urchin register

# 2. Create an encryption key (ML-KEM-768 key pair)
urchin key create mykey

# 3. Encrypt and upload a file
urchin push secret-doc.pdf -k mykey

# 4. Download and decrypt
urchin pull secret-doc.pdf

# 5. Or just type 'urchin' for the interactive dashboard
urchin

Interactive Mode

Run urchin with no arguments to get a fully interactive experience:

  • Visual file browser — navigate your filesystem with arrow keys to pick files
  • Key selector — choose which encryption key to use
  • Provider picker — select where to store (Storacha, local, etc.)
  • File browser — browse your vault, filter by key or provider, view details
  • Open in browser — view encrypted files on the IPFS gateway
  • Smart save — pick destination folder when pulling files (Desktop, Downloads, or browse)

How It Works

                        Urchin Encryption Pipeline

  ┌──────────┐     ┌─────────────────────┐     ┌──────────────────┐
  │          │     │   CIFER Blackbox     │     │    Storage       │
  │  Your    │────▶│                     │────▶│                  │
  │  File    │     │  1. Generate random  │     │  Storacha (IPFS) │
  │          │     │     AES-256 key     │     │  Local disk      │
  └──────────┘     │  2. Wrap key with   │     │  (more coming)   │
                   │     ML-KEM-768      │     │                  │
                   │  3. Encrypt file    │     └──────────────────┘
                   │     with AES-256-GCM│
                   └─────────────────────┘
  1. A random AES-256 key is generated for each file
  2. That key is wrapped using ML-KEM-768 (post-quantum) via the CIFER payload API
  3. The file is encrypted locally with AES-256-GCM using the random key
  4. The encrypted bundle (wrapped key + encrypted data + IV + auth tag) is uploaded to storage
  5. Only someone with access to the CIFER secret can unwrap the AES key and decrypt

The file never leaves your machine unencrypted.

Commands

Files

| Command | Description | |---------|-------------| | urchin push <file> | Encrypt and upload a file | | urchin pull <file> | Download and decrypt a file | | urchin ls | List all files in vault | | urchin file rm <file> | Remove file from vault index | | urchin file providers | List available storage providers |

Keys

| Command | Description | |---------|-------------| | urchin key create <name> | Create a new ML-KEM-768 key pair | | urchin key ls | List all encryption keys | | urchin key delete <name> | Delete a key from local index |

Account

| Command | Description | |---------|-------------| | urchin register | Create a new CIFER web2 account | | urchin login | Log in to your CIFER account | | urchin logout | Log out and clear session | | urchin whoami | Show current session info |

Config

| Command | Description | |---------|-------------| | urchin config show | Show current configuration | | urchin config set <key> <value> | Update a setting |

Options on push/pull:

urchin push document.pdf -k mykey -p storacha
urchin pull document.pdf -o ~/Desktop/

Storage Providers

Urchin supports pluggable storage backends. Currently available:

| Provider | Description | Status | |----------|-------------|--------| | storacha | Filecoin + IPFS via Storacha | ✅ Default | | local | Local encrypted storage (~/.cifer-vault/encrypted/) | ✅ Available |

Set default provider:

urchin config set defaultProvider local

Architecture

src/
├── cli.ts              # Entry point — interactive dashboard & menus
├── commands/
│   ├── auth.ts         # Login, register, logout, whoami
│   ├── config.ts       # Config show/set
│   ├── files.ts        # Push, pull, list, rm, providers
│   └── keys.ts         # Key create, list, delete
└── lib/
    ├── cifer.ts        # CIFER SDK wrapper — encryption/decryption
    ├── storage.ts      # Storage provider abstraction (Storacha, local)
    ├── store.ts        # Local JSON store (~/.cifer-vault/data.json)
    └── ui.ts           # Terminal UI — colors, tables, gradients

Key design decisions:

  • Hybrid encryption — CIFER wraps a random AES key with ML-KEM-768, then AES-256-GCM encrypts the actual file. This avoids size limits on the blackbox API.
  • Provider abstraction — Storage backends implement a simple interface (upload, download, check, getUrl). Adding S3, IPFS pinning services, or other backends is straightforward.
  • Local-first — Your vault index, keys, and session live in ~/.cifer-vault/. No cloud database. You own your data.
  • Dual auth — Web2 (email + Ed25519 sessions) and Web3 (wallet signing) are both supported at the SDK level.

Tech Stack

Development

git clone https://github.com/natural-eaglets/urchin.git
cd urchin
npm install
npm run dev        # Watch mode
npm run build      # One-time build
npm link           # Install globally for testing

License

MIT — Capsule Corp / CIFER Security