Heavymeta Stellar Utilities for Python , By: Fibo Metavinci
Project description
hvym_stellar
A Python library for secure token generation and verification using Stellar keypairs with support for expiration, access control, secret sharing, and file storage.
Installation
pip install hvym_stellar
Quick Start
from hvym_stellar import (
Stellar25519KeyPair, StellarSharedKey, StellarSharedDecryption,
StellarSharedKeyTokenBuilder, StellarSharedKeyTokenVerifier,
HVYMDataToken, TokenType
)
from stellar_sdk import Keypair
# Create keypairs
sender_kp = Stellar25519KeyPair(Keypair.random())
receiver_kp = Stellar25519KeyPair(Keypair.random())
Usage Examples
1. Access Tokens
# Create token with caveats
token = StellarSharedKeyTokenBuilder(
sender_kp,
receiver_kp.public_key(),
token_type=TokenType.ACCESS,
expires_in=3600,
caveats={"user_id": "123", "role": "admin"}
)
serialized = token.serialize()
# Verify token (caveats must match ALL token caveats)
verifier = StellarSharedKeyTokenVerifier(
receiver_kp,
serialized,
TokenType.ACCESS,
caveats={"user_id": "123", "role": "admin"}
)
if verifier.valid():
print("Token valid, expires:", verifier._get_expiration_time())
2. Secret Sharing
# Sender creates secret token
token = StellarSharedKeyTokenBuilder(
sender_kp,
receiver_kp.public_key(),
token_type=TokenType.SECRET,
secret="sensitive-data",
expires_in=300
)
serialized = token.serialize()
# Receiver extracts secret
verifier = StellarSharedKeyTokenVerifier(
receiver_kp, serialized, TokenType.SECRET
)
if verifier.valid():
secret = verifier.secret()
3. Encryption/Decryption (Hybrid)
Uses signature-based format: salt|nonce|signature|ciphertext
from hvym_stellar import extract_salt_from_encrypted
# Encrypt
shared_key = StellarSharedKey(sender_kp, receiver_kp.public_key())
encrypted = shared_key.encrypt(b"Secret message")
# Decrypt (from_address REQUIRED in v0.19+)
decryptor = StellarSharedDecryption(receiver_kp, sender_kp.public_key())
sender_address = sender_kp.base_stellar_keypair().public_key
decrypted = decryptor.decrypt(encrypted, from_address=sender_address)
# Extract components if needed
salt = extract_salt_from_encrypted(encrypted)
4. Asymmetric Encryption (Recommended)
Standard X25519 encryption - simpler and more secure.
# Encrypt
shared_key = StellarSharedKey(sender_kp, receiver_kp.public_key())
encrypted = shared_key.asymmetric_encrypt(b"Secret message")
# Decrypt (no from_address needed)
decryptor = StellarSharedDecryption(receiver_kp, sender_kp.public_key())
decrypted = decryptor.asymmetric_decrypt(encrypted)
# Shared secrets
secret = shared_key.asymmetric_shared_secret() # 32 bytes
5. File Storage (HVYMDataToken)
# Create from file
token = HVYMDataToken.create_from_file(
senderKeyPair=sender_kp,
receiverPub=receiver_kp.public_key(),
file_path="document.pdf",
expires_in=86400
)
serialized = token.serialize()
# Create from bytes
token = HVYMDataToken.create_from_bytes(
senderKeyPair=sender_kp,
receiverPub=receiver_kp.public_key(),
file_data=b"binary content",
filename="data.bin",
expires_in=3600
)
# Extract (static method - recommended)
file_bytes, metadata = HVYMDataToken.extract_from_token(
serialized_token=serialized,
receiver_keypair=receiver_kp
)
API Reference
StellarSharedKey
shared_key = StellarSharedKey(sender_keypair, receiver_public_key)
# Hybrid encryption (signature-based)
encrypted = shared_key.encrypt(message_bytes)
# Asymmetric encryption (recommended)
encrypted = shared_key.asymmetric_encrypt(message_bytes)
# Shared secrets
secret = shared_key.shared_secret() # Deterministic
secret = shared_key.shared_secret(salt=custom_salt) # With salt
secret = shared_key.asymmetric_shared_secret() # Raw X25519 (recommended)
# Hashes
hash_val = shared_key.hash_of_shared_secret()
hash_val = shared_key.asymmetric_hash_of_shared_secret()
StellarSharedDecryption
decryptor = StellarSharedDecryption(receiver_keypair, sender_public_key)
# Hybrid decryption (from_address REQUIRED in v0.19+)
decrypted = decryptor.decrypt(encrypted, from_address=sender_address)
# Asymmetric decryption (recommended)
decrypted = decryptor.asymmetric_decrypt(encrypted)
# Shared secrets (same as StellarSharedKey)
secret = decryptor.asymmetric_shared_secret()
Utility Functions
from hvym_stellar import (
extract_salt_from_encrypted, # 32 bytes
extract_nonce_from_encrypted, # 24 bytes
extract_signature_from_encrypted, # 64 bytes
extract_ciphertext_from_encrypted # Variable
)
HVYMDataToken
# Factory methods
token = HVYMDataToken.create_from_file(senderKeyPair, receiverPub, file_path, expires_in)
token = HVYMDataToken.create_from_bytes(senderKeyPair, receiverPub, file_data, filename, expires_in)
# Extraction
file_bytes, metadata = HVYMDataToken.extract_from_token(serialized_token, receiver_keypair)
# Caveats
token.add_file_type_caveat("pdf")
token.add_file_size_caveat(1048576)
token.add_file_hash_caveat("sha256_hash")
Encryption Methods Comparison
| Method | Security | Use Case |
|---|---|---|
asymmetric_encrypt() |
HIGH - Industry standard X25519 | Recommended for new code |
encrypt() |
MODERATE - Hybrid with signatures | Backward compatible |
Security
- Ed25519 signatures authenticate encryption parameters
- SHA-256 hash verification for file tokens
- Tamper-evident checksums on serialized tokens
- 256-bit security foundation
Version History
- 0.19.0: BREAKING CHANGES - See HVYM_STELLAR.md
recieverPub→receiverPub,recieverKeyPair→receiverKeyPairdecrypt()now requiresfrom_addressparameter
- 0.18.1: Improved crypto methods, nonce signing
- 0.18.0: Added HVYMDataToken for file storage
- 0.17.0: Asymmetric encryption support
- 0.16.0: Asymmetric key derivation
License
MIT License - See LICENSE for details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
hvym_stellar-0.19.0.tar.gz
(16.2 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hvym_stellar-0.19.0.tar.gz.
File metadata
- Download URL: hvym_stellar-0.19.0.tar.gz
- Upload date:
- Size: 16.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
516a08840aa0e72fd2ab020c18e67bb4e3cd3647249e2fdbf75eefbf4648b5d1
|
|
| MD5 |
031e376c646d192400a13819d3c62134
|
|
| BLAKE2b-256 |
50ed72e996b3daf95bb65d60e2027e75cc6bc5d7f8a56935d2368cd3f50a7918
|
File details
Details for the file hvym_stellar-0.19.0-py2.py3-none-any.whl.
File metadata
- Download URL: hvym_stellar-0.19.0-py2.py3-none-any.whl
- Upload date:
- Size: 15.3 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b260193385dd3108b68a6e10885060c1b0bfac3c535398141db1fda07ffbc69f
|
|
| MD5 |
d307e6f4be074d115555790fb23b3b98
|
|
| BLAKE2b-256 |
1f135633e922e319c3ddad07dc62782f2334d7c6dfac3d494e1f9f451645e549
|
