@vultisig/sdk
The self-custody MPC wallet SDK for AI agents. Bitcoin, Ethereum, Solana & 36+ chains via DKLS23 threshold signatures. TypeScript, multi-platform (Node, browser, React Native).
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | encoded-string-file:dist/index.browser.js | AI (source-diff): Minified bundle with standard crypto SDK imports; long strings are base64-encoded WASM/protobuf data, not malicious payloads. | ai | |
| source-diff | encoded-string-file:dist/index.chrome-extension.js | AI (source-diff): Same minified bundle pattern; no malicious content. | ai | |
| source-diff | encoded-string-file:dist/index.electron-main.cjs | AI (source-diff): Same minified bundle pattern; no malicious content. | ai | |
| source-diff | encoded-string-file:dist/index.node.cjs | AI (source-diff): Same minified bundle pattern; no malicious content. | ai | |
| source-diff | encoded-string-file:dist/index.node.esm.js | AI (source-diff): Same minified bundle pattern; no malicious content. | ai | |
| source-diff | encoded-string-file:dist/index.react-native.js | AI (source-diff): Same minified bundle pattern; no malicious content. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Large multi-platform SDK with conditional platform-specific imports; phantom-dep heuristic is unreliable here. | ai | |
| phantom-deps | phantom-dep:bs58 | AI (phantom-deps): Platform-specific conditional import in multi-platform SDK. | ai | |
| phantom-deps | phantom-dep:xrpl | AI (phantom-deps): Platform-specific conditional import in multi-platform SDK. | ai | |
| phantom-deps | phantom-dep:axios | AI (phantom-deps): Platform-specific conditional import in multi-platform SDK. | ai | |
| phantom-deps | phantom-dep:cbor-x | AI (phantom-deps): Platform-specific conditional import in multi-platform SDK. | ai | |
| phantom-deps | phantom-dep:@polkadot/api | AI (phantom-deps): Platform-specific conditional import in multi-platform SDK. | ai | |
| phantom-deps | phantom-dep:bitcoinjs-lib | AI (phantom-deps): Platform-specific conditional import in multi-platform SDK. | ai | |
| phantom-deps | phantom-dep:@cosmjs/stargate | AI (phantom-deps): Platform-specific conditional import in multi-platform SDK. | ai | |
| phantom-deps | phantom-dep:@vultisig/lib-dkls | AI (phantom-deps): Same-org package, conditionally imported per platform. | ai | |
| phantom-deps | phantom-dep:@vultisig/lib-mldsa | AI (phantom-deps): Same-org package, conditionally imported per platform. | ai | |
| phantom-deps | phantom-dep:@vultisig/lib-schnorr | AI (phantom-deps): Same-org package, conditionally imported per platform. | ai |
Versions (showing 7 of 7)
| Version | Deps | Published |
|---|---|---|
| 1.1.2 | 52 / 25 | |
| 1.1.0 | 52 / 25 | |
| 1.0.0 | 52 / 25 | |
| 0.26.1 | 52 / 25 | |
| 0.26.0 | 52 / 25 | |
| 0.23.0 | 52 / 25 | |
| 0.22.0 | 52 / 25 |
v1.1.2
7 findingsModified file contains 23 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 23 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 23 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 23 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 23 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.0
7 findingsModified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 21 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.0
7 findingsModified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 21 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.1
7 findingsModified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 21 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.0
7 findingsModified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 21 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.23.0
7 findingsModified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 22 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 21 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.