npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@sentinel-atl/server

v0.3.0

Published

STP-compliant HTTP server — exposes Sentinel's trust pipeline as a language-agnostic REST API

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

meetpandya99meetpandya99

Keywords

sentinelstptrust-protocolhttp-serverai-agentsauthenticationreputation

Readme

@sentinel-atl/server

STP-compliant HTTP server — exposes the full Sentinel Trust Protocol as a language-agnostic REST API.

Any language. Any framework. Just HTTP.

Install

npm install @sentinel-atl/server

Quick Start

import { createSTPServer } from '@sentinel-atl/server';

const server = await createSTPServer({
  name: 'my-trust-server',
  port: 3100,
  enableSafety: true,
});
await server.start();

Your server is now live at http://localhost:3100 with all STP endpoints.

Discovery

curl http://localhost:3100/.well-known/sentinel-configuration

Returns the full server configuration, DID, endpoints, capabilities, and supported credential types — everything a client needs to interact with this server.

API Endpoints

| Method | Path | Auth | Description | |--------|------|------|-------------| | GET | /.well-known/sentinel-configuration | — | STP discovery | | POST | /v1/identity | — | Create agent identity | | GET | /v1/identity/{did} | — | Resolve DID document | | POST | /v1/token | — | Issue STP auth token | | POST | /v1/credentials | STP | Issue Verifiable Credential | | POST | /v1/credentials/verify | — | Verify a credential | | POST | /v1/credentials/revoke | STP | Revoke a credential | | GET | /v1/reputation/{did} | — | Query reputation score | | POST | /v1/reputation/vouch | STP | Submit a vouch | | POST | /v1/intents | STP | Create intent envelope | | POST | /v1/intents/validate | — | Validate an intent | | GET | /v1/revocation/status/{did} | — | Check revocation status | | GET | /v1/revocation/list | — | Get signed revocation list | | POST | /v1/revocation/kill-switch | STP | Emergency kill switch | | POST | /v1/safety/check | — | Content safety check | | GET | /v1/audit | — | Fetch audit entries | | POST | /v1/audit/verify | — | Verify audit integrity |

Using from Any Language

Python

import requests

# Discovery
config = requests.get("http://localhost:3100/.well-known/sentinel-configuration").json()

# Create identity
agent = requests.post("http://localhost:3100/v1/identity", json={"label": "my-agent"}).json()

# Get token
token = requests.post("http://localhost:3100/v1/token", json={"did": agent["did"]}).json()["token"]

# Query reputation
rep = requests.get(f"http://localhost:3100/v1/reputation/{agent['did']}").json()
print(f"Score: {rep['score']}")

# Issue credential
vc = requests.post("http://localhost:3100/v1/credentials",
    json={"type": "AgentAuthorizationCredential", "subjectDid": other_did, "scope": ["flights:book"]},
    headers={"Authorization": f"STP {token}"}
).json()

curl

# Create identity
curl -X POST http://localhost:3100/v1/identity -H "Content-Type: application/json" -d '{"label": "my-agent"}'

# Check reputation
curl http://localhost:3100/v1/reputation/did:key:z6Mk...

# Verify a credential
curl -X POST http://localhost:3100/v1/credentials/verify -H "Content-Type: application/json" -d '{"credential": {...}}'

OpenAPI Spec

The full OpenAPI 3.1 specification is at specs/openapi-v1.0.yaml. Use it to generate clients in any language:

# Generate Python client
openapi-generator generate -i specs/openapi-v1.0.yaml -g python -o clients/python

# Generate Go client
openapi-generator generate -i specs/openapi-v1.0.yaml -g go -o clients/go

# Generate Java client
openapi-generator generate -i specs/openapi-v1.0.yaml -g java -o clients/java

STP Token Authentication

Authenticated endpoints require an Authorization: STP <token> header. Tokens are Ed25519-signed, non-replayable, and time-bounded:

STP.<header-base64url>.<payload-base64url>.<signature-base64url>

Use the /v1/token endpoint to issue tokens, or create them client-side using @sentinel-atl/core:

import { createSTPToken, InMemoryKeyProvider, createIdentity } from '@sentinel-atl/core';

const kp = new InMemoryKeyProvider();
const id = await createIdentity(kp, 'my-agent');
const token = await createSTPToken(kp, {
  issuerDid: id.did,
  keyId: id.keyId,
  audience: 'http://localhost:3100',
  scope: ['flights:book'],
});

License

Apache-2.0