npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@hyperauth/sdk

v0.2.0

Published

Extism WASM plugin providing encrypted key storage for the Nebula wallet. Built with Go 1.25+ for `wasip1` target.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

prnk28prnk28

Keywords

Readme

Motr Enclave

Extism WASM plugin providing encrypted key storage for the Nebula wallet. Built with Go 1.25+ for wasip1 target.

Features

  • WebAuthn Integration - Device-bound credentials with PRF key derivation
  • MPC Key Shares - Secure threshold signature key storage
  • Multi-Chain Support - BIP44 derivation for Sonr, Ethereum, Bitcoin
  • UCAN v1.0.0-rc.1 - Capability-based authorization with CID-indexed delegations
  • Encryption at Rest - AES-256-GCM encrypted database serialization
  • SQLite Functions - Custom functions for address derivation and signing

Quick Start

make start

This single command:

  1. Installs dependencies (Go, Bun)
  2. Builds the WASM plugin
  3. Builds the TypeScript SDK
  4. Starts the dev server at http://localhost:8080

Manual Setup

make deps      # Install tooling
make build     # Build WASM plugin
make sdk       # Build TypeScript SDK
make dev       # Start dev server

Library Quickstart

Installation

npm install @hyperauth/sdk
# or
bun add @hyperauth/sdk

1. Initialize the Enclave

import { createEnclave, createSecureStorage } from '@hyperauth/sdk';

// Create enclave instance (loads WASM)
const enclave = await createEnclave('/enclave.wasm', {
  debug: true,              // Enable logging
  autoLockTimeout: 300000,  // Auto-lock after 5 minutes of inactivity
});

// Create encrypted browser storage for persisting the database
const storage = await createSecureStorage();

2. Create a New Identity

// After WebAuthn registration, pass the credential
const credential = btoa(JSON.stringify(webAuthnCredential));
const result = await enclave.generate(credential);

console.log(result.did);        // "did:sonr:abc123..."
console.log(result.enclave_id); // MPC enclave identifier
console.log(result.accounts);   // Default accounts (Sonr, Ethereum, Bitcoin)

// Persist the database for later sessions
await storage.set('vault', result.database);

3. Load an Existing Identity

// On app startup, check for existing vault
const database = await storage.get('vault');

if (database) {
  const loaded = await enclave.load(database);
  if (loaded.success) {
    console.log(`Loaded identity: ${loaded.did}`);
  }
}

4. Work with Accounts

// List all accounts
const accounts = await enclave.exec('resource:accounts action:list');
console.log(accounts.result);

// Get a specific account
const account = await enclave.exec('resource:accounts action:get subject:sonr1abc...');

// Or use the typed execute method
const result = await enclave.execute('accounts', 'list');

5. Sign Data

// Sign arbitrary data with the MPC enclave
const dataHex = Buffer.from('Hello, World!').toString('hex');
const signature = await enclave.exec(
  `resource:enclaves action:sign subject:${enclaveId}:${dataHex}`
);

console.log(signature.result); // 64-byte signature

6. Lock/Unlock Flow

// Set callback for auto-lock events
enclave.setAutoLockCallback(async (database) => {
  await storage.set('vault', database);
  console.log('Vault auto-locked and saved');
});

// Manual lock (returns serialized database)
const lockResult = await enclave.lock();
if (lockResult.success && lockResult.database) {
  await storage.set('vault', lockResult.database);
}

// Check status
const status = await enclave.status();
console.log(status.locked);      // true/false
console.log(status.initialized); // true if identity exists

// Unlock with stored database
const database = await storage.get('vault');
const unlockResult = await enclave.unlock(database);

7. Query DID Document

const didDoc = await enclave.query();

console.log(didDoc.did);                   // DID identifier
console.log(didDoc.verification_methods);  // Public keys
console.log(didDoc.accounts);              // Blockchain addresses
console.log(didDoc.credentials);           // WebAuthn credentials

8. Cleanup

// Close enclave when done
await enclave.close();
await storage.close();

CLI Testing

make test-plugin

Plugin Functions

| Function | Input | Output | |----------|-------|--------| | ping | Message string | Echo response | | generate | WebAuthn credential (base64) | DID, enclave_id, public_key, accounts[], database | | load | Database buffer | Success status, DID | | exec | Filter string | Action result | | query | DID (optional) | DID document |

Exec Resources & Actions

| Resource | Actions | |----------|---------| | accounts | list, get, sign | | enclaves | list, get, sign, rotate, archive, delete | | credentials | list, get | | sessions | list, revoke | | grants | list, revoke | | delegations | list, list_received, list_command, get, revoke, verify, cleanup | | verification_methods | list, get, delete | | services | list, get, get_by_id |

Filter Syntax

resource:<name> action:<action> [subject:<value>]

Examples:

# List all accounts
resource:accounts action:list

# Get specific account
resource:accounts action:get subject:sonr1abc...

# Sign with enclave
resource:enclaves action:sign subject:enc_123:48656c6c6f

# List delegations by command
resource:delegations action:list_command subject:/vault/read

Architecture

The enclave uses SQLite as a computation engine with custom functions:

| Function | Purpose | |----------|---------| | bip44_derive(pubkey, chain) | Derive address from public key | | bip44_derive_from_enclave(id, chain) | Derive address from stored enclave |

Supported chains: sonr (Cosmos 118), ethereum (60), bitcoin (0)

Project Structure

motr-enclave/
├── cmd/enclave/          # WASM plugin entry point
├── internal/
│   ├── keybase/          # Database layer + SQLite functions
│   ├── crypto/mpc/       # MPC key operations
│   ├── crypto/ucan/      # UCAN v1.0.0-rc.1 builders
│   └── migrations/       # Schema + queries
├── src/                  # TypeScript SDK
├── dist/                 # Built SDK
├── example/              # Browser demo
└── Makefile

Development

make test      # Run Go tests
make lint      # Run linter
make clean     # Remove build artifacts
make generate  # Regenerate SQLC code

Documentation