npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@bluefly/duadp

v0.1.4

Published

DUADP — Decentralized Universal AI Discovery Protocol SDK for TypeScript

Downloads

654

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bagentbagentblueflyioblueflyio

Keywords

duadpossaagentdiscoveryfederationmcpai

Readme

DUADP — TypeScript SDK

The official TypeScript SDK for DUADP (Decentralized Universal AI Discovery Protocol).

DUADP is an open protocol for decentralized discovery, publishing, and federation of AI agents, skills, and tools. It provides a standard HTTP interface that any system can implement — turning isolated AI registries into an interoperable, federated network. Think DNS for AI capabilities: any node that serves a few standard endpoints becomes discoverable by every other node in the mesh.

The protocol addresses a fundamental problem in the AI ecosystem: there is no standard way to find, publish, or verify AI capabilities across organizational boundaries. Marketplaces, tool registries, and agent platforms are siloed. DUADP solves this with:

  • Decentralized discovery via /.well-known/duadp.json and DNS TXT records
  • Federated search across peer nodes with gossip-based propagation
  • Cryptographic trust using Ed25519 signatures and W3C DIDs (did:web, did:key)
  • OSSA-native payloads in .ajson format with trust tiers, GAID identifiers, and governance metadata
  • Protocol interop bridging MCP tool servers and Google A2A agent cards into a unified registry

This SDK provides both a client for consuming any DUADP node and a server router for turning your Express app into a fully compliant DUADP node — with validation, cryptographic signing, DID resolution, and conformance testing built in.

npm License

openstandardagents.org/duadp | duadp.org | Full Spec

Install

npm install @bluefly/duadp

Architecture

┌─────────────┐     ┌─────────────┐     ┌─────────────┐
│  Your App   │     │  DUADP Node │     │  DUADP Node │
│  (client)   │────>│  (skills.sh)│<───>│  (Acme Corp)│
└─────────────┘     └──────┬──────┘     └─────────────┘
                           │ federation
                    ┌──────┴──────┐
                    │  DUADP Node │
                    │  (your org) │
                    └─────────────┘

This SDK provides 15 core protocol endpoints:
  GET  /.well-known/duadp.json         Discovery manifest
  GET  /.well-known/webfinger          WebFinger resolution
  GET  /api/v1/skills                 Paginated skill registry
  GET  /api/v1/skills/:name           Single skill detail
  GET  /api/v1/agents                 Paginated agent registry
  GET  /api/v1/agents/:name           Single agent detail
  GET  /api/v1/tools                  Paginated tool registry
  GET  /api/v1/tools/:name            Single tool detail
  POST /api/v1/publish                Publish any resource
  POST /api/v1/{kind}                 Create resource by kind
  PUT  /api/v1/{kind}/:name           Update resource
  DELETE /api/v1/{kind}/:name         Delete resource
  POST /api/v1/validate               Validate OSSA manifest
  GET  /api/v1/federation             Peer node directory
  POST /api/v1/federation             Register as peer

Quick Start

Client — consume any DUADP node

import { DuadpClient } from '@bluefly/duadp/client';

const client = new DuadpClient('https://your-duadp-node.example.com');

// Discover the node's capabilities
const manifest = await client.discover();
console.log(manifest.node_name, manifest.protocol_version);

// Search for skills across the node and its federation peers
const skills = await client.listSkills({ search: 'code review', limit: 10 });

// Browse agents by category
const agents = await client.listAgents({ category: 'security' });

// Find MCP-compatible tools
const tools = await client.listTools({ protocol: 'mcp' });

Server — make your app a DUADP node

import express from 'express';
import { createDuadpRouter } from '@bluefly/duadp/server';

const app = express();

// Mount all 15 DUADP protocol endpoints with one call
const router = createDuadpRouter({
  nodeName: 'My Registry',
  nodeId: 'did:web:registry.example.com',
  baseUrl: 'https://registry.example.com',
  federation: { gossip: true, max_hops: 3 },
}, myDataProvider);   // implement DuadpDataProvider interface

app.use(router);
app.listen(4200);
// Your app now serves /.well-known/duadp.json and all /api/v1/* routes

Validate OSSA resource manifests

import { validateResource } from '@bluefly/duadp/validate';

const result = validateResource(skillManifest);
if (!result.valid) console.error(result.errors);

Cryptographic signing and verification

import { generateKeyPair, signResource, verifyResource } from '@bluefly/duadp/crypto';

const keys = await generateKeyPair();                        // Ed25519
const signed = await signResource(resource, keys.privateKey);
const verified = await verifyResource(signed, keys.publicKey); // true/false

DID resolution

import { resolveDid } from '@bluefly/duadp/did';

const doc = await resolveDid('did:web:example.com');    // W3C DID Document
const doc2 = await resolveDid('did:key:z6Mkf5rG...');   // did:key support

Subpath Exports

| Import | Description | |--------|-------------| | @bluefly/duadp | Core types — DuadpManifest, OssaResource, OssaSkill, OssaAgent, OssaTool, PaginatedResponse, Peer, and 40+ more | | @bluefly/duadp/client | DuadpClient — typed HTTP client for any DUADP node with discovery, search, pagination, federation | | @bluefly/duadp/server | createDuadpRouter(config, provider) — Express router mounting all 15 core protocol endpoints | | @bluefly/duadp/validate | validateResource() — OSSA manifest validation against the spec | | @bluefly/duadp/crypto | generateKeyPair(), signResource(), verifyResource() — Ed25519 cryptographic operations | | @bluefly/duadp/did | resolveDid() — W3C Decentralized Identifier resolution (did:web, did:key) | | @bluefly/duadp/conformance | runConformanceTests(url) — automated protocol compliance test suite |

Key Concepts

| Concept | Description | |---------|-------------| | DUADP Node | Any HTTP server implementing /.well-known/duadp.json and /api/v1/* endpoints | | GAID | Global Agent Identifier — agent://namespace/kind/name URI scheme for cross-registry resolution | | DID | W3C Decentralized Identifier — did:web:example.com for node and resource identity | | Trust Tier | official > verified-signature > signed > community > experimental | | Federation | Gossip-based peer discovery with circuit breakers and configurable hop limits | | OSSA | Open Standard for Agent Systems — the payload format (.ajson) for skills, agents, and tools |

Reference Node

A complete reference implementation using this SDK ships in the same repository: reference-node/ — Express + SQLite, all protocol endpoints (15 SDK + 11 governance), Docker-ready, seeded with demo data.

cd reference-node
cp .env.example .env
npx tsx src/seed.ts && npx tsx src/index.ts
# Node running at http://localhost:4200

Tests

npm test
# 136 tests across 7 suites: crypto, DID, validation, circuit-breaker, dedup, e2e-crypto, integration

Also Available

| Language | Package | Registry | |----------|---------|----------| | Python | duadp | PyPI |

License

Apache-2.0 — See LICENSE