Cryptography utilities for browser and Node.js environments.
Encrypt and decrypt MDflow documents locally (mdflow-enc:v1). A standalone, zero-dependency CLI you run on your own machine — plaintext and password never leave it.
MCP server providing a local-first encrypted key-value vault. AES-GCM 256-bit cipher, PBKDF2-derived key from a user PIN. Stores secrets, API keys, notes, or any string data on disk. Zero cloud, zero telemetry, zero network — all data stays on the machine
One-time printable recovery codes for noy-db — last-resort vault unlock when the passphrase, passkey, and OIDC provider are all unavailable. Base32 + checksum codes, PBKDF2-derived wrapping keys, burn-on-use. Part of the @noy-db/on-* authentication family
Tier-2 daily-password authenticator slot for noy-db. PBKDF2-SHA256 600K wraps the KEK in its own keyring slot, distinct from the rarely-typed tier-1 phrase. Pair with @noy-db/on-email-otp or @noy-db/on-totp for the SaaS UX.
Zero-knowledge, offline-first, encrypted document store — core library with AES-256-GCM, PBKDF2, multi-user keyring, and sync engine
TypeScript crypto library — AES, DES, TripleDES, BlowFish, SHA*, MD5, HMAC, PBKDF2, and stream ciphers
Client-side AES-256-GCM decryption for Django-CFG encrypted API responses using Web Crypto API