Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/sabkat-ahmed-rafi/cryptonism

End-to-end encryption library for browser to secure authentication and sensitive data with zero-knowledge architecture.
https://github.com/sabkat-ahmed-rafi/cryptonism

aes-gcm-encryption argon2 argon2-browser browser-crypto end-to-end-encryption zero-knowledge

Last synced: 4 months ago
JSON representation

End-to-end encryption library for browser to secure authentication and sensitive data with zero-knowledge architecture.

Awesome Lists containing this project

README 

          
# ๐Ÿ” Cryptonism ยท [![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/sabkat-ahmed-rafi/cryptonism/blob/main/LICENSE)



**Frontend End-to-End Encryption Library**  

Secure your authentication flows and sensitive data with zero-knowledge architecture directly in the browser.



---



## โœจ Features



- ๐Ÿ”‘ Argon2id Key Derivation: Memory-hard password hashing resistant to attacks

- ๐Ÿ” AES-GCM Encryption: Authenticated encryption for maximum security

- ๐Ÿ›ก๏ธ Recovery System: Secure mnemonic-based key recovery

- ๐Ÿ”„ Password Rotation: Safe password updates without data loss

- ๐Ÿ“Š Attempt Tracking: Built-in protection against brute force attacks

- โšก TypeScript Support: Full type safety and IntelliSense support



---



## ๐Ÿ“š Documentation

Full documentation is available here: [View the Docs](https://cryptonism.vercel.app)



## ๐Ÿ“ฆ Installation



```bash

npm install cryptonism

```



## Usage Example



### Encrypt An Account



```typescript

import { generateEncryptedKey } from 'cryptonism';



const result = await generateEncryptedKey({

  password: 'user-master-password'

});



if (result.success) {

  // Store these in your database

  const data = {

    encryptedKey: result.encryptedKey,

    salt: result.salt,

    iv: result.iv,

    encryptedRecoveryKey: result.encryptedRecoveryKey,

    recoverySalt: result.recoverySalt,

    recoveryIV: result.recoveryIV

  };

  

  // CRITICAL: Show recovery phrase to user ONCE

  alert(`Save this recovery phrase: ${result.recoveryPhrase}`);

  

} else {

  console.error('Key generation failed:', result.error.message);

}

```



### With Custom Argon2 Configuration



```typescript

// Note: use same custom argonConfig for all functions

const result = await generateEncryptedKey({

  password: 'user-master-password',

  argonConfig: {

    time: 3,      // More iterations for higher security

    mem: 32000,  // 32MB memory usage

    hashLen: 32   // 32-byte output

  }

});



// The Default Argon2 Config

const defaultArgonConfig = {

  time: 3,

  mem: 65536,

  hashLen: 32

};



```



### Decrypt An Account



```typescript

import { decryptGeneratedKey } from 'cryptonism';



// Data from your database

const data = {

  salt: 'base64-salt-string',

  iv: 'base64-iv-string', 

  encryptedKey: 'base64-encrypted-key'

};



const result = await decryptGeneratedKey({

  salt: data.salt,

  iv: data.iv,

  encryptedKey: data.encryptedKey,

  password: 'user-entered-password'

});



if (result.success) {

  const { decryptedKey } = result;

  // Now you can use this key to encrypt/decrypt secrets

  console.log('Vault unlocked successfully!');

} else {

  console.error('Failed to unlock vault:', result.error.message);

}

```



### Decrypt With Attempt Tracking



```typescript

const result = await decryptGeneratedKey({

  salt: data.salt,

  iv: data.iv,

  encryptedKey: data.encryptedKey,

  password: userPassword,

  trackAttempts: {

    enable: true,

    id: `user-${userId}`,     // Unique identifier for this user

    maxAttempts: 5            // Lock after 5 failed attempts

  }

});



if (result.success) {

  console.log('Login successful!');

} else {

  console.error(`Login failed. Attempts: ${result.attempts}/5`);

  

  if (result.attempts >= 5) {

    console.error('Account locked due to too many failed attempts');

  }

}

```



### Encrypt Each Secret Data



```typescript

import { encryptSecret } from 'cryptonism';



// Assuming you have a decrypted key from decryptGeneratedKey

const result = await encryptSecret({

  secret: 'my-api-key-abc123',

  decryptedKey: userDecryptedKey

});



if (result.success) {

  // Store these values in your database

  const secretRecord = {

    encryptedSecret: result.encryptedSecret,

    iv: result.iv,

  };

  

  await saveSecretToDatabase(secretRecord);

  console.log('Secret encrypted and saved!');

} else {

  console.error('Encryption failed:', result.error.message);

}

```



### Decrypt Each Secret



```typescript

import { decryptSecret } from 'cryptonism';



// Data retrieved from your database

const secretRecord = {

  encryptedSecret: 'base64-encrypted-data',

  iv: 'base64-iv-string'

};



const result = await decryptSecret({

  encryptedSecret: secretRecord.encryptedSecret,

  iv: secretRecord.iv,

  decryptedKey: userDecryptedKey  // From decryptGeneratedKey

});



if (result.success) {

  console.log('Secret:', result.decryptedSecret);

  // Use the decrypted secret (API key, password, etc.)

} else {

  console.error('Decryption failed:', result.error.message);

}

```



For advanced usage, configuration options, and troubleshooting tips, please refer to the [Full Documentation](https://cryptonism.vercel.app).