{"id":13641165,"url":"https://github.com/evervault/node-secureworker","last_synced_at":"2025-09-08T18:31:04.844Z","repository":{"id":35120881,"uuid":"45433313","full_name":"evervault/node-secureworker","owner":"evervault","description":"Run JavaScript inside an Intel SGX Enclave as easily as using a Web Worker","archived":true,"fork":false,"pushed_at":"2024-01-30T14:06:15.000Z","size":5517,"stargazers_count":104,"open_issues_count":9,"forks_count":16,"subscribers_count":19,"default_branch":"master","last_synced_at":"2025-08-21T00:53:52.852Z","etag":null,"topics":["javascript","nodejs","npm","npm-package","sgx"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/secureworker","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/evervault.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-11-03T01:22:47.000Z","updated_at":"2025-04-28T17:35:17.000Z","dependencies_parsed_at":"2024-01-14T11:12:49.589Z","dependency_job_id":"b7625969-bdf1-442d-96c6-180624010db1","html_url":"https://github.com/evervault/node-secureworker","commit_stats":{"total_commits":268,"total_committers":10,"mean_commits":26.8,"dds":0.5186567164179104,"last_synced_commit":"2ecfa1ec6a52e1bcfa721ed500be1d4e13cb5a7c"},"previous_names":["luckychain/node-secureworker"],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/evervault/node-secureworker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evervault%2Fnode-secureworker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evervault%2Fnode-secureworker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evervault%2Fnode-secureworker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evervault%2Fnode-secureworker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/evervault","download_url":"https://codeload.github.com/evervault/node-secureworker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evervault%2Fnode-secureworker/sbom","scorecard":{"id":386565,"data":{"date":"2025-08-11","repo":{"name":"github.com/evervault/node-secureworker","commit":"5b7a4579bc056c0f8bb2a9987512579cc76d7517"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.8,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":5,"reason":"Found 1/2 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: BSD 3-Clause \"New\" or \"Revised\" License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"10 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-6chw-6frg-f759","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-434g-2637-qmqr","Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m","Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw","Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p","Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747","Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T16:47:10.198Z","repository_id":35120881,"created_at":"2025-08-18T16:47:10.198Z","updated_at":"2025-08-18T16:47:10.198Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274229367,"owners_count":25245187,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-08T02:00:09.813Z","response_time":121,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["javascript","nodejs","npm","npm-package","sgx"],"created_at":"2024-08-02T01:01:18.397Z","updated_at":"2025-09-08T18:31:04.037Z","avatar_url":"https://github.com/evervault.png","language":"C","funding_links":[],"categories":["Language Frameworks"],"sub_categories":["Library OSes and SDKs"],"readme":"![SecureWorker](https://raw.githubusercontent.com/evervault/node-secureworker/master/secureworker-logo.png)\n\n![npm Version](https://img.shields.io/npm/v/secureworker \"npm Version\")\n![Required Node.js Version](https://img.shields.io/node/v/secureworker \"Required Node.js Version\")\n![Open GitHub Issues](https://img.shields.io/github/issues/evervault/node-secureworker \"Open GitHub Issues\")\n![Package License](https://img.shields.io/github/license/evervault/node-secureworker \"Package License\")\n\nThis NPM package allows you to run JavaScript inside a secure (trusted) environment (enclave) provided by\n[Intel SGX](https://software.intel.com/en-us/sgx) technology on modern CPUs. When used properly,\neven the operating system or a cloud provider cannot access data or observe/interfere with\noperations inside an enclave.\n\nThis package executes JavaScript using the [Duktape](http://duktape.org/) JavaScript engine and provides\na Web Workers-style interface. Cryptographic operations are exposed through a Web Crypto compatible API.\nPromises are also available. This allows you to write isometric code and use the same code on the client, server,\nand inside enclaves. Workers can be seen as just another secure and trusted component in your JavaScript-based\narchitecture.