npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@saihm/client-pro

v0.1.2

Published

Production client-side cryptography for SAIHM non-custodial agent memory: post-quantum (ML-DSA-65 / ML-KEM-768), per-cell AES-256-GCM, provable crypto-shred erasure (GDPR Art. 17), authenticated sharing with one-step revoke. One cell, many shapes (polymor

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

saihmsaihm

Keywords

saihmpost-quantumml-dsaml-kemnon-custodialclient-side-encryptionagent-memorygdprcrypto-shredpolymorphic-memory

Readme

@saihm/client-pro

Client-side envelope cryptography for SAIHM non-custodial memory.

This library performs every cryptographic operation that touches your plaintext or your master secret on the client. SAIHM's runtime stores, anchors, shares, and bills over the resulting ciphertext blind — it never holds your keys and cannot read your memory.

  • Post-quantum identity & signing — ML-DSA-65 (FIPS 204).
  • Post-quantum authenticated sharing — ML-KEM-768 (FIPS 203), KEM-then-AEAD.
  • Per-cell confidentiality — a fresh random AES-256-GCM data-encryption key (DEK) per cell, itself AEAD-wrapped under a client-held key-encryption key (KEK).
  • Crypto-shred erasure — because each DEK is random and persisted only in wrapped form on the SAIHM side, destroying that wrapped DEK makes the cell undecryptable (GDPR Art. 17, controller-side).
  • Clean-room — built only on @noble primitives (@noble/post-quantum, @noble/ciphers, @noble/hashes). No network, no storage, no platform code.

Key loss is unrecoverable by design. If you lose your master secret (and therefore your KEK), your wrapped DEKs cannot be opened — by you or by anyone, including SAIHM. This is the cost of true non-custody. Back up your master secret securely.

Install

npm install @saihm/client-pro

Usage

import {
  deriveIdentity, sealCell, verifyEnvelope, openCell,
  shareCell, unwrapSharedDek, openCellWithDek, verifyIdentityRecord,
} from '@saihm/client-pro';

// 1. Derive a deterministic identity from a >=32-byte master secret you hold.
const me = deriveIdentity(myMasterSecret);
//  me.agentIdHash      -> your public identifier (= sha256(ML-DSA public key))
//  me.identityRecord   -> publish to SAIHM (public keys + self-signature)
//  me.kek / me.mldsaSecretKey / me.mlkemSecretKey -> NEVER leave this process

// 2. Encrypt a cell. `seq` is the server-issued monotonic counter for this cell.
const env = sealCell({
  plaintext: new TextEncoder().encode('remember this'),
  kek: me.kek, mldsaSecretKey: me.mldsaSecretKey, mldsaPubKey: me.mldsaPubKey,
  agentIdHash: me.agentIdHash, cellId: 'note-1', seq: 1n, tier: 'PRO',
});
// `env` is the blind envelope SAIHM stores. SAIHM can verifyEnvelope(env) but cannot open it.

// 3. Read it back (client-side).
const plaintext = openCell(env, me.kek);

// 4. Share a cell with another agent, authenticated and end-to-end.
//    Pin the recipient's agentIdHash out-of-band; the library rejects directory key-substitution.
verifyIdentityRecord(recipientRecord, recipientAgentIdHash); // throws KeySubstitutionError on tamper
const share = shareCell({
  envelope: env, sharerKek: me.kek, sharerMldsaSecretKey: me.mldsaSecretKey,
  sharerAgentIdHash: me.agentIdHash, recipientRecord, recipientPinnedAgentIdHash: recipientAgentIdHash,
});
// recipient side (the grantee holds its own identity `recipient`; the sharer's ML-DSA public key
// is pinned out-of-band as `sharerPinnedMldsaPubKey` — sharer authentication is mandatory):
const dek = unwrapSharedDek({
  share,
  recipientMlkemSecretKey: recipient.mlkemSecretKey,
  recipientAgentIdHash: recipient.agentIdHash,
  sharerPinnedMldsaPubKey,
});
const shared = openCellWithDek(env, dek);

Security model

| Property | Guarantee | |---|---| | Confidentiality vs SAIHM | SAIHM holds ciphertext + wrapped DEKs + public keys only; no key able to decrypt. | | Integrity / authenticity | Every envelope is ML-DSA-65-signed over its full contents, including the sequence number. | | Anti-replay / rollback | The signed, server-issued monotonic seq is rejected server-side if not strictly increasing. | | Tenant isolation | State is namespaced by the public agentIdHash; a different secret yields a different KEK and namespace. | | Authenticated sharing | Recipient public keys are pinned out-of-band and checked before any secret is bound to them. | | Erasure | Destroying the SAIHM-side wrapped DEK crypto-shreds the cell. |

AES-256-GCM wrap operations use random 96-bit nonces under a reused KEK, well within NIST SP 800-38D guidance for realistic per-identity write volumes. ML-DSA signatures are hedged (randomized); they verify deterministically but are not byte-reproducible.

One cell, many shapes

A SAIHM cell is polymorphic. Store a fact, a JSON record, a table row, a transcript, or a binary reference once, and read it back in whatever shape the asking agent needs — one encrypted unit instead of a stack of formats.

A shared memory layer for fleets of agents

Bind many agents — homogeneous or disparate — to one cryptographically access-controlled memory. A single identity's memory layer can serve several different LLM agents at once, so the memory is portable across every AI client and survives any single vendor's product changes: when a model or product is retired, the memory it relied on is not lost with it.

Built for the people who have to sign off

  • Your keys, not the vendor's. Every operation that touches plaintext or your master secret runs client-side; the SAIHM operator stays blind.
  • A delete you can prove. Crypto-shred erasure destroys the key that decrypts the cell, and the destruction is anchored on a public chain (GDPR Art. 17).
  • A history nobody can quietly rewrite. Every envelope is post-quantum-signed over its full contents, including the monotonic sequence number.
  • Share one record, revoke in one step. Authenticated and end-to-end, with out-of-band recipient pinning.

These map onto the obligations your reviewers already track — GDPR (the Article 15 access right and the Article 17 right to erasure), CCPA/CPRA, HIPAA, ISO/IEC 27001 and SOC 2 — alongside the AI-specific frameworks now taking shape: the EU AI Act, the NIST AI Risk Management Framework and ISO/IEC 42001. Written for CISOs, DPOs, and anyone comparing AI-memory tools.

Two packages

| Package | Use it for | |---|---| | @saihm/client-pro (this package) | Production client-side cryptography: sealing, opening, authenticated sharing, and provable erasure — performed on your machine. | | @saihm/mcp-server | The open MCP client that exposes the eight SAIHM tools to any MCP-capable AI agent. |

Learn more

License

Apache-2.0 © SAIHM