@f0rest8/metamorphic-crypto 0.3.5 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -151,6 +151,28 @@ Decryption always auto-detects the level from the ciphertext version tag.
151
151
  - OS CSPRNG via `getrandom` (no userspace PRNG)
152
152
  - Hybrid construction: both ML-KEM AND X25519 must be broken to compromise a sealed key
153
153
 
154
+ ## Network access
155
+
156
+ Security scanners (e.g. Socket) may flag this package for "network access."
157
+ This is the standard `wasm-bindgen` loader, which calls `fetch()` for a **single**
158
+ purpose: to load the package's own `.wasm` binary when you call the default
159
+ `init()` export. There are no other network calls — no telemetry, no remote
160
+ code, no install scripts.
161
+
162
+ The fetched URL is whatever **you** pass to `init()`. With no argument it
163
+ defaults to the `.wasm` file shipped alongside the JS (`new URL('metamorphic_crypto_bg.wasm', import.meta.url)`),
164
+ i.e. a same-origin asset you control.
165
+
166
+ If you want zero network capability, use the synchronous initializer with bytes
167
+ you load yourself — it never calls `fetch`:
168
+
169
+ ```js
170
+ import { initSync } from "@f0rest8/metamorphic-crypto";
171
+
172
+ // e.g. bytes from your bundler, a same-origin path, or an embedded buffer
173
+ initSync({ module: wasmBytes });
174
+ ```
175
+
154
176
  ## Integrity verification
155
177
 
156
178
  Every release includes SHA-512 checksums and [cosign](https://docs.sigstore.dev/cosign/overview/) signatures for supply chain verification:
@@ -144,10 +144,10 @@ export interface InitOutput {
144
144
  readonly generateRecoveryKey: (a: number) => void;
145
145
  readonly recoveryKeyToSecret: (a: number, b: number, c: number) => void;
146
146
  readonly parseSaltFromKeyHash: (a: number, b: number, c: number) => void;
147
- readonly decryptPrivateKeyWithRecovery: (a: number, b: number, c: number, d: number, e: number) => void;
148
- readonly decryptSecretboxToString: (a: number, b: number, c: number, d: number, e: number) => void;
149
147
  readonly encryptSecretboxString: (a: number, b: number, c: number, d: number, e: number) => void;
150
148
  readonly encryptPrivateKeyForRecovery: (a: number, b: number, c: number, d: number, e: number) => void;
149
+ readonly decryptSecretboxToString: (a: number, b: number, c: number, d: number, e: number) => void;
150
+ readonly decryptPrivateKeyWithRecovery: (a: number, b: number, c: number, d: number, e: number) => void;
151
151
  readonly __wbindgen_export: (a: number, b: number) => number;
152
152
  readonly __wbindgen_export2: (a: number, b: number, c: number, d: number) => number;
153
153
  readonly __wbindgen_export3: (a: number) => void;
Binary file
package/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@f0rest8/metamorphic-crypto",
3
3
  "type": "module",
4
4
  "description": "Zero-knowledge end-to-end encryption with post-quantum hybrid KEM (ML-KEM-768/1024 + X25519)",
5
- "version": "0.3.5",
5
+ "version": "0.3.6",
6
6
  "license": "MIT OR Apache-2.0",
7
7
  "repository": {
8
8
  "type": "git",