// npm 패키지
weavedb-base
A decentralized NoSQL database powered by Arweave.
버전
114
메인테이너
1
라이선스
MIT
최초 publish
2022-10-10
publisher
asteroiddao
tarball
67,455 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-05-27
// publisher 캠페인by asteroiddao
이 계정에서 catch된 패키지 9건고립된 catch가 아닙니다. 동일 publisher가 8개의 다른 패키지를 추가로 발행했고, 모두 파이프라인이 catch했습니다 — 일회성이 아닌 조직적 캠페인의 형태. 아래 링크는 각 형제 catch의 분석으로 이동합니다.
// offending code· @0.45.4· 2 files flagged
- @0.45.4··AUTO-PUBLISHED·publisher: asteroiddaoheuristic 75/100static flags 2llm skippedmature-packagehas-source-repoosv-flagged:MAL-2026-4715function-constructorbase64-decode
// offending code· 2 files flaggedpatterns: 2
--- package/index.js (excerpt) --- const pako = require("pako") const elliptic = require("elliptic") const EthCrypto = require("eth-crypto") const { providers, Contract, utils } = require("ethers") const md5 = require("md5") const { keccak256 } = require("./keccak") const versions = require("./versions") const { startAuthentication, startRegistration, base64URLStringToBuffer, } = require("./webauthn") const { generateRegistrationOptions, verifyRegistrationResponse, generateAuthenticationOptions, verifyAuthenticationResponse, } = require("@simplewebauthn/server") //const buildEddsa = require("circomlibjs").buildEddsa const { pick, includes, all, complement, init, is, last, isNil, mergeLeft, clone, tail, map, splitWhen, } = require("ramda") const ethSigUtil = require("@metamask/eth-sig-util") const { privateToAddress } = require("ethereumjs-util") const EIP712Domain = [ { name: "name", type: "string" }, { name: "version", type: "string" }, { name: "verifyingContract", type: "string" }, ] const is_data = [ "set", "setSchema", "setRules", "addIndex", "removeIndex", "add", "update", "upsert", "addTrigger", "removeTrigger", ] const no_paths = [ "nonce", "ids", "validities", "getCrons", "getAlgorithms", "getLinkedContract", "getOwner", "getAddressLink", "getRelayerJob", "listRelayerJobs", "getEvolve", "getInfo", "getTokens", "getBundlers", "addCron", "removeCron", "setAlgorithms", "addRelayerJob", "removeRelayer --- package/webauthn.js (excerpt) --- /* [@simplewebauthn/browser@7.2.0] */ function utf8StringToBuffer(value) { return new TextEncoder().encode(value) } function bufferToBase64URLString(buffer) { const bytes = new Uint8Array(buffer) let str = "" for (const charCode of bytes) { str += String.fromCharCode(charCode) } const base64String = btoa(str) return base64String.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "") } function base64URLStringToBuffer(base64URLString) { const base64 = base64URLString.replace(/-/g, "+").replace(/_/g, "/") const padLength = (4 - (base64.length % 4)) % 4 const padded = base64.padEnd(base64.length + padLength, "=") const binary = atob(padded) const buffer = new ArrayBuffer(binary.length) const bytes = new Uint8Array(buffer) for (let i = 0; i < binary.length; i++) { bytes[i] = binary.charCodeAt(i) } return buffer } function browserSupportsWebAuthn() { return ( window?.PublicKeyCredential !== undefined && typeof window.PublicKeyCredential === "function" ) } function toPublicKeyCredentialDescriptor(descriptor) { const { id } = descriptor return { ...descriptor, id: base64URLStringToBuffer(id), transports: descriptor.transports, } } function isValidDomain(hostname) { return ( hostname === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(hostname) ) } class WebAuthnError extends Error { code constructor({ message, code, cause, name }) { super(message, { cause }) this.name
