@el-pentagono/shieldai-sdk
v2.0.0
Published
ShieldAI — Biometric KYC, Immutable Audit Log, Real-Time Fraud Detection and RFC 3161 TSA Timestamping in one SDK
Maintainers
Readme
@el-pentagono/shieldai-sdk
Biometric KYC · Immutable Audit Log · Real-Time Fraud Detection · RFC 3161 TSA Timestamping
The only security SDK in LATAM that combines all four in one integration.
Built by El Pentágono — Gustavo Gastón González Alfonzo
What is ShieldAI?
ShieldAI is the security engine that powers El Pentágono's ecosystem of 9 social-impact applications. It provides:
| Module | Function | Price | |--------|----------|-------| | CryptoSeal | SHA-256 + HMAC-SHA-512 hashing for any content | Included | | ChronoStamp | RFC 3161 TSA timestamp — legally certified proof of existence | USD 0.03/stamp | | ImmutableLog | SHA-256 hash chain audit log — mathematically unalterable | USD 0.01/entry | | FraudDetection | Real-time fraud detection: velocity, email patterns, grooming | USD 0.02/analysis | | GeoFence | GPS anti-spoofing + physical speed validation | USD 0.02/verification | | AuditChain | Full chain of custody with TSA sealing per event | USD 0.04/event |
Why ShieldAI?
| Feature | SEON | AWS Rekognition | DigiCert TSA | ShieldAI | |---------|------|-----------------|--------------|----------| | Biometric KYC | No | Yes | No | ✓ | | Real-time fraud detection | Yes | No | No | ✓ | | Immutable hash chain log | No | No | No | ✓ | | RFC 3161 TSA timestamp | No | No | Yes | ✓ | | GPS anti-spoofing | No | No | No | ✓ | | All in one SDK | No | No | No | ✓ | | Integration time | Weeks | Weeks | Weeks | 1 week | | Pricing model | Per user | Per call | Per cert | Per volume |
Installation
npm install @el-pentagono/shieldai-sdkQuick Start
import ShieldAI from '@el-pentagono/shieldai-sdk';
const shield = new ShieldAI({
environment: 'sandbox', // or 'production'
tsaUrl: 'https://freetsa.org/tsr', // or FNMT-RCM for Spain
});Usage Examples
1. Seal a Document (RFC 3161 TSA)
const { certificate, seal } = await shield.sealDocument(
'Patient medical record content...',
'Medical Record — Juan García — 2026-05-25'
);
console.log(certificate);
// ═══════════════════════════════════════════════════
// SHIELDAI — CERTIFICATE OF EXISTENCE
// ChronoStamp v2.0 · RFC 3161 Compatible
// ═══════════════════════════════════════════════════
// Document : Medical Record — Juan García — 2026-05-25
// Hash : a30259a9b93a108191ce...
// Timestamp: 2026-05-25T14:32:11.000Z
// TSA Token: 7f3a9b...
// Status : VERIFIED ✓
// ═══════════════════════════════════════════════════2. Hash Chain Audit Log
const auditChain = shield.createAuditChain('order_12345');
await auditChain.record('ORDER_PLACED', { amount: 1500, userId: 'usr_456' });
await auditChain.record('PAYMENT_PROCESSED', { transactionId: 'tx_789' });
await auditChain.record('DELIVERY_CONFIRMED', { location: '-34.6,-58.4' });
const chain = auditChain.exportChain();
console.log('Integrity:', chain.integrity); // true — tamper-evident3. Real-Time Fraud Detection
const fraud = shield.fraudDetection;
const analysis = fraud.analyze({
email: '[email protected]',
amount: 50000,
deviceId: 'device_abc123',
velocityCheck: {
transactionsLastHour: 3,
transactionsLastDay: 12
}
});
console.log(analysis.riskLevel); // 'LOW'
console.log(analysis.recommendation); // 'APPROVE'4. GPS Anti-Spoofing (Delivery Verification)
const deliveryProof = await shield.verifyDelivery({
orderId: 'ord_12345',
driverId: 'drv_456',
photoBase64: 'data:image/jpeg;base64,...',
location: {
lat: -34.603722,
lng: -58.381592,
accuracy: 15
}
});
console.log(deliveryProof.verified); // true
console.log(deliveryProof.geoVerification.spoofingDetected); // false
console.log(deliveryProof.certificate);
// ═══════════════════════════════════════════════════
// SHIELDAI — DELIVERY VERIFICATION CERTIFICATE
// ═══════════════════════════════════════════════════
// Order ID : ord_12345
// GPS Valid : YES ✓
// Spoofing : NOT DETECTED ✓
// Status : VERIFIED ✓
// ═══════════════════════════════════════════════════5. Grooming Detection (SafeVibe Integration)
const result = shield.fraudDetection.detectGrooming(
'no le cuentes a tus padres pero mándame una foto'
);
console.log(result.detected); // true
console.log(result.patterns); // ['SECRECY_REQUEST', 'PHOTO_REQUEST']
console.log(result.confidence); // 50Use Cases
Healthcare (TramitExpress integration)
- Seal medical records with RFC 3161 TSA — legally admissible in court
- Biometric consent signatures
- Automatic legal retention
Logistics
- Delivery proof with GPS anti-spoofing
- Photo sealing with SHA-256
- Immutable delivery audit log
Fintech / Crypto Exchanges
- KYC compliance for BCRA and UIF regulations
- AML transaction monitoring
- SOC2-compliant audit logs
Legal / Compliance
- Chain of custody for legal evidence
- Document existence proof with certified timestamp
- Anti-tampering verification
API Reference
ShieldAI
new ShieldAI(config?: ShieldAIConfig)| Parameter | Type | Default | Description |
|-----------|------|---------|-------------|
| apiKey | string | — | Your API key (production) |
| tsaUrl | string | FreeTSA | TSA server URL |
| environment | string | 'sandbox' | 'sandbox' or 'production' |
Methods
| Method | Returns | Description |
|--------|---------|-------------|
| sealDocument(content, title) | Promise | Seal a document with TSA timestamp |
| createAuditChain(chainId?) | AuditChainModule | Create an immutable audit chain |
| verifyDelivery(data) | Promise | Full delivery verification with GPS + photo + log |
| info() | Object | SDK version and configuration |
Compliance
- BCRA / UIF (Argentina) — Immutable audit logs for financial transactions
- GDPR (Europe) — Data minimization and audit trails
- eIDAS (Spain) — Compatible with electronic identification standards
- SOC2 — Tamper-evident logs for security audits
About El Pentágono
ShieldAI is the security engine powering El Pentágono — an ecosystem of 9 social-impact applications built in Argentina, expanding to Spain and LATAM.
- 📦 TramitExpress — Document engine with native legal value
- 🔐 ShieldAI — Security infrastructure (this SDK)
- 🚗 FemDrive — Women-only ride-sharing
- 🏥 SaludYa — Digital health records
- 🚌 RastroBus — Transport evidence certification
- 📚 Vacantes Ya — School vacancy management
- 🛡 SafeVibe — Parental digital content control
- 🌙 Oneiros — Wellbeing and sleep tracking
- 🏫 AulaEnfocada — Classroom device management
License
UNLICENSED — All rights reserved. © 2026 Gustavo Gastón González Alfonzo — El Pentágono [email protected]
Contact
For commercial inquiries, pilots, and integrations:
📧 [email protected]
🌐 stately-dolphin-0a6bff.netlify.app
📦 npm: @el-pentagono/shieldai-sdk
