Package Metadata

Author: —
Email: "AlgoVoi (chopmob-cloud)" <[email protected]>
PyPI: algovoi-substrate-pqc
Python: >=3.10
Versions: 3 releases
First release: 26 May 2026, 08:35 UTC
Analysed: 06 Jun 2026, 22:02 UTC
Source files: 12 .py files scanned

Project Links

AP2 PQC fixture Homepage IETF I-D Issues Repository Source

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Security :: Cryptography

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some signs of potential risk, particularly due to the lack of detailed maintainer information and the use of base64 encoding which could be used for obfuscation purposes.

Metadata risk due to new/inactive maintainer account
Obfuscation risk from base64 encoding usage

Per-check LLM notes

Network: No network calls detected, which is normal unless the package requires external services.
Shell: No shell executions detected, indicating no immediate risk of command execution.
Obfuscation: The usage of base64 decoding is common for data serialization and may not indicate malicious intent.
Credentials: No patterns indicative of credential harvesting were detected.
Metadata: The maintainer has a new or inactive account and lacks a proper author name, which could indicate potential risk.

📦 Package Quality Overall: Medium (5.8/10)

✦ High Test Suite 9.0

Test suite present — 5 test file(s) found

Test runner config found: pyproject.toml
5 test file(s) detected (e.g. test_ap2_fixtures.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (11880 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

21 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 5 commits in chopmob-cloud/ap2-pq-conformance
Two distinct contributors found

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

(s: str) -> bytes: return base64.b64decode(s) @dataclass class VerifyResult: """Per-scheme verifi

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository chopmob-cloud/ap2-pq-conformance appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with algovoi-substrate-pqc

Develop a Python-based mini-application named 'CryptoAnchor' that leverages the 'algovoi-substrate-pqc' package to provide a user-friendly interface for generating and verifying cryptographic signatures using Post-Quantum Cryptography (PQC) algorithms. This application should serve as a demonstration of the package's capabilities and showcase its integration with different cryptographic schemes. Here’s a detailed breakdown of the application's requirements:

1. **User Interface**: Design a simple command-line interface (CLI) that allows users to interact with the application easily. Users should be able to choose between different PQC signature algorithms supported by 'algovoi-substrate-pqc'.
2. **Signature Generation**: Implement functionality that enables users to generate digital signatures for any input message using the selected PQC algorithm. Ensure that the application outputs both the signature and the public key used for verification.
3. **Signature Verification**: Allow users to verify the integrity of a signed message by providing the original message, the signature, and the corresponding public key. The application should clearly indicate whether the verification was successful or not.
4. **Cross-Implementor Compatibility**: Demonstrate how 'algovoi-substrate-pqc' ensures compatibility across different implementors through its byte-anchor convergence proof feature. Include a feature that allows users to test this compatibility by importing keys from different sources and verifying their signatures.
5. **Documentation and Help**: Provide comprehensive documentation within the application, including help commands that explain each feature and how to use them effectively.

The 'algovoi-substrate-pqc' package will be used primarily for managing the cryptographic operations such as key generation, signing messages, and verifying signatures. It provides an open-enum for various PQC algorithms, which your application should support. Additionally, utilize the package's byte-anchor convergence proof to ensure interoperability between different cryptographic implementations. This project aims to highlight the practical applications of post-quantum cryptography and the importance of standardization in cryptographic practices.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (5.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue