A collection of Javascript cryptography functions for Fluree
NOTE: This library has been deprecated. We recommend using the flureedb / flureenjs libraries directly instead. If there is something in here that you'd like to see in those libraries, please let us know by opening a GitHub issue here: https://github.com/fluree/db/issues.
npm install @fluree/crypto-utils
The db
parameter has been changed to ledger
as it should have been named in
the first place. This requires Fluree Ledger version 1.0.1 or higher.
The host
parameter has been dropped from the signQuery function since it is no longer used to create the signing string.
Returns a hex string of a public and private key pair.
import { generateKeyPair } from '@fluree/crypto-utils';
const { publicKey, privateKey } = generateKeyPair();
For Node.js, you will need to reference the Node.js crypto module. This is because the randomness for Node.js seed generation is determined differently than the browser.
const crypto = require("crypto");
const {generateKeyPair,getSinFromPublicKey} = require('@fluree/crypto-utils');
const { publicKey, privateKey } = generateKeyPair();
Returns the _auth/id
that accompanies a given public key.
import { generateKeyPair, getSinFromPublicKey } from '@fluree/crypto-utils';
const { publicKey } = generateKeyPair();
const authId = getSinFromPublicKey(publicKey);
signTransaction returns an object with the keys: sig, cmd, which should then be sent in the body of a request to the /command
import { generateKeyPair, getSinFromPublicKey, signTransaction } from '@fluree/crypto-utils';
const { publicKey, privateKey } = generateKeyPair();
const authId = getSinFromPublicKey(publicKey);
const ledger = "test/one";
const expire = Date.now() + 1000;
const fuel = 100000;
const nonce = 1;
// Deps is an optional parameter - it is a array of _tx/ids that must have succeeded
// for the current transaction to be accepted.
const deps = null;
const tx = JSON.stringifiy([{
"_id": "_tag",
"id": "tag/test" }])
let command = signTransaction(authId, ledger, expire, fuel, nonce, privateKey, tx, deps)
// If you want to receive the verbose results from the transaction,
// set the txid-only property to false. By default (true), only the
// transaction id will be returned.
Object.assign(command, {"txid-only": false});
const fetchOpts = {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(command)
const fullURI = `https://localhost:8090/fdb/${ledger}/command`;
fetch(fullURI, fetchOpts)
signQuery returns an object with the keys: header, method, body, which should then be sent to any of the query endpoints (/query
, /multi-query
, history
, block
import { generateKeyPair, getSinFromPublicKey, signQuery } from '@fluree/crypto-utils';
const { publicKey, privateKey } = generateKeyPair();
const authId = getSinFromPublicKey(publicKey);
const param = JSON.stringify({select: ["*"], from: "_collection"});
const ledger = "test/one";
const queryType = "query";
const fetchOpts = signQuery(privateKey, param, queryType, ledger)
const fullURI = `https://localhost:8090/fdb/${ledger}/query`;
fetch(fullURI, fetchOpts)
signRequest returns an object containing the keys: header, method and body. This object can be used to sign requests that are not related to transactions or queries.
The following example demonstrates how to sign a request to delete a ledger.
import { generateKeyPair, getSinFromPublicKey, signRequest } from '@fluree/crypto-utils';
const { publicKey, privateKey } = generateKeyPair();
const authId = getSinFromPublicKey(publicKey);
// The host portion of the URL is required as the signRequest
// function parses the entire url to build the signing string.
var endpoint = 'http://localhost:8090/fdb/delete-db';
var body = JSON.stringify({
"ledger/id": 'test/deleteme',
"auth": authId
var fetchOpts = signRequest("POST", endpoint, body, privateKey, authId);
fetch(endpoint, fetchOpts)