{"id":37021557,"url":"https://github.com/ltonetwork/seasalt","last_synced_at":"2026-01-14T02:33:12.723Z","repository":{"id":46525671,"uuid":"377490597","full_name":"ltonetwork/seasalt","owner":"ltonetwork","description":"NaCl compatible cryptography library using Bouncy Castle (Java)","archived":false,"fork":false,"pushed_at":"2025-03-10T10:35:41.000Z","size":242,"stargazers_count":3,"open_issues_count":9,"forks_count":1,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-07-22T16:48:34.422Z","etag":null,"topics":["cryptography","java"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ltonetwork.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-06-16T12:35:16.000Z","updated_at":"2024-02-15T23:30:35.000Z","dependencies_parsed_at":"2022-09-26T21:50:44.457Z","dependency_job_id":null,"html_url":"https://github.com/ltonetwork/seasalt","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/ltonetwork/seasalt","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ltonetwork%2Fseasalt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ltonetwork%2Fseasalt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ltonetwork%2Fseasalt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ltonetwork%2Fseasalt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ltonetwork","download_url":"https://codeload.github.com/ltonetwork/seasalt/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ltonetwork%2Fseasalt/sbom","scorecard":{"id":601338,"data":{"date":"2025-08-11","repo":{"name":"github.com/ltonetwork/seasalt","commit":"3a194bed982064e8d9aab5fd79b8c59c354ac2a2"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":4,"reason":"Found 5/11 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 27 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-8xfc-gm6g-vgpv","Warn: Project is vulnerable to: GHSA-hr8g-6v94-x4m9","Warn: Project is vulnerable to: GHSA-v435-xc8x-wvr9","Warn: Project is vulnerable to: GHSA-wjxj-5m7g-mg7q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T00:31:10.081Z","repository_id":46525671,"created_at":"2025-08-21T00:31:10.081Z","updated_at":"2025-08-21T00:31:10.081Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408711,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","java"],"created_at":"2026-01-14T02:33:12.121Z","updated_at":"2026-01-14T02:33:12.713Z","avatar_url":"https://github.com/ltonetwork.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"![LTO github readme](https://github.com/ltonetwork/seasalt/assets/100821/f1bedace-67cf-4b04-8a40-a9404d13e5bc)\n\n# SeaSalt\n\n[NaCl](https://nacl.cr.yp.to/) and [libsodium](https://libsodium.gitbook.io/doc/) compatible library for public-key\ncryptography and hashing using [Bouncy Castle](https://www.bouncycastle.org/).\n\t\n_Secret key cryptography is **not** supported. PRs to add secret key cryptography to this library will be accepted._\n\n## Public key signature algorithms\n\n- Ed25519\n- ECDSA\n  - secp256k1\n\n[comment]: \u003c\u003e (  - secp256r1)\n\n## Hashing algorithms\n\n- SHA1\n- SHA2 (SHA-256, SHA-384, SHA-512)\n- SHA3 (SHA3-256, SHA3-384, SHA3-512)\n- Blake2b (Blake2b-256, Blake2b-384, Blake2b-512)\n- Keccak (Keccak-256, Keccak-384, Keccak-512)\n\n# Public key signatures\n\n## Implementations\n\n##### `ECDSARecovery(X9ECParameters|String curve, Digest digest = SHA256Digest())`\n\nCreate an ECDSARecovery object using [Bouncy Castle's X9ECParameters](https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/asn1/x9/X9ECParameters.html) or a String\nto specify the curve and [Bouncy Castle's Digest](https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/crypto/Digest.html)\nto specify the hash algorithm, with default one being SHA-256.\n\nSignatures created from ECDSARecovery will have attached `v` (recId) as a header byte to the signature.\n\n##### `ECDSA(X9ECParameters|String curve, Digest digest = SHA256Digest())`\n\nCreate an ECDSA object using [Bouncy Castle's X9ECParameters](https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/asn1/x9/X9ECParameters.html) or a String\nto specify the curve and [Bouncy Castle's Digest](https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/crypto/Digest.html)\nto specify the hash algorithm, with default one being SHA-256.\n\nSignatures created from ECDSA will **NOT** have attached `v` (recId) as a header byte to the signature.\n\n##### `Ed25519()`\nCreate an Ed25519 object.\n\n## Methods\n\n##### `KeyPair keyPair()`\nCreate a random KeyPair.\n\n##### `KeyPair keyPairFromSeed(byte[]|Binary seed)`\nCreate a KeyPair from seed.\n\n##### `KeyPair keyPairFromSecretKey(byte[]|Binary privateKey)`\nCreate a KeyPair from a private key.\n\n##### `Signature signDetached(byte[]|Binary|String msg, byte[]|Binary|KeyPair privateKey)`\nSign a message using a private key or a KeyPair. The return value is the digital signature of type Binary.\n\n##### `boolean verify(byte[]|Binary|String msg, byte[]|Binary|KeyPair signature, byte[]|Binary publicKey)`\nVerify a signature using a public key or a KeyPair.