npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@helixar_ai/hdp-physical

v0.1.0

Published

HDP-P — Embodied Delegation Tokens and pre-execution safety for physical AI agents

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

siri_helixarsiri_helixar

Keywords

Readme

@helixar_ai/hdp-physical

HDP-P — Embodied Delegation Tokens and pre-execution safety for physical AI agents.

Part of the HDP (Human Delegation Provenance) protocol suite.

This package implements the physical-AI extension of HDP for robots, autonomous vehicles, surgical systems, and other embodied agents that can take irreversible actions in the world.

npm version

What it does

HDP-P wraps physical robot action commands with cryptographic authorization. Before any motor command reaches an actuator, the PreExecutionGuard checks:

  1. Is the command signed with a valid Embodied Delegation Token (EDT)?
  2. Does the action's irreversibility class exceed the EDT's ceiling?
  3. Is a Class 3 (harmful/irreversible) action prohibited by the EDT?
  4. Is the target zone excluded?
  5. Does force/velocity exceed EDT limits?

An unsigned command from a prompt-injected LLM is caught at step 1 and never reaches the robot.

Unlike purely digital agent workflows, physical actions cannot always be rolled back after the fact. HDP-P moves authorization to the pre-execution layer: the guard verifies the delegation context before any actuator command is allowed through.

What the EDT binds

The Embodied Delegation Token (EDT) extends standard HDP delegation with physical-world controls:

  • embodiment binding: agent type, platform identifier, and workspace scope
  • action scope: permitted actions, excluded zones, force limits, and velocity ceiling
  • irreversibility ceiling: the highest physical action class the principal authorized
  • policy attestation: hash of the deployed policy weights plus training run metadata
  • delegation scope: whether fleet delegation is allowed and which sub-agents may receive it

This reduces replay across robot fleets, prevents out-of-scope motion plans from executing, and helps prove that the policy running on the device is the one the human actually authorized.

Install

npm install @helixar_ai/hdp-physical

Quick start

import {
  EdtBuilder, signEdt, PreExecutionGuard, IrreversibilityClass
} from '@helixar_ai/hdp-physical'
import { generateKeyPair } from '@helixar_ai/hdp'

const { privateKey, publicKey } = await generateKeyPair()

// Human principal issues an EDT
const edt = new EdtBuilder()
  .setEmbodiment({ agent_type: 'robot_arm', platform_id: 'aloha_v2', workspace_scope: 'zone_A' })
  .setActionScope({ permitted_actions: ['pick', 'place', 'move'], excluded_zones: [], max_force_n: 45, max_velocity_ms: 0.5 })
  .setIrreversibility({ max_class: IrreversibilityClass.REVERSIBLE_WITH_EFFORT, class2_requires_confirmation: true, class3_prohibited: true })
  .setPolicyAttestation({ policy_hash: 'sha256-of-weights', training_run_id: 'run-1', sim_validated: true })
  .setDelegationScope({ allow_fleet_delegation: false, max_delegation_depth: 1, sub_agent_whitelist: [] })
  .build()

const signedEdt = await signEdt(edt, privateKey, 'my-key')
const guard = new PreExecutionGuard()

// LLM generates a robot action — guard checks it before execution
const decision = await guard.authorize(
  { description: 'pick box from left', force_n: 5, velocity_ms: 0.2 },
  signedEdt,
  publicKey
)

if (decision.approved) {
  // safe to send to actuator
} else {
  console.log(`Blocked at: ${decision.blocked_at} — ${decision.reason}`)
}

Irreversibility Classes

| Class | Name | Example | |-------|------|---------| | 0 | REVERSIBLE | Sensor query, state read | | 1 | REVERSIBLE_WITH_EFFORT | Normal pick-and-place | | 2 | IRREVERSIBLE_NORMALLY | Press-fit, adhesive bond | | 3 | IRREVERSIBLE_AND_HARMFUL | Crush, override safety limits |

Threat model highlights

HDP-P is designed to block several physical-AI failure modes that ordinary network or robot identity controls do not solve on their own:

  • prompt injection into an orchestration pipeline that generates unauthorized actuator commands
  • unauthorized delegation from one robot or controller to another reachable system in the fleet
  • sim-to-real policy tampering, where deployed weights diverge from the validated model
  • attacks that exploit irreversibility by causing harm before a post-hoc audit can react

Companion spec

For the full protocol background, threat model, and companion specification:

Live demo

🤖 HDP-P Physical Safety — Powered by Gemma 4 on HuggingFace

License

CC-BY-4.0 — Helixar AI