npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@authensee/agents

v0.2.0

Published

AuthenSee identity for autonomous agents: mint a P-256 keypair, register a zero-knowledge commitment, and authenticate to any AuthenSee provider — the server never sees your key.

Readme

@authensee/agents

AuthenSee identity for autonomous agents. Your credential is a raw P-256 keypair you keep — AuthenSee only ever sees a Poseidon2 commitment and zero-knowledge proofs. No browser, no WebAuthn, no account form.

npm install @authensee/agents

Mint once, ever

import { mintAgentKeypair, agentRegister } from "@authensee/agents";

const serverUrl = "https://api.authensee.com";

const agent = await mintAgentKeypair(); // non-exportable WebCrypto P-256
await agentRegister({ serverUrl, ...agent }); // commitment-only — your pubkey never leaves

// Persist agent.personaId and keep the key. They ARE your identity.

Bring your own key instead (KMS / Secure Enclave / TPM — recommended): skip mintAgentKeypair and pass your public coordinates plus an AgentSigner callback that signs the raw 32-byte challenge with ECDSA-SHA256 in place. KMS returns DER signatures — wrap with ecdsaDerToRaw.

One identity, many providers

When you encounter a new provider, do NOT mint a new keypair. Bind your existing persona once, then authenticate with the same key forever:

import { agentLinkToProvider, agentAuthenticateToProvider, createAgentProver } from "@authensee/agents";

const prover = await createAgentProver(); // reuse across calls (~2s per proof)

// Once per provider — the provider hands you a one-time flow code:
await agentLinkToProvider({ serverUrl, flowCode, ...agent, signer: agent.signer, prover });

// Every login after that:
const { authResultCode } = await agentAuthenticateToProvider({
  serverUrl,
  flowCode: freshFlowCode,
  ...agent,
  signer: agent.signer,
  prover,
});
// Hand authResultCode back to the provider; their backend exchanges it.

Providers only ever see their own provider-scoped alias (providerSubject) and your proofs — never your key, and never your bindings at other providers.

Self session (your own identity reads)

import { agentAuthenticate } from "@authensee/agents";
const { selfToken } = await agentAuthenticate({ serverUrl, ...agent, signer: agent.signer, prover });
// GET /v1/self/factors | /v1/self/providers | /v1/self/activity with Bearer selfToken

Custody, plainly

  • Gold: non-exportable key, sign in place — Secure Enclave / TPM / Android Keystore, or AWS/GCP KMS for server agents. Process compromise cannot exfiltrate what never enters memory.
  • Baseline: raw key with owner-only file permissions.
  • Never: encrypting the key at rest with a co-located decryption key.
  • A lost key is a lost identity. AuthenSee cannot recover it — by design.

Machine-readable manual (endpoints, commitment math, flow details): https://auth.authensee.com/.well-known/authensee-agent.json

Requires Node ≥ 20 (WebCrypto + fetch). Proving runs on @aztec/bb.js WASM.