\n\nThis package is maintained by [evervault](https://evervault.com/).\n\n**Warning: The project is still in development. Feel free to contribute.**\n\n## Installation\n\n```\nnpm install secureworker --save\n```\n\n## Intel SGX Requirements\n\nTo use this package in production, you need [SGX hardware](https://github.com/ayeks/SGX-hardware) as well as a [commercial license from Intel](https://software.intel.com/en-us/sgx/request-license).\n\nFor development you have various options. Intel provides an SGX simulator in the SGX SDK.\nThis package also falls back to the \"mock\" mode of operation, where it uses [vm](https://nodejs.org/api/vm.html)\nto simulate an isolated running environment if it cannot load necessary binaries.\n*Such execution does not give you added security, but it is good for experimentation.*\n\nIf you would like to build enclaves, you need [Intel SGX SDK](https://software.intel.com/en-us/sgx-sdk/download).\nTo run them, you need [SGX PSW](https://github.com/01org/linux-sgx) (platform software, i.e., runtime).\nTo run them with SGX hardware, you need a [kernel driver](https://github.com/01org/linux-sgx-driver).\n\nWe are working a new Docker image which will allow you automatically configure your SGX environment with minimal configuration.\n\n**Warning: By default built enclaves are run in simulation and debug mode (or even mock mode). This does not provide any added security.**\n\n[Read more about various types of compiling and executing enclaves](https://software.intel.com/en-us/blogs/2016/01/07/intel-sgx-debug-production-prelease-whats-the-difference).\n\n## Bundling and Building\n\nEach enclave you build with this package (`.so` file) can contain multiple JavaScript files.\nYou can bundle each of them with your favorite tool. For example, with [browserify](http://browserify.org/)\nthe following options work well to create an `enclave-bundle.js` file from an input `enclave-source.js`\nfile, bundling any imports as well. The command below also requires [babelify](https://www.npmjs.com/package/babelify), [babel-core](https://www.npmjs.com/package/babel-core) and [babel-preset-es2015](https://www.npmjs.com/package/babel-preset-es2015), which can be installed from npm.\n\n```\n$ browserify --insert-global-vars __filename,__dirname --no-commondir -t [ babelify --presets [ es2015 ] ] enclave-source.js \u003e enclave-bundle.js\n```\n\nOnce you have files you want to build into an enclave (e.g., `enclave-bundle.js`, `tests.js`), you can use the `secureworker-create` binary in this package to build an enclave file `enclave.so`:\n\n```\n$ secureworker-create --output enclave.so enclave-bundle.js tests.js\n```\n\nScripts are identified inside an enclave using their basename.\n\nNow, you can start your secure worker (enclave) using:\n\n```javascript\nconst worker = new SecureWorker('enclave.so', 'enclave-bundle.js');\n```\n\n## Remote Attestation 101\n\nRunning code inside a secure environment (enclave) nobody can inspect or tamper with is great, but not very helpful\nif you cannot prove to others that you have really executed the code inside a specific enclave, or prove to\nothers that they are really communicating with the enclave as opposed to somebody who is pretending to be\nthat enclave.\n\nTo address this, Intel provides a service which can provide such proofs for you (you have to trust\nIntel, but you are already trusting them with [correctness of their CPUs](https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/)).\n\nThe process to prove to others that something executed inside a specific *enclave*, simplified, is as follows:\n\n1. every *enclave* has a *measurement* which corresponds to its binary image (code);\n   in our case this consists of code provided by this package to run JavaScript inside an\n   *enclave*, and your scripts you built into the *enclave*\n2. when the *enclave* wants to produce such proof, it generates a *report* which binds\n   a *measurement* with CPU identity and optional additional *report data* (often a *nonce* to\n   prevent proof we are generating to be reused)\n3. outside *enclave*, but on the same machine, a *report* is exchanged for a *quote* by a quoting *enclave* provided\n   by Intel, and running on the machine as well\n4. a *quote* is sent to Intel's Remote Attestation service and if everything is coming\n   from a valid SGX enclave on an SGX-enabled platform and CPU, it produces an *attestation*\n5. one can verify offline this *attestation* using Intel's public key. One should also\n   verify that the *measurement* corresponds to the expected code, and probably check *report data*\n   (especially if used as a *nonce*)\n\nAlternatively, steps _4_ and _5_ can be done directly, online, by a peer who would\ncontact Intel's Remote Attestation service with a *quote* and obtain an *attestation*.