Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/cipherstash/stack

Data level access controls via field level searchable encryption SDK for JavaScript/TypeScript
https://github.com/cipherstash/stack

data data-security encryption encryption-sdk javascript postgres postgresql searchable-encryption security typescript

Last synced: 15 days ago
JSON representation

Data level access controls via field level searchable encryption SDK for JavaScript/TypeScript

Awesome Lists containing this project

README 

          


  

    CipherStash Logo

  

  
CipherStash Stack for TypeScript



Built by CipherStash

License

Docs

Join the community on Discord






## What is the stack?



- [Encryption](https://cipherstash.com/docs/stack/cipherstash/encryption): Field-level encryption for TypeScript apps with searchable encrypted queries, zero-knowledge key management, and first-class ORM support.



## Quick look at the stack in action



**Encryption**



```typescript

import { Encryption, encryptedTable, encryptedColumn } from "@cipherstash/stack";



// 1. Define your schema

const users = encryptedTable("users", {

  email: encryptedColumn("email").equality().freeTextSearch(),

});



// 2. Initialize the client

const client = await Encryption({ schemas: [users] });



// 3. Encrypt

const encryptResult = await client.encrypt("secret@example.com", {

  column: users.email,

  table: users,

});

if (encryptResult.failure) {

  // Handle errors your way

}



// 4. Decrypt

const decryptResult = await client.decrypt(encryptResult.data);

if (decryptResult.failure) {

  // Handle errors your way

}

// decryptResult.data => "secret@example.com"

```



## Install



```bash

npm install @cipherstash/stack

# or

yarn add @cipherstash/stack

# or

pnpm add @cipherstash/stack

# or

bun add @cipherstash/stack

```



> [!IMPORTANT]

> **You need to opt out of bundling when using `@cipherstash/stack`.**

> It uses Node.js specific features and requires the native Node.js `require`.

> Read more about bundling in the [documentation](https://cipherstash.com/docs/stack/deploy/bundling).



## Features



- **[Searchable encryption](https://cipherstash.com/docs/stack/cipherstash/encryption/searchable-encryption)**: query encrypted data with equality, free text search, range, and [JSONB queries](https://cipherstash.com/docs/stack/cipherstash/encryption/searchable-encryption#jsonb-queries-with-searchablejson).

- **[Type-safe schema](https://cipherstash.com/docs/stack/cipherstash/encryption/schema)**: define encrypted tables and columns with `encryptedTable` / `encryptedColumn`

- **[Model & bulk operations](https://cipherstash.com/docs/stack/cipherstash/encryption/encrypt-decrypt#model-operations)**: encrypt and decrypt entire objects or batches with `encryptModel` / `bulkEncryptModels`.

- **[Identity-aware encryption](https://cipherstash.com/docs/stack/cipherstash/encryption/identity)**: bind encryption to user identity with lock contexts for policy-based access control.



## Integrations



- [Encryption + Drizzle](https://cipherstash.com/docs/stack/cipherstash/encryption/drizzle)

- [Encryption + Supabase](https://cipherstash.com/docs/stack/cipherstash/encryption/supabase)

- [Encryption + DynamoDB](https://cipherstash.com/docs/stack/cipherstash/encryption/dynamodb)



## Use cases



- **Trusted data access**: ensure only your end-users can access their sensitive data using identity-bound encryption

- **Reduce breach impact**: limit the blast radius of exploited vulnerabilities to only the data the affected user can decrypt



## Documentation



- [Documentation](https://cipherstash.com/docs)

- [Quickstart](https://cipherstash.com/docs/stack/quickstart)

- [SDK and API reference](https://cipherstash.com/docs/stack/reference)



## Contributing



Contributions are welcome and highly appreciated. However, before you jump right into it, we would like you to review our [Contribution Guidelines](CONTRIBUTE.md) to make sure you have a smooth experience contributing.



## Security



For our full security policy, supported versions, and contributor guidelines, see [SECURITY.md](./SECURITY.md).



## License



This project is [MIT licensed](./LICENSE.md).