Skip to content
QuantumScanPublic scan report

Repository

ethereumjs/keythereum

Scanned on Jun 30, 2026

80

Risk score/ 100

High risk

Summary

Análise Heurística (IA indisponível) — 11 ocorrências detectadas: AES-128, secp256k1 (Bitcoin curve), ECDSA, SHA-256 used as password KDF.

Critical

0

High

3

Medium

7

Low

1

Top findings

  • HighCWE-327ECDSA

    index.js:162

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)

    Raw evidence
    * @param {Buffer|string} privateKey ECDSA private key.
  • HighCWE-327secp256k1 (Bitcoin curve)

    index.js:175

    Raw evidence
    secp256k1.publicKeyCreate(privateKeyBuffer, false).slice(1)
  • HighCWE-327secp256k1 (Bitcoin curve)

    index.js:15

    Raw evidence
    var secp256k1 = require("ethereum-cryptography/secp256k1-compat");
  • MediumCWE-326AES-128

    test/keys.js:239

    AES-256

    Raw evidence
    description: "aes-128-ctr should be available",
  • MediumCWE-326AES-128

    test/keys.js:240

    AES-256

    Raw evidence
    cipher: "aes-128-ctr",

+ 6 more findings in the full report

Scan your own repository

Free. Results in ~90 seconds. CBOM + DORA/NIS2 PDF included.

Start a free scan