\n\nOn the other hand, sometimes one wants to know if they are communicating with a specific *enclave*. Often\nso that they can provide it a secret nobody else should receive. In this case a process could be:\n\n1. one should embed their public key in the *enclave*\n2. one starts establishing a secure ephemeral channel with the *enclave*\n3. *enclave* verifies the identity of a peer by using one's public key\n4. one verifies the identity of the *enclave* by asking it to generate\n   a *report* with a *nonce*\n5. *report* is exchanged for a *quote*\n6. one sends the *quote* Intel's remote attestation service to verify it, furthermore, one verifies the\n   *measurement* and *nonce*\n7. if everything matches, the secure channel can be trusted and one can be sure they communicate with\n   the *enclave* directly\n\nIntel SGX SDK provides a set of `sgx_ra_*` functions to help with the latter process, but this package\ndoes not (yet) expose them. You can use the Web Crypto API to instead establish a secure channel,\nand have code around the enclave transmit messages between the peer and the enclave using `postMessage`.\n\n## API (outside, untrusted)\n\n### `new SecureWorker(enclaveName:String, contentKey:String) : SecureWorker`\n\nStarts an enclave from file `enclaveName` and asynchronously runs the script under `contentKey` name.\nIt returns a worker instance.\n\n### `SecureWorker.getReportData(report:ArrayBuffer) : ArrayBuffer`\n\nReturns data provided when generating a `report`.\n\n### `SecureWorker.getQuote(report:ArrayBuffer, linkable:Boolean, spid:ArrayBuffer, [revocationList:ArrayBuffer]) : ArrayBuffer`\n\nReturns a quote based on the `report`. `spid` is SPID is an ID given to you by Intel when you register with the\nIntel Attestation Service.\n\nQuotes can be made `linkable` or anonymous. If it is linkable, it is bound to the CPU on which the report\nwas made. [More information](https://software.intel.com/en-us/blogs/2016/03/09/intel-sgx-epid-provisioning-and-attestation-services).\n\n`revocationList` is a list of revoked CPU keys managed by Intel. If you do not provide one, a recent\none will be used automatically. If you pass `null`, none will be used at all.\n\n**Automatic `revocationList` not yet implemented.**\n\n### `SecureWorker.getQuoteData(quote:ArrayBuffer) : ArrayBuffer`\n\nReturns data provided when generating a report, which is carried over to `quote`.\n\n### `SecureWorker.getRemoteAttestation(quote:ArrayBuffer, payloadObj:Object, raUrl:String, callbackFn:Function) : ArrayBuffer`\n\nReturns a signed attestation for provided `quote` if Remote Attestation succeeds.\n\n`payLoadObj` must contain the Subscription Key for the Remote Attestation Server with the key `subscriptionKey`. The `payloadObj` may also contain a `pseManifest` and a `nonce` (see [Intel Attestation Service Spec](https://api.trustedservices.intel.com/documents/sgx-attestation-api-spec.pdf)) \n\n`raUrl` is the URL of the Remote Attestation server. If left empty, it will be defaulted to the Intel Remote Attestation Service.\n\n`callbackFn` is a callback function with the signature `function callbackFn(attestationSignature:ArrayBuffer, [errorMsg:String])`.\n\n### `SecureWorker.validateRemoteAttestation(quote:ArrayBuffer, attestation:ArrayBuffer) : Boolean`\n\nValidates that an `attestation`'s signature belongs to Intel's public key.\n\n**Not yet implemented.**\n\n### `SecureWorker.getSGXVersion() : Object`\n\nReturns information about the SGX platform. Returns `null` if running in a mock mode.\n\n**Not yet implemented.**\n\n### `worker.onMessage(listener:Function) : Function`\n\nRegisters a `listener` for messages coming from `worker`.\n\n### `worker.removeOnMessage(listener:Function)`\n\nUnregisters a `listener`.\n\n### `worker.postMessage(message:Object)`\n\nSends a `message` to the `worker`, so that listeners inside get it.\n`message` should be JSON-serializable.\n\n### `worker.terminate()`\n\nStops the `worker`.\n\n**Not yet implemented.**\n\n## API (inside, trusted)\n\n### `SecureWorker.ready : Promise`\n\nA Promise which resolves once worker has fully loaded and all APIs and services have initialized.\n\n### `SecureWorker.getName() : String`\n\nReturns the name under which the current script is stored in an enclave.\n\n**Not yet implemented.