Gathering detailed insights and metrics for bech32-buffer
Gathering detailed insights and metrics for bech32-buffer
Installations
npm install bech32-bufferDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=8
Node Version
16.13.0
NPM Version
8.11.0
Releases
Unable to fetch releases
Languages
3
JavaScript
TypeScript
Shell
JavaScript (91.95%)
TypeScript (5.6%)
Shell (2.45%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
Apache-2.0 License
22 Stars
284 Commits
11 Forks
2 Watchers
4 Branches
3 Contributors
Updated on Apr 19, 2025
Maintainers
1
Package Meta Information
Latest Version
0.2.1
Package Id
bech32-buffer@0.2.1
Unpacked Size
121.95 kB
Size
31.64 kB
File Count
11
NPM Version
8.11.0
Node Version
16.13.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
30
@babel/cli@babel/core@babel/eslint-parser@babel/preset-env@babel/preset-flow@babel/register@types/chaibabel-plugin-istanbulbabel-preset-minifybabelifybrowserifychaichai-bytescross-envdirty-chaieslinteslint-config-airbnb-baseeslint-plugin-importflow-binkarmakarma-browserifykarma-chrome-launcherkarma-firefox-launcherkarma-mochakarma-mocha-reportermkdirpmochanycqrcode-generatortypescript
Bech32(m) Encoding for Arbitrary Buffers
Bech32 is a Bitcoin address format specified in BIP 173 and BIP 350. Among its advantages are: better adaptability to QR codes and in voice conversations, and improved error detection. This library generalizes Bech32 and its modified version (Bech32m) to encode any reasonably short byte buffers.
Usage
Encoding data
1declare function encode( 2 prefix: string, 3 data: Uint8Array, 4 encoding: 'bech32' | 'bech32m' = 'bech32' 5): string;
Encodes binary data with the specified human-readable prefix into a Bech32(m) string.
The case is preserved: if the prefix is uppercase, then the output will be uppercase
as well; otherwise, the output will be lowercase (including the case when the prefix does
not contain any letters).
Arguments
- prefix: string
Human-readable prefix to hint what kind of data Bech32 encodes. Must contain ASCII chars in the range 33-126 - data: Uint8Array
Binary data to encode - encoding:
bech32orbech32m
Specifies whether to use the original Bech32 encoding from BIP 173 or the modified encoding from BIP 350; they differ in how a checksum is computed. If omitted, the original encoding is used.
Return value
String containing:
prefix'1'separator chardataencoded with the variant of base32 encoding used by Bech32, and- 6-char checksum calculated based on
prefixanddata
Example
1const bech32 = require('bech32-buffer'); 2const data = new Uint8Array(20); 3bech32.encode('test', data); 4// 'test1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqql6aptf'
Decoding data
1declare function decode(message: string): { 2 prefix: string, 3 encoding: 'bech32' | 'bech32m', 4 data: Uint8Array 5};
Extracts human-readable prefix and binary data from the Bech32-encoded string.
Arguments
- data: string
String to decode
Return value
An object with the following fields:
- prefix: string
Human-readable prefix - encoding:
bech32orbech32m
Encoding variant inferred from the checksum. - data: Uint8Array
Binary data encoded into the input string
Decoding may fail for a variety of reasons (e.g., invalid checksum, or invalid
chars in the input). In this case, decode() throws an exception
with a descriptive message.
Example
1const bech32 = require('bech32-buffer'); 2const data = 'lost1qsyq7yqh9gk0szs5'; 3bech32.decode(data); 4// { 5// prefix: 'lost', 6// encoding: 'bech32', 7// data: Uint8Array([ 4, 8, 15, 16, 23, 42 ]) 8// }
Bitcoin addresses
1declare class BitcoinAddress { 2 prefix: 'bc' | 'tb'; 3 scriptVersion: number; 4 data: Uint8Array; 5 6 static decode(message: string): BitcoinAddress; 7 constructor(prefix: 'bc' | 'tb', scriptVersion: number, data: Uint8Array); 8 encode(): string; 9 type(): void | 'p2wsh' | 'p2wpkh'; 10}
Provides basic functionality to work with Bech32 encoding of Bitcoin addresses.
Addresses can be decoded from strings and encoded into strings.
It is also possible to check the type of an address. P2WSH and P2WPKH address
types are defined per BIP 141. Encoding constraints are defined per BIP 173
and BIP 350.
Example
1const { BitcoinAddress } = require('bech32-buffer'); 2const address = BitcoinAddress.decode('BC1QW508D6QEJXTDG4Y5R3ZARVARY0C5XW7KV8F3T4'); 3// address.prefix === 'bc' 4// address.scriptVersion === 0 5// address.data.length === 20 6// address.type() === 'p2wpkh'
Use in Browsers
Use dist/bech32-buffer.min.js from the package distribution
or your favorite browserifier. In the first case,
the library will be available as a bech32 global variable:
1<script src="bech32-buffer.min.js"></script> 2<!-- later --> 3<script> 4bech32.encode('test', new Uint8Array(20)); 5</script>
Check out the web demo to see how
bech32-buffer works in browser. It is also available in the examples
directory of the package.
Acknowledgements
BIP 173 is authored by Pieter Wuille and Greg Maxwell and is licensed under the 2-clause BSD license. BIP 350 is authored by Pieter Wuille and is licensed under the 2-clause BSD license.
There are at least 2 existing implementations of Bech32 for JavaScript:
- The reference implementation by Pieter Wuille
- Another implementation available as the
bech32package
Both implementations are Bitcoin-specific, and the reference implementation is also not in the Npm / yarn package manager.
License
bech32-buffer is available under Apache-2.0 license.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/slowli/bech32-buffer/ci.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 2 out of 2 npmCommand dependencies pinned
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/1 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/ci.yml:47
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 29 are checked with a SAST tool
Reason
13 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m
- Warn: Project is vulnerable to: GHSA-x2rg-q646-7m2v
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6
- Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
Score
3
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More