npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

vericrypt

v1.0.6

Published

A secure message encryption and signing package using Ed25519 for signing and X25519 for encryption

Downloads

6

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

abayushabayush

Keywords

encryptionsigninged25519x25519cryptosecurityend-to-endencryptiondigital-signaturecryptographyasymmetric-encryption

Readme

VeriCrypt

A secure message encryption and signing package using Ed25519 for signing and X25519 for encryption.

Installation

npm install vericrypt

Features

  • Separate Keypairs for Signing and Encryption: Uses Ed25519 for signing and X25519 for encryption
  • Message signing and verification using Ed25519
  • Message encryption and decryption using X25519
  • Forward secrecy with ephemeral keys for each encryption
  • All keys and messages are base64 encoded for easy transmission
  • Built on tweetnacl for proven security and reliability

Usage

Key Generation

const { generateKeyPair } = require('vericrypt');

// Generate key pairs for both signing and encryption
const keys = generateKeyPair();

// Ed25519 keys for signing/verification
console.log('Signing Private Key:', keys.signingPrivateKey);
console.log('Signing Public Key:', keys.signingPublicKey);

// X25519 keys for encryption/decryption
console.log('Encryption Private Key:', keys.encryptionPrivateKey);
console.log('Encryption Public Key:', keys.encryptionPublicKey);

Signing Messages

const { sign } = require('vericrypt');

const message = 'Hello, World!';
const signingPrivateKey = keys.signingPrivateKey;

// Sign the message (synchronous operation)
const signedData = sign(message, signingPrivateKey);
console.log('Message:', signedData.message);
console.log('Signature:', signedData.signature);

Verifying Signatures

const { verify } = require('vericrypt');

const signingPublicKey = keys.signingPublicKey;

// Verify the signed message (synchronous operation)
const isValid = verify(signedData, signingPublicKey);
if (isValid) {
    console.log('Signature is valid');
} else {
    console.log('Signature is invalid');
}

Encrypting Messages

const { encrypt } = require('vericrypt');

const message = 'Hello, World!';
const receiverEncryptionPublicKey = recipientKeys.encryptionPublicKey;

// Encrypt the message
const encryptedData = encrypt(message, receiverEncryptionPublicKey);
console.log('Encrypted Message:', encryptedData.encryptedMessage);
console.log('Nonce:', encryptedData.nonce);
console.log('Ephemeral Public Key:', encryptedData.ephemeralPublicKey);

Decrypting Messages

const { decrypt } = require('vericrypt');

const receiverEncryptionPrivateKey = recipientKeys.encryptionPrivateKey;

// Decrypt the message
const decryptedMessage = decrypt(encryptedData, receiverEncryptionPrivateKey);
if (decryptedMessage) {
    console.log('Decrypted Message:', decryptedMessage);
} else {
    console.log('Decryption failed');
}

Complete Example: Sign, Encrypt, Decrypt, and Verify

const { generateKeyPair, sign, verify, encrypt, decrypt } = require('vericrypt');

// Generate random key pairs for sender and receiver
const senderKeys = generateKeyPair();
const receiverKeys = generateKeyPair();

const message = 'Hello, World!';

// 1. Sign the message with sender's signing key
const signedData = sign(message, senderKeys.signingPrivateKey);

// 2. Encrypt the signed message with receiver's encryption key
const encryptedData = encrypt(signedData.message, receiverKeys.encryptionPublicKey);

// 3. Decrypt the message with receiver's decryption key
const decryptedMessage = decrypt(encryptedData, receiverKeys.encryptionPrivateKey);

// 4. Verify the signature with sender's verification key
const isValid = verify({
    message: decryptedMessage,
    signature: signedData.signature
}, senderKeys.signingPublicKey);

if (isValid && decryptedMessage === message) {
    console.log('Message successfully decrypted and verified!');
}

API Reference

Functions

generateKeyPair()

Generates a new random keypair for both signing and encryption.

  • Returns: Object with base64-encoded keys:
    {
  signingPrivateKey: string,
  signingPublicKey: string,
  encryptionPrivateKey: string,
  encryptionPublicKey: string
}

sign(message, signingPrivateKey)

Signs a message using Ed25519.

  • Parameters:
    • message (string): Message to sign
    • signingPrivateKey (string): Base64-encoded Ed25519 private key
  • Returns: {message: string, signature: string}

verify(signedData, signingPublicKey)

Verifies a signed message using Ed25519.

  • Parameters:
    • signedData (object): {message: string, signature: string}
    • signingPublicKey (string): Base64-encoded Ed25519 public key
  • Returns: boolean

encrypt(message, receiverEncryptionPublicKey)

Encrypts a message using X25519.

  • Parameters:
    • message (string): Message to encrypt
    • receiverEncryptionPublicKey (string): Base64-encoded X25519 public key
  • Returns: {encryptedMessage: string, nonce: string, ephemeralPublicKey: string}

decrypt(encryptedData, receiverEncryptionPrivateKey)

Decrypts a message using X25519.

  • Parameters:
    • encryptedData (object): {encryptedMessage: string, nonce: string, ephemeralPublicKey: string}
    • receiverEncryptionPrivateKey (string): Base64-encoded X25519 private key
  • Returns: string | null - Decrypted message or null if decryption fails

Security Notes

  1. Keep all private keys secure and never share them.
  2. The package uses:
    • Ed25519 for signing and verification
    • X25519 for encryption and decryption
    • tweetnacl for cryptographic operations
  3. Each encryption operation generates a new ephemeral key pair for forward secrecy.
  4. All messages are signed before encryption to ensure authenticity.
  5. Built on tweetnacl for proven security and reliability.
  6. Synchronous operations for better performance and simplicity.

Dependencies

  • tweetnacl - Proven cryptographic library for Ed25519 and X25519
  • tweetnacl-util - Utility functions for tweetnacl

License

ISC