{"id":33239436,"url":"https://github.com/marcoonroad/nocoiner","last_synced_at":"2025-11-26T09:00:51.102Z","repository":{"id":40228511,"uuid":"185094736","full_name":"marcoonroad/nocoiner","owner":"marcoonroad","description":"A Commitment Scheme library for Coin Flipping/Tossing algorithms and sort. :four_leaf_clover: :camel: :lock: :key:","archived":false,"fork":false,"pushed_at":"2023-04-12T06:14:50.000Z","size":280,"stargazers_count":10,"open_issues_count":3,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-05-03T00:53:32.805Z","etag":null,"topics":["aes-encryption","commitment-schemes","cryptography","message-authentication-code","ocaml","secure-multi-party-computation"],"latest_commit_sha":null,"homepage":"https://nocoiner.marcoonroad.dev","language":"OCaml","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/marcoonroad.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-05-05T23:43:16.000Z","updated_at":"2023-07-27T12:05:18.000Z","dependencies_parsed_at":"2024-05-02T15:21:26.910Z","dependency_job_id":null,"html_url":"https://github.com/marcoonroad/nocoiner","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/marcoonroad/nocoiner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcoonroad%2Fnocoiner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcoonroad%2Fnocoiner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcoonroad%2Fnocoiner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcoonroad%2Fnocoiner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/marcoonroad","download_url":"https://codeload.github.com/marcoonroad/nocoiner/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcoonroad%2Fnocoiner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286079811,"owners_count":27282121,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-26T02:00:06.075Z","response_time":193,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes-encryption","commitment-schemes","cryptography","message-authentication-code","ocaml","secure-multi-party-computation"],"created_at":"2025-11-16T19:00:41.515Z","updated_at":"2025-11-26T09:00:51.079Z","avatar_url":"https://github.com/marcoonroad.png","language":"OCaml","funding_links":[],"categories":["Security and Cryptography"],"sub_categories":[],"readme":"nocoiner\n========\n\n\u003cdiv align=\"center\"\u003e\n  \u003cimg\n    src=\"https://marcoonroad.dev/nocoiner/images/nocoiner.png\"\n    width=\"200\"\n    height=\"200\"\n    alt=\"nocoiner logo\"/\u003e\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n  \u003cp\u003e\n    \u003cspan\u003eA Commitment Scheme library for Coin Flipping/Tossing algorithms and sort.\u003c/span\u003e\n  \u003c/p\u003e\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n\u003c!-- Travis CI badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://travis-ci.com/marcoonroad/nocoiner\"\n  title=\"Verify the build logs here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/travis/com/marcoonroad/nocoiner.svg?logo=travis\u0026style=flat-square\"/\u003e\u003c/a\u003e\n\u003c!-- Coveralls badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://coveralls.io/github/marcoonroad/nocoiner\"\n  title=\"Verify the detailed test coverage here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/coveralls/github/marcoonroad/nocoiner.svg?style=flat-square\"/\u003e\u003c/a\u003e\n\u003c!-- License badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://github.com/marcoonroad/nocoiner/blob/master/LICENSE\"\n  title=\"Verify the project license here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/github/license/marcoonroad/nocoiner.svg?style=flat-square\u0026logo=github\"/\u003e\u003c/a\u003e\n\u003c!-- Open PR badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://github.com/marcoonroad/nocoiner/compare\"\n  title=\"Interested in contribute with this project?\"\u003e\u003cimg\n  src=\"https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square\u0026logo=github\"/\u003e\u003c/a\u003e\n\u003c!-- GitHub latest release/tag --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://github.com/marcoonroad/nocoiner/releases\"\n  title=\"Check the GitHub repository releases here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/github/tag-date/marcoonroad/nocoiner?logo=github\u0026style=flat-square\"\u003e\u003c/a\u003e\n\u003c!-- Donate BTC badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://www.blockchain.com/btc/address/13jnVxMenKUWb1RA1pKsQkri5HY1u89o2D\"\n  title=\"Want to give a little donation for author?\"\u003e\u003cimg\n  src=\"https://img.shields.io/badge/donate-BTC-yellow.svg?logo=bitcoin\u0026style=flat-square\"/\u003e\u003c/a\u003e\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n\u003c!-- Docker build type badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://hub.docker.com/r/marcoonroad/nocoiner/builds\"\n  title=\"Check the Docker project build here.\"\u003e\u003cimg\n  alt=\"Docker Cloud Automated build\"\n  src=\"https://img.shields.io/docker/cloud/automated/marcoonroad/nocoiner.svg?style=flat-square\u0026logo=docker\"\u003e\u003c/a\u003e\n\u003c!-- Docker build test badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://hub.docker.com/r/marcoonroad/nocoiner/builds\"\n  title=\"Check the Docker project build here.\"\u003e\u003cimg\n  alt=\"Docker Cloud Build Status\"\n  src=\"https://img.shields.io/docker/cloud/build/marcoonroad/nocoiner.svg?style=flat-square\u0026logo=docker\"\u003e\u003c/a\u003e\n\u003c!-- Docker layers badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://microbadger.com/images/marcoonroad/nocoiner\"\n  title=\"Verify the Docker image details here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/microbadger/layers/marcoonroad/nocoiner/latest.svg?style=flat-square\u0026logo=docker\"/\u003e\u003c/a\u003e\n\u003c!-- Docker size badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://microbadger.com/images/marcoonroad/nocoiner\"\n  title=\"Verify the Docker image details here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/microbadger/image-size/marcoonroad/nocoiner.svg?style=flat-square\u0026logo=docker\"/\u003e\u003c/a\u003e\n\u003c!-- Docker pulls badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://hub.docker.com/r/marcoonroad/nocoiner\"\n  title=\"Check the Docker project repository here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/docker/pulls/marcoonroad/nocoiner.svg?style=flat-square\u0026logo=docker\"/\u003e\u003c/a\u003e\n\u003c!-- Docker stars badge --\u003e\n\u003ca\n  style=\"margin: 0.1em;\"\n  href=\"https://hub.docker.com/r/marcoonroad/nocoiner\"\n  title=\"Check the Docker project repository here.\"\u003e\u003cimg\n  src=\"https://img.shields.io/docker/stars/marcoonroad/nocoiner.svg?style=flat-square\u0026logo=docker\"/\u003e\u003c/a\u003e\n\u003c/div\u003e\n\n---\n\n**NOTICE:** The previous version (`0.0.1`) of this API used the Galois/Counter Mode encryption.\nThis authenticated encryption algorithm is not a committing encryption (that's, a\n_lockable box_). The main reason is the weakness of the internal GCM hash against Collision\nAttacks (a hash with 256-bits or 512-bits images would be likely resistant, but GCM uses\n128-bits of output/digest images). For more details, please refer to the historical issue [here][9].\nThe new API, therefore, breaks if you try to reveal/open commitments generated by the previous API.\n\n---\n\n\n### About\n\nThis project implements [Commitment Schemes][1] using the\n[Encrypt-then-MAC][2] approach of authenticated encryption. Because this kind of\nencryption algorithm provides both Message _Confidentiality_ and _Integrity_, it fits\nperfectly the _Hiding_ and _Binding_ properties of Commitment Schemes.\nConfidentiality protects the message against _passive attacks_ while integrity\nprotects it from _active attacks_.\n\nThe hiding property states that it is impossible to discover the secret with the\ncommitment data left alone, that is, the commitment receiver can't know the\nsecret until the commitment sender reveals that through her opening key.\n\nThe binding property, on the other hand, ensures invariants on the commitment\nsender side. It disallows the sender to change the secret by using a different\nopening key. While the sender can refuse to reveal her secret, she can't cheat\non the game. There's a variant of commitment schemes called _Timed Commitments_\nwhere the receiver can brute-force the commitment in the case of the sender\naborting the game by refusing to send the opening key, tho. Another variant\ncalled _Fuzzy Commitments_ accepts some noise during opening phase.\n\nCommitment Schemes are one of the many [Secure Multiparty Computation][3]\nprotocols/primitives, [Secret Sharing][4] is other famous cryptographic\nprimitive in such field.\n\n\n### Installation\n\nFor the stable release, just type:\n\n```shell\n$ opam install nocoiner\n```\n\nTo install/test the unstable version on this repository (assuming you're\ninside the project's root directory):\n\n```shell\n$ make install # 'make uninstall' reverts the changes\n```\n\n\n### Testing\n\n```shell\n$ make test\n```\n\n\n### Usage\n\nAs library (assuming you have linked the package `nocoiner` below):\n\n```ocaml\nlet secret = \"I have nothing to hide.\"\nlet (c, o) = Nocoiner.commit secret\n\nassert (secret = Nocoiner.reveal ~commitment:c ~opening:o)\n```\n\nHere, the `Nocoiner.commit` operation is non-deterministic and the\n`Nocoiner.reveal` is deterministic. The `Nocoiner.reveal` operation may throw\nthe following exceptions:\n- `Nocoiner.Reasons.InvalidCommitment`, if the parsing of commitment fails.\n- `Nocoiner.Reasons.InvalidOpening`, if the opening key contains invalid data.\n- `Nocoiner.Reasons.BindingFailure`, if both commitment \u0026 opening are unrelated.\n\nAs the command-line interface (ignore all the `$` below while typing):\n\n```shell\n$ echo \"Something not really secret...\" \u003e secret.txt\n$ cat secret.txt | nocoiner commit \\\n  --commitment-file=commitment-box.txt \\\n  --opening-file=opening-key.txt\n$ nocoiner reveal \\\n  --commitment-file=commitment-box.txt \\\n  --opening-file=opening-key.txt \u003e secret-output.txt\n$ cat secret-output.txt\n```\n\nThe complete API reference is available [here][7]. Coverage reports are\ngenerated too, please refer to the respective [page][8].\n\n\n### Disclaimer\n\nThis library was not fully tested against side-channel attacks. Keep in mind\nthat the use cases of this library is for Secure Multiparty games such as online\nGambling and Auctions. With other use cases, the security of this cryptographic\nprimitive can be deemed as flawed.\n\nNote that players can abort in the middle of a Commit-and-Reveal game, so you\nshould as well deal with that on your code logic. The random encryption key\nand input vector only ensure the _uniqueness locally_, it's also possible to\nhappen collisions of both random data on a distributed setting (it's due the\nsources of entropy being remote and different - so commitments and openings\nwould be identical, think on that even if this probability is small). ~~In such\ncase, you can either take a fingerprint of the host machine and a timestamp\nnonce into account, in the same sense of [Elliott's CUID][5] library~~ (we already\ncover that issue of distributed collisions by using a fingerprint of hashed\nprocess context).\n\n  [1]: https://en.wikipedia.org/wiki/Commitment_scheme\n  [2]: https://en.wikipedia.org/wiki/Authenticated_encryption#Encrypt-then-MAC\n  [3]: https://en.wikipedia.org/wiki/Secure_multiparty_computation\n  [4]: https://en.wikipedia.org/wiki/Secret_sharing\n  [5]: https://github.com/ericelliott/cuid\n  [6]: https://en.wikipedia.org/wiki/Authenticated_encryption\n  [7]: https://marcoonroad.dev/nocoiner/apiref/nocoiner/Nocoiner/index.html\n  [8]: https://marcoonroad.dev/nocoiner/apicov/index.html\n  [9]: https://github.com/marcoonroad/nocoiner/issues/1","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcoonroad%2Fnocoiner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarcoonroad%2Fnocoiner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcoonroad%2Fnocoiner/lists"}