Unlike go implementation this does not seem to support

await multihashing(bytes, 'identity')

In order to reduce the impact not the default bundle size, each method should use the import() function to get the crypto library it needs. Since all the methods are already async this wouldn’t require an API change and would result in some very code splitting for the consumers.

This library effectively means I never have to look up a hashing function in order to create a multihash, but I still have to go and lookup a validation function in order to validate block data against that hash :(

Exposing a validation function that accepted a multihash and a buffer and returned true/false would be fantastic :)

Version 9.3.2 of aegir just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As aegir is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

I am using js-ipld-dag-cbor which references this package. I would like to be able to calculate hashes even on insecure (HTTP) websites.

When js-multihashing-async tries to access window.crypto.subtle it throws on error in Brave, but works fine in Firefox. Chrome on Android also throws an error.

Is it possible to fallback on a browser implementation to avoid the HTTPS requirement?

Other issue: ipld/js-ipld-dag-cbor#114

I posted this question at discuss and would like to contribute code in this library to enable this type of encryption in multiformats - and was directed here. This is a tracking issue that should be closed if my pull-request is merged or if the approach is inappropriate. Discussion is welcome!

Version 0.4.4 of multihashes just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As multihashes is a direct dependency of this project this is very likely breaking your project right now. If other packages depend on you it’s very likely also breaking them.
I recommend you give this issue a very high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

In some environments sha3 won't compile. We should make it optional and fall back to the pure JavaScript version instead of failing in this case.

like "needs review".

js-multihashing-async has its own set of functions that need to be updated if a new hash algorithm is added. For Bitcoin/Zcash support dbl-sha2-256 was added. That one needs to be added.

Hi there! I'm working on a large project, where multihashing gets depended on. I'm not sure if this is a bug isolated in this package, or if it's introduced from some outer-dep (I don't expect this to be true but in this case, its [email protected]).

The Multihashing.digest func, in the code comments, is supposed to return a Uint8Array. yet when I log digest instanceof Uint8Array, it returns false. This causes the following multihash.encode call to throw the error: digest should be a Uint8Array

The alg param in this instance is 0x18 or shake-128

For more clarity:

async function Multihashing (buf, alg, length) {
  console.log('buff instance of Uint8Array? ', buf instanceof Uint8Array) // => logs true
  const digest = await Multihashing.digest(buf, alg, length)
  console.log('digest instance of Uint8Array?', digest instanceof Uint8Array) // => logs false
  return multihash.encode(digest, alg, length)
}

This is obviously not going to play nicely with this line

It would be fairly simple to import native-crypto or a similar library that falls back on js libraries for crypto in the absence of webcrypto; in the meantime, js-ipfs doesn't work in a webworker in safari, and in other bad browsers.

The code published to npm that gets loaded on require is in fact a ES5 transpiled version with the right shims added. This means that you can require it and use with your favourite bundler without having to adjust asset management process.

This does not seem to be the case. When I look through the code in the dist folder, I do see a bunch of let statements in there.

A manifestation of the problem for me is that building an app made via create-react-app fails with the following error:

Failed to compile.

Failed to minify the code from this file: 

 	./node_modules/multihashing-async/src/index.js:28 

I believe the minifier is expecting transpiled ES5 code.

As a work-around, I could just bring the js-multihashing-async into my own codebase so that my transpiler will transpile it, but this is not ideal and not the accepted best practice. Furthermore, I'm not even using the lib directly. It's a dependency of libp2p-crypto.

It would be very convenient to not have to convert everything into node style Buffer but rather allow use of ArrayBuffer

Version 9.3.1 of aegir just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As aegir is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

The shake-128 and shake-256 digests size are double what they should be. From examining the NIST test vectors, shake-128 is 16 bytes (128 bits) and shake-256 is 32 bytes (256 bits).