npm - hd-wallet-wasm - Versions diffs - 2.0.2 → 2.0.4 - Mend

hd-wallet-wasm 2.0.2 → 2.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +4 -4
package/src/index.mjs +9 -11

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "hd-wallet-wasm",
-  "version": "2.0.2",
+  "version": "2.0.4",
   "description": "Comprehensive HD Wallet implementation in WebAssembly - BIP-32/39/44, multi-curve, multi-chain support",
   "type": "module",
   "main": "src/index.mjs",
@@ -27,11 +27,11 @@
   "files": [
     "src/index.mjs",
     "src/index.d.ts",
+    "src/sdn-plugin.mjs",
+    "src/sdn-plugin-manifest-source.mjs",
     "src/epm-attestation.mjs",
     "src/aligned.mjs",
     "src/aligned.d.ts",
-    "src/sdn-plugin.mjs",
-    "src/sdn-plugin-manifest-source.mjs",
     "src/generated/",
     "dist/hd-wallet.js",
     "dist/hd-wallet.wasm",
@@ -44,7 +44,7 @@
     "generate:aligned": "node ../scripts/generate-aligned.mjs",
     "generate:sdn-plugin": "node ../scripts/generate-sdn-plugin-manifest.mjs",
     "build": "npm run generate:sdn-plugin && cmake --build ../build-wasm --target hd_wallet_wasm_npm -j",
-    "test:artifact": "node test/test_bundle_browser_artifact.mjs && node test/test_package_contents.mjs",
+    "test:artifact": "node test/test_bundle_browser_artifact.mjs",
     "test:sdn-plugin": "node test/test_sdn_plugin_compliance.mjs",
     "test:all": "node test/test_all.mjs",
     "test": "npm run test:artifact && npm run test:all",

package/src/index.mjs CHANGED Viewed

@@ -1130,8 +1130,7 @@ try {
 /**
  * SECURITY FIX [HIGH-05]: WASM Module Integrity Verification
  *
- * Verify the integrity of a WASM module before loading.
- * This helps prevent supply chain attacks where the WASM binary is tampered with.
+ * Verify the integrity of a WASM module using the package WASM SHA-256 helper.
  *
  * @param {ArrayBuffer|Uint8Array} wasmBytes - The WASM binary
  * @param {string} expectedHash - Expected SHA-256 hash in hex format
@@ -1146,10 +1145,7 @@ export async function verifyWasmIntegrity(wasmBytes, expectedHash) {
   const bytes = wasmBytes instanceof Uint8Array ? wasmBytes : new Uint8Array(wasmBytes);
-  // Use SubtleCrypto for hash computation
-  const hashBuffer = await crypto.subtle.digest('SHA-256', bytes);
-  const hashArray = Array.from(new Uint8Array(hashBuffer));
-  const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+  const hashHex = await computeWasmHash(bytes);
   if (hashHex.toLowerCase() !== expectedHash.toLowerCase()) {
     throw new Error(
@@ -1163,18 +1159,20 @@ export async function verifyWasmIntegrity(wasmBytes, expectedHash) {
   return true;
 }
+function bytesToHex(bytes) {
+  return Array.from(bytes, b => b.toString(16).padStart(2, '0')).join('');
+}
 /**
- * Compute SHA-256 hash of WASM module
- * Use this during build to get the hash for integrity verification.
+ * Compute SHA-256 hash of bytes with the package WASM implementation.
  *
  * @param {ArrayBuffer|Uint8Array} wasmBytes - The WASM binary
  * @returns {Promise<string>} SHA-256 hash in hex format
  */
 export async function computeWasmHash(wasmBytes) {
   const bytes = wasmBytes instanceof Uint8Array ? wasmBytes : new Uint8Array(wasmBytes);
-  const hashBuffer = await crypto.subtle.digest('SHA-256', bytes);
-  const hashArray = Array.from(new Uint8Array(hashBuffer));
-  return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+  const wallet = await init();
+  return bytesToHex(wallet.utils.sha256(bytes));
 }
 /**