Installations
npm install bech32-bufferScore
95.8
Supply Chain
99.1
Quality
75.7
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Developer
Developer Guide
Module System
CommonJS
Min. Node Version
>=8
Typescript Support
Yes
Node Version
16.13.0
NPM Version
8.11.0
Statistics
21 Stars
283 Commits
10 Forks
3 Watching
3 Branches
3 Contributors
Updated on 10 Nov 2024
Bundle Size
5.94 kB
Minified
2.30 kB
Minified + Gzipped
Languages
JavaScript (91.95%)
TypeScript (5.6%)
Shell (2.45%)
Total Downloads
Cumulative downloads
Total Downloads
543,857
Last day
-27.9%
3,609
Compared to previous day
Last week
40%
33,139
Compared to previous week
Last month
230.1%
104,615
Compared to previous month
Last year
280.3%
381,204
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
30
Bech32(m) Encoding for Arbitrary Buffers
Bech32 is a Bitcoin address format specified in BIP 173 and BIP 350. Among its advantages are: better adaptability to QR codes and in voice conversations, and improved error detection. This library generalizes Bech32 and its modified version (Bech32m) to encode any reasonably short byte buffers.
Usage
Encoding data
1declare function encode( 2 prefix: string, 3 data: Uint8Array, 4 encoding: 'bech32' | 'bech32m' = 'bech32' 5): string;
Encodes binary data with the specified human-readable prefix into a Bech32(m) string.
The case is preserved: if the prefix is uppercase, then the output will be uppercase
as well; otherwise, the output will be lowercase (including the case when the prefix does
not contain any letters).
Arguments
- prefix: string
Human-readable prefix to hint what kind of data Bech32 encodes. Must contain ASCII chars in the range 33-126 - data: Uint8Array
Binary data to encode - encoding:
bech32orbech32m
Specifies whether to use the original Bech32 encoding from BIP 173 or the modified encoding from BIP 350; they differ in how a checksum is computed. If omitted, the original encoding is used.
Return value
String containing:
prefix'1'separator chardataencoded with the variant of base32 encoding used by Bech32, and- 6-char checksum calculated based on
prefixanddata
Example
1const bech32 = require('bech32-buffer'); 2const data = new Uint8Array(20); 3bech32.encode('test', data); 4// 'test1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqql6aptf'
Decoding data
1declare function decode(message: string): { 2 prefix: string, 3 encoding: 'bech32' | 'bech32m', 4 data: Uint8Array 5};
Extracts human-readable prefix and binary data from the Bech32-encoded string.
Arguments
- data: string
String to decode
Return value
An object with the following fields:
- prefix: string
Human-readable prefix - encoding:
bech32orbech32m
Encoding variant inferred from the checksum. - data: Uint8Array
Binary data encoded into the input string
Decoding may fail for a variety of reasons (e.g., invalid checksum, or invalid
chars in the input). In this case, decode() throws an exception
with a descriptive message.
Example
1const bech32 = require('bech32-buffer'); 2const data = 'lost1qsyq7yqh9gk0szs5'; 3bech32.decode(data); 4// { 5// prefix: 'lost', 6// encoding: 'bech32', 7// data: Uint8Array([ 4, 8, 15, 16, 23, 42 ]) 8// }
Bitcoin addresses
1declare class BitcoinAddress { 2 prefix: 'bc' | 'tb'; 3 scriptVersion: number; 4 data: Uint8Array; 5 6 static decode(message: string): BitcoinAddress; 7 constructor(prefix: 'bc' | 'tb', scriptVersion: number, data: Uint8Array); 8 encode(): string; 9 type(): void | 'p2wsh' | 'p2wpkh'; 10}
Provides basic functionality to work with Bech32 encoding of Bitcoin addresses.
Addresses can be decoded from strings and encoded into strings.
It is also possible to check the type of an address. P2WSH and P2WPKH address
types are defined per BIP 141. Encoding constraints are defined per BIP 173
and BIP 350.
Example
1const { BitcoinAddress } = require('bech32-buffer'); 2const address = BitcoinAddress.decode('BC1QW508D6QEJXTDG4Y5R3ZARVARY0C5XW7KV8F3T4'); 3// address.prefix === 'bc' 4// address.scriptVersion === 0 5// address.data.length === 20 6// address.type() === 'p2wpkh'
Use in Browsers
Use dist/bech32-buffer.min.js from the package distribution
or your favorite browserifier. In the first case,
the library will be available as a bech32 global variable:
1<script src="bech32-buffer.min.js"></script> 2<!-- later --> 3<script> 4bech32.encode('test', new Uint8Array(20)); 5</script>
Check out the web demo to see how
bech32-buffer works in browser. It is also available in the examples
directory of the package.
Acknowledgements
BIP 173 is authored by Pieter Wuille and Greg Maxwell and is licensed under the 2-clause BSD license. BIP 350 is authored by Pieter Wuille and is licensed under the 2-clause BSD license.
There are at least 2 existing implementations of Bech32 for JavaScript:
- The reference implementation by Pieter Wuille
- Another implementation available as the
bech32package
Both implementations are Bitcoin-specific, and the reference implementation is also not in the Npm / yarn package manager.
License
bech32-buffer is available under Apache-2.0 license.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
3 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Reason
5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 2 out of 2 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/ci.yml:47
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
4.7
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More