← Home

@fhenixprotocol/cofhe-contracts

npm Repository
4
Versions
License
Yes
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

fhenixprotocol

Keywords

blockchainethereumsmart-contractssolidityFHEencryptionprivacycoprocessorfhenixcofhe

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
install-scripts install-script:postinstall AI (install-scripts): Postinstall only prints a migration warning message; no network access or arbitrary code execution. ai
phantom-deps phantom-dep:@openzeppelin/contracts AI (phantom-deps): Solidity contracts package; OZ imports appear in .sol files, not JS — phantom-dep heuristic doesn't apply. ai

Versions (showing 4 of 4)

Version Deps Published
0.1.4 1 / 0
0.1.3 1 / 0
0.1.2 1 / 0
0.0.14 1 / 0

v0.1.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.14

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.