npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@continuonai/rcan-ts

v1.3.0

Published

Official TypeScript SDK for the RCAN v1.6 robot communication protocol

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

craigm26craigm26

Keywords

roboticsrcanprotocolai-safetyembodied-aitypescript

Readme

rcan-ts

TypeScript SDK for the RCAN protocol — build robots that communicate securely, audit every action, and enforce safety gates in Node.js or the browser.

npm version RCAN Spec CI License Node

Install

npm install @continuonai/[email protected]

Node 18+ required (uses Web Crypto API for transport.encodeMinimal).

Browser / CDN (no build step)

<script src="https://unpkg.com/@continuonai/rcan-ts/dist/rcan.iife.js"></script>
<script>
  const uri = RCAN.RobotURI.parse('rcan://registry.rcan.dev/acme/arm/v1/unit-001');
  console.log(uri.manufacturer); // acme
</script>

Quick Start

import { RobotURI, RCANMessage, ConfidenceGate } from "@continuonai/rcan-ts";
import { ReplayCache } from "@continuonai/rcan-ts";
import { AuditChain } from "@continuonai/rcan-ts";

// 1. Address a robot
const uri = RobotURI.build({
  manufacturer: "acme",
  model: "arm",
  version: "v2",
  deviceId: "unit-001",
});
// rcan://registry.rcan.dev/acme/arm/v2/unit-001

// 2. Gate on AI confidence before acting
const gate = new ConfidenceGate(0.8);
const confidence = 0.91;

if (gate.allows(confidence)) {
  const msg = new RCANMessage({
    cmd: "move_forward",
    target: uri,
    params: { distance_m: 1.0 },
    confidence,
    modelIdentity: "gemini-2.5-flash",
  });

  // 3. Replay attack prevention
  const cache = new ReplayCache({ windowSeconds: 300 });
  if (cache.isReplay(msg.msgId)) throw new Error("Replay attack detected");
  cache.record(msg.msgId);

  // 4. ESTOP with QoS 2 (EXACTLY_ONCE) — never dropped
  const estop = new RCANMessage({
    cmd: "estop",
    target: uri,
    qos: 2, // QoSLevel.EXACTLY_ONCE
  });
}

// 5. Tamper-evident audit chain
const chain = new AuditChain("your-hmac-secret");
chain.append({
  action: "move_forward",
  robotUri: uri.toString(),
  confidence: 0.91,
  safetyApproved: true,
});
const { valid, count } = chain.verifyAll();
console.log(`Chain valid: ${valid}, ${count} records`);

// Export as JSONL for long-term storage
const jsonl = chain.toJSONL();

What's in v0.6.0

| Module | Description | |---|---| | message | Core RCANMessage envelope with all v1.6 fields | | address | RobotURI — parse, build, and validate RCAN robot addresses | | audit | AuditChain + CommitmentRecord — tamper-evident HMAC-chained logs | | gates | ConfidenceGate, HiTLGate — safety gates for AI-driven actions | | replay | ReplayCache — sliding-window replay attack prevention (GAP-03) | | clock | ClockSyncStatus — NTP clock sync verification (GAP-04) | | qos | QoSLevel — FIRE_AND_FORGET / ACKNOWLEDGED / EXACTLY_ONCE (GAP-11) | | consent | Consent wire protocol — request/grant/deny (GAP-05) | | revocation | Robot identity revocation with TTL cache (GAP-02) | | trainingConsent | Training data consent, GDPR/EU AI Act Annex III §5 (GAP-10) | | delegation | Command delegation chain, max 4 hops, Ed25519-signed (GAP-01) | | offline | Offline operation mode — ESTOP always allowed (GAP-06) | | faultReport | FaultCode structured fault taxonomy (GAP-20) | | federation | Federated consent — cross-registry trust, DNS discovery (GAP-16) | | transport | Constrained transports — compact CBOR, 32-byte ESTOP minimal, BLE (GAP-17) | | multimodal | Multi-modal payloads — inline/ref media, streaming (GAP-18) | | identity | Level of Assurance — LoA policies, JWT parsing (GAP-14) | | keys | Key rotation with JWKS-compatible KeyStore (GAP-09) | | configUpdate | CONFIG_UPDATE protocol with safety scope enforcement (GAP-07) | | node | NodeClient — resolve RRNs across federated registry nodes (§17) | | validate | L1/L2/L3 conformance validation for configs, messages, URIs | | schema | Canonical JSON schema validation against rcan.dev |

Protocol 66 Compliance

  • ESTOP always delivered — send with qos: 2 (EXACTLY_ONCE); never blocked
  • Local safety winsOfflineMode enforces limits without cloud connectivity
  • Confidence gates run locallyConfidenceGate makes no network calls
  • Audit chain requiredAuditChain.verifyAll() before executing flagged commands

Registry Resolution

import { NodeClient } from "@continuonai/rcan-ts";

const client = new NodeClient();

// Resolve an RRN across the federation
const result = await client.resolve("RRN-000000000001");
console.log(result.record.name);         // "Bob"
console.log(result.record.verification_tier); // "verified"

// Discover which node is authoritative
const node = await client.discover("RRN-BD-000000000001");
console.log(node.operator);  // "Boston Dynamics, Inc."

Spec Compliance

Implements RCAN v1.6 — 405 tests, 0 skipped.

API surface is intentionally identical to rcan-py: RobotURI, RCANMessage, ConfidenceGate, HiTLGate, AuditChain, and validateConfig work the same way in both languages.

Ecosystem

| Package | Version | Purpose | |---|---|---| | rcan-py | v0.6.0 | Python SDK | | rcan-ts (this) | v0.6.0 | TypeScript SDK | | rcan-spec | v1.6.0 | Protocol spec | | OpenCastor | v2026.3.17.1 | Robot runtime (reference impl) | | RRF | v1.6.0 | Robot identity registry | | Fleet UI | live | Web fleet dashboard | | Docs | live | Runtime reference, RCAN, API |

Contributing

Issues and PRs welcome at github.com/continuonai/rcan-ts.

Spec discussions: github.com/continuonai/rcan-spec/issues

License

MIT © Craig Merry