**\n\n### `SecureWorker.onMessage(listener:Function) : Function`\n\nRegisters a `listener` for messages coming from outside.\n\n**Make sure you validate all messages before using them.**\n\n### `SecureWorker.removeOnMessage(listener:Function)`\n\nUnregisters a `listener`.\n\n### `SecureWorker.postMessage(message:Object)`\n\nSends a `message` to outside, so that listeners there get it.\n`message` should be JSON-serializable.\n\n***Make sure you do not leak any sensitive data from the enclave.**\n\n### `SecureWorker.close()`\n\nStops the `worker`.\n\n**Not yet implemented.**\n\n### `SecureWorker.importScripts(contentKeys:String...)`\n\nSynchronously run scripts under given names.\n\n### `SecureWorker.monotonicCounters.create() : {uuid:ArrayBuffer, value:Number}`\n\nCreates a new monotonic counter. `uuid` represents ID of the counter, and `value`\nis its current value. Monotonic counters are provided by the SGX platform\nand persist even across enclave resets, so you can use them to prevent rollback\nattacks.\n\n### `SecureWorker.monotonicCounters.destroy(counterId:ArrayBuffer)`\n\nDestroys a monotonic counter with ID `counterId`.\n\n### `SecureWorker.monotonicCounters.read(counterId:ArrayBuffer) : Number`\n\nReturns the value of a monotonic counter with ID `counterId`.\n\n### `SecureWorker.monotonicCounters.increment(counterId:ArrayBuffer) : Number`\n\nIncreases a monotonic counter with ID `counterId` and returns the new value.\n\n### `SecureWorker.getTrustedTime() : {currentTime:ArrayBuffer, timeSourceNonce:ArrayBuffer}`\n\n`currentTime` is of the second resolution in the little-endian byte ordering.\nIt can be used as a trusted source of elapsed time. This is not clock time.\nAll this holds while `timeSourceNonce` stays the same. If `timeSourceNonce` changes,\nthen the trusted time has restarted as well.\n\n### `SecureWorker.getReport([reportData:ArrayBuffer], [targetInfo:ArrayBuffer]) : ArrayBuffer`\n\nReturns a report for the calling enclave. Report can optionally include 64 bytes of `reportData`.\n\nIf `targetInfo` is not provided (is `undefined`) it will be automatically populated\nwith target information needed for quoting.\n\n### `SecureWorker.sealData([additionalData:ArrayBuffer], [data:ArrayBuffer]) : ArrayBuffer`\n\nSeals an ArrayBuffer using a key derived from the enclave EGETKEY instruction.\n\nCan optionally include an `additionalData` ArrayBuffer which _will not be encrypted_ but will be part of the GCM MAC calculation, which also covers the data to be encrypted.\n\nThis function can be used to encrypt and persistently store data outside of the enclave and is bound to the particular enclave running on the same platform.\n\n### `SecureWorker.unsealData([data:ArrayBuffer]) : ArrayBuffer`\n\nDecrypts a sealed/encrypted ArrayBuffer and returns the original decrypted information as an ArrayBuffer.\n\n### `crypto.subtle.*`\n\nA cryptographic API. It matches\n[Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API).\n\n### `crypto.getRandomValues(buffer:TypedArray) : TypedArray`\n\nA source of trusted randomness. It matches\n[Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/RandomSource/getRandomValues).\n\n### `Promise:Function`\n\n[Promise](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise)\n[implementation](https://github.com/taylorhakes/promise-polyfill).\n\n### `nextTick:Function` and `setImmediate:Function`\n\nEnclaves do not have IO, so these behave the same.\n\n## Mock API\n\nTo use mock mode of operation, you have to provide a function which resolves\nscript names to their content. For example:\n\n```javascript\nvar fs = require('fs');\nvar path = require('path');\nconst SecureWorker = require('secureworker');\n\nSecureWorker._resolveContentKey = function _resolveContentKey(enclaveName, contentKey) {\n  return fs.readFileSync(path.join(__dirname, contentKey), 'utf8');\n};\n\nconst worker = new SecureWorker('enclave.so', 'enclave-bundle.js');\n```\n\nIf you want to force loading the package in the mock mode, set `FORCE_MOCK_SECUREWORKER`\nenvironment variable.\n\n## Credits\n\nSecureWorker was originally developed as part of [Luckychain](https://github.com/luckychain/lucky) by Mitar Milutinovic and Warren He from UC Berkeley. See their whitepaper [Proof of Luck: an Efficient Blockchain Consensus Protocol](https://github.com/luckychain/lucky#whitepaper).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevervault%2Fnode-secureworker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fevervault%2Fnode-secureworker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevervault%2Fnode-secureworker/lists"}