npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@0xkey-io/sdk-browser

v0.1.1

Published

JavaScript Browser SDK

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

0xkey-developer0xkey-developer

Keywords

0xkey

Readme

⚠️ Deprecated: Use the New Core SDK

This package is deprecated and no longer actively maintained.

We’ve released a new, improved core TypeScript client-side SDK package — @0xkey-io/core which provides a simpler, more powerful developer experience and better integration with modern JS frameworks.

If you’re using React, please consider using the @0xkey-io/react-wallet-kit for a more tailored experience.

@0xkey-io/sdk-browser

npm

A SDK client with browser-specific abstractions for interacting with ZeroXKey API. Also includes @0xkey-io/http, a lower-level, fully typed HTTP client.

ZeroXKey API documentation lives here: https://docs.0xkey.com.

Getting started

$ npm install @0xkey-io/sdk-browser

Initialize

import { ZeroXKey } from "@0xkey-io/sdk-browser";

const 0xkey = new ZeroXKey({
  apiBaseUrl: "https://api.0xkey.com",
  defaultOrganizationId: process.env.ZEROXKEY_ORGANIZATION_ID,
  // Optional: Your relying party ID - for use with Passkey authentication
  rpId: process.env.ZEROXKEY_RP_ID,
});

ZeroXKey Clients

Passkey

The Passkey client allows for authentication to ZeroXKey's API using Passkeys.

const passkeyClient = 0xkey.passkeyClient();

// User will be prompted to login with their passkey
await passkeyClient.login();

// Make authenticated requests to ZeroXKey API, such as listing user's wallets
const walletsResponse = await passkeyClient.getWallets();

Iframe

The Iframe client can be initialized to interact with ZeroXKey's hosted iframes for sensitive operations. The iframeContainer parameter is required, and should be a reference to the DOM element that will host the iframe. The iframeUrl is the URL of the iframe you wish to interact with.

The example below demonstrates how to initialize the Iframe client for use with Email Auth by passing in https://auth.0xkey.com as the iframeUrl.

const iframeClient = await 0xkey.iframeClient({
  // The container element that will host the iframe
  iframeContainer: document.getElementById("<iframe container id>"),
  iframeUrl: "https://auth.0xkey.com",
});

const injectedResponse = await iframeClient.injectCredentialBundle(
  "<Credential from Email>",
);
if (injectedResponse) {
  await iframeClient.getWallets();
}
IFrame URLs:

| Flow | URL | | ----------------------------------------------------------------------------------- | ------------------------------------------------ | | Email Auth | auth.0xkey.com | | Email Recovery | recovery.0xkey.com | | Import Wallet | import.0xkey.com | | Export Wallet | export.0xkey.com |

Wallet

The Wallet client is designed for using your Solana or EVM wallet to stamp and approve activity requests for ZeroXKey's API. This stamping process leverages the wallet's signature to authenticate requests.

The example below showcases how to use an injected Ethereum wallet to stamp requests to ZeroXKey's API. The user will be prompted to sign a message containing the activity request payload to be sent to ZeroXKey.

import {
  createWalletClient,
  custom,
  recoverPublicKey,
  hashMessage,
} from "viem";
import { privateKeyToAccount } from "viem/accounts";
import { mainnet } from "viem/chains";

import { WalletStamper, EthereumWallet } from "@0xkey-io/wallet-stamper";

const walletClient = 0xkey.walletClient(new EthereumWallet());

// Make authenticated requests to ZeroXKey API, such as listing user's wallets
// User will be prompted to sign a message to authenticate the request
const walletsResponse = await walletClient.getWallets();

Helpers

@0xkey-io/sdk-browser provides ZeroXKeySDKBrowserClient, which offers wrappers around commonly used ZeroXKey activities, such as creating new wallets and wallet accounts.

IndexedDB Sessions (Recommended)

ZeroXKey now supports persistent, secure, non-extractable authentication using P-256 passkeys stored in IndexedDB. This replaces legacy iframe-based flows for otp, passkey, and OAuth authentication.

The ZeroXKeyIndexedDbClient provides a long-lived session mechanism where the private key never leaves the browser and is scoped per sub-organization. This client handles login, session persistence, and API request signing entirely on the client side — without requiring iframes or sensitive credential injection.

import { ZeroXKey } from "@0xkey-io/sdk-browser";

const 0xkey = new ZeroXKey({
  apiBaseUrl: "https://api.0xkey.com",
  defaultOrganizationId: "<YOUR_PARENT_ORG_ID>",
  rpId: "<YOUR_WEBAUTHN_RELYING_PARTY_ID>",
});

const client = 0xkey.indexedDbClient();
const passkeyClient = 0xkey.passkeyClient();
// Create authenticated session
const pubKey = await indexedDbClient!.getPublicKey();
await passkeyClient?.loginWithPasskey({
  sessionType: SessionType.READ_WRITE,
  publicKey: pubKey!,
  expirationSeconds: "3600",
});

// Now the client is authenticated and ready to interact with ZeroXKey API
const wallets = await client.getWallets();

💡 Why IndexedDB?
Keys are stored using the Web Crypto API, marked as nonExtractable, and survive page reloads — offering persistent, tamper-resistant authentication without ever exposing the raw key material.

⚠️ Deprecated: iframeClient for Auth

Authentication via iframeClient() and injected credentials (e.g., from https://auth.0xkey.com) is now considered deprecated for new integrations. These flows required sensitive credential bundles to be delivered via email or OAuth and injected into a sandboxed iframe — a pattern with limited persistence and higher complexity.

Developers are encouraged to migrate to indexedDbClient() for:

  • Seamless passkey authentication
  • Improved security model (no credential injection)
  • Long-lived, resumable sessions

Existing iframe use cases like Email Recovery, Wallet Import, and Wallet Export are still supported but should be isolated from authentication logic.