browser-passworder
browser-passworder copied to clipboard
A simple browserifiable module for encrypting and decrypting JSON-serializable objects with a password.
Thoughts on dropping this requirement?
Thanks to PR https://github.com/MetaMask/browser-passworder/pull/49, it can now support various algorithm with different cost factor. However, just increasing pbkdf2 iteration might not be the best option to secure encrypt logic. The...
Hello MetaMask team, I am writing to request the addition of an ECMAScript Module (ESM) version of the `browser-passworder` module. As the JavaScript ecosystem continues to evolve, ESM has become...
Before #29, the `decrypt` function would return a `Promise` with a generic `R`. It was changed to return `Promise` instead, which breaks the implementation in `snaps-monorepo`, because `unknown` is not...
Key derivation options are now exported from the functions `keyFromPassword` and `encryptWithDetail`. This can allow the project using this package to store the key derivation options alongside the vault, allowing...
See this comment for details: https://github.com/MetaMask/browser-passworder/pull/28/files#r1013365391
The KDF used and iteration count should be included in the payload returned from `encrypt` to facilitate upgrades over time. This makes it possible to change the work factor or...