{"id":34090800,"url":"https://github.com/nthparty/otc","last_synced_at":"2026-04-02T03:50:57.439Z","repository":{"id":57449814,"uuid":"297143498","full_name":"nthparty/otc","owner":"nthparty","description":"Oblivious transfer (OT) communications protocol message/response functionality implementations based on Curve25519 and the Ristretto group.","archived":false,"fork":false,"pushed_at":"2022-10-06T02:44:51.000Z","size":2910,"stargazers_count":4,"open_issues_count":0,"forks_count":4,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-25T09:23:52.359Z","etag":null,"topics":["cryptographic-algorithms","cryptographic-library","elliptic-curve-cryptography","mpc","multi-party-computation","multiparty-computation","oblivious-transfer","ot-protocols","python-library","ristretto","secure-multi-party-computation","secure-multiparty-computation"],"latest_commit_sha":null,"homepage":"https://pypi.org/project/otc","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nthparty.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-09-20T18:57:55.000Z","updated_at":"2024-09-29T03:01:22.000Z","dependencies_parsed_at":"2022-09-19T16:20:38.252Z","dependency_job_id":null,"html_url":"https://github.com/nthparty/otc","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/nthparty/otc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nthparty%2Fotc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nthparty%2Fotc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nthparty%2Fotc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nthparty%2Fotc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nthparty","download_url":"https://codeload.github.com/nthparty/otc/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nthparty%2Fotc/sbom","scorecard":{"id":697706,"data":{"date":"2025-08-11","repo":{"name":"github.com/nthparty/otc","commit":"dc2aa42b78b09d6d43ddc36e28134268255e61fc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test-cover-docs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/nthparty/otc/lint-test-cover-docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test-cover-docs.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/nthparty/otc/lint-test-cover-docs.yml/main?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/lint-test-cover-docs.yml:21","Warn: pipCommand not pinned by hash: .github/workflows/lint-test-cover-docs.yml:26","Warn: pipCommand not pinned by hash: .github/workflows/lint-test-cover-docs.yml:33","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/lint-test-cover-docs.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-22T04:12:58.850Z","repository_id":57449814,"created_at":"2025-08-22T04:12:58.851Z","updated_at":"2025-08-22T04:12:58.851Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27729839,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-14T02:00:11.348Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptographic-algorithms","cryptographic-library","elliptic-curve-cryptography","mpc","multi-party-computation","multiparty-computation","oblivious-transfer","ot-protocols","python-library","ristretto","secure-multi-party-computation","secure-multiparty-computation"],"created_at":"2025-12-14T14:25:59.261Z","updated_at":"2026-04-02T03:50:57.422Z","avatar_url":"https://github.com/nthparty.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"===\notc\n===\n\nOblivious transfer (OT) communications protocol message/response functionality implementations based on `Curve25519 \u003chttps://cr.yp.to/ecdh.html\u003e`__ and the `Ristretto \u003chttps://ristretto.group\u003e`__ group.\n\n|pypi| |readthedocs| |actions| |coveralls|\n\n.. |pypi| image:: https://badge.fury.io/py/otc.svg\n   :target: https://badge.fury.io/py/otc\n   :alt: PyPI version and link.\n\n.. |readthedocs| image:: https://readthedocs.org/projects/otc/badge/?version=latest\n   :target: https://otc.readthedocs.io/en/latest/?badge=latest\n   :alt: Read the Docs documentation status.\n\n.. |actions| image:: https://github.com/nthparty/otc/workflows/lint-test-cover-docs/badge.svg\n   :target: https://github.com/nthparty/otc/actions/workflows/lint-test-cover-docs.yml\n   :alt: GitHub Actions status.\n\n.. |coveralls| image:: https://coveralls.io/repos/github/nthparty/otc/badge.svg?branch=main\n   :target: https://coveralls.io/github/nthparty/otc?branch=main\n   :alt: Coveralls test coverage summary.\n\nPurpose\n-------\nThis library provides data structures and methods for a basic `oblivious transfer (OT) \u003chttps://en.wikipedia.org/wiki/Oblivious_transfer\u003e`__ communications protocol defined in `work by Chou and Orlandi \u003chttps://eprint.iacr.org/2015/267\u003e`__. Thanks to the underlying `oblivious \u003chttps://pypi.org/project/oblivious\u003e`__ library, method implementations rely on cryptographic primitives found within the `libsodium \u003chttps://github.com/jedisct1/libsodium\u003e`__ library.\n\nFor more information and background about the underlying mathematical structures and primitives, consult materials about `Curve25519 \u003chttps://cr.yp.to/ecdh.html\u003e`__, the `Ristretto \u003chttps://ristretto.group\u003e`__ group, and the related `Ed25519 \u003chttps://ed25519.cr.yp.to\u003e`__ system.