Built with Pure High Pyth Entropy
A decentralized password generator that creates cryptographically secure passwords using high-entropy randomness from the Pyth Network, combined with advanced client-side encryption and secure storage in NilDB.
/nillion-scripts and /pyth-entropy folders are testfolders which is tested by me for building project during hack. Ignore that.
/whipm is main project folder
π Transaction Explorer: View on BaseScan
π° Pyth Network Fee: 0.00000015 ETH (constant throughout the project)
- Cost Efficiency: Ultra-low fees for high-entropy randomness
| Contract | Address | Purpose |
|---|---|---|
| RandomnessGen | 0xE861DC68Eb976da0661035bBf132d6F3a3288B71 | Generates random number pairs using Pyth Network entropy |
| Entropy | 0x41c9e39574F40Ad34c79f1C99B66A45eFB830d4c | Pyth Network entropy provider contract |
- Network: Base Sepolia Testnet (Chain ID: 84532)
- Deployment Hash:
0x39a943edca709c3337e2b01e6b58cf9db16af0b6403acb48448f7094b9354bb1 - Block: 32774035
- Gas Used: 1,857,888 gas
- Cost: 0.000001858038488928 ETH
- Status: β Verified on Sourcify
- Pure Client-Side: All password generation happens in the browser using Web Crypto API
- No Server Dependency: Passwords are never transmitted to servers in plaintext
- Device Secrets: Generated locally using
crypto.getRandomValues()
- Encrypted Storage: Passwords are encrypted before being sent to NilDB
- NilDB Integration: Decentralized database for secure password storage
- Metadata Preservation: Transaction hashes and sequence numbers stored for verification
// Generate 32-byte device secret locally const deviceSecret = crypto.getRandomValues(new Uint8Array(32))- Purpose: Local entropy source that never leaves the device
- Storage: Kept in memory only, never transmitted
// Pyth Network provides two random numbers uint256 n1; // First random number (R1) uint256 n2; // Second random number (R2)- Source: Pyth Network's high-entropy randomness
- Verification: Blockchain transaction provides cryptographic proof
- Advantage: Unpredictable, verifiable, and tamper-proof
// Mix R1 + C β local_raw using HKDF-SHA256 const localRaw = await hkdf(ikm, 32, appSalt1, 'local_raw_v1')- Algorithm: HKDF-SHA256 (RFC 5869)
- Purpose: Combines on-chain and device entropy
- Security: Normalizes inputs and provides uniform seed
// Harden local_raw β LocalKey using Argon2id/scrypt const localKey = await argon2id(localRaw, salt1, params, 32)- Algorithm: Argon2id/scrypt (memory-hard)
- Parameters: 64MB memory, 3 iterations, 4 parallelism
- Purpose: Defends against offline brute force attacks
// Derive final password using LocalKey + R2 const passwordBytes = await argon2id(seedRaw, passwordSalt, params, 32)- Process: HKDF + Argon2id for final hardening
- Output: 32-byte password material
- Character Set: Letters, numbers, symbols (94 characters)
- True Randomness: Pyth provides cryptographically secure random numbers
- Verifiable: Blockchain transactions provide proof of randomness
- Tamper-Proof: Immutable blockchain prevents manipulation
- High Entropy: Superior to pseudo-random number generators
- Decentralized: No single point of failure or control
- Device Secret: Local entropy prevents server-side attacks
- On-Chain Proof: Blockchain provides verifiable randomness
- Memory Hardening: Argon2id prevents GPU/ASIC attacks
- HKDF Mixing: Combines multiple entropy sources securely
- Node.js 18+
- npm or yarn
- MetaMask wallet (for blockchain interaction)
- Git
git clone <repository-url> cd whiphashcd whipm npm installcd pyth-entropy forge installcd whipm cp .env.example .env.local# NilDB Configuration NILLION_API_KEY=your-nillion-api-key NILLION_COLLECTION_ID=your-collection-id # Alternative NilDB Configuration (if using different setup) NILCHAIN_URL=http://rpc.testnet.nilchain-rpc-proxy.nilogy.xyz NILAUTH_URL=https://nilauth.sandbox.app-cluster.sandbox.nilogy.xyz NILDB_NODES=https://nildb-stg-n1.nillion.network,https://nildb-stg-n2.nillion.network,https://nildb-stg-n3.nillion.network BUILDER_PRIVATE_KEY=your-builder-private-keycd whipm npm run devThe app will be available at http://localhost:3000
- Open Chrome and go to
chrome://extensions/ - Enable "Developer mode"
- Click "Load unpacked"
- Select the
demo-extensionfolder - Pin the extension for easy access
- πΌοΈ Embedded Mode: View app within extension popup
- βΆ Fullscreen Mode: Open app in new tab
- π Wallet Mode: Optimized for wallet interactions
- Connect Wallet: Click "Connect Wallet" and approve MetaMask
- Request Randomness: Click "Generate Secure Password"
- Wait for Pyth: System fetches randomness from Pyth Network
- Password Generated: Secure password appears with copy option
- Store Password: Enter socials and save to NilDB
- Navigate to
/viewor click "View Saved Passwords β" - See all stored passwords with metadata
- Click to show/hide passwords
- Copy passwords to clipboard
whiphash/ βββ whipm/ # Next.js frontend application β βββ app/ # App router pages β β βββ page.tsx # Landing page β β βββ test/page.tsx # Password generation β β βββ view/page.tsx # Password viewing β β βββ api/nildb/ # NilDB API routes β βββ components/ # React components β βββ lib/ # Utility functions β βββ demo-extension/ # Browser extension βββ pyth-entropy/ # Solidity contracts β βββ src/ # Contract source code β βββ script/ # Deployment scripts β βββ broadcast/ # Deployment artifacts βββ niilion-scripts/ # NilDB demo scripts - Frontend: Next.js 16, React 19, TypeScript, Tailwind CSS
- Blockchain: Viem, Ethers.js, Base Sepolia
- Randomness: Pyth Network, Entropy Protocol
- Storage: NilDB (Nillion Network)
- Crypto: Web Crypto API, HKDF, Argon2id/scrypt
- UI: Three.js, GSAP, Custom animations
POST /api/nildb/store-password- Store encrypted passwordGET /api/nildb/read-collection- Retrieve stored passwordsGET /api/nildb/test-config- Test NilDB configuration
- β Passwords (client-side generation)
- β Device secrets (never transmitted)
- β Storage in NilDB (encrypted at rest)
- β All sensitive data (socials, metadata)
- β Transaction hashes (for verification)
- β Sequence numbers (for randomness proof)
- β Blockchain randomness (verifiable on-chain)
- Never share device secrets
- Verify transaction hashes
- Use strong master passwords
- Regular security audits
- Device Secret: ~1ms (local generation)
- Blockchain Call: ~2-5s (Pyth Network)
- HKDF Processing: ~10ms
- Argon2id: ~100-500ms (memory-hard)
- Total: ~3-6 seconds per password
- Password: 16-32 characters
- Metadata: ~1KB per entry
- NilDB: Decentralized, redundant storage
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
- Pyth Network for providing high-entropy randomness
- Nillion Network for decentralized storage
- Base Network for fast, low-cost transactions
- MetaMask for wallet integration
- Next.js for the React framework
Built with β€οΈ and pure high Pyth entropy