Library for working with encrypted data within nilDB queries and replies.
This library provides cryptographic operations that are compatible with nilDB nodes and clusters, allowing developers to leverage certain privacy-enhancing technologies (PETs) when storing, operating upon, and retrieving data while working with nilDB. The table below summarizes the functionalities available in nilQL.
| Cluster | Operation | Implementation Details | Supported Types |
|---|---|---|---|
| single node | store | XSalsa20 stream cipher and Poly1305 MAC | 32-bit signed integer; UTF-8 string (<4097 bytes) |
| single node | match | deterministic salted hashing via SHA-512 | 32-bit signed integer; UTF-8 string (<4097 bytes) |
| single node | sum | non-deterministic Paillier with 2048-bit primes | 32-bit signed integer |
| multiple nodes | store | XOR-based secret sharing | 32-bit signed integer; UTF-8 string (<4097 bytes) |
| multiple nodes | match | deterministic salted hashing via SHA-512 | 32-bit signed integer; UTF-8 string (<4097 bytes) |
| multiple nodes | sum | additive secret sharing with modulus 2^32 | 32-bit signed integer |
The package can be installed using pnpm:
pnpm installThe library can be imported in the usual way:
import { nilql } from "@nillion/nilql";An example demonstrating use of the library is presented below:
const cluster = {"nodes": [{}, {}]};
const secretKey = await nilql.SecretKey.generate(cluster, {"sum": true});
const plaintext = BigInt(123);
const ciphertext = await nilql.encrypt(secretKey, plaintext);
const decrypted = await nilql.decrypt(secretKey, ciphertext);
console.log(plaintext, decrypted); // Should output `123n 123n`.All unit tests are executed and their coverage measured with vitest:
pnpm testStyle conventions are enforced using biomejs:
pnpm lintTypes are checked with:
pnpm typecheckIn order to contribute, open an issue or submit a pull request on the GitHub. To enforce conventions, git hooks are provided and can be setup with:
pnpm install-hooksThe version number format for this library and the changes to the library associated with version number increments conform with Semantic Versioning 2.0.0.