Monorepo of our ahead-of-time implementation of Secure ECMAScript

Last update: Jun 16, 2022

Ahead-of-time Secure EcmaScript

The monorepo contains a set of packages that helps adopt SES in a pre-compiled way.

Security Assumptions

This project has the following security assumptions (based on our usage):

  1. Environment is already lockdown() by ses.
  2. Dynamic code execution (eval and Function) is not possible (if it is possible, please use the Compartment provided by ses).
  3. Files executed are either precompiled into SyntheticModuleRecord or trusted.

Roadmap

  • @masknet/static-module-record-swc: A swc plugin to transform ES Module into SyntheticModuleRecord.
  • @masknet/compartment: An eval-less implementation of Compartment.
  • @masknet/web-endowments: Provide common Web APIs, with AbortSignal support to cancel out all side effects within a compartment, and provide attenuations (e.g. limits accessible databases of indexedDB, or limit accessible domains in fetch).
  • @masknet/membrane: A membrane library.
  • @masknet/intrinsic-snapshot: Make a snapshot of all intrinsic (including host APIs).

GitHub

https://github.com/DimensionDev/aot-secure-ecmascript
Comments
  • 1. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Minor Changes

    • 4139fc5: First release 🎉

    @masknet/[email protected]

    Patch Changes

    • d1f8d16: Add a workaround for imports without binding cannot be imported after converted into ThirdPartyStaticModuleRecord
    Reviewed by github-actions[bot] at 2022-06-07 09:30
  • 2. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Minor Changes

    • 0398516: [Spec] Merge the initialize 2nd and 3rd parameter into a context object
    Reviewed by github-actions[bot] at 2022-06-07 04:17
  • 3. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Major Changes

    • 9f33549: First release 🎉
    Reviewed by github-actions[bot] at 2022-06-06 12:42
  • 4. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Major Changes

    • 9f33549: First release 🎉
    Reviewed by github-actions[bot] at 2022-06-06 12:27
  • 5. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Major Changes

    • 9f33549: First release 🎉
    Reviewed by github-actions[bot] at 2022-06-06 12:12
  • 6. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Major Changes

    • 9f33549: First release 🎉
    Reviewed by github-actions[bot] at 2022-06-06 12:01
  • 7. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Major Changes

    • 9f33549: First release 🎉
    Reviewed by github-actions[bot] at 2022-06-06 11:45
  • 8. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and publish to npm yourself or setup this action to publish automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Major Changes

    • 9f33549: First release 🎉
    Reviewed by github-actions[bot] at 2022-06-06 11:40
  • 9. Version Packages

    This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

    Releases

    @masknet/[email protected]

    Patch Changes

    • 557e321: [Spec] Rename ThirdPartyStaticModuleRecord to SyntheticModuleRecord
    Reviewed by github-actions[bot] at 2022-06-10 15:08
Subspace Monorepo

Subspace Network Monorepo This is a mono repository for Subspace Network implementation, primarily containing Subspace node/client using Substrate fra

Jun 23, 2022
Project Serum Rust Monorepo

serum-dex Project Serum Rust Monorepo Website | Discord | Awesome | DEX | TypeScript Program Deployments Program Devnet Mainnet Beta DEX DESVgJVGajEgK

Jun 14, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Jun 15, 2022
User-friendly secure computation engine based on secure multi-party computation
User-friendly secure computation engine based on secure multi-party computation

CipherCore If you have any questions, or, more generally, would like to discuss CipherCore, please join the Slack community. See a vastly extended ver

Jun 21, 2022
A guide for Mozilla's developers and data scientists to analyze and interpret the data gathered by our data collection systems.

Mozilla Data Documentation This documentation was written to help Mozillians analyze and interpret data collected by our products, such as Firefox and

May 18, 2022
A safe implementation of the secure remote password authentication and key-exchange protocol (SRP), SRP6a and legacy are as features available.

Secure Remote Password (SRP 6 / 6a) A safe implementation of the secure remote password authentication and key-exchange protocol (SRP version 6a). Ver

Jun 1, 2022
Secure storage for cryptographic secrets in Rust

secrets secrets is a library to help Rust programmers safely held cryptographic secrets in memory. It is mostly an ergonomic wrapper around the memory

Jun 14, 2022
Use Touch ID / Secure Enclave for SSH Authentication!
Use Touch ID / Secure Enclave for SSH Authentication!

SeKey About SeKey is a SSH Agent that allow users to authenticate to UNIX/Linux SSH servers using the Secure Enclave How it Works? The Secure Enclave

Jun 15, 2022
A fast and secure multi protocol honeypot.

Medusa A fast and secure multi protocol honeypot that can mimic realistic devices running ssh, telnet, http, https or any other tcp and udp servers. W

Jun 15, 2022
Cross-platform Secure TUI Secret Locker
Cross-platform Secure TUI Secret Locker

SafeCloset keeps your secrets in password protected files. SafeCloset is designed to be convenient and avoid common weaknesses like external editing o

Jun 2, 2022
A Secure Capability-Based Runtime for JavaScript Based on Deno
A Secure Capability-Based Runtime for JavaScript Based on Deno

Secure Runtime secure-runtime, as the name implies, is a secure runtime for JavaScript, designed for the multi-tenant serverless environment. It is an

May 24, 2022
Web-Scale Blockchain for fast, secure, scalable, decentralized apps and marketplaces.
Web-Scale Blockchain for fast, secure, scalable, decentralized apps and marketplaces.

Building 1. Install rustc, cargo and rustfmt. $ curl https://sh.rustup.rs -sSf | sh $ source $HOME/.cargo/env $ rustup component add rustfmt When buil

Jun 23, 2022
Scrypto Advent Calendar. Learn the new programming langage to build quick and secure DeFi applications.

Scrypto Advent Calendar I am publishing new Christmas related Scrypto examples every day from Dec 1st to Dec 25th. "Watch" this project to get notifie

Jun 16, 2022
Simplified, secure privledge escalation

doit.rs A simplified privledge escalation tool. Attempting to combine the memory safety guarantees of Rust with a small, auditable codebase. I was rea

Jan 6, 2022
A secure development tool box and fintech application made with Rust to be used for developing cryptocurrencies on the blockchain.

Crypto Fintech Tools for Rust (CFT) Dependencies Rust MacOS Homebrew # xcode cli tools xcode-select --install # install dependencies using Homebrew b

Apr 15, 2022
A secure file encryption utility, written in rust.

Dexios Dexios What is it? Building notes Checksums Performance Output file sizes Environment Variables Key Inputs Usage Examples To Do What is it? Dex

Jun 23, 2022
Cryptle: a secure multi-party Wordle clone with Enarx

Cryptle: a secure multi-party Wordle clone with Enarx Wordle is a popular web-based game, where a single player has to guess a five-letter word in six

May 9, 2022
🐴 RusTOTPony — CLI manager of one-time password generators aka Google Authenticator

?? RusTOTPony CLI manager of time-based one-time password generators. It is a desktop alternative for Google Authenticator. Installation Arch Linux Pa

Jun 10, 2022
Byzantine-fault-tolerant time synchronization

Byztime Byztime is a Byzantine-fault-tolerant protocol for synchronizing time among a group of peers, without reliance on any external time authority.

Dec 7, 2021