npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

zeyra

v1.0.1

Published

WebCrypto helper for generating JWK keysets plus AES-GCM encryption and ECDSA signing agents.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jortsupettersonjortsupetterson

Keywords

webcryptoaes-gcmecdsajwkencryptionsignature

Readme

Zeyra

WebCrypto helpers for zero-knowledge–friendly flows: generate AES-GCM + ECDSA keysets as JWKs and wrap them with tiny agent classes for encrypt, decrypt, sign, and verify.

Features

  • AES-GCM 256 encryption/decryption via CipherAgent
  • ECDSA P-256 signing/verification via SigningAgent and VerificationAgent
  • generateKeyset() produces an exportable JWK bundle you can store or transport
  • Pure WebCrypto, no native add-ons; ships as ESM
  • Plays nicely with bytecodec for UTF-8 and base64url conversions

Requirements

  • Node.js 18+ (global crypto.subtle)
  • ESM environment ("type": "module" in package.json)

Installation

npm install zeyra

Quickstart

import { Bytes } from "bytecodec";
import {
  generateKeyset,
  CipherAgent,
  SigningAgent,
  VerificationAgent,
} from "zeyra";

// One-time key material for a resource
const { symmetricJwk, privateJwk, publicJwk } = await generateKeyset();

// Writers: encrypt + sign
const cipher = new CipherAgent(symmetricJwk);
const signer = new SigningAgent(privateJwk);
const payload = await cipher.encrypt(Bytes.fromString("hello world"));
const signature = await signer.sign(payload.ciphertext);

// Readers / servers: verify ownership + decrypt
const verifier = new VerificationAgent(publicJwk);
const authorized = await verifier.verify(payload.ciphertext, signature);
const plaintext = Bytes.toString(await cipher.decrypt(payload));

API

  • generateKeyset() -> { symmetricJwk, publicJwk, privateJwk } (all exportable JWKs)
  • new CipherAgent(symmetricJwk)
    • .encrypt(Uint8Array) -> { iv: Uint8Array, ciphertext: ArrayBuffer }
    • .decrypt({ iv, ciphertext }) -> Uint8Array
  • new SigningAgent(privateJwk)
    • .sign(Uint8Array | ArrayBuffer) -> ArrayBuffer (ECDSA P-256 / SHA-256)
  • new VerificationAgent(publicJwk)
    • .verify(Uint8Array | ArrayBuffer, ArrayBuffer) -> boolean

See the implementations in src/index.js and friends for details.

Testing and benchmarks

  • Run tests: npm test (uses Node’s built-in node:test runner against test.js)
  • Run microbenchmarks (skipped by default): npm run bench
    • Pass iterations: npm run bench -- --iterations=500
    • Reports ops/sec for encryption and the full encrypt/sign/verify/decrypt pipeline.

Notes

  • Keys are intentionally exportable to move them between client/storage; encrypt them at rest according to your threat model.
  • AES-GCM already authenticates ciphertext/IV; ECDSA signatures add an explicit ownership check for multi-party flows.

License

MIT