\n\n_A `sign` method which prepends the message to the signature, compatible with\n[libsodium's combined mode](https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures#combined-mode),\nis not yet supported._\n\n## Example usages\n\nCreate an `ECDSARecovery` object, using `secp256k1` curve with default `Keccak-256` digest,\nhash a message, create a KeyPair, sign a message and verify it.\n\n```java\nECDSARecovery secp256k1 = new ECDSARecovery(\"secp256k1\");\nHasher hasher = new Hasher(\"Keccak-256\");\n\nKeyPair myKeyPair = secp256k1.keyPair();\nBinary msgHash = hasher.hash(\"Hello\");\nSignature mySignature = secp256k1.signDetached(myMessage, myKeyPair);\n\nassert sig.getBytes().length == 65; // including header recId byte\n\nsecp256k1.verify(myMessage, mySignature, myKeyPair) // True\n```\n\nCreate an `ECDSA` object, using `secp256k1` curve with default `Keccak-256` digest,\nhash a message, create a KeyPair, sign a message and verify it.\n\n```java\nECDSA secp256k1 = new ECDSA(\"secp256k1\");\nHasher hasher = new Hasher(\"Keccak-256\");\n\nKeyPair myKeyPair = secp256k1.keyPair();\nBinary msgHash = hasher.hash(\"Hello\");\nSignature mySignature = secp256k1.signDetached(myMessage, myKeyPair);\n\nassert sig.getBytes().length == 64;\n\nsecp256k1.verify(myMessage, mySignature, myKeyPair) // True\n```\n\n[comment]: \u003c\u003e (Create an `ECDSA` object, using `secp256r1` curve with custom `SHA-512` digest, and create a KeyPair from pre-existing private key.)\n\n[comment]: \u003c\u003e (```java)\n\n[comment]: \u003c\u003e (X9ECParameters curve = SECNamedCurves.getByName\u0026#40;\"secp256r1\"\u0026#41;;)\n\n[comment]: \u003c\u003e (Digest digest = new SHA512Digest\u0026#40;\u0026#41;;)\n\n[comment]: \u003c\u003e (ECDSA secp256r1 = new ECDSA\u0026#40;curve, digest\u0026#41;;)\n\n[comment]: \u003c\u003e (Binary mySecretKey = Binary.fromBase64\u0026#40;\"MHQCAQEEIEa56GG2PTUJyIt4FydaMNItYsjNj6ZIbd7jXvDY4ElfoAcGBSuBBAAKoUQDQgAEJQDn8/vd8oQpA/VE3ch0lM6VAprOTiV9VLp38rwfOog3qUYcTxxX/sxJl1M4HncqEopYIKkkovoFFi62Yph6nw==\"\u0026#41;;)\n\n[comment]: \u003c\u003e (KeyPair myKeyPair = secp256r1.keyPairFromSecretKey\u0026#40;mySecretKey\u0026#41;;)\n\n[comment]: \u003c\u003e (```)\n\nCreate an `Ed25519` object, create a KeyPair, sign a message and verify it.\n\n```java\nEd25519 ed25519 = new Ed25519();\n\nKeyPair myKeyPair = ed25519.keyPair();\nString myMessage = \"Hello\";\nECDSASignature mySignature = ed25519.signDetached(myMessage, myKeyPair);\n\ned25519.verify(myMessage, mySignature, myKeyPair) // True\n```\n\n# Hashing\n\n##### `Hasher(MessageDigest|String algorithm)`\nCreate a Hasher object, using [Java's MessageDigest](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/security/MessageDigest.html) or using String to specify the algortihm.\n\n##### `Binary hash(byte[]|String msg)`\nHash a byte array or a String.\n\n## Example usages\n\nCreate a `Hasher` object, using `SHA-256` algorithm, hash a message and encode it to hex.\n\n```java\nHasher sha256 = new Hasher(\"SHA-256\");\nBinary mySHA256Digest = sha256.hash(\"Hello\");\nString mySHA256HexEncodedBinary = mySHA256Digest.getHex();\n```\n\nCreate a `Hasher` object, using `Keccak-384` algorithm, hash a message and encode it to base58.\n\n```java\nHasher keccak384 = new Hasher(\"Keccak-384\");\nString myKeccak384Base58EncodedDigest = keccak384.hash(\"Hello\").getBase58();\n```\n\n# Helper Types\n\n## Binary\n\n##### `Binary(byte[] bytes)`\nCreate a Binary object, using byte array.\n\n##### `Binary Binary::fromHex(String hex)`\nCreate a Binary object, using a hexidecimal value\n\n##### `Binary Binary::fromBase58(String base58)`\nCreate a Binary object, using a base58 encoded value\n\n##### `Binary Binary::fromBase64(String base64)`\nCreate a Binary object, using a base64 encoded value\n\n##### `byte[] getBytes()`\nGet raw byte array of the Binary.\n\n##### `String getHex()`\nGet hexidecimal representation of the Binary.\n\n##### `String getBase58()`\nGet base58 encoded value of the Binary.\n\n##### `String getBase64()`\nGet base64 encoded value of the Binary.\n\n## KeyPair\n\n##### `KeyPair(byte[]|Binary publicKey, byte[]|Binary privateKey)`\nCreate a KeyPair object, using a byte array or a Binary representation of the keys.\n\n##### `Binary getPublicKey()`\nGet the public key.\n\n##### `Binary getPrivateKey()`\nGet the private key.\n\n### Signature extends Binary\n\n##### `Signature(byte[] sig)`\nCreate a Signature object, using a byte array.\n\n## ECDSASignature extends Signature\n\n##### `ECDSASignature(byte[] r, byte[] s, byte[]|byte v)`\nCreate a ECDSASignature object, using byte arrays of the `r`, `s` and `v` components of the signatures.\n\n##### `ECDSASignature(byte[] r, byte[] s)`\nCreate a ECDSASignature object, using byte arrays of the `r` and `s` components of the signatures (no `recId`).\n\n##### `byte[] getR()`\nGet the `r` component of the ECDSA signature.\n\n##### `byte[] getS()`\nGet the `s` component of the ECDSA signature.\n\n##### `byte[] getV()`\nGet the `v` component of the ECDSA signature, that would be the `recId`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fltonetwork%2Fseasalt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fltonetwork%2Fseasalt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fltonetwork%2Fseasalt/lists"}