\n\nInstallation and Usage\n----------------------\nThis library is available as a `package on PyPI \u003chttps://pypi.org/project/otc\u003e`__::\n\n    python -m pip install otc\n\nThe library can be imported in the usual manner::\n\n    import otc\n    from otc import *\n\nExample\n^^^^^^^\n\n.. |send| replace:: ``send``\n.. _send: https://otc.readthedocs.io/en/4.0.0/_source/otc.html#otc.otc.send\n\n.. |reply| replace:: ``reply``\n.. _reply: https://otc.readthedocs.io/en/4.0.0/_source/otc.html#otc.otc.send.reply\n\n.. |receive| replace:: ``receive``\n.. _receive: https://otc.readthedocs.io/en/4.0.0/_source/otc.html#otc.otc.receive\n\n.. |query| replace:: ``query``\n.. _query: https://otc.readthedocs.io/en/4.0.0/_source/otc.html#otc.otc.receive.query\n\n.. |elect| replace:: ``elect``\n.. _elect: https://otc.readthedocs.io/en/4.0.0/_source/otc.html#otc.otc.receive.elect\n\nSuppose that a sender wants to send exactly one of two payloads to a receiver (such as one of two decryption keys). Furthermore, the receiver does not want to reveal to the sender which of the two payloads they chose to receive. To begin, the sender can create a |send|_ object ``s``. The sender can then send the public key ``s.public`` to the receiver (via some communication channel)::\n\n    \u003e\u003e\u003e import otc\n    \u003e\u003e\u003e s = otc.send()\n    \u003e\u003e\u003e s.public.to_base64()\n    'LJKN1DmNwGiCGWl4O5DsJMIEnlJm6yhb1o2hYS8A4Hg='\n\nThe receiver can create a |receive|_ object. Once they receive ``s.public`` from the sender (via some communications channel), they can use the |receive|_ object's |query|_ method to create an encrypted selection that the sender cannot decrypt. In the example below, the receiver is choosing the second message by supplying the integer ``1`` (where the two valid options are ``0`` or ``1``)::\n\n    \u003e\u003e\u003e r = otc.receive()\n    \u003e\u003e\u003e selection = r.query(s.public, 1)\n\nThe sender can then use its |send|_ object's |reply|_ method to create two encrypted replies based on the receiver's selection; the receiver will *only be able to decrypt the pre-selected payload*, and the sender *does not know* which of the two payloads can be decrypted by the receiver::\n\n    \u003e\u003e\u003e replies = s.reply(selection, bytes([0] * 16), bytes([255] * 16))\n\nFinally, the receiver can decrypt their chosen payload using the |receive|_ object's |elect|_ method. The example below confirms that the receiver has indeed received an encrypted version of the second message::\n\n    \u003e\u003e\u003e r.elect(s.public, 1, *replies) == bytes([255] * 16)\n    True\n\nSee the article `Privacy-Preserving Information Exchange Using Python \u003chttps://medium.com/nthparty/privacy-preserving-information-exchange-using-python-1a4a11bed3d5\u003e`__ for a more detailed presentation of this example.\n\nDevelopment\n-----------\nAll installation and development dependencies are fully specified in ``pyproject.toml``. The ``project.optional-dependencies`` object is used to `specify optional requirements \u003chttps://peps.python.org/pep-0621\u003e`__ for various development tasks. This makes it possible to specify additional options (such as ``docs``, ``lint``, and so on) when performing installation using `pip \u003chttps://pypi.org/project/pip\u003e`__::\n\n    python -m pip install .[docs,lint]\n\nDocumentation\n^^^^^^^^^^^^^\nThe documentation can be generated automatically from the source files using `Sphinx \u003chttps://www.sphinx-doc.org\u003e`__::\n\n    python -m pip install .[docs]\n    cd docs\n    sphinx-apidoc -f -E --templatedir=_templates -o _source .. \u0026\u0026 make html\n\nTesting and Conventions\n^^^^^^^^^^^^^^^^^^^^^^^\nAll unit tests are executed and their coverage is measured when using `pytest \u003chttps://docs.pytest.org\u003e`__ (see the ``pyproject.toml`` file for configuration details)::\n\n    python -m pip install .[test]\n    python -m pytest\n\nAlternatively, all unit tests are included in the module itself and can be executed using `doctest \u003chttps://docs.python.org/3/library/doctest.html\u003e`__::\n\n    python src/otc/otc.py -v\n\nStyle conventions are enforced using `Pylint \u003chttps://pylint.pycqa.org\u003e`__::\n\n    python -m pip install .[lint]\n    python -m pylint src/otc\n\nContributions\n^^^^^^^^^^^^^\nIn order to contribute to the source code, open an issue or submit a pull request on the `GitHub page \u003chttps://github.com/nthparty/otc\u003e`__ for this library.\n\nVersioning\n^^^^^^^^^^\nThe version number format for this library and the changes to the library associated with version number increments conform with `Semantic Versioning 2.0.0 \u003chttps://semver.org/#semantic-versioning-200\u003e`__.\n\nPublishing\n^^^^^^^^^^\nThis library can be published as a `package on PyPI \u003chttps://pypi.org/project/otc\u003e`__ by a package maintainer. First, install the dependencies required for packaging and publishing::\n\n    python -m pip install .[publish]\n\nEnsure that the correct version number appears in ``pyproject.toml``, and that any links in this README document to the Read the Docs documentation of this package (or its dependencies) have appropriate version numbers. Also ensure that the Read the Docs project for this library has an `automation rule \u003chttps://docs.readthedocs.io/en/stable/automation-rules.html\u003e`__ that activates and sets as the default all tagged versions. Create and push a tag for this version (replacing ``?.?.?`` with the version number)::\n\n    git tag ?.?.?\n    git push origin ?.?.?\n\nRemove any old build/distribution files. Then, package the source into a distribution archive::\n\n    rm -rf build dist src/*.egg-info\n    python -m build --sdist --wheel .\n\nFinally, upload the package distribution archive to `PyPI \u003chttps://pypi.org\u003e`__::\n\n    python -m twine upload dist/*\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnthparty%2Fotc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnthparty%2Fotc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnthparty%2Fotc